Filtered by vendor Canonical
Subscribe
Total
4203 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-10760 | 4 Canonical, Fedoraproject, Opensuse and 1 more | 4 Ubuntu Linux, Fedora, Leap and 1 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. A Samba LDAP user could use this flaw to crash samba. | |||||
| CVE-2020-10757 | 7 Canonical, Debian, Fedoraproject and 4 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
| A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system. | |||||
| CVE-2020-10756 | 5 Canonical, Debian, Libslirp Project and 2 more | 6 Ubuntu Linux, Debian Linux, Libslirp and 3 more | 2024-11-21 | 2.1 LOW | 6.5 MEDIUM |
| An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible information disclosure. This flaw affects versions of libslirp before 4.3.1. | |||||
| CVE-2020-10755 | 2 Canonical, Redhat | 2 Ubuntu Linux, Openstack-cinder | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before openstack-cinder 15.2.0 and all openstack-cinder 16.x.x versions before openstack-cinder 16.1.0. When using openstack-cinder with the Dell EMC ScaleIO or VxFlex OS backend storage driver, credentials for the entire backend are exposed in the ``connection_info`` element in all Block Storage v3 Attachments API calls containing that element. This flaw enables an end-user to create a volume, make an API call to show the attachment detail information, and retrieve a username and password that may be used to connect to another user's volume. Additionally, these credentials are valid for the ScaleIO or VxFlex OS Management API, should an attacker discover the Management API endpoint. Source: OpenStack project | |||||
| CVE-2020-10753 | 5 Canonical, Fedoraproject, Linuxfoundation and 2 more | 6 Ubuntu Linux, Fedora, Ceph and 3 more | 2024-11-21 | 4.3 MEDIUM | 5.4 MEDIUM |
| A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the CORS request is made. Ceph versions 3.x and 4.x are vulnerable to this issue. | |||||
| CVE-2020-10732 | 4 Canonical, Linux, Netapp and 1 more | 31 Ubuntu Linux, Linux Kernel, Active Iq Unified Manager and 28 more | 2024-11-21 | 3.6 LOW | 3.3 LOW |
| A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data. | |||||
| CVE-2020-10724 | 3 Canonical, Dpdk, Fedoraproject | 3 Ubuntu Linux, Data Plane Development Kit, Fedora | 2024-11-21 | 2.1 LOW | 5.1 MEDIUM |
| A vulnerability was found in DPDK versions 18.11 and above. The vhost-crypto library code is missing validations for user-supplied values, potentially allowing an information leak through an out-of-bounds memory read. | |||||
| CVE-2020-10723 | 5 Canonical, Dpdk, Fedoraproject and 2 more | 6 Ubuntu Linux, Data Plane Development Kit, Fedora and 3 more | 2024-11-21 | 4.6 MEDIUM | 5.1 MEDIUM |
| A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index (a UInt) is copied and truncated into a uint16, which can lead to out of bound indexing and possible memory corruption. | |||||
| CVE-2020-10722 | 5 Canonical, Dpdk, Fedoraproject and 2 more | 6 Ubuntu Linux, Data Plane Development Kit, Fedora and 3 more | 2024-11-21 | 4.6 MEDIUM | 5.1 MEDIUM |
| A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption. | |||||
| CVE-2020-10711 | 5 Canonical, Debian, Linux and 2 more | 11 Ubuntu Linux, Debian Linux, Linux Kernel and 8 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service. | |||||
| CVE-2020-10690 | 6 Canonical, Debian, Linux and 3 more | 33 Ubuntu Linux, Debian Linux, Linux Kernel and 30 more | 2024-11-21 | 4.4 MEDIUM | 6.5 MEDIUM |
| There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes to sleep. During this time if the underlying device is removed, it can cause an exploitable condition as the process wakes up to terminate and clean all attached files. The system crashes due to the cdev structure being invalid (as already freed) which is pointed to by the inode. | |||||
| CVE-2020-10683 | 5 Canonical, Dom4j Project, Netapp and 2 more | 38 Ubuntu Linux, Dom4j, Oncommand Api Services and 35 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. | |||||
| CVE-2020-10531 | 9 Canonical, Debian, Fedoraproject and 6 more | 11 Ubuntu Linux, Debian Linux, Fedora and 8 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp. | |||||
| CVE-2020-10379 | 3 Canonical, Fedoraproject, Python | 3 Ubuntu Linux, Fedora, Pillow | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c. | |||||
| CVE-2020-10378 | 3 Canonical, Fedoraproject, Python | 3 Ubuntu Linux, Fedora, Pillow | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state->shuffle is instructed to read beyond state->buffer. | |||||
| CVE-2020-10177 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c. | |||||
| CVE-2020-10174 | 3 Canonical, Fedoraproject, Timeshift Project | 3 Ubuntu Linux, Fedora, Timeshift | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
| init_tmp in TeeJee.FileSystem.vala in Timeshift before 20.03 unsafely reuses a preexisting temporary directory in the predictable location /tmp/timeshift. It follows symlinks in this location or uses directories owned by unprivileged users. Because Timeshift also executes scripts under this location, an attacker can attempt to win a race condition to replace scripts created by Timeshift with attacker-controlled scripts. Upon success, an attacker-controlled script is executed with full root privileges. This logic is practically always triggered when Timeshift runs regardless of the command-line arguments used. | |||||
| CVE-2020-10109 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header, the content-length took precedence and the remainder of the request body was interpreted as a pipelined request. | |||||
| CVE-2020-10108 | 5 Canonical, Debian, Fedoraproject and 2 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the first header. When the second content-length value was set to zero, the request body was interpreted as a pipelined request. | |||||
| CVE-2020-10029 | 6 Canonical, Debian, Fedoraproject and 3 more | 12 Ubuntu Linux, Debian Linux, Fedora and 9 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c. | |||||