Canonical Ubuntu Linux vulnerabilities

CVE-2020-4033 [MEDIUM] CWE-125 CVE-2020-4033: In FreeRDP before version 2.1.2, there is an out of bounds read in RLEDECOMPRESS. All FreeRDP based In FreeRDP before version 2.1.2, there is an out of bounds read in RLEDECOMPRESS. All FreeRDP based clients with sessions with color depth < 32 are affected. This is fixed in version 2.1.2.

CVE-2020-14954 [MEDIUM] CWE-74 CVE-2020-14954: Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a man-in-the-middle attacker) and evaluates it in a TLS context, aka "response injection."

CVE-2020-8184 [HIGH] CWE-784 CVE-2020-8184: A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2 A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.

CVE-2020-3350 [MEDIUM] CWE-362 CVE-2020-3350: A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow a A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. The vulnerability is due to a race condition that could occur when scanning malicious files. An attacker with local shell access could exploit this vu

CVE-2019-20840 [HIGH] CWE-787 CVE-2019-20840: An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode.

CVE-2020-14398 [HIGH] CWE-835 CVE-2020-14398: An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c.

CVE-2020-14396 [HIGH] CWE-476 CVE-2020-14396: An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference.

CVE-2018-21247 [HIGH] CWE-909 CVE-2018-21247: An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialize An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.

CVE-2020-14400 [HIGH] CVE-2020-14400: An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_ An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary

CVE-2020-14397 [HIGH] CWE-476 CVE-2020-14397: An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer d An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.

CVE-2020-14399 [HIGH] CVE-2020-14399: An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_ An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed.

CVE-2019-20839 [HIGH] CWE-120 CVE-2019-20839: libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filenam libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.

CVE-2020-14402 [MEDIUM] CWE-787 CVE-2020-14402: An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds acc An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings.

CVE-2020-14405 [MEDIUM] CWE-770 CVE-2020-14405: An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextCh An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size.

CVE-2020-14403 [MEDIUM] CWE-787 CVE-2020-14403: An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds a An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings.

CVE-2020-8619 [MEDIUM] CWE-404 CVE-2020-8619: In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND S In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk ("*") character, this defect cannot be enco

CVE-2020-14404 [MEDIUM] CWE-787 CVE-2020-14404: An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds acces An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings.

CVE-2020-8618 [MEDIUM] CWE-617 CVE-2020-8618: An attacker who is permitted to send zone data to a server via zone transfer can exploit this to int An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.

CVE-2020-14154 [MEDIUM] CVE-2020-14154: Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, t Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate.

CVE-2020-0543 [MEDIUM] CWE-459 CVE-2020-0543: Incomplete cleanup from specific special register read operations in some Intel(R) Processors may al Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.