Package Management

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7217-1 Related CVEs: CVE-2017-5886 CVE-2018-11255 CVE-2018-12983 CVE-2018-20797 CVE-2018-5308 CVE-2018-8002 CVE-2019-10723 CVE-2020-18971  +2 more Upstream summary: It was discovered that the PoDoFo library could dereference a NULL pointer when getting the […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5258-1 Related CVEs: CVE-2017-14727 CVE-2020-8955 CVE-2020-9759 CVE-2020-9760 CVE-2021-40516 Upstream summary: Stuart Nevans Locke discovered that WeeChat's relay plugin insecurely handled malformed websocket frames. A remote attacker in control of a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5833-1 Related CVEs: CVE-2022-40899 Upstream summary: Sebastian Chnelik discovered that python-future incorrectly handled certain HTTP header field. An attacker could possibly use this issue to cause a denial of service. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8195-1 Related CVEs: https://launchpad.net/bugs/2149908 Upstream summary: It was discovered that PackageKit incorrectly handled certain transactions. A local attacker could use this issue to install arbitrary packages as root, possibly resulting […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5222-1 Related CVEs: CVE-2021-44832 CVE-2021-45105 CVE-2021-44228 Upstream summary: It was discovered that Apache Log4j 2 was vulnerable to remote code execution (RCE) attack when configured to use a JDBC Appender […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6764-1 Related CVEs: CVE-2023-51792 CVE-2023-27102 CVE-2023-27103 CVE-2023-43887 CVE-2023-47471 CVE-2023-49465 CVE-2023-49467 CVE-2023-49468  +12 more Upstream summary: It was discovered that libde265 could be made to allocate memory that exceeds the maximum […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5784-1 Related CVEs: CVE-2021-3700 Upstream summary: It was discovered that usbredir incorrectly handled memory when serializing large amounts of data in the case of a slow or blocked destination. An […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4047-2 Related CVEs: CVE-2019-10161 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/MDS CVE-2018-1064 CVE-2018-3639  +12 more Upstream summary: USN-4047-1 fixed a vulnerability in libvirt. This update provides the corresponding update for Ubuntu 14.04 […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8168-1 Related CVEs: CVE-2026-33056 Upstream summary: It was discovered that tar-rs embedded in rustc incorrectly handled symlinks when unpacking a tar archive. If a user or automated system were tricked […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5718-1 Related CVEs: CVE-2022-44638 Upstream summary: Maddie Stone discovered that pixman incorrectly handled certain memory operations. A remote attacker could use this issue to cause pixman to crash, resulting in […]