chris

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 16.04 (xenial) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7117-1 Related CVEs: CVE-2024-10224 CVE-2024-11003 CVE-2024-48990 CVE-2024-48991 CVE-2024-48992 Upstream summary: Qualys discovered that needrestart passed unsanitized data to a library (libmodule-scandeps-perl) which expects safe input. A local attacker could possibly […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7375-1 Related CVEs: CVE-2023-28617 CVE-2024-30202 CVE-2024-30205 CVE-2024-39331 Upstream summary: It was discovered that Org Mode did not correctly handle filenames containing shell metacharacters. An attacker could possibly use this issue […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7063-1 Related CVEs: CVE-2024-6388 Upstream summary: Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon leaked the Pro token to unprivileged users by passing the token as an argument in […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6643-1 Related CVEs: CVE-2023-42282 Upstream summary: Emre Durmaz discovered that NPM IP package incorrectly distinguished between private and public IP addresses. A remote attacker could possibly use this issue to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-2431-2 Related CVEs: https://launchpad.net/bugs/1399016 Upstream summary: USN-2431-1 fixed vulnerabilities in mod_wsgi. The security update exposed an issue in the MAAS package, causing a regression. This update fixes the problem. We […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7367-1 Related CVEs: CVE-2025-2173 CVE-2025-2174 CVE-2025-2175 CVE-2025-2176 CVE-2025-2177 Upstream summary: It was discovered that zvbi incorrectly handled memory when processing user input. An attacker could possibly use this issue to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6856-1 Related CVEs: CVE-2024-25081 CVE-2024-25082 Upstream summary: It was discovered that FontForge incorrectly handled filenames. If a user or an automated system were tricked into opening a specially crafted input […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6899-1 Related CVEs: CVE-2024-6655 Upstream summary: It was discovered that GTK would attempt to load modules from the current directory, contrary to expectations. If users started GTK applications from shared […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7368-1 Related CVEs: CVE-2017-18640 CVE-2022-25857 CVE-2022-38749 CVE-2022-38750 CVE-2022-38751 Upstream summary: It was discovered that SnakeYAML incorrectly handled recursive entity references. An attacker could possibly use this issue to cause SnakeYAML […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 16.04 (xenial) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7135-1 Related CVEs: CVE-2023-25725 CVE-2023-45539 CVE-2019-18277 CVE-2018-20102 CVE-2018-20103 CVE-2018-20615 CVE-2016-5360 Upstream summary: Bahruz Jabiyev, Anthony Gavazzi, Engin Kirda, Kaan Onarlioglu, Adi Peleg, and Harvey Tuch discovered that HAProxy incorrectly handled […]