Package Management

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-3759-1 Related CVEs: CVE-2016-4429 CVE-2017-8779 CVE-2018-14622 Upstream summary: Aldy Hernandez discovered that libtirpc incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-3929-1 Related CVEs: CVE-2014-9323 CVE-2017-6369 Upstream summary: It was discovered that Firebird incorrectly handled certain malformed packets. A remote attacker could possibly use this issue with a specially crafted network […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5286-1 Related CVEs: CVE-2021-4122 CVE-2020-14382 Upstream summary: Milan Broz discovered that cryptsetup incorrectly handled LUKS2 reencryption recovery. An attacker with physical access to modify the encrypted device header may trigger […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8168-2 Related CVEs: CVE-2026-33056 Upstream summary: USN-8168-1 fixed a vulnerability in Rust. This update provides the corresponding update to Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-3825-1 Related CVEs: CVE-2011-2767 Upstream summary: Jan Ingvoldstad discovered that mod_perl incorrectly handled configuration options to disable being used by unprivileged users, contrary to the documentation. A local attacker could […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8240-1 Related CVEs: CVE-2022-25236 CVE-2022-25235 Upstream summary: It was discovered that Expat, vendored in Swish-e incorrectly handled certain files. An attacker could possibly use this issue to cause a crash […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8144-1 Related CVEs: CVE-2025-12543 Upstream summary: It was discovered that Undertow incorrectly validated the Host header in incoming HTTP requests. A remote attacker could possibly use this issue to gain […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8063-1 Related CVEs: CVE-2026-0994 CVE-2024-7254 CVE-2025-4565 CVE-2021-22569 CVE-2021-22570 CVE-2022-1941 Upstream summary: It was discovered that Protocol Buffers incorrectly handled recursion when the Python google.protobuf.json_format.ParseDict() function is being used. An attacker […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8233-1 Related CVEs: CVE-2026-27135 CVE-2019-9511 CVE-2019-9513 CVE-2023-44487 CVE-2024-28182 CVE-2020-11080 Upstream summary: Andrew MacPherson discovered that nghttp2 did not properly validate internal state when the session termination API was called. A […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4620-1 Related CVEs: CVE-2017-11107 Upstream summary: It was discovered that phpLDAPadmin didn't properly sanitize before being echoed to the user. A remote attacker could inject arbitrary HTML/Javascript code in a […]