Vulnerabilities > Canonical > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-04-22 | CVE-2020-8833 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products Time-of-check Time-of-use Race Condition vulnerability on crash report ownership change in Apport allows for a possible privilege escalation opportunity. | 4.7 |
2020-04-22 | CVE-2020-8831 | Link Following vulnerability in multiple products Apport creates a world writable lock file with root ownership in the world writable /var/lock/apport directory. | 5.5 |
2020-04-22 | CVE-2020-1983 | Use After Free vulnerability in multiple products A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service. | 6.5 |
2020-04-17 | CVE-2019-7306 | Information Exposure vulnerability in multiple products Byobu Apport hook may disclose sensitive information since it automatically uploads the local user's .screenrc which may contain private hostnames, usernames and passwords. | 5.0 |
2020-04-15 | CVE-2019-12520 | Improper Input Validation vulnerability in multiple products An issue was discovered in Squid through 4.7 and 5. | 5.0 |
2020-04-15 | CVE-2019-12521 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Squid through 4.7. | 4.3 |
2020-04-15 | CVE-2020-2930 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). | 4.4 |
2020-04-15 | CVE-2020-2925 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). | 4.9 |
2020-04-15 | CVE-2020-2924 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 4.9 |
2020-04-15 | CVE-2020-2923 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 4.9 |