Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
canonical ubuntu linux 16.04 vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2020-16123
An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as coming from a snap if SCM_CREDENTIALS were missing, allowing the snap to connect to PulseAudio without proper confinement. This...
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
4.6
CVSSv2
CVE-2020-11933
cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass...
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
10
CVSSv2
CVE-2019-7304
Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1....
Canonical Snapd
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.10
2 EDB exploits available
21 Github repositories available
3 Articles available
6.9
CVSSv2
CVE-2017-6590
An issue was discovered in network-manager-applet (aka network-manager-gnome) in Ubuntu 12.04 LTS, 14.04 LTS, 16.04 LTS, and 16.10. A local attacker could use this issue at the default Ubuntu login screen to access local files and execute arbitrary commands as the lightdm user....
Canonical Ubuntu Linux 16.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
3.6
CVSSv2
CVE-2020-11565
** DISPUTED ** An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community...
Linux Linux Kernel
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
6.8
CVSSv2
CVE-2018-12233
In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with...
Linux Linux Kernel
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
1 Github repository available
4.4
CVSSv2
CVE-2018-18955
In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() in kernel/user_namespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAP_SYS_ADMIN in an affected user namespace can bypass...
Linux Linux Kernel
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 18.04
5 EDB exploits available
1 Metasploit module available
16 Github repositories available
4.6
CVSSv2
CVE-2019-11476
An integer overflow in whoopsie before versions 0.2.52.5ubuntu0.1, 0.2.62ubuntu0.1, 0.2.64ubuntu0.1, 0.2.66, results in an out-of-bounds write to a heap allocated buffer when processing large crash dumps. This results in a crash or possible code-execution in the context of the...
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
1.9
CVSSv2
CVE-2020-11934
It was discovered that snapctl user-open allowed altering the $XDG_DATA_DIRS environment variable when calling the system xdg-open. OpenURL() in usersession/userd/launcher.go would alter $XDG_DATA_DIRS to append a path to a directory controlled by the calling snap. A malicious...
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
3.3
CVSSv2
CVE-2020-12352
Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access....
Bluez Bluez -
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
1 Github repository available
1 Article available
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SQL injection
CVE-2021-37167
malicious code
CVE-2021-36934
memory leak
CVE-2020-17087
CVE-2021-24463
CVE-2021-22444
CVE-2021-22396
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »
Vulmon