chris

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7292-1 Related CVEs: CVE-2021-36369 CVE-2023-48795 Upstream summary: Manfred Kaiser discovered that Dropbear through 2020.81 does not properly check the available authentication methods in the client-side SSH code. An attacker could […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7192-1 Related CVEs: CVE-2024-43700 Upstream summary: It was discovered that xfpt did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted file, […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7248-1 Related CVEs: CVE-2024-5564 Upstream summary: It was discovered that libndp incorrectly handled certain malformed IPv6 router advertisement packets. A local attacker could possibly use this issue to cause NetworkManager […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7878-1 Related CVEs: CVE-2025-64503 CVE-2025-57812 CVE-2025-64524 CVE-2024-47176 CVE-2023-24805 Upstream summary: It was discovered that cups-filters incorrectly handled certain malformed TIFF image files. A remote attacker could use this issue to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 16.04 (xenial) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7646-1 Related CVEs: CVE-2019-5418 CVE-2024-41128 CVE-2024-47887 CVE-2024-47888 CVE-2024-47889 Upstream summary: It was discovered that Rails did not correctly handle headers. An attacker could potentially use this issue to view arbitrary […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7503-1 Related CVEs: CVE-2025-43859 Upstream summary: Jeppe Bonde Weikop discovered that h11 incorrectly handled crafted HTTP requests. A remote attacker could possibly use this issue to smuggle malicious HTTP requests, […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7772-1 Related CVEs: CVE-2025-58068 https://launchpad.net/bugs/2125423 CVE-2021-21419 Upstream summary: It was discovered that Eventlet incorrectly handled certain requests. An attacker could possibly use this issue to bypass front-end security controls, launch […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4123-1 Related CVEs: CVE-2019-13173 Upstream summary: It was discovered that npm/fstream incorrectly handled certain crafted tarballs. An attacker could use this vulnerability to write aritrary files to the filesystem. Table […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4623-1 Related CVEs: CVE-2020-25654 Upstream summary: Ken Gaillot discovered that Pacemaker incorrectly handled IPC communications permissions. A local attacker could possibly use this issue to bypass ACL restrictions and execute […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4920-1 Related CVEs: CVE-2019-13132 CVE-2020-15166 CVE-2021-20234 CVE-2021-20235 CVE-2021-20237 Upstream summary: It was discovered that ZeroMQ incorrectly handled certain application metadata. A remote attacker could use this issue to cause ZeroMQ […]