chris

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4442-1 Related CVEs: CVE-2018-1000550 CVE-2018-1000671 CVE-2020-10936 Upstream summary: Michael Kaczmarczik discovered that Sympa incorrectly handled HTTP GET/POST requests. An attacker could possibly use this issue to insert, edit or obtain […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7050-1 Related CVEs: CVE-2021-43177 CVE-2024-8796 Upstream summary: Benoit Côté-Jodoin and Michael Nipper discovered that Devise-Two-Factor incorrectly handled one-time password validation. An attacker could possibly use this issue to intercept and […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4395-1 Related CVEs: CVE-2020-10759 Upstream summary: Justin Steven discovered that fwupd incorrectly handled certain signature verification. An attacker could possibly use this issue to install an unsigned firmware. Table of […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-3907-1 Related CVEs: CVE-2019-0804 Upstream summary: It was discovered that WALinuxAgent created swap files with incorrect permissions. A local attacker could possibly use this issue to obtain sensitive information from […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7544-1 Related CVEs: CVE-2025-47273 CVE-2024-6345 CVE-2022-40897 Upstream summary: It was discovered that setuptools did not properly sanitize paths. An attacker could possibly use this issue to write files to arbitrary […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-2699-1 Related CVEs: CVE-2015-0839 Upstream summary: Enrico Zini discovered that HPLIP used a short GPG key ID when downloading keys from the keyserver. An attacker could possibly use this to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7604-2 Related CVEs: CVE-2025-32462 CVE-2023-28486 CVE-2023-28487 CVE-2022-33070 CVE-2023-22809 CVE-2021-23239 CVE-2021-3156 CVE-2019-18634  +1 more Upstream summary: USN-7604-1 fixed CVE-2025-32462 in sudo. This update provides the corresponding fixes for Ubuntu 20.04 LTS, […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7046-1 Related CVEs: CVE-2024-42472 https://launchpad.net/bugs/2077087 Upstream summary: It was discovered that Flatpak incorrectly handled certain persisted directories. An attacker could possibly use this issue to read and write files in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 16.04 (xenial) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7404-1 Related CVEs: CVE-2021-30130 CVE-2023-52892 CVE-2024-27354 CVE-2024-27355 Upstream summary: It was discovered that phpseclib did not correctly handle RSA PKCS#1 v1.5 signature verification. An attacker could possibly use this issue […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7567-1 Related CVEs: CVE-2025-47947 CVE-2025-48866 CVE-2021-42717 CVE-2022-48279 CVE-2023-24021 Upstream summary: Simon Studer discovered that ModSecurity incorrectly handled certain JSON objects. An attacker could possibly use this issue to cause a […]