Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-06-24 | CVE-2020-12863 | An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083. | Ubuntu_linux, Debian_linux, Leap, Sane_backends | 4.3 | ||
| 2020-06-24 | CVE-2020-12864 | An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081. | Ubuntu_linux, Leap, Sane_backends | 4.3 | ||
| 2020-06-24 | CVE-2020-12865 | A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084. | Ubuntu_linux, Debian_linux, Leap, Sane_backends | 8.0 | ||
| 2020-06-24 | CVE-2020-12866 | A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079. | Ubuntu_linux, Leap, Sane_backends | 5.7 | ||
| 2020-06-25 | CVE-2020-5963 | NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, denial of service, or information disclosure. | Ubuntu_linux, Geforce_firmware, Nvs_firmware, Quadro_firmware, Tesla_firmware | 7.8 | ||
| 2020-06-25 | CVE-2020-5967 | NVIDIA Linux GPU Display Driver, all versions, contains a vulnerability in the UVM driver, in which a race condition may lead to a denial of service. | Ubuntu_linux, Geforce_firmware, Nvs_firmware, Quadro_firmware, Tesla_firmware | 4.7 | ||
| 2020-06-26 | CVE-2020-15305 | An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp. | Ubuntu_linux, Debian_linux, Fedora, Openexr, Leap | 5.5 | ||
| 2020-06-26 | CVE-2020-15306 | An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp. | Ubuntu_linux, Debian_linux, Fedora, Openexr, Leap | 5.5 | ||
| 2020-06-27 | CVE-2020-15358 | In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. | Icloud, Ipados, Iphone_os, Macos, Tvos, Watchos, Ubuntu_linux, Communications_cloud_native_core_policy, Communications_messaging_server, Communications_network_charging_and_control, Enterprise_manager_ops_center, Hyperion_infrastructure_technology, Mysql, Outside_in_technology, Sinec_infrastructure_network_services, Sqlite | 5.5 | ||
| 2020-06-29 | CVE-2020-4067 | In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client (an attacker) could use their connection to intelligently query coturn to get interesting bytes in the padding bytes from the connection of another client. This has been fixed in 4.5.1.3. | Ubuntu_linux, Coturn, Debian_linux, Fedora, Leap | 7.5 |