chris

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 16.04 (xenial) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7147-1 Related CVEs: CVE-2016-6802 CVE-2023-34478 CVE-2023-46749 CVE-2023-46750 CVE-2016-4437 Upstream summary: It was discovered that Apache Shiro incorrectly handled path traversal when used with other web frameworks or path rewriting. An […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7092-1 Related CVEs: CVE-2024-10573 Upstream summary: It was discovered that mpg123 incorrectly handled certain mp3 files. If a user or automated system were tricked into opening a specially crafted mp3 […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-3658-1 Related CVEs: CVE-2018-1122 CVE-2018-1123 CVE-2018-1124 CVE-2018-1125 CVE-2018-1126 Upstream summary: It was discovered that the procps-ng top utility incorrectly read its configuration file from the current working directory. A local […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6692-1 Related CVEs: CVE-2022-25647 Upstream summary: It was discovered that Gson incorrectly handled deserialization of untrusted input data. If a user or an automated system were tricked into opening a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-2455-1 Related CVEs: CVE-2014-7844 Upstream summary: It was discovered that bsd-mailx contained a feature that allowed syntactically valid email addresses to be treated as shell commands. A remote attacker could […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7372-1 Related CVEs: CVE-2022-45060 CVE-2019-20637 CVE-2020-11653 CVE-2021-36740 CVE-2022-23959 Upstream summary: Martin van Kervel Smedshammer discovered that Varnish did not properly sanitize certain HTTP headers. A remote attacker could possibly use […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6899-1 Related CVEs: CVE-2024-6655 Upstream summary: It was discovered that GTK would attempt to load modules from the current directory, contrary to expectations. If users started GTK applications from shared […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7409-1 Related CVEs: CVE-2025-25291 CVE-2025-25292 CVE-2025-25293 CVE-2016-5697 CVE-2017-11428 CVE-2024-45409 Upstream summary: It was discovered that ruby-saml did not correctly handle XML parsing. An attacker could possibly use this issue to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7409-1 Related CVEs: CVE-2025-25291 CVE-2025-25292 CVE-2025-25293 CVE-2016-5697 CVE-2017-11428 CVE-2024-45409 Upstream summary: It was discovered that ruby-saml did not correctly handle XML parsing. An attacker could possibly use this issue to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6882-2 Related CVEs: CVE-2022-47951 CVE-2024-32498 Upstream summary: USN-6882-1 fixed vulnerabilities in Cinder. The update caused a regression in certain environments due to incorrect privilege handling. This update fixes the problem. […]