|
209571
|
3.8 |
LOW
Local
|
canonical
|
ubuntu_linux
|
The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions prior to 1.1.1+bzr982-0ubunt…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2020-16128
|
2024-11-21 14:06 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209572
|
4.7 |
MEDIUM
Local
|
canonical
|
ubuntu_linux
|
An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as coming from a snap if SCM_CREDENTIALS were missi…
|
CWE-362
Race Condition
|
CVE-2020-16123
|
2024-11-21 14:06 |
2020-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209573
|
9.8 |
CRITICAL
Network
|
ortussolutions
|
testbox
|
In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters passed to system/runners/HTMLRunner.cfm allow an attacker to write an arbitrary CFM file (within the application's context) c…
|
CWE-22
Path Traversal
|
CVE-2020-15929
|
2024-11-21 14:06 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209574
|
5.3 |
MEDIUM
Network
|
ortussolutions
|
testbox
|
In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters to test-browser/index.cfm allow directory traversal.
|
CWE-22
Path Traversal
|
CVE-2020-15928
|
2024-11-21 14:06 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209575
|
6.1 |
MEDIUM
Local
|
pulseaudio_project
|
pulseaudio
|
Potential double free in Bluez 5 module of PulseAudio could allow a local attacker to leak memory or crash the program. The modargs variable may be freed twice in the fail condition in src/modules/bl…
|
CWE-415
Double Free
|
CVE-2020-15710
|
2024-11-21 14:06 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209576
|
7.5 |
HIGH
Network
|
siemens
|
sinumerik_840d_sl_firmware
simatic_s7-300_cpu_312_firmware
simatic_s7-300_cpu_314_firmware
simatic_s7-300_cpu_315-2_dp_firmware
simatic_s7-300_cpu_315-2_pn_firmware
simatic_s7-300_cpu_…
|
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC TDC CPU555 (All versions), SINUMERIK 840D sl (All versions). Se…
|
-
|
CVE-2020-15783
|
2024-11-21 14:06 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209577
|
5.5 |
MEDIUM
Local
|
freedesktop
|
accountsservice
|
An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, would perform unbounded read operations on user-controlled ~/.pam_environment f…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2020-16127
|
2024-11-21 14:06 |
2020-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209578
|
3.3 |
LOW
Local
|
freedesktop
|
accountsservice
|
An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to Accoun…
|
NVD-CWE-noinfo
|
CVE-2020-16126
|
2024-11-21 14:06 |
2020-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209579
|
6.8 |
MEDIUM
Physics
|
gnome
|
gnome_display_manager
|
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could …
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2020-16125
|
2024-11-21 14:06 |
2020-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209580
|
7.8 |
HIGH
Local
|
packagekit_project
canonical
|
packagekit
ubuntu_linux
|
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured Policy…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2020-16122
|
2024-11-21 14:06 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
