Fix Prevention

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-3447-1 Related CVEs: CVE-2016-4428 CVE-2014-3473 CVE-2014-3474 CVE-2014-3475 CVE-2014-3594 Upstream summary: Beth Lancaster and Brandon Sawyers discovered that OpenStack Horizon was incorrect protected against cross-site scripting (XSS) attacks. A remote authenticated […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7031-1 Related CVEs: CVE-2024-45614 Upstream summary: It was discovered that Puma incorrectly handled parsing certain headers. A remote attacker could possibly use this issue to overwrite header values set by […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7320-1 Related CVEs: CVE-2023-5520 CVE-2024-0321 CVE-2024-0322 Upstream summary: It was discovered that the GPAC MP4Box utility incorrectly handled certain AC3 files, which could lead to an out-of-bounds read. A remote […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6990-1 Related CVEs: CVE-2024-39844 Upstream summary: Johannes Kuhn (DasBrain) discovered that znc incorrectly handled user input under certain operations. An attacker could possibly use this issue to execute arbitrary code […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7317-1 Related CVEs: CVE-2022-23303 CVE-2022-23304 CVE-2022-37660 CVE-2024-5290 https://launchpad.net/bugs/2067613 CVE-2021-27803 CVE-2020-12695 CVE-2021-0326 Upstream summary: George Chatzisofroniou and Panayiotis Kotzanikolaou discovered that wpa_supplicant and hostapd reused encryption elements in the PKEX protocol. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6781-1 Related CVEs: CVE-2023-7101 Upstream summary: Le Dinh Hai discovered that Spreadsheet::ParseExcel was passing unvalidated input from a file into a string-type "eval". An attacker could craft a malicious file […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8223-1 Related CVEs: CVE-2024-38357 CVE-2024-38356 CVE-2024-42008 CVE-2024-42010 CVE-2026-26079 CVE-2026-25916 CVE-2019-15237 https://launchpad.net/bugs/2144682  +12 more Upstream summary: It was discovered that Roundcube Webmail mishandled Punycode xn-- domain names. An attacker could possibly […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6770-1 Related CVEs: https://launchpad.net/bugs/2064509 Upstream summary: USN-6729-1 fixed vulnerabilities in Apache HTTP Server. The update lead to the discovery of a regression in Fossil with regards to the handling of […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-3283-1 Related CVEs: CVE-2015-8270 CVE-2015-8271 CVE-2015-8272 Upstream summary: Dave McDaniel discovered that rtmpdump incorrectly handled certain malformed streams. If a user were tricked into processing a specially crafted stream, a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6730-1 Related CVEs: CVE-2022-29599 Upstream summary: It was discovered that Apache Maven Shared Utils did not handle double-quoted strings properly, allowing shell injection attacks. This could allow an attacker to […]