Vulnerabilities > Canonical > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-29 | CVE-2020-11933 | Unspecified vulnerability in Canonical Snapd cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. | 4.6 |
| 2020-07-28 | CVE-2020-15863 | Out-of-bounds Write vulnerability in multiple products hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2020 has a buffer overflow. | 5.3 |
| 2020-07-22 | CVE-2020-6514 | Information Exposure vulnerability in multiple products Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream. | 6.5 |
| 2020-07-17 | CVE-2020-14928 | Injection vulnerability in multiple products evolution-data-server (eds) through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. | 5.9 |
| 2020-07-15 | CVE-2019-20908 | Improper Privilege Management vulnerability in multiple products An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. | 6.9 |
| 2020-07-15 | CVE-2020-14702 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). | 4.9 |
| 2020-07-15 | CVE-2020-14680 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 6.5 |
| 2020-07-15 | CVE-2020-14656 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). | 4.9 |
| 2020-07-15 | CVE-2020-14654 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 4.9 |
| 2020-07-15 | CVE-2020-14651 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). | 5.5 |