Vulnerabilities (CVE)

Filtered by vendor Canonical Subscribe
Total 4203 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-12866 3 Canonical, Opensuse, Sane-project 3 Ubuntu Linux, Leap, Sane Backends 2024-11-21 2.7 LOW 5.7 MEDIUM
A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079.
CVE-2020-12865 4 Canonical, Debian, Opensuse and 1 more 4 Ubuntu Linux, Debian Linux, Leap and 1 more 2024-11-21 5.2 MEDIUM 8.0 HIGH
A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084.
CVE-2020-12864 3 Canonical, Opensuse, Sane-project 3 Ubuntu Linux, Leap, Sane Backends 2024-11-21 3.3 LOW 4.3 MEDIUM
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081.
CVE-2020-12863 4 Canonical, Debian, Opensuse and 1 more 4 Ubuntu Linux, Debian Linux, Leap and 1 more 2024-11-21 3.3 LOW 4.3 MEDIUM
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083.
CVE-2020-12862 4 Canonical, Debian, Opensuse and 1 more 4 Ubuntu Linux, Debian Linux, Leap and 1 more 2024-11-21 3.3 LOW 4.3 MEDIUM
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082.
CVE-2020-12861 3 Canonical, Opensuse, Sane-project 3 Ubuntu Linux, Leap, Sane Backends 2024-11-21 7.9 HIGH 8.8 HIGH
A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080.
CVE-2020-12829 3 Canonical, Debian, Qemu 3 Ubuntu Linux, Debian Linux, Qemu 2024-11-21 2.1 LOW 3.8 LOW
In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPY_AREA macro while handling MMIO write operations through the sm501_2d_engine_write() callback. A local attacker could abuse this flaw to crash the QEMU process in sm501_2d_operation() in hw/display/sm501.c on the host, resulting in a denial of service.
CVE-2020-12826 3 Canonical, Linux, Redhat 4 Ubuntu Linux, Linux Kernel, Enterprise Linux and 1 more 2024-11-21 4.4 MEDIUM 5.3 MEDIUM
A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a do_notify_parent protection mechanism. A child process can send an arbitrary signal to a parent process in a different security domain. Exploitation limitations include the amount of elapsed time before an integer overflow occurs, and the lack of scenarios where signals to a parent process present a substantial operational threat.
CVE-2020-12783 4 Canonical, Debian, Exim and 1 more 4 Ubuntu Linux, Debian Linux, Exim and 1 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.
CVE-2020-12771 6 Canonical, Debian, Linux and 3 more 37 Ubuntu Linux, Debian Linux, Linux Kernel and 34 more 2024-11-21 4.9 MEDIUM 5.5 MEDIUM
An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.
CVE-2020-12770 5 Canonical, Debian, Fedoraproject and 2 more 36 Ubuntu Linux, Debian Linux, Fedora and 33 more 2024-11-21 4.6 MEDIUM 6.7 MEDIUM
An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.
CVE-2020-12769 5 Canonical, Debian, Linux and 2 more 36 Ubuntu Linux, Debian Linux, Linux Kernel and 33 more 2024-11-21 4.9 MEDIUM 5.5 MEDIUM
An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.
CVE-2020-12768 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2024-11-21 2.1 LOW 5.5 MEDIUM
An issue was discovered in the Linux kernel before 5.6. svm_cpu_uninit in arch/x86/kvm/svm.c has a memory leak, aka CID-d80b64ff297e. NOTE: third parties dispute this issue because it's a one-time leak at the boot, the size is negligible, and it can't be triggered at will
CVE-2020-12767 4 Canonical, Debian, Libexif Project and 1 more 4 Ubuntu Linux, Debian Linux, Libexif and 1 more 2024-11-21 2.1 LOW 5.5 MEDIUM
exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.
CVE-2020-12762 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.
CVE-2020-12695 21 Asus, Broadcom, Canon and 18 more 217 Rt-n11, Adsl, Selphy Cp1200 and 214 more 2024-11-21 7.8 HIGH 7.5 HIGH
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
CVE-2020-12692 2 Canonical, Openstack 2 Ubuntu Linux, Keystone 2024-11-21 5.5 MEDIUM 5.4 MEDIUM
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times.
CVE-2020-12691 2 Canonical, Openstack 2 Ubuntu Linux, Keystone 2024-11-21 6.5 MEDIUM 8.8 HIGH
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that they have a specified role on, and then perform an update to the credential user and project, allowing them to masquerade as another user. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.
CVE-2020-12689 2 Canonical, Openstack 2 Ubuntu Linux, Keystone 2024-11-21 6.5 MEDIUM 8.8 HIGH
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.
CVE-2020-12674 4 Canonical, Debian, Dovecot and 1 more 4 Ubuntu Linux, Debian Linux, Dovecot and 1 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled.