← Back

Ubuntu Touch

ubuntu_touch

Vendor: Ubports • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-40297
1Ubports
1Ubuntu Touch
Nov 21, 2024
Sep 9, 2022
N/A· v4
7.8 HIGH· v3
N/A· v2
UBports Ubuntu Touch 16.04 allows the screen-unlock passcode to be used for a privileged shell via Sudo. This passcode is only four digits, far below typical length/complexity for a user account's password. NOTE: a third...Show more
UBports Ubuntu Touch 16.04 allows the screen-unlock passcode to be used for a privileged shell via Sudo. This passcode is only four digits, far below typical length/complexity for a user account's password. NOTE: a third party states "The described attack cannot be executed as demonstrated.Show less
CVE-2014-1423
2Signond Project
Ubports
2Signond
Ubuntu Touch
Nov 21, 2024
May 7, 2020
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
signond before 8.57+15.04.20141127.1-0ubuntu1, as used in Ubuntu Touch, did not properly restrict applications from querying oath tokens due to incorrect checks and the missing installation of the signon-apparmor-extensi...Show more
signond before 8.57+15.04.20141127.1-0ubuntu1, as used in Ubuntu Touch, did not properly restrict applications from querying oath tokens due to incorrect checks and the missing installation of the signon-apparmor-extension. An attacker could use this create a malicious click app that collects oauth tokens for other applications, exposing sensitive information.Show less