Package Management

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8242-1 Related CVEs: CVE-2023-28447 Upstream summary: Takuya Aramaki discovered that Smarty, vendored in CiviCRM, did not properly escape JavaScript code. An attacker could possibly use this issue to conduct a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5485-1 Related CVEs: CVE-2022-21123 CVE-2022-21125 CVE-2022-21166 CVE-2022-1158 CVE-2022-1966 CVE-2022-1972 CVE-2022-21499 CVE-2022-24958  +12 more Upstream summary: It was discovered that some Intel processors did not completely perform cleanup actions on multi-core […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4862-1 Related CVEs: CVE-2019-12735 Upstream summary: It was discovered that Neovim incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 16.04 (xenial) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4926-1 Related CVEs: CVE-2021-23994 CVE-2021-23995 CVE-2021-23996 CVE-2021-23997 CVE-2021-23998 CVE-2021-23999 CVE-2021-24000 CVE-2021-24001  +12 more Upstream summary: Multiple security issues were discovered in Firefox. If a user were tricked into opening a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8202-1 Related CVEs: CVE-2026-39956 CVE-2026-33947 CVE-2026-39979 CVE-2026-33948 CVE-2026-40164 CVE-2026-32316 CVE-2016-4074 Upstream summary: It was discovered that jq did not correctly handle certain string concatenations. An attacker could possibly use this […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4830-1 Related CVEs: CVE-2018-1000801 Upstream summary: It was discovered that Okular mishandled certain crafted archives during extraction. An attacker could use this vulnerability to write arbitrary files to the filesystem. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8191-1 Related CVEs: CVE-2024-47554 CVE-2021-29425 Upstream summary: It was discovered that Apache Commons IO's XmlStreamReader class could excessively consume CPU resources under certain circumstances. An attacker could possibly use this […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7959-1 Related CVEs: CVE-2016-9843 CVE-2016-9840 CVE-2016-9841 CVE-2018-25032 CVE-2022-37434 CVE-2021-31870 CVE-2021-31871 CVE-2021-31872  +1 more Upstream summary: It was discovered that zlib, vendored in klibc, did not properly handle integer arithmetic. An […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8050-1 Related CVEs: CVE-2024-50305 Upstream summary: Masakazu Kitajo discovered that Apache Traffic Server did not properly handle the Valid Host header field. An attacker could possibly use this issue to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5050-1 Related CVEs: CVE-2020-26558 CVE-2021-0129 CVE-2021-28691 CVE-2021-3564 CVE-2021-3573 CVE-2021-38208 CVE-2021-23134 CVE-2021-32399  +12 more Upstream summary: It was discovered that the bluetooth subsystem in the Linux kernel did not properly perform […]