IT, Cloud & DevOps Blog

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5375-1 Related CVEs: CVE-2019-16165 Upstream summary: It was discovered that GNU cflow was incorrectly handling memory cleanup operations at the end of a compilation module. An attacker could possibly use […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7258-1 Related CVEs: CVE-2022-24728 CVE-2023-28439 CVE-2024-24815 CVE-2024-24816 CVE-2024-43411 CVE-2018-9861 CVE-2020-9281 CVE-2021-32808  +3 more Upstream summary: Kevin Backhouse discovered that CKEditor did not properly sanitize HTML content. An attacker could possibly […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5784-1 Related CVEs: CVE-2021-3700 Upstream summary: It was discovered that usbredir incorrectly handled memory when serializing large amounts of data in the case of a slow or blocked destination. An […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7193-1 Related CVEs: CVE-2024-11694 CVE-2024-9680 CVE-2024-7519 CVE-2024-7521 CVE-2024-7522 CVE-2024-7525 CVE-2024-7526 CVE-2024-7527  +12 more Upstream summary: Masato Kinugawa discovered that Thunderbird did not properly validate the CSP policy in the Web […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6886-1 Related CVEs: CVE-2023-45288 CVE-2023-45289 CVE-2023-45290 CVE-2024-24783 CVE-2024-24784 CVE-2024-24785 CVE-2024-24788 CVE-2024-24789  +1 more Upstream summary: It was discovered that the Go net/http module did not properly handle the requests when […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5988-1 Related CVEs: CVE-2019-5086 CVE-2019-5087 Upstream summary: It was discovered that integer overflows vulnerabilities existed in Xcftools. An attacker could use this to cause a denial of service (system crash) […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5459-1 Related CVEs: CVE-2020-14342 CVE-2021-20208 CVE-2022-27239 CVE-2022-29869 Upstream summary: Aurélien Aptel discovered that cifs-utils invoked a shell when requesting a password. In certain environments, a local attacker could possibly use […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5122-2 Related CVEs: https://launchpad.net/bugs/1948657 CVE-2021-3709 CVE-2021-3710 CVE-2021-32547 CVE-2021-32548 CVE-2021-32549 CVE-2021-32550 CVE-2021-32551  +12 more Upstream summary: USN-5122-1 fixed a vulnerability in Apport. This update provides the corresponding update for Ubuntu 14.04 […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5847-1 Related CVEs: CVE-2020-7729 CVE-2022-0436 CVE-2022-1537 Upstream summary: It was discovered that Grunt was not properly loading YAML files before parsing them. An attacker could possibly use this issue to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7010-1 Related CVEs: CVE-2021-41687 CVE-2021-41688 CVE-2021-41689 CVE-2021-41690 CVE-2022-2121 CVE-2022-43272 CVE-2024-28130 CVE-2024-34508  +5 more Upstream summary: Jinsheng Ba discovered that DCMTK incorrectly handled certain requests. If a user or an automated […]