Package Management

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4229-2 Related CVEs: CVE-2018-12327 CVE-2019-8936 CVE-2018-7182 CVE-2018-7183 CVE-2018-7184 CVE-2018-7185 Upstream summary: USN-4229-1 fixed a vulnerability in NTP. This update provides the corresponding update for Ubuntu 18.04 ESM. Original advisory details: […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 16.04 (xenial) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6298-1 Related CVEs: CVE-2018-7727 CVE-2020-18442 CVE-2018-6381 CVE-2018-6484 CVE-2018-6540 CVE-2018-6541 CVE-2018-6869 CVE-2018-7725  +8 more Upstream summary: Liu Zhu discovered that ZZIPlib incorrectly handled certain inputs. If a user or an automated […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5160-1 Related CVEs: CVE-2021-36370 Upstream summary: It was discovered that Midnight Commander would not check server fingerprints when establishing an SFTP connection. If a remote attacker were able to intercept […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-3699-1 Related CVEs: CVE-2018-6381 CVE-2018-6484 CVE-2018-6540 CVE-2018-6541 CVE-2018-6869 CVE-2018-7725 CVE-2018-7726 CVE-2017-5974  +6 more Upstream summary: It was discovered that zziplib incorrectly handled certain malformed ZIP files. If a user or […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8091-1 Related CVEs: https://launchpad.net/bugs/2143850 CVE-2024-28085 Upstream summary: It was discovered that the util-linux su utility did not drop capabilities when being used with the –pty option. While not a security […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8168-1 Related CVEs: CVE-2026-33056 Upstream summary: It was discovered that tar-rs embedded in rustc incorrectly handled symlinks when unpacking a tar archive. If a user or automated system were tricked […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8286-1 Related CVEs: CVE-2026-35058 CVE-2026-40215 CVE-2024-28882 CVE-2024-5594 Upstream summary: Guannan Wang, Zhanpeng Liu, Guancheng Li, and Emma Reuter discovered that OpenVPN incorrectly handled suitably malformed packets with valid tls-crypt-v2 keys. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 16.04 (xenial) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5895-1 Related CVEs: CVE-2022-38850 CVE-2022-38851 CVE-2022-38855 CVE-2022-38858 CVE-2022-38860 CVE-2022-38861 CVE-2022-38863 CVE-2022-38864  +2 more Upstream summary: It was discovered that MPlayer could be made to divide by zero when processing certain […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4629-1 Related CVEs: CVE-2020-15275 CVE-2020-25074 CVE-2017-5934 Upstream summary: Michael Chapman discovered that MoinMoin incorrectly handled certain cache actions. An attacker could possibly use this issue to execute arbitrary code. (CVE-2020-25074) […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8230-1 Related CVEs: CVE-2026-33748 CVE-2026-33747 CVE-2024-29018 CVE-2024-41110 Upstream summary: It was discovered that BuildKit, contained within Docker, incorrectly handled file path validation when processing frontend API messages. An attacker could […]