Package Management

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7826-1 Related CVEs: CVE-2025-10230 CVE-2025-9640 Upstream summary: Andrew Walker discovered that Samba incorrectly initialized memory in the vfs_streams_xattr module. An authenticated attacker could possibly use this issue to obtain sensitive […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8123-1 Related CVEs: CVE-2025-47917 CVE-2021-44732 CVE-2025-48965 CVE-2025-52497 CVE-2025-52496 CVE-2025-27810 CVE-2024-23775 Upstream summary: It was discovered that Mbed TLS incorrectly handled memory allocation failures. A remote attacker could possibly use this […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7956-1 Related CVEs: CVE-2025-58181 CVE-2024-45337 CVE-2024-24786 Upstream summary: Jakub Ciolek discovered that the Go Cryptography module included in Google Guest Agent did not validate GSSAPI authentication requests during SSH operations. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7753-1 Related CVEs: CVE-2025-9375 Upstream summary: Camilo Vera discovered that xmltodict parsed maliciously crafted XML input, contrary to expectations. An attacker could possibly use this issue to cause a denial […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7956-1 Related CVEs: CVE-2025-58181 CVE-2024-45337 Upstream summary: Jakub Ciolek discovered that the Go Cryptography module included in Google Guest Agent did not validate GSSAPI authentication requests during SSH operations. An […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-3427-1 Related CVEs: CVE-2017-14482 Upstream summary: Charles A. Roelli discovered that Emacs incorrectly handled certain files. If a user were tricked into opening a specially crafted file (e.g., email messages […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4968-1 Related CVEs: CVE-2021-3520 Upstream summary: It was discovered that LZ4 incorrectly handled certain memory operations. If a user or automated system were tricked into uncompressing a specially- crafted LZ4 […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8233-1 Related CVEs: CVE-2026-27135 CVE-2019-9511 CVE-2019-9513 CVE-2023-44487 CVE-2024-28182 CVE-2020-11080 Upstream summary: Andrew MacPherson discovered that nghttp2 did not properly validate internal state when the session termination API was called. A […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 16.04 (xenial) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8081-1 Related CVEs: CVE-2026-25646 CVE-2025-64505 CVE-2017-12652 CVE-2018-14048 CVE-2016-10087 CVE-2018-13785 Upstream summary: It was discovered that libpng did not properly handle memory when processing certain PNG files. An attacker could possibly […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7695-1 Related CVEs: CVE-2022-23837 CVE-2021-30151 Upstream summary: Anas Roubi discovered that Sidekiq did not correctly sanitize certain inputs. An attacker could possibly use this issue to execute a cross-site scripting […]