Vulnerabilities > Canonical > Ubuntu Linux > High

DATE CVE VULNERABILITY TITLE RISK
2020-04-21 CVE-2020-11008 Insufficiently Protected Credentials vulnerability in multiple products
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker.
network
low complexity
git-scm debian canonical fedoraproject CWE-522
7.5
2020-04-21 CVE-2020-11958 Out-of-bounds Write vulnerability in multiple products
re2c 1.3 has a heap-based buffer overflow in Scanner::fill in parse/scanner.cc via a long lexeme.
local
low complexity
re2c canonical CWE-787
7.8
2020-04-17 CVE-2020-1751 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC.
local
high complexity
gnu redhat canonical CWE-787
7.0
2020-04-17 CVE-2020-11793 Use After Free vulnerability in multiple products
A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash).
8.8
2020-04-17 CVE-2019-7306 Files or Directories Accessible to External Parties vulnerability in multiple products
Byobu Apport hook may disclose sensitive information since it automatically uploads the local user's .screenrc which may contain private hostnames, usernames and passwords.
network
low complexity
byobu canonical CWE-552
7.5
2020-04-15 CVE-2019-12520 Improper Input Validation vulnerability in multiple products
An issue was discovered in Squid through 4.7 and 5.
network
low complexity
squid-cache canonical debian CWE-20
7.5
2020-04-15 CVE-2020-2816 Vulnerability in the Java SE product of Oracle Java SE (component: JSSE).
network
low complexity
oracle netapp canonical debian opensuse
7.5
2020-04-15 CVE-2020-2805 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). 8.3
2020-04-15 CVE-2020-2803 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). 8.3
2020-04-14 CVE-2020-5260 Insufficiently Protected Credentials vulnerability in multiple products
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker.
7.5