Vulnerabilities > Canonical > Ubuntu Linux > Low

DATE CVE VULNERABILITY TITLE RISK
2020-05-15 CVE-2020-11931 Exposure of Resource to Wrong Sphere vulnerability in multiple products
An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of pulseaudio, audio-playback or audio-record via unloading the pulseaudio snap policy module.
local
low complexity
pulseaudio canonical CWE-668
2.1
2020-05-12 CVE-2020-11058 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in rdp_read_font_capability_set could lead to a later out-of-bounds read.
network
high complexity
freerdp canonical debian CWE-119
2.2
2020-05-09 CVE-2019-20795 Use After Free vulnerability in multiple products
iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c.
local
low complexity
iproute2-project canonical CWE-416
2.1
2020-05-07 CVE-2020-11048 Out-of-bounds Read vulnerability in multiple products
In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read.
network
high complexity
freerdp canonical debian CWE-125
2.2
2020-05-07 CVE-2020-11049 Out-of-bounds Read vulnerability in multiple products
In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser.
network
high complexity
freerdp canonical debian CWE-125
2.2
2020-05-07 CVE-2020-11044 Double Free vulnerability in multiple products
In FreeRDP greater than 1.2 and before 2.0.0, a double free in update_read_cache_bitmap_v3_order crashes the client application if corrupted data from a manipulated server is parsed.
network
high complexity
freerdp canonical debian CWE-415
2.2
2020-05-07 CVE-2020-11045 Out-of-bounds Read vulnerability in multiple products
In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bound read in in update_read_bitmap_data that allows client memory to be read to an image buffer.
network
high complexity
freerdp debian canonical CWE-125
3.3
2020-05-07 CVE-2020-11046 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read.
network
high complexity
freerdp canonical debian CWE-119
2.2
2020-04-28 CVE-2019-15790 Improper Privilege Management vulnerability in multiple products
Apport reads and writes information on a crashed process to /proc/pid with elevated privileges.
local
low complexity
apport-project canonical CWE-269
3.3
2020-04-17 CVE-2020-0067 Out-of-bounds Read vulnerability in multiple products
In f2fs_xattr_generic_list of xattr.c, there is a possible out of bounds read due to a missing bounds check.
local
low complexity
google canonical CWE-125
2.1