Package Management

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7360-1 Related CVEs: CVE-2020-14929 CVE-2021-38370 CVE-2021-46853 Upstream summary: It was discovered that Alpine did not use a secure connection under certain circumstances. A remote attacker could possibly use this issue […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6519-1 Related CVEs: https://launchpad.net/bugs/1941785 Upstream summary: The EC2 hibagent package has been updated to add IMDSv2 support, as IMDSv1 uses an insecure protocol and is no longer recommended. Table of […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-3446-1 Related CVEs: CVE-2015-5251 CVE-2015-5286 CVE-2016-0757 CVE-2014-5356 Upstream summary: Hemanth Makkapati discovered that OpenStack Glance incorrectly handled access restrictions. A remote authenticated user could use this issue to change the […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7045-1 Related CVEs: CVE-2024-47175 Upstream summary: Simone Margaritelli discovered that libppd incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-2249-1 Related CVEs: CVE-2014-3801 Upstream summary: Jason Dunsmore discovered that OpenStack heat did not properly restrict access to template information. A remote authenticated attacker could exploit this to see URL […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-3375-1 Related CVEs: CVE-2016-10124 CVE-2017-5985 CVE-2016-8649 https://launchpad.net/bugs/1501491 https://launchpad.net/bugs/1501310 CVE-2015-1335 CVE-2015-1331 CVE-2015-1334 Upstream summary: It was discovered that LXC incorrectly handled the TIOCSTI ioctl. An attacker could possibly use this issue […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7268-1 Related CVEs: CVE-2022-41678 CVE-2023-46604 CVE-2015-7559 CVE-2018-11775 CVE-2020-13920 CVE-2021-26117 Upstream summary: It was discovered that Apache ActiveMQ incorrectly handled authentication. A remote attacker could possibly use this issue to run […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8259-1 Related CVEs: CVE-2026-27622 CVE-2026-34380 CVE-2026-34588 CVE-2021-20296 CVE-2021-23215 CVE-2021-26260 CVE-2021-3598 CVE-2021-3605  +12 more Upstream summary: Quang Luong discovered that OpenEXR incorrectly handled sample count accumulation when processing deep scan line […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6912-1 Related CVEs: CVE-2024-6714 https://bugs.launchpad.net/ubuntu/+source/provd/+bug/2071574 Upstream summary: James Henstridge discovered that provd incorrectly handled environment variables. A local attacker could possibly use this issue to run arbitrary programs and escalate […]