Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ubuntu vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2019-11485
Sander Bos discovered Apport's lock file was in a world-writable directory which allowed all users to prevent crash handling.
Apport Project Apport -
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
7.2
CVSSv2
CVE-2017-14179
Apport prior to 2.13 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from conta...
Apport Project Apport
Canonical Ubuntu Linux 17.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.10
2.1
CVSSv2
CVE-2018-7755
An issue exists in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel up to and including 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained ke...
Linux Linux Kernel
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
4.6
CVSSv2
CVE-2013-1062
ubuntu-system-service 0.2.4 prior to 0.2.4.1. 0.2.3 prior to 0.2.3.1, and 0.2.2 prior to 0.2.2.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject ...
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Michael Vogt Ubuntu-system-service 0.2.3
Michael Vogt Ubuntu-system-service 0.2.2
Michael Vogt Ubuntu-system-service 0.2.4
NA
CVE-2023-1786
Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege.
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 22.10
Canonical Ubuntu Linux 23.04
Canonical Cloud-init
Fedoraproject Fedora 38
5
CVSSv2
CVE-2020-13114
An issue exists in libexif prior to 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data.
Libexif Project Libexif
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Opensuse Leap 15.1
4.6
CVSSv2
CVE-2011-4613
The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY.
Canonical Ubuntu Linux 11.10
Debian Debian Linux
Ubuntu Linux
X.org X Server -
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.04
1 EDB exploit
4.7
CVSSv2
CVE-2009-4895
Race condition in the tty_fasync function in drivers/char/tty_io.c in the Linux kernel prior to 2.6.32.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via unknown vectors, related to the put_t...
Linux Linux Kernel
Debian Debian Linux 5.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 6.06
5.1
CVSSv2
CVE-2019-18197
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitial...
Xmlsoft Libxslt 1.1.33
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 8.0
1 Github repository
7.2
CVSSv2
CVE-2010-3084
Buffer overflow in the niu_get_ethtool_tcam_all function in drivers/net/niu.c in the Linux kernel prior to 2.6.36-rc4 allows local users to cause a denial of service or possibly have unspecified other impact via the ETHTOOL_GRXCLSRLALL ethtool command.
Linux Linux Kernel 2.6.36
Linux Linux Kernel
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 9.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »