Vulnerabilities > Canonical > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-30 | CVE-2020-14377 | Out-of-bounds Read vulnerability in multiple products A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. | 3.6 |
| 2020-09-30 | CVE-2020-14378 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU cycles being eaten up in a long running loop. | 3.3 |
| 2020-09-24 | CVE-2020-26088 | Incorrect Default Permissions vulnerability in multiple products A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a. | 2.1 |
| 2020-09-11 | CVE-2014-1420 | Deserialization of Untrusted Data vulnerability in Canonical Ubuntu-Ui-Toolkit On desktop, Ubuntu UI Toolkit's StateSaver would serialise data on tmp/ files which an attacker could use to expose potentially sensitive data. | 2.1 |
| 2020-09-09 | CVE-2020-1968 | Information Exposure Through Discrepancy vulnerability in multiple products The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite. | 3.7 |
| 2020-09-05 | CVE-2020-15709 | Unspecified vulnerability in Canonical Add-Apt-Repository Versions of add-apt-repository before 0.98.9.2, 0.96.24.32.14, 0.96.20.10, and 0.92.37.8ubuntu0.1~esm1, printed a PPA (personal package archive) description to the terminal as-is, which allowed PPA owners to provide ANSI terminal escapes to modify terminal contents in unexpected ways. | 2.1 |
| 2020-09-02 | CVE-2020-24654 | Link Following vulnerability in multiple products In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory. | 3.3 |
| 2020-09-01 | CVE-2020-15704 | Improper Input Validation vulnerability in Canonical PPP The modprobe child process in the ./debian/patches/load_ppp_generic_if_needed patch file incorrectly handled module loading. | 2.1 |
| 2020-08-31 | CVE-2020-12829 | Integer Overflow or Wraparound vulnerability in multiple products In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. | 2.1 |
| 2020-08-27 | CVE-2020-14415 | Divide By Zero vulnerability in multiple products oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position. | 3.3 |