Vulnerabilities > Canonical > Ubuntu Linux > 20.04
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-21 | CVE-2020-7040 | Link Following vulnerability in multiple products storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. | 8.1 |
| 2020-01-08 | CVE-2019-17023 | Improper Authentication vulnerability in multiple products After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. | 6.5 |
| 2019-12-24 | CVE-2019-19949 | Out-of-bounds Read vulnerability in multiple products In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare. | 9.1 |
| 2019-12-24 | CVE-2019-19948 | Out-of-bounds Write vulnerability in multiple products In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c. | 9.8 |
| 2019-11-30 | CVE-2019-19462 | NULL Pointer Dereference vulnerability in multiple products relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result. | 5.5 |
| 2019-11-18 | CVE-2019-19054 | Memory Leak vulnerability in multiple products A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b. | 4.7 |
| 2019-11-07 | CVE-2019-18808 | Memory Leak vulnerability in multiple products A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247. | 5.5 |
| 2019-10-14 | CVE-2019-17542 | Out-of-bounds Write vulnerability in multiple products FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c. | 9.8 |
| 2019-10-14 | CVE-2019-17539 | NULL Pointer Dereference vulnerability in multiple products In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer. | 9.8 |
| 2019-10-10 | CVE-2019-17455 | Out-of-bounds Read vulnerability in multiple products Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request. | 9.8 |