Vulnerabilities > Canonical > Ubuntu Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-08-21 CVE-2020-8620 Reachable Assertion vulnerability in multiple products
In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.
network
low complexity
isc opensuse netapp canonical CWE-617
5.0
2020-08-17 CVE-2020-1472 Use of Insufficiently Random Values vulnerability in multiple products
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC).
5.5
2020-08-13 CVE-2020-17538 Out-of-bounds Write vulnerability in multiple products
A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.
local
low complexity
artifex debian canonical CWE-787
5.5
2020-08-13 CVE-2020-16310 Divide By Zero vulnerability in multiple products
A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.
local
low complexity
artifex debian canonical CWE-369
5.5
2020-08-13 CVE-2020-16309 Out-of-bounds Write vulnerability in multiple products
A buffer overflow vulnerability in lxm5700m_print_page() in devices/gdevlxm.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted eps file.
local
low complexity
artifex debian canonical CWE-787
5.5
2020-08-13 CVE-2020-16308 Out-of-bounds Write vulnerability in multiple products
A buffer overflow vulnerability in p_print_image() in devices/gdevcdj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.
local
low complexity
artifex debian canonical CWE-787
5.5
2020-08-13 CVE-2020-16307 NULL Pointer Dereference vulnerability in multiple products
A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file.
local
low complexity
artifex debian canonical CWE-476
5.5
2020-08-13 CVE-2020-16306 NULL Pointer Dereference vulnerability in multiple products
A null pointer dereference vulnerability in devices/gdevtsep.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file.
local
low complexity
artifex debian canonical CWE-476
5.5
2020-08-13 CVE-2020-16305 Out-of-bounds Write vulnerability in multiple products
A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.
local
low complexity
artifex debian canonical CWE-787
5.5
2020-08-13 CVE-2020-16304 Out-of-bounds Write vulnerability in multiple products
A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted eps file.
local
low complexity
artifex debian canonical CWE-787
5.5