Package Management

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7661-1 Related CVEs: CVE-2025-43970 CVE-2023-46565 CVE-2025-43973 CVE-2025-43971 CVE-2025-43972 Upstream summary: It was discovered that GoBGP did not properly manage memory under certain circumstances, which could lead to a buffer overflow. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 16.04 (xenial) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7567-1 Related CVEs: CVE-2025-47947 CVE-2025-48866 CVE-2021-42717 CVE-2022-48279 CVE-2023-24021 Upstream summary: Simon Studer discovered that ModSecurity incorrectly handled certain JSON objects. An attacker could possibly use this issue to cause a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4037-1 Related CVEs: https://launchpad.net/bugs/1832337 Upstream summary: The policykit-desktop-privileges Startup Disk Creator policy allowed administrative users to overwrite disks. As a security improvement, this operation now requires authentication. Table of contents […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7063-1 Related CVEs: CVE-2024-6388 Upstream summary: Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon leaked the Pro token to unprivileged users by passing the token as an argument in […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4001-1 Related CVEs: CVE-2019-9893 Upstream summary: Jann Horn discovered that libseccomp did not correctly generate 64-bit syscall argument comparisons with arithmetic operators (LT, GT, LE, GE). An attacker could use […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4475-1 Related CVEs: CVE-2020-14367 Upstream summary: It was discovered that Chrony incorrectly handled certain symbolic links. An attacker could possibly use this issue to cause a denial of service or […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7567-1 Related CVEs: CVE-2025-47947 CVE-2025-48866 CVE-2021-42717 CVE-2022-48279 CVE-2023-24021 Upstream summary: Simon Studer discovered that ModSecurity incorrectly handled certain JSON objects. An attacker could possibly use this issue to cause a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7579-1 Related CVEs: CVE-2019-2126 CVE-2021-26826 CVE-2021-26825 Upstream summary: It was discovered that the Godot Engine did not properly handle certain malformed WebM media files. If the Godot Engine opened a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-3941-1 Related CVEs: CVE-2019-6706 Upstream summary: Fady Othman discovered that Lua incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. Table of […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6901-1 Related CVEs: CVE-2021-20230 Upstream summary: It was discovered that stunnel did not properly validate client certificates when configured to use both the redirect and verifyChain options. A remote attacker […]