Package Management

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 16.04 (xenial) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7147-1 Related CVEs: CVE-2016-6802 CVE-2023-34478 CVE-2023-46749 CVE-2023-46750 CVE-2016-4437 Upstream summary: It was discovered that Apache Shiro incorrectly handled path traversal when used with other web frameworks or path rewriting. An […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-2451-1 Related CVEs: CVE-2014-1425 Upstream summary: Serge Hallyn discovered that cgmanager did not consistently enforce proper nesting when modifying cgroup properties. A local attacker in a privileged container could use […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7372-1 Related CVEs: CVE-2022-45060 CVE-2019-20637 CVE-2020-11653 CVE-2021-36740 CVE-2022-23959 Upstream summary: Martin van Kervel Smedshammer discovered that Varnish did not properly sanitize certain HTTP headers. A remote attacker could possibly use […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6596-1 Related CVEs: CVE-2020-36658 Upstream summary: It was discovered that Apache::Session::LDAP incorrectly handled invalid X.509 certificates. If a user or an automated system were tricked into opening a specially crafted […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6843-1 Related CVEs: CVE-2024-36041 Upstream summary: Fabian Vogt discovered that Plasma Workspace incorrectly handled connections via ICE. A local attacker could possibly use this issue to gain access to another […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 16.04 (xenial) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6855-1 Related CVEs: CVE-2024-36600 CVE-2017-18198 CVE-2017-18199 Upstream summary: Mansour Gashasbi discovered that libcdio incorrectly handled certain memory operations when parsing an ISO file, leading to a buffer overflow vulnerability. An […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7319-1 Related CVEs: CVE-2022-39209 CVE-2023-22483 CVE-2023-22484 CVE-2023-22486 CVE-2023-26485 Upstream summary: It was discovered that cmark-gfm's autolink extension did not correctly handle parsing large inputs. An attacker could possibly use this […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6833-1 Related CVEs: CVE-2024-37535 Upstream summary: Siddharth Dushantha discovered that VTE incorrectly handled large window resize escape sequences. An attacker could possibly use this issue to consume resources, leading to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8270-1 Related CVEs: https://launchpad.net/bugs/2152202 CVE-2026-40685 CVE-2026-40687 CVE-2026-40686 CVE-2024-39929 CVE-2023-51766 CVE-2023-42117 CVE-2023-42119  +4 more Upstream summary: It was discovered that Exim incorrectly handled BDAT body parsing. A remote attacker could use […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6989-1 Related CVEs: CVE-2024-44082 Upstream summary: Dan Smith, Julia Kreger and Jay Faulkner discovered that in image processing for Ironic, a specially crafted image could be used by an authenticated […]