Ubuntu Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-15	CVE-2020-11521	Integer Overflow or Wraparound vulnerability in multiple products libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. network high complexity freerdp canonical opensuse debian CWE-190	6.6
2020-05-15	CVE-2020-3810	Out-of-bounds Read vulnerability in multiple products Missing input validation in the ar/tar implementations of APT before version 2.1.2 could result in denial of service when processing specially crafted deb files. local low complexity debian fedoraproject canonical CWE-125	5.5
2020-05-15	CVE-2020-11931	Exposure of Resource to Wrong Sphere vulnerability in multiple products An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of pulseaudio, audio-playback or audio-record via unloading the pulseaudio snap policy module. local low complexity pulseaudio canonical CWE-668	3.3
2020-05-14	CVE-2020-0093	Out-of-bounds Read vulnerability in multiple products In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. local low complexity google debian canonical libexif-project opensuse CWE-125	5.0
2020-05-14	CVE-2020-1945	Exposure of Resource to Wrong Sphere vulnerability in multiple products Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. local high complexity apache canonical fedoraproject opensuse oracle CWE-668	6.3
2020-05-13	CVE-2020-3341	Improper Input Validation vulnerability in multiple products A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. network low complexity cisco canonical fedoraproject debian CWE-20	7.5
2020-05-13	CVE-2020-3327	Improper Input Validation vulnerability in multiple products A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. network low complexity cisco debian fedoraproject canonical CWE-20	7.5
2020-05-12	CVE-2020-11058	In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in rdp_read_font_capability_set could lead to a later out-of-bounds read. network high complexity freerdp canonical debian	2.2
2020-05-12	CVE-2020-12826	Integer Overflow or Wraparound vulnerability in multiple products A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. local low complexity linux redhat canonical CWE-190	5.3
2020-05-11	CVE-2020-12783	Out-of-bounds Read vulnerability in multiple products Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c. network low complexity exim fedoraproject debian canonical CWE-125	7.5