Vulnerabilities (CVE)

Filtered by vendor Canonical Subscribe
Total 4203 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-16292 3 Artifex, Canonical, Debian 3 Ghostscript, Ubuntu Linux, Debian Linux 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
CVE-2020-16291 3 Artifex, Canonical, Debian 3 Ghostscript, Ubuntu Linux, Debian Linux 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
CVE-2020-16290 3 Artifex, Canonical, Debian 3 Ghostscript, Ubuntu Linux, Debian Linux 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
CVE-2020-16289 3 Artifex, Canonical, Debian 3 Ghostscript, Ubuntu Linux, Debian Linux 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
CVE-2020-16288 3 Artifex, Canonical, Debian 3 Ghostscript, Ubuntu Linux, Debian Linux 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
CVE-2020-16287 3 Artifex, Canonical, Debian 3 Ghostscript, Ubuntu Linux, Debian Linux 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
CVE-2020-16166 7 Canonical, Debian, Fedoraproject and 4 more 16 Ubuntu Linux, Debian Linux, Fedora and 13 more 2024-11-21 4.3 MEDIUM 3.7 LOW
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c.
CVE-2020-16135 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if ssh_buffer_new returns NULL.
CVE-2020-16128 1 Canonical 1 Ubuntu Linux 2024-11-21 2.1 LOW 3.8 LOW
The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5.
CVE-2020-16123 1 Canonical 1 Ubuntu Linux 2024-11-21 2.1 LOW 4.4 MEDIUM
An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as coming from a snap if SCM_CREDENTIALS were missing, allowing the snap to connect to PulseAudio without proper confinement. This could be exploited by an attacker to expose sensitive information. Fixed in 1:13.99.3-1ubuntu2, 1:13.99.2-1ubuntu2.1, 1:13.99.1-1ubuntu3.8, 1:11.1-1ubuntu7.11, and 1:8.0-0ubuntu3.15.
CVE-2020-16122 2 Canonical, Packagekit Project 2 Ubuntu Linux, Packagekit 2024-11-21 2.1 LOW 8.2 HIGH
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages.
CVE-2020-16121 2 Canonical, Packagekit Project 2 Ubuntu Linux, Packagekit 2024-11-21 2.1 LOW 3.3 LOW
PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own.
CVE-2020-16120 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2024-11-21 2.1 LOW 5.1 MEDIUM
Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. It was possible to have a file not readable by an unprivileged user to be copied to a mountpoint controlled by the user, like a removable device. This was introduced in kernel version 4.19 by commit d1d04ef ("ovl: stack file ops"). This was fixed in kernel version 5.8 by commits 56230d9 ("ovl: verify permissions in ovl_path_open()"), 48bd024 ("ovl: switch to mounter creds in readdir") and 05acefb ("ovl: check permission to open real file"). Additionally, commits 130fdbc ("ovl: pass correct flags for opening real directory") and 292f902 ("ovl: call secutiry hook in ovl_real_ioctl()") in kernel 5.8 might also be desired or necessary. These additional commits introduced a regression in overlay mounts within user namespaces which prevented access to files with ownership outside of the user namespace. This regression was mitigated by subsequent commit b6650da ("ovl: do not fail because of O_NOATIMEi") in kernel 5.11.
CVE-2020-16119 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2024-11-21 4.6 MEDIUM 6.3 MEDIUM
Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.
CVE-2020-16116 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2024-11-21 4.3 MEDIUM 3.3 LOW
In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal.
CVE-2020-16092 4 Canonical, Debian, Opensuse and 1 more 4 Ubuntu Linux, Debian Linux, Leap and 1 more 2024-11-21 2.1 LOW 3.8 LOW
In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the QEMU process on the host, resulting in a denial of service condition in net_tx_pkt_add_raw_fragment in hw/net/net_tx_pkt.c.
CVE-2020-15900 3 Artifex, Canonical, Opensuse 3 Ghostscript, Ubuntu Linux, Leap 2024-11-21 7.5 HIGH 9.8 CRITICAL
A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and could underflow to max uint32_t. This was fixed in commit 5d499272b95a6b890a1397e11d20937de000d31b.
CVE-2020-15890 3 Canonical, Debian, Luajit 3 Ubuntu Linux, Debian Linux, Luajit 2024-11-21 5.0 MEDIUM 7.5 HIGH
LuaJit through 2.1.0-beta3 has an out-of-bounds read because __gc handler frame traversal is mishandled.
CVE-2020-15863 3 Canonical, Debian, Qemu 3 Ubuntu Linux, Debian Linux, Qemu 2024-11-21 4.4 MEDIUM 5.3 MEDIUM
hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2020 has a buffer overflow. This occurs during packet transmission and affects the highbank and midway emulated machines. A guest user or process could use this flaw to crash the QEMU process on the host, resulting in a denial of service or potential privileged code execution. This was fixed in commit 5519724a13664b43e225ca05351c60b4468e4555.
CVE-2020-15862 3 Canonical, Net-snmp, Netapp 6 Ubuntu Linux, Net-snmp, Cloud Backup and 3 more 2024-11-21 7.2 HIGH 7.8 HIGH
Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.