Vulnerabilities > Canonical > Ubuntu Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-14 | CVE-2020-11762 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in OpenEXR before 2.4.1. | 5.5 |
| 2020-04-14 | CVE-2020-11761 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in OpenEXR before 2.4.1. | 5.5 |
| 2020-04-14 | CVE-2020-11760 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in OpenEXR before 2.4.1. | 5.5 |
| 2020-04-14 | CVE-2020-11759 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in OpenEXR before 2.4.1. | 5.5 |
| 2020-04-14 | CVE-2020-11758 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in OpenEXR before 2.4.1. | 5.5 |
| 2020-04-13 | CVE-2020-1730 | NULL Pointer Dereference vulnerability in multiple products A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. | 5.3 |
| 2020-04-13 | CVE-2020-11736 | Link Following vulnerability in multiple products fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location. | 3.9 |
| 2020-04-10 | CVE-2020-8832 | Information Exposure vulnerability in multiple products The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information. | 5.5 |
| 2020-04-09 | CVE-2020-8834 | Race Condition vulnerability in multiple products KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. | 6.5 |
| 2020-04-09 | CVE-2020-11655 | Improper Initialization vulnerability in multiple products SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled. | 7.5 |