Vulnerabilities > Canonical > Ubuntu Linux > 20.04
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-22 | CVE-2020-11099 | Out-of-bounds Read vulnerability in multiple products In FreeRDP before version 2.1.2, there is an out of bounds read in license_read_new_or_upgrade_license_packet. | 6.5 |
| 2020-06-22 | CVE-2020-11098 | Out-of-bounds Read vulnerability in multiple products In FreeRDP before version 2.1.2, there is an out-of-bound read in glyph_cache_put. | 6.5 |
| 2020-06-22 | CVE-2020-11097 | Out-of-bounds Read vulnerability in multiple products In FreeRDP before version 2.1.2, an out of bounds read occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. | 5.4 |
| 2020-06-22 | CVE-2020-11096 | Out-of-bounds Read vulnerability in multiple products In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order. | 6.5 |
| 2020-06-22 | CVE-2020-11095 | Out-of-bounds Read vulnerability in multiple products In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. | 5.4 |
| 2020-06-21 | CVE-2020-14954 | Injection vulnerability in multiple products Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. | 5.9 |
| 2020-06-18 | CVE-2020-3350 | Race Condition vulnerability in multiple products A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. | 6.3 |
| 2020-06-17 | CVE-2020-8619 | Improper Resource Shutdown or Release vulnerability in multiple products In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk ("*") character, this defect cannot be encountered. | 4.9 |
| 2020-06-17 | CVE-2020-8618 | Reachable Assertion vulnerability in multiple products An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients. | 4.9 |
| 2020-06-17 | CVE-2020-14404 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. | 5.5 |