Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
canonical apport vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2015-1324
Apport prior to 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, prior to 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, prior to 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and prior to 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrar...
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
543
VMScore
CVE-2019-11481
Kevin Backhouse discovered that apport would read a user-supplied configuration file with elevated privileges. By replacing the file with a symbolic link, a user could get apport to read any file on the system as root, with unknown consequences.
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Apport Project Apport -
445
VMScore
CVE-2019-7306
Byobu Apport hook may disclose sensitive information since it automatically uploads the local user's .screenrc which may contain private hostnames, usernames and passwords. This issue affects: byobu
Byobu Byobu -
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
445
VMScore
CVE-2012-0950
The Apport hook (DistUpgradeApport.py) in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uploads the /var/log/dist-upgrade directory when reporting bugs to Launchpad, which allows remote malicious users to read repository credentials by viewing a public bug report...
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.04
445
VMScore
CVE-2012-0949
The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10, and 11.04 uploads certain system state archive files when reporting bugs to Launchpad, which allows remote malicious users to read repository credentials by viewing a public bug report.
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 12.04
436
VMScore
CVE-2013-1067
Apport 2.12.5 and previous versions uses weak permissions for core dump files created by setuid binaries, which allows local users to obtain sensitive information by reading the file.
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.04
418
VMScore
CVE-2021-3710
An information disclosure via path traversal exists in apport/hookutils.py function read_file(). This issue affects: apport 2.14.1 versions before 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions before 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions before 2.20.9-0ubuntu7.26; 2.20.11 versions ...
Canonical Apport 2.14.1-0ubuntu1
Canonical Apport 2.14.1-0ubuntu2
Canonical Apport 2.14.1-0ubuntu3
Canonical Apport 2.14.1-0ubuntu3.1
Canonical Apport 2.14.1-0ubuntu3.2
Canonical Apport 2.14.1-0ubuntu3.3
Canonical Apport 2.14.1-0ubuntu3.4
Canonical Apport 2.14.1-0ubuntu3.5
Canonical Apport 2.14.1-0ubuntu3.6
Canonical Apport 2.14.1-0ubuntu3.7
Canonical Apport 2.14.1-0ubuntu3.8
Canonical Apport 2.14.1-0ubuntu3.9
Canonical Apport 2.14.1-0ubuntu3.10
Canonical Apport 2.14.1-0ubuntu3.11
Canonical Apport 2.14.1-0ubuntu3.12
Canonical Apport 2.14.1-0ubuntu3.13
Canonical Apport 2.14.1-0ubuntu3.14
Canonical Apport 2.14.1-0ubuntu3.15
Canonical Apport 2.14.1-0ubuntu3.16
Canonical Apport 2.14.1-0ubuntu3.17
Canonical Apport 2.14.1-0ubuntu3.18
Canonical Apport 2.14.1-0ubuntu3.19
409
VMScore
CVE-2021-25684
It exists that apport in data/apport did not properly open a report file to prevent hanging reads on a FIFO.
Canonical Apport
392
VMScore
CVE-2020-15702
TOCTOU Race Condition vulnerability in apport allows a local malicious user to escalate privileges and execute arbitrary code. An attacker may exit the crashed process and exploit PID recycling to spawn a root process with the same PID as the crashed process, which can then be us...
Canonical Apport 2.20.11-0ubuntu8
Canonical Apport 2.20.11-0ubuntu9
Canonical Apport 2.20.11-0ubuntu10
Canonical Apport 2.20.11-0ubuntu11
Canonical Apport 2.20.11-0ubuntu12
Canonical Apport 2.20.11-0ubuntu13
Canonical Apport 2.20.11-0ubuntu14
Canonical Apport 2.20.11-0ubuntu15
Canonical Apport 2.20.11-0ubuntu16
Canonical Apport 2.20.11-0ubuntu17
Canonical Apport 2.20.11-0ubuntu18
Canonical Apport 2.20.11-0ubuntu19
Canonical Apport 2.20.11-0ubuntu20
Canonical Apport 2.20.11-0ubuntu21
Canonical Apport 2.20.11-0ubuntu22
Canonical Apport 2.20.11-0ubuntu23
Canonical Apport 2.20.11-0ubuntu24
Canonical Apport 2.20.11-0ubuntu25
Canonical Apport 2.20.11-0ubuntu26
Canonical Apport 2.20.11-0ubuntu27
Canonical Apport 2.20.11-0ubuntu27.2
Canonical Apport 2.20.11-0ubuntu27.3
320
VMScore
CVE-2021-32557
It exists that the process_report() function in data/whoopsie-upload-all allowed arbitrary file writes via symlinks.
Canonical Apport
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »