Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ubuntu touch vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-40297
UBports Ubuntu Touch 16.04 allows the screen-unlock passcode to be used for a privileged shell via Sudo. This passcode is only four digits, far below typical length/complexity for a user account's password. NOTE: a third party states "The described attack cannot be exec...
Ubports Ubuntu Touch 16.04
1 Github repository
383
VMScore
CVE-2017-6507
An issue exists in AppArmor prior to 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an malicious user to possibly have increased attack surfaces of processes that were intended to be confined by AppAr...
Apparmor Apparmor
Canonical Ubuntu Touch 15.04
Canonical Ubuntu Core 15.04
383
VMScore
CVE-2014-1423
signond prior to 8.57+15.04.20141127.1-0ubuntu1, as used in Ubuntu Touch, did not properly restrict applications from querying oath tokens due to incorrect checks and the missing installation of the signon-apparmor-extension. An attacker could use this create a malicious click ap...
Signond Project Signond
Ubports Ubuntu Touch -
725
VMScore
CVE-2016-1575
The overlayfs implementation in the Linux kernel up to and including 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
Linux Linux Kernel
Canonical Ubuntu Touch 15.04
Canonical Ubuntu Linux 16.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Core 15.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
1 EDB exploit
725
VMScore
CVE-2016-1576
The overlayfs implementation in the Linux kernel up to and including 4.5.2 does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an overlayfs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program.
Canonical Ubuntu Touch 15.04
Canonical Ubuntu Linux 16.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Core 15.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Linux Linux Kernel
1 EDB exploit
668
VMScore
CVE-2014-9471
The parse_datetime function in GNU coreutils allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted date string, as demonstrated by the "--date=TZ="123"345" @1" string to the touch or date comma...
Gnu Coreutils
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 10.04
605
VMScore
CVE-2010-1781
Double free vulnerability in WebKit in Apple iOS prior to 4.1 on the iPhone and iPod touch allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via vectors related to the rendering of an inline element.
Apple Iphone Os
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 9.10
445
VMScore
CVE-2009-2797
The WebKit component in Safari in Apple iPhone OS prior to 3.1, and iPhone OS prior to 3.1.1 for iPod touch, does not remove usernames and passwords from URLs sent in Referer headers, which allows remote malicious users to obtain sensitive information by reading Referer logs on a...
Apple Iphone Os
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 9.10
605
VMScore
CVE-2010-1814
WebKit in Apple iOS prior to 4.1 on the iPhone and iPod touch, and webkitgtk prior to 1.2.6, allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus.
Apple Iphone Os
Webkitgtk Webkitgtk
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 9.10
605
VMScore
CVE-2010-1815
Use-after-free vulnerability in WebKit in Apple iOS prior to 4.1 on the iPhone and iPod touch, and webkitgtk prior to 1.2.6, allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars.
Apple Iphone Os
Webkitgtk Webkitgtk
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 9.10
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »