IT, Cloud & DevOps Blog

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-3852-1 Related CVEs: CVE-2017-11591 CVE-2017-11683 CVE-2017-14859 CVE-2017-14862 CVE-2017-14864 CVE-2017-17669 CVE-2017-9239 CVE-2018-16336  +7 more Upstream summary: It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5066-1 Related CVEs: CVE-2021-21239 CVE-2020-5390 Upstream summary: Brian Wolff discovered that PySAML2 incorrectly validated cryptographic signatures. A remote attacker could possibly use this issue to alter SAML documents. Table of […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5304-1 Related CVEs: CVE-2021-4115 CVE-2021-4034 CVE-2021-3560 Upstream summary: Kevin Backhouse discovered that PolicyKit incorrectly handled file descriptors. A local attacker could possibly use this issue to cause PolicyKit to crash, […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8189-1 Related CVEs: CVE-2024-39684 CVE-2024-38517 Upstream summary: It was discovered that RapidJSON did not properly protect against integer overflows in certain instances when parsing JSON text. A remote attacker could […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4816-1 Related CVEs: CVE-2017-17446 Upstream summary: It was discovered that game-music-emu mishandled certain crafted input. A remote attacker could use this vulnerability to cause game-music-emu to crash. Table of contents […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8168-1 Related CVEs: CVE-2026-33056 Upstream summary: It was discovered that tar-rs embedded in rustc incorrectly handled symlinks when unpacking a tar archive. If a user or automated system were tricked […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5232-1 Related CVEs: CVE-2021-32749 Upstream summary: Jakub Żoczek discovered that certain Fail2ban actions handled whois responses in an insecure way. If Fail2ban was configured to use certain mail actions like […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6385-1 Related CVEs: CVE-2022-27672 CVE-2022-4269 CVE-2023-0458 CVE-2023-1075 CVE-2023-1076 CVE-2023-1206 CVE-2023-1380 CVE-2023-1611  +12 more Upstream summary: It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 16.04 (xenial) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6432-1 Related CVEs: CVE-2023-41358 CVE-2023-41360 CVE-2018-5378 CVE-2018-5379 CVE-2018-5380 CVE-2018-5381 CVE-2017-16227 CVE-2017-5495  +3 more Upstream summary: It was discovered that the Quagga BGP daemon did not properly check the attribute length […]