Vulnerabilities > Canonical > Ubuntu Linux > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-06-15 | CVE-2020-0543 | Incomplete Cleanup vulnerability in multiple products Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
2020-06-15 | CVE-2020-14093 | Cleartext Transmission of Sensitive Information vulnerability in multiple products Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response. | 4.3 |
2020-06-12 | CVE-2020-10732 | Use of Uninitialized Resource vulnerability in multiple products A flaw was found in the Linux kernel's implementation of Userspace core dumps. | 4.4 |
2020-06-10 | CVE-2020-10755 | Insufficiently Protected Credentials vulnerability in multiple products An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before openstack-cinder 15.2.0 and all openstack-cinder 16.x.x versions before openstack-cinder 16.1.0. | 6.5 |
2020-06-09 | CVE-2020-10761 | Reachable Assertion vulnerability in multiple products An assertion failure issue was found in the Network Block Device(NBD) Server in all QEMU versions before QEMU 5.0.1. | 5.0 |
2020-06-08 | CVE-2020-13696 | Incorrect Authorization vulnerability in multiple products An issue was discovered in LinuxTV xawtv before 3.107. | 4.4 |
2020-06-08 | CVE-2020-12049 | Improper Resource Shutdown or Release vulnerability in multiple products An issue was discovered in dbus >= 1.3.0 before 1.12.18. | 5.5 |
2020-06-07 | CVE-2020-13904 | Use After Free vulnerability in multiple products FFmpeg 2.8 and 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer, and later that pointer is accessed in av_probe_input_format3 in libavformat/format.c. | 5.5 |
2020-06-06 | CVE-2020-13881 | Information Exposure Through Log Files vulnerability in multiple products In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used. | 4.3 |
2020-06-04 | CVE-2020-13800 | Uncontrolled Recursion vulnerability in multiple products ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via a crafted mm_index value during an ati_mm_read or ati_mm_write call. | 4.9 |