Package Management

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4395-1 Related CVEs: CVE-2020-10759 Upstream summary: Justin Steven discovered that fwupd incorrectly handled certain signature verification. An attacker could possibly use this issue to install an unsigned firmware. Table of […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7851-2 Related CVEs: https://launchpad.net/bugs/2130744 CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 Upstream summary: USN-7851-1 fixed vulnerabilities in runC. The introduction of a new upstream release has caused regressions in runc-app and runc-stable. This update […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7433-1 Related CVEs: CVE-2025-27795 CVE-2025-27796 Upstream summary: It was discovered that GraphicsMagick did not properly limit image dimensions, which could lead to excessive memory consumption. An attacker could possibly use […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-3379-1 Related CVEs: CVE-2017-1000024 Upstream summary: It was discovered that Shotwell is vulnerable to an information disclosure in the web publishing plugins resulting in potential password and oauth token plaintext […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6233-1 Related CVEs: CVE-2017-16516 CVE-2022-24795 CVE-2023-33460 Upstream summary: It was discovered that YAJL was not properly performing bounds checks when decoding a string with escape sequences. If a user or […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7697-1 Related CVEs: CVE-2025-54409 CVE-2025-54389 Upstream summary: Rajesh Pangare discovered that AIDE incorrectly handled filenames. A local attacker could possibly use this issue to bypass the detection of malicious files. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7695-1 Related CVEs: CVE-2022-23837 CVE-2021-30151 Upstream summary: Anas Roubi discovered that Sidekiq did not correctly sanitize certain inputs. An attacker could possibly use this issue to execute a cross-site scripting […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5966-2 Related CVEs: https://launchpad.net/bugs/2012536 CVE-2022-37703 CVE-2022-37704 CVE-2022-37705 Upstream summary: USN-5966-1 fixed vulnerabilities in amanda. Unfortunately it introduced a regression in GNUTAR-based backups. This update reverts all of the changes in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7943-1 Related CVEs: CVE-2022-0856 CVE-2021-30498 CVE-2021-30499 CVE-2021-3410 Upstream summary: Han Zheng discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to cause libcaca to crash. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7581-1 Related CVEs: CVE-2024-29041 CVE-2024-43796 Upstream summary: It was discovered that Express incorrectly handled certain URLs, leading to an open redirect attack. A remote attacker could possibly use this issue […]