Vulnerabilities > Canonical > Ubuntu Linux > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-09 | CVE-2020-1968 | Information Exposure Through Discrepancy vulnerability in multiple products The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite. | 3.7 |
| 2020-09-02 | CVE-2020-24654 | Link Following vulnerability in multiple products In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory. | 3.3 |
| 2020-08-31 | CVE-2020-12829 | Integer Overflow or Wraparound vulnerability in multiple products In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. | 2.1 |
| 2020-08-27 | CVE-2020-14415 | Divide By Zero vulnerability in multiple products oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position. | 3.3 |
| 2020-08-11 | CVE-2020-17489 | Insufficiently Protected Credentials vulnerability in multiple products An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. | 1.9 |
| 2020-08-11 | CVE-2020-16092 | Reachable Assertion vulnerability in multiple products In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. | 3.8 |
| 2020-08-03 | CVE-2020-16116 | Path Traversal vulnerability in multiple products In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal. | 3.3 |
| 2020-07-30 | CVE-2020-16166 | Use of Insufficiently Random Values vulnerability in multiple products The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. | 3.7 |
| 2020-07-29 | CVE-2020-11934 | Exposure of Resource to Wrong Sphere vulnerability in Canonical Ubuntu Linux It was discovered that snapctl user-open allowed altering the $XDG_DATA_DIRS environment variable when calling the system xdg-open. | 1.9 |
| 2020-07-27 | CVE-2020-15103 | Integer Overflow to Buffer Overflow vulnerability in multiple products In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. | 3.5 |