Vulnerabilities > Canonical > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-05-19 CVE-2020-10722 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in DPDK versions 18.05 and above.
6.7
2020-05-19 CVE-2020-8617 Reachable Assertion vulnerability in multiple products
Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server.
network
high complexity
isc debian fedoraproject opensuse canonical CWE-617
5.9
2020-05-18 CVE-2020-13143 Out-of-bounds Read vulnerability in multiple products
gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.
network
low complexity
linux opensuse debian canonical netapp CWE-125
6.5
2020-05-15 CVE-2020-12888 Improper Handling of Exceptional Conditions vulnerability in multiple products
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
5.3
2020-05-15 CVE-2020-11524 Out-of-bounds Write vulnerability in multiple products
libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
6.0
2020-05-15 CVE-2020-11523 Integer Overflow or Wraparound vulnerability in multiple products
libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow.
6.0
2020-05-15 CVE-2020-11522 Out-of-bounds Read vulnerability in multiple products
libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read.
network
low complexity
freerdp debian canonical opensuse CWE-125
6.4
2020-05-15 CVE-2020-11521 Integer Overflow or Wraparound vulnerability in multiple products
libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
6.0
2020-05-15 CVE-2020-3810 Out-of-bounds Read vulnerability in multiple products
Missing input validation in the ar/tar implementations of APT before version 2.1.2 could result in denial of service when processing specially crafted deb files.
local
low complexity
debian fedoraproject canonical CWE-125
5.5
2020-05-14 CVE-2020-0093 Out-of-bounds Read vulnerability in multiple products
In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check.
5.0