18.04

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-15	CVE-2020-11522	Out-of-bounds Read vulnerability in multiple products libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read. network low complexity freerdp debian canonical opensuse CWE-125	6.4
2020-05-15	CVE-2020-11521	Integer Overflow or Wraparound vulnerability in multiple products libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. network freerdp canonical opensuse debian CWE-190	6.0
2020-05-15	CVE-2020-3810	Out-of-bounds Read vulnerability in multiple products Missing input validation in the ar/tar implementations of APT before version 2.1.2 could result in denial of service when processing specially crafted deb files. local low complexity debian fedoraproject canonical CWE-125	5.5
2020-05-15	CVE-2020-11931	Exposure of Resource to Wrong Sphere vulnerability in multiple products An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of pulseaudio, audio-playback or audio-record via unloading the pulseaudio snap policy module. local low complexity pulseaudio canonical CWE-668	2.1
2020-05-14	CVE-2020-0093	Out-of-bounds Read vulnerability in multiple products In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. local low complexity google debian canonical libexif-project opensuse CWE-125	5.0
2020-05-13	CVE-2020-3341	Improper Input Validation vulnerability in multiple products A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. network low complexity cisco canonical fedoraproject debian CWE-20	7.5
2020-05-13	CVE-2020-3327	Improper Input Validation vulnerability in multiple products A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. network low complexity cisco debian fedoraproject canonical CWE-20	7.5
2020-05-12	CVE-2020-11058	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in rdp_read_font_capability_set could lead to a later out-of-bounds read. network high complexity freerdp canonical debian CWE-119	2.2
2020-05-11	CVE-2020-12783	Out-of-bounds Read vulnerability in multiple products Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c. network low complexity exim fedoraproject debian canonical CWE-125	7.5
2020-05-09	CVE-2020-12771	Improper Locking vulnerability in multiple products An issue was discovered in the Linux kernel through 5.6.11. local low complexity linux debian opensuse canonical netapp oracle CWE-667	4.9