Vulnerabilities > Canonical > Ubuntu Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-07-29 CVE-2020-11933 Unspecified vulnerability in Canonical Snapd
cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption.
local
low complexity
canonical
4.6
2020-07-28 CVE-2020-15863 Out-of-bounds Write vulnerability in multiple products
hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2020 has a buffer overflow.
local
high complexity
qemu debian canonical CWE-787
5.3
2020-07-22 CVE-2020-6514 Information Exposure vulnerability in multiple products
Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.
6.5
2020-07-17 CVE-2020-14928 Injection vulnerability in multiple products
evolution-data-server (eds) through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3.
network
high complexity
gnome debian fedoraproject canonical CWE-74
5.9
2020-07-15 CVE-2019-20908 Improper Privilege Management vulnerability in multiple products
An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4.
6.9
2020-07-15 CVE-2020-14702 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges).
network
low complexity
netapp canonical oracle
4.9
2020-07-15 CVE-2020-14680 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
netapp canonical oracle
6.5
2020-07-15 CVE-2020-14656 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking).
network
low complexity
netapp canonical oracle
4.9
2020-07-15 CVE-2020-14654 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
netapp canonical oracle
4.9
2020-07-15 CVE-2020-14651 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles).
network
low complexity
netapp canonical oracle
5.5