Vulnerabilities > Canonical > Ubuntu Linux > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-26 | CVE-2019-15796 | Improper Verification of Cryptographic Signature vulnerability in multiple products Python-apt doesn't check if hashes are signed in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py or in `_fetch_archives()` of apt/cache.py in version 1.9.3ubuntu2 and earlier. | 2.6 |
| 2020-03-05 | CVE-2019-20382 | Memory Leak vulnerability in multiple products QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd. | 3.5 |
| 2020-02-20 | CVE-2011-4915 | Information Exposure vulnerability in Linux Kernel fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts. | 2.1 |
| 2020-02-08 | CVE-2019-11482 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products Sander Bos discovered a time of check to time of use (TOCTTOU) vulnerability in apport that allowed a user to cause core files to be written in arbitrary directories. | 1.9 |
| 2020-02-08 | CVE-2019-11483 | Sander Bos discovered Apport mishandled crash dumps originating from containers. | 2.1 |
| 2020-02-08 | CVE-2019-11485 | Sander Bos discovered Apport's lock file was in a world-writable directory which allowed all users to prevent crash handling. | 2.1 |
| 2020-02-06 | CVE-2020-8648 | Use After Free vulnerability in multiple products There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. | 3.6 |
| 2020-01-31 | CVE-2015-6815 | Infinite Loop vulnerability in multiple products The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors. | 3.5 |
| 2020-01-21 | CVE-2019-20386 | Memory Leak vulnerability in multiple products An issue was discovered in button_open in login/logind-button.c in systemd before 243. | 2.4 |
| 2020-01-17 | CVE-2019-14615 | Information Exposure vulnerability in multiple products Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access. | 1.9 |