CVE-2020-11931

LOW Year: 2020
CVSS v3 Score
3.3
Low
CVSS v2 Score
2.1
Low
Weakness Type
CWE-284
View all →

Vulnerability Description

An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of pulseaudio, audio-playback or audio-record via unloading the pulseaudio snap policy module. This issue affects: pulseaudio 1:8.0 versions prior to 1:8.0-0ubuntu3.12; 1:11.1 versions prior to 1:11.1-1ubuntu7.7; 1:13.0 versions prior to 1:13.0-1ubuntu1.2; 1:13.99.1 versions prior to 1:13.99.1-1ubuntu3.2;

Related Vulnerabilities

CVE-2016-5615

LOW
CVSS:3.3(Low)

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Lynx.

CWE-2842016

CVE-2016-6770

LOW
CVSS:3.3(Low)

An elevation of privilege vulnerability in the Framework API could enable a local malicious application to access system functions beyond its access level. This issue is rated as Moderate because it i...

CWE-2842016

CVE-2017-18421

LOW
CVSS:3.3(Low)

cPanel before 66.0.2 allows demo accounts to create databases and users (SEC-271).

CWE-2842017

CVE-2020-15279

LOW
CVSS:3.3(Low)

An Improper Access Control vulnerability in the logging component of Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.23.320 allows a regular user to learn the scanning exclusion ...

CWE-2842020

CVE-2021-25359

LOW
CVSS:3.3(Low)

An improper SELinux policy prior to SMR APR-2021 Release 1 allows local attackers to access AP information without proper permissions via untrusted applications.

CWE-2842021

CVE-2021-25439

LOW
CVSS:3.3(Low)

Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause arbit...

CWE-2842021