Package Management

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7778-1 Related CVEs: CVE-2025-9288 Upstream summary: Nikita Skovoroda discovered that sha.js did not properly handle certain inputs. An attacker could possibly use this issue to manipulate the internal state of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4325-1 Related CVEs: CVE-2019-19046 CVE-2020-8428 CVE-2019-19053 CVE-2019-19056 CVE-2019-19058 CVE-2019-19059 CVE-2019-19066 CVE-2019-19068  +12 more Upstream summary: It was discovered that the IPMI message handler implementation in the Linux kernel did not […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-3429-1 Related CVEs: CVE-2017-7982 Upstream summary: Wang Junjie discovered that Libplist incorrectly handled certain files. If a user were tricked into opening a crafted file, an attacker could possibly use […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7731-1 Related CVEs: CVE-2017-17689 CVE-2020-11880 Upstream summary: Damian Poddebniak, Christian Dresen, Jens Müller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, and Jörg Schwenk discovered that KMail could be made […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7844-1 Related CVEs: CVE-2025-11683 Upstream summary: It was discovered that YAML::Syck did not properly handle parsing YAML files. An attacker could possibly use this issue to expose sensitive information. Table […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7753-1 Related CVEs: CVE-2025-9375 Upstream summary: Camilo Vera discovered that xmltodict parsed maliciously crafted XML input, contrary to expectations. An attacker could possibly use this issue to cause a denial […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-3400-1 Related CVEs: CVE-2017-7555 Upstream summary: It was discovered that Augeas incorrectly handled certain strings. An attacker could use this issue to cause Augeas to crash, leading to a denial […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7753-1 Related CVEs: CVE-2025-9375 Upstream summary: Camilo Vera discovered that xmltodict parsed maliciously crafted XML input, contrary to expectations. An attacker could possibly use this issue to cause a denial […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7430-1 Related CVEs: CVE-2023-28686 Upstream summary: Kim Alvefur discovered that Dino did not correctly sanitize certain messages. A remote attacker could possibly use this issue to leak sensitive information. Table […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7616-1 Related CVEs: CVE-2023-6378 CVE-2021-42550 Upstream summary: It was discovered that logback could read malicious configuration files from LDAP servers. An attacker with the required permissions could possibly use this […]