Package Management

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-3675-2 Related CVEs: CVE-2018-12020 CVE-2014-3591 CVE-2014-5270 CVE-2015-0837 CVE-2015-1606 CVE-2015-1607 CVE-2014-4617 Upstream summary: USN-3675-1 fixed a vulnerability in GnuPG 2 for Ubuntu 18.04 LTS and Ubuntu 17.10. This update provides the […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6899-1 Related CVEs: CVE-2024-6655 Upstream summary: It was discovered that GTK would attempt to load modules from the current directory, contrary to expectations. If users started GTK applications from shared […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 16.04 (xenial) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7147-1 Related CVEs: CVE-2016-6802 CVE-2023-34478 CVE-2023-46749 CVE-2023-46750 CVE-2016-4437 Upstream summary: It was discovered that Apache Shiro incorrectly handled path traversal when used with other web frameworks or path rewriting. An […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-2451-1 Related CVEs: CVE-2014-1425 Upstream summary: Serge Hallyn discovered that cgmanager did not consistently enforce proper nesting when modifying cgroup properties. A local attacker in a privileged container could use […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7372-1 Related CVEs: CVE-2022-45060 CVE-2019-20637 CVE-2020-11653 CVE-2021-36740 CVE-2022-23959 Upstream summary: Martin van Kervel Smedshammer discovered that Varnish did not properly sanitize certain HTTP headers. A remote attacker could possibly use […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6596-1 Related CVEs: CVE-2020-36658 Upstream summary: It was discovered that Apache::Session::LDAP incorrectly handled invalid X.509 certificates. If a user or an automated system were tricked into opening a specially crafted […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6843-1 Related CVEs: CVE-2024-36041 Upstream summary: Fabian Vogt discovered that Plasma Workspace incorrectly handled connections via ICE. A local attacker could possibly use this issue to gain access to another […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 16.04 (xenial) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6855-1 Related CVEs: CVE-2024-36600 CVE-2017-18198 CVE-2017-18199 Upstream summary: Mansour Gashasbi discovered that libcdio incorrectly handled certain memory operations when parsing an ISO file, leading to a buffer overflow vulnerability. An […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7319-1 Related CVEs: CVE-2022-39209 CVE-2023-22483 CVE-2023-22484 CVE-2023-22486 CVE-2023-26485 Upstream summary: It was discovered that cmark-gfm's autolink extension did not correctly handle parsing large inputs. An attacker could possibly use this […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6833-1 Related CVEs: CVE-2024-37535 Upstream summary: Siddharth Dushantha discovered that VTE incorrectly handled large window resize escape sequences. An attacker could possibly use this issue to consume resources, leading to […]