Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
canonical ubuntu linux 20.04 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2019-20810
go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel prior to 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586.
Linux Linux Kernel
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
5.5
CVSSv3
CVE-2020-12656
gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel up to and including 5.6.10 lacks certain domain_release calls, leading to a memory leak. Note: This was disputed with the assertion that the issue does not grant any a...
Linux Linux Kernel
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Opensuse Leap 15.2
8.8
CVSSv3
CVE-2022-39176
BlueZ prior to 5.59 allows physically proximate malicious users to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len.
Bluez Bluez
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Debian Debian Linux 10.0
8.8
CVSSv3
CVE-2022-39177
BlueZ prior to 5.59 allows physically proximate malicious users to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c.
Bluez Bluez
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Debian Debian Linux 10.0
6
CVSSv3
CVE-2020-14367
A flaw was found in chrony versions prior to 3.5.1 when creating the PID file under the /var/run/chrony folder. The file is created during chronyd startup while still running as the root user, and when it's opened for writing, chronyd does not check for an existing symbolic ...
Tuxfamily Chrony
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
1 Github repository
6.5
CVSSv3
CVE-2020-15652
By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox < 79, Firefox ESR < 68.11, Firefox ESR < 78.1, ...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
6.5
CVSSv3
CVE-2020-15653
An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR < 78...
Mozilla Thunderbird
Mozilla Firefox Esr
Mozilla Firefox
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
6.5
CVSSv3
CVE-2020-15654
When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings...
Mozilla Thunderbird
Mozilla Firefox Esr
Mozilla Firefox
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
6.5
CVSSv3
CVE-2020-15658
The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an earlier position, leading to a different file type being downloaded than shown in the dialog. This vulnerability affects Firefox E...
Mozilla Thunderbird
Mozilla Firefox Esr
Mozilla Firefox
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
7.8
CVSSv3
CVE-2023-3389
A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past commit ef7dfac51d8ed961b742218f526bd...
Linux Linux Kernel
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 22.04
Debian Debian Linux 10.0
Debian Debian Linux 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »