Package Management

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7677-1 Related CVEs: CVE-2024-6174 CVE-2024-11584 Upstream summary: Harry Sintonen discovered that the hotplugd socket in cloud-init was world writable. An attacker could possibly use this issue to send hotplug-hook commands. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4760-1 Related CVEs: CVE-2021-24031 CVE-2021-24032 Upstream summary: It was discovered that libzstd incorrectly handled file permissions. A local attacker could possibly use this issue to access certain files, contrary to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7353-1 Related CVEs: CVE-2022-1231 Upstream summary: Tobias S. Fink discovered that PlantUML was susceptible to cross-site scripting attacks (XSS) in instances where SVG images were rendered. An attacker could possibly […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7617-1 Related CVEs: CVE-2025-49133 Upstream summary: It was discovered that libtpms did not properly manage memory when performing crafted cryptographic operations. An attacker could possibly use this issue to cause […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7677-1 Related CVEs: CVE-2024-6174 CVE-2024-11584 CVE-2023-1786 https://bugs.launchpad.net/cloud-init/+bug/2013967 CVE-2022-2084 Upstream summary: Harry Sintonen discovered that the hotplugd socket in cloud-init was world writable. An attacker could possibly use this issue to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-3176-1 Related CVEs: CVE-2016-10109 Upstream summary: Peter Wu discovered that the PC/SC service did not correctly handle certain resources. A local attacker could use this issue to cause PC/SC to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7568-1 Related CVEs: CVE-2024-47081 CVE-2023-32681 Upstream summary: Dennis Brinkrolf and Tobias Funke discovered that Requests did not correctly handle certain HTTP headers. A remote attacker could possibly use this issue […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4675-1 Related CVEs: CVE-2020-29565 Upstream summary: Pritam Singh discovered that OpenStack Horizon incorrectly validated certain parameters. An attacker could possibly use this issue to cause OpenStack Horizon to redirect to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-3067-1 Related CVEs: CVE-2015-8947 CVE-2016-2052 Upstream summary: Kostya Serebryany discovered that HarfBuzz incorrectly handled memory. A remote attacker could use this issue to cause HarfBuzz to crash, resulting in a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 16.04 (xenial) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7660-1 Related CVEs: CVE-2023-34823 CVE-2022-37781 CVE-2022-36148 CVE-2023-34824 Upstream summary: It was discovered that fdkaac did not correctly handle certain input. If a user or automated system were tricked into opening […]