Ubuntu

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-6862 1Ubuntu 1Libefiboot May 13, 2026 Apr 22, 2026 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A flaw was found in libefiboot, a component of efivar. The device path node parser in libefiboot fails to validate that each node's Length field is at least 4 bytes, which is the minimum size for an EFI (Extensible Firmw...Show more A flaw was found in libefiboot, a component of efivar. The device path node parser in libefiboot fails to validate that each node's Length field is at least 4 bytes, which is the minimum size for an EFI (Extensible Firmware Interface) device path node header. A local user could exploit this vulnerability by providing a specially crafted device path node. This can lead to infinite recursion, causing stack exhaustion and a process crash, resulting in a denial of service (DoS).Show less
CVE-2025-6966 2Debian Ubuntu 2Debian Linux Python Apt Jan 7, 2026 Dec 5, 2025 6.9 MEDIUM· v4 5.5 MEDIUM· v3 N/A· v2 NULL pointer dereference in TagSection.keys() in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service (process crash) via a crafted deb822 file with a malformed non-UTF-8 key.
CVE-2019-15796 2Debian Ubuntu 2Python Apt Python Apt Nov 21, 2024 Mar 26, 2020 N/A· v4 4.7 MEDIUM· v3 2.6 LOW· v2 Python-apt doesn't check if hashes are signed in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py or in `_fetch_archives()` of apt/cache.py in version 1.9.3ubuntu2 and earlier. This allows download...Show more Python-apt doesn't check if hashes are signed in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py or in `_fetch_archives()` of apt/cache.py in version 1.9.3ubuntu2 and earlier. This allows downloads from unsigned repositories which shouldn't be allowed and has been fixed in verisions 1.9.5, 1.9.0ubuntu1.2, 1.6.5ubuntu0.1, 1.1.0~beta1ubuntu0.16.04.7, 0.9.3.5ubuntu3+esm2, and 0.8.3ubuntu7.5.Show less
CVE-2019-15795 2Debian Ubuntu 2Python Apt Python Apt Nov 21, 2024 Mar 26, 2020 N/A· v4 4.7 MEDIUM· v3 2.6 LOW· v2 python-apt only checks the MD5 sums of downloaded files in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py in version 1.9.0ubuntu1 and earlier. This allows a man-in-the-middle attack which could p...Show more python-apt only checks the MD5 sums of downloaded files in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py in version 1.9.0ubuntu1 and earlier. This allows a man-in-the-middle attack which could potentially be used to install altered packages and has been fixed in versions 1.9.0ubuntu1.2, 1.6.5ubuntu0.1, 1.1.0~beta1ubuntu0.16.04.7, 0.9.3.5ubuntu3+esm2, and 0.8.3ubuntu7.5.Show less
CVE-2017-14461 3Debian DovecotUbuntu 3Debian Linux DovecotUbuntu Nov 21, 2024 Mar 2, 2018 N/A· v4 7.1 HIGH· v3 5.5 MEDIUM· v2 A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. In order to trigger this vuln...Show more A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. In order to trigger this vulnerability, an attacker needs to send a specially crafted email message to the server.Show less
CVE-2015-5479 3Libav OpensuseUbuntu 3Leap LibavUbuntu May 6, 2026 Apr 19, 2016 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav before 11.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a file with crafted dimensions.
CVE-2015-1322 2Canonical Ubuntu 2Network Manager Ubuntu Linux May 6, 2026 Apr 29, 2015 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Directory traversal vulnerability in the Ubuntu network-manager package for Ubuntu (vivid) before 0.9.10.0-4ubuntu15.1, Ubuntu 14.10 before 0.9.8.8-0ubuntu28.1, and Ubuntu 14.04 LTS before 0.9.8.8-0ubuntu7.1 allows local...Show more Directory traversal vulnerability in the Ubuntu network-manager package for Ubuntu (vivid) before 0.9.10.0-4ubuntu15.1, Ubuntu 14.10 before 0.9.8.8-0ubuntu28.1, and Ubuntu 14.04 LTS before 0.9.8.8-0ubuntu7.1 allows local users to change the modem device configuration or read arbitrary files via a .. (dot dot) in the file name in a request to read modem device contexts (com.canonical.NMOfono.ReadImsiContexts).Show less
CVE-2015-2285 1Ubuntu 2Upstart Vivid May 6, 2026 Mar 12, 2015 N/A· v4 N/A· v3 7.2 HIGH· v2 The logrotation script (/etc/cron.daily/upstart) in the Ubuntu Upstart package before 1.13.2-0ubuntu9, as used in Ubuntu Vivid 15.04, allows local users to execute arbitrary commands and gain privileges via a crafted fil...Show more The logrotation script (/etc/cron.daily/upstart) in the Ubuntu Upstart package before 1.13.2-0ubuntu9, as used in Ubuntu Vivid 15.04, allows local users to execute arbitrary commands and gain privileges via a crafted file in /run/user/*/upstart/sessions/.Show less
CVE-2015-2150 3Linux UbuntuXen 3Linux Kernel UbuntuXen May 6, 2026 Mar 12, 2015 N/A· v4 N/A· v3 4.9 MEDIUM· v2 Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host c...Show more Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.Show less
CVE-2014-1424 2Canonical Ubuntu 2Apparmor Ubuntu May 6, 2026 Nov 24, 2014 N/A· v4 N/A· v3 6.4 MEDIUM· v2 apparmor_parser in the apparmor package before 2.8.95~2430-0ubuntu5.1 in Ubuntu 14.04 allows attackers to bypass AppArmor policies via unspecified vectors, related to a "miscompilation flaw."
CVE-2013-1070 1Ubuntu 1Metal As A Service Apr 29, 2026 Feb 17, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in the API in Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 allows remote attackers to inject arbitrary web script or HTML via the op parameter to nodes/.
CVE-2013-1069 1Ubuntu 1Metal As A Service Apr 29, 2026 Feb 17, 2014 N/A· v4 N/A· v3 2.1 LOW· v2 Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 uses world-readable permissions for txlongpoll.yaml, which allows local users to obtain RabbitMQ authentication credentials by reading the file.
CVE-2011-4613 4Canonical DebianUbuntu+1 more 4Debian Linux LinuxUbuntu Linux+1 more Apr 29, 2026 Feb 5, 2014 N/A· v4 N/A· v3 4.6 MEDIUM· v2 The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating st...Show more The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY.Show less
CVE-2013-2186 2Redhat Ubuntu 5Jboss Enterprise Brms Platform Jboss Enterprise Portal PlatformJboss Enterprise Web Server+2 more Apr 29, 2026 Oct 28, 2013 N/A· v4 N/A· v3 7.5 HIGH· v2 The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files vi...Show more The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance.Show less
CVE-2011-1842 1Ubuntu 1Language Selector Apr 29, 2026 May 3, 2011 N/A· v4 N/A· v3 7.2 HIGH· v2 dbus_backend/lsd.py in the D-Bus backend in language-selector before 0.6.7 does not validate the arguments to the (1) SetSystemDefaultLangEnv and (2) SetSystemDefaultLanguageEnv functions, which allows local users to gai...Show more dbus_backend/lsd.py in the D-Bus backend in language-selector before 0.6.7 does not validate the arguments to the (1) SetSystemDefaultLangEnv and (2) SetSystemDefaultLanguageEnv functions, which allows local users to gain privileges via shell metacharacters in a string argument, a different vulnerability than CVE-2011-0729.Show less
CVE-2011-0729 1Ubuntu 1Language Selector Apr 29, 2026 Apr 29, 2011 N/A· v4 N/A· v3 7.2 HIGH· v2 dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector before 0.6.7 does not restrict access on the basis of a PolicyKit check result, which allows local users to modify the /etc/default/locale and /etc/e...Show more dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector before 0.6.7 does not restrict access on the basis of a PolicyKit check result, which allows local users to modify the /etc/default/locale and /etc/environment files via a (1) SetSystemDefaultLangEnv or (2) SetSystemDefaultLanguageEnv call.Show less
CVE-2011-0724 1Ubuntu 2Edubuntu Live Dvd Apr 29, 2026 Feb 19, 2011 N/A· v4 N/A· v3 9.3 HIGH· v2 The Live DVD for Edubuntu 9.10, 10.04 LTS, and 10.10 does not correctly regenerate iTALC private keys after installation, which causes each installation to have the same fixed key, which allows remote attackers to gain p...Show more The Live DVD for Edubuntu 9.10, 10.04 LTS, and 10.10 does not correctly regenerate iTALC private keys after installation, which causes each installation to have the same fixed key, which allows remote attackers to gain privileges.Show less
CVE-2010-0834 1Ubuntu 1Ubuntu Linux Apr 29, 2026 Aug 10, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 The base-files package before 5.0.0ubuntu7.1 on Ubuntu 9.10 and before 5.0.0ubuntu20.10.04.2 on Ubuntu 10.04 LTS, as shipped on Dell Latitude 2110 netbooks, does not require authentication for package installation, which...Show more The base-files package before 5.0.0ubuntu7.1 on Ubuntu 9.10 and before 5.0.0ubuntu20.10.04.2 on Ubuntu 10.04 LTS, as shipped on Dell Latitude 2110 netbooks, does not require authentication for package installation, which allows remote archive servers and man-in-the-middle attackers to execute arbitrary code via a crafted package.Show less
CVE-2009-1296 1Ubuntu 273 Oubuntu Ubuntu Apr 23, 2026 Jun 9, 2009 N/A· v4 N/A· v3 1.9 LOW· v2 The eCryptfs support utilities (ecryptfs-utils) 73-0ubuntu6.1 on Ubuntu 9.04 stores the mount passphrase in installation logs, which might allow local users to obtain access to the filesystem by reading the log files fro...Show more The eCryptfs support utilities (ecryptfs-utils) 73-0ubuntu6.1 on Ubuntu 9.04 stores the mount passphrase in installation logs, which might allow local users to obtain access to the filesystem by reading the log files from disk. NOTE: the log files are only readable by root.Show less
CVE-2009-1601 1Ubuntu 1Linux Apr 23, 2026 May 11, 2009 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The Ubuntu clamav-milter.init script in clamav-milter before 0.95.1+dfsg-1ubuntu1.2 in Ubuntu 9.04 sets the ownership of the current working directory to the clamav account, which might allow local users to bypass intend...Show more The Ubuntu clamav-milter.init script in clamav-milter before 0.95.1+dfsg-1ubuntu1.2 in Ubuntu 9.04 sets the ownership of the current working directory to the clamav account, which might allow local users to bypass intended access restrictions via read or write operations involving this directory.Show less

12 3 4 5 Next