Vulnerabilities > Canonical > Ubuntu Linux > Low

DATE CVE VULNERABILITY TITLE RISK
2020-07-27 CVE-2020-15103 In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel.
network
low complexity
freerdp fedoraproject opensuse canonical debian
3.5
3.5
2020-07-15 CVE-2020-14633 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).
network
low complexity
oracle netapp canonical
2.7
2.7
2020-07-15 CVE-2020-14634 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).
network
low complexity
oracle netapp canonical
2.7
2.7
2020-06-02 CVE-2020-13659 NULL Pointer Dereference vulnerability in multiple products
address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.
local
high complexity
qemu debian opensuse canonical CWE-476
2.5
2.5
2020-05-28 CVE-2020-13362 Out-of-bounds Read vulnerability in multiple products
In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user.
local
low complexity
qemu debian opensuse canonical CWE-125
3.2
3.2
2020-05-28 CVE-2020-13361 Out-of-bounds Write vulnerability in multiple products
In QEMU 5.0.0 and earlier, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation.
local
high complexity
qemu debian opensuse canonical CWE-787
3.9
3.9
2020-05-15 CVE-2020-11525 Out-of-bounds Read vulnerability in multiple products
libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read.
network
high complexity
freerdp debian canonical opensuse CWE-125
2.2
2.2
2020-05-15 CVE-2020-11526 Integer Overflow or Wraparound vulnerability in multiple products
libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read.
network
high complexity
freerdp canonical opensuse debian CWE-190
2.2
2.2
2020-05-15 CVE-2020-11931 Exposure of Resource to Wrong Sphere vulnerability in multiple products
An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of pulseaudio, audio-playback or audio-record via unloading the pulseaudio snap policy module.
local
low complexity
pulseaudio canonical CWE-668
3.3
3.3
2020-05-12 CVE-2020-11058 In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in rdp_read_font_capability_set could lead to a later out-of-bounds read.
network
high complexity
freerdp canonical debian
2.2
2.2