Vulnerabilities > Canonical > Ubuntu Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-04-14 CVE-2020-11759 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in OpenEXR before 2.4.1.
5.5
2020-04-14 CVE-2020-11758 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in OpenEXR before 2.4.1.
5.5
2020-04-13 CVE-2020-1730 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers.
5.3
2020-04-10 CVE-2020-8832 Information Exposure vulnerability in multiple products
The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information.
local
low complexity
canonical netapp CWE-200
5.5
2020-04-09 CVE-2020-8834 Race Condition vulnerability in multiple products
KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption.
local
low complexity
linux canonical opensuse CWE-362
6.5
2020-04-07 CVE-2020-11609 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1.
low complexity
linux canonical CWE-476
4.3
2020-04-07 CVE-2020-11608 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.6.1.
low complexity
linux canonical CWE-476
4.3
2020-04-06 CVE-2020-11565 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.6.2.
local
low complexity
linux canonical CWE-787
6.0
2020-04-02 CVE-2020-11494 Missing Initialization of Resource vulnerability in multiple products
An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2.
local
low complexity
linux opensuse debian canonical CWE-909
4.4
2020-04-02 CVE-2020-1927 Open Redirect vulnerability in multiple products
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.
6.1