Vulnerabilities > Canonical > Ubuntu Linux > 14.04
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-17 | CVE-2019-7306 | Files or Directories Accessible to External Parties vulnerability in multiple products Byobu Apport hook may disclose sensitive information since it automatically uploads the local user's .screenrc which may contain private hostnames, usernames and passwords. | 7.5 |
| 2020-04-10 | CVE-2020-8832 | Information Exposure vulnerability in multiple products The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information. | 5.5 |
| 2020-04-06 | CVE-2020-11565 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel through 5.6.2. | 6.0 |
| 2020-04-02 | CVE-2020-11494 | Missing Initialization of Resource vulnerability in multiple products An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. | 4.4 |
| 2020-04-01 | CVE-2020-7065 | Out-of-bounds Write vulnerability in multiple products In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. | 8.8 |
| 2020-04-01 | CVE-2020-7064 | Out-of-bounds Read vulnerability in multiple products In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. | 5.4 |
| 2020-03-24 | CVE-2020-10942 | Out-of-bounds Write vulnerability in multiple products In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls. | 5.3 |
| 2020-03-12 | CVE-2020-10531 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. network low complexity icu-project redhat google fedoraproject debian canonical opensuse oracle nodejs CWE-190 | 8.8 |
| 2020-03-12 | CVE-2020-10109 | HTTP Request Smuggling vulnerability in multiple products In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. | 9.8 |
| 2020-03-12 | CVE-2020-10108 | HTTP Request Smuggling vulnerability in multiple products In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. | 9.8 |