Package Management

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5066-1 Related CVEs: CVE-2021-21239 Upstream summary: Brian Wolff discovered that PySAML2 incorrectly validated cryptographic signatures. A remote attacker could possibly use this issue to alter SAML documents. Table of contents […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6708-1 Related CVEs: CVE-2023-46045 CVE-2018-10196 CVE-2019-11023 CVE-2020-18032 CVE-2014-9157 Upstream summary: It was discovered that Graphviz incorrectly handled certain config6a files. An attacker could possibly use this issue to cause a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-3483-1 Related CVEs: CVE-2017-16844 CVE-2014-3618 Upstream summary: Jakub Wilk discovered that the formail tool incorrectly handled certain malformed mail messages. An attacker could use this flaw to cause formail to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5026-1 Related CVEs: CVE-2018-18020 CVE-2021-36978 Upstream summary: It was discovered that QPDF incorrectly handled certain malformed PDF files. A remote attacker could use this issue to cause QPDF to consume […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6559-1 Related CVEs: CVE-2019-0201 CVE-2023-44981 CVE-2016-5017 CVE-2017-5637 CVE-2018-8012 Upstream summary: It was discovered that ZooKeeper incorrectly handled authorization for the getACL() command. A remote attacker could possibly use this issue […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7945-1 Related CVEs: CVE-2025-7424 CVE-2023-40403 CVE-2025-24855 CVE-2024-55549 CVE-2019-5815 CVE-2021-30560 Upstream summary: Ivan Fratric discovered that Libxslt was vulnerable to type confusion when performing XML transformations. An attacker could possibly use […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8067-1 Related CVEs: CVE-2021-44227 CVE-2021-43331 CVE-2021-43332 CVE-2020-12108 CVE-2020-12137 CVE-2020-15011 CVE-2021-42096 CVE-2021-42097 Upstream summary: It was discovered that Mailman incorrectly handled CSRF tokens. A remote list member or moderator could possibly […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 16.04 (xenial) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8089-2 Related CVEs: CVE-2025-22872 CVE-2021-33194 CVE-2025-58190 CVE-2022-41723 CVE-2022-27664 CVE-2025-47911 CVE-2023-3978 CVE-2024-45338 Upstream summary: USN-8089-1 fixed vulnerabilities in Go Networking. This update provides the corresponding update to code vendored in golang-golang-x-net-dev. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7447-1 Related CVEs: CVE-2025-3155 Upstream summary: It was discovered that Yelp incorrectly handled paths in ghelp URLs. A remote attacker could use this issue to trick users into opening malicious […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8214-1 Related CVEs: CVE-2025-14009 CVE-2021-3842 CVE-2021-43854 CVE-2021-3828 CVE-2019-14751 Upstream summary: It was discovered that NLTK incorrectly handled file extraction when opening a maliciously crafted zip file. An attacker could possibly […]