Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ubuntu vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2021-32549
It exists that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-13 package apport hooks, it could expose private data to other local users.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
187
VMScore
CVE-2021-32550
It exists that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-14 package apport hooks, it could expose private data to other local users.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
187
VMScore
CVE-2021-32551
It exists that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-15 package apport hooks, it could expose private data to other local users.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
187
VMScore
CVE-2021-32552
It exists that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
187
VMScore
CVE-2021-32554
It exists that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
187
VMScore
CVE-2021-32555
It exists that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg-hwe-18.04 package apport hooks, it could expose private data to other local users.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
445
VMScore
CVE-2019-7306
Byobu Apport hook may disclose sensitive information since it automatically uploads the local user's .screenrc which may contain private hostnames, usernames and passwords. This issue affects: byobu
Byobu Byobu -
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
437
VMScore
CVE-2020-12049
An issue exists in dbus >= 1.3.0 prior to 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's priv...
Freedesktop Dbus
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 12.04
NA
CVE-2023-1523
Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. Graphical terminal emulators like xterm, gnome-te...
Canonical Snapd
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 22.10
Canonical Ubuntu Linux 23.04
355
VMScore
CVE-2010-2008
MySQL prior to 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence,...
Oracle Mysql
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Fedoraproject Fedora 13
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »