USN-8077-1 python-bleach vulnerabilities

It was discovered that Bleach did not properly sanitize URI attributes containing character entities. An attacker could possibly use this issue to construct a URI with a disallowed scheme that would bypass sanitization, leading to cross-site scripting. This issue only affected Ubuntu 18.04 LTS...

EUVD-2020-29675

Malware in sbrugna...

Ubuntu 18.04 LTS / 20.04 LTS : KMail vulnerabilities (USN-7731-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7731-1 advisory. Damian Poddebniak, Christian Dresen, Jens Mller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, and Jrg Schwenk...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : AIOHTTP vulnerabilities (USN-7642-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7642-1 advisory. Ben Kallus discovered that AIOHTTP did not correctly parse HTTP headers. A remote attacker could possibly use this...

USN-7642-1: AIOHTTP vulnerabilities

Ben Kallus discovered that AIOHTTP did not correctly parse HTTP headers. A remote attacker could possibly use this issue to perform request smuggling. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2023-47627 Ivan Novikov discovered that AIOHTTP did not properly validate...

Ubuntu 16.04 LTS / 18.04 LTS : Rails vulnerability (USN-7646-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7646-1 advisory. It was discovered that Rails did not correctly handle headers. An attacker could potentially use this issue to view arbitrary files on a target server...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 / 25.04 : Ghostscript vulnerabilities (USN-7623-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7623-1 advisory. It was discovered that OpenJPEG, vendored in Ghostscript did not correctly handle large...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : OnionShare vulnerabilities (USN-7625-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7625-1 advisory. It was discovered that OnionShare could be exploited when run with the --debug argument. A local attacker could...

USN-7623-1: Ghostscript vulnerabilities

It was discovered that OpenJPEG, vendored in Ghostscript did not correctly handle large image files. If a user or system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu...

USN-7622-1: jQuery vulnerabilities

It was discovered that jQuery did not correctly handle HTML tags. An attacker could possibly use this issue to execute a cross-site scripting XSS attack. This issue only affected Ubuntu 14.04 LTS. CVE-2012-6708 It was discovered that jQuery did not correctly handle unsanitized source objects due ...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Fig2dev vulnerabilities (USN-7587-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7587-1 advisory. Suhwan Song discovered that Fig2dev did not correctly handle certain memory operations. If a user or automate...

USN-7587-1: Fig2dev vulnerabilities

Suhwan Song discovered that Fig2dev did not correctly handle certain memory operations. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu...

Ubuntu: Security Advisory (USN-7577-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : Wireshark vulnerabilities (USN-7552-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7552-1 advisory. It was discovered that Wireshark did not correctly handle recursion. If a user or system were tricked int...

Ubuntu 18.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-7540-1)

"The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7540-1 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cau...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-7496-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7496-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

Ubuntu 16.04 LTS / 18.04 LTS : Horde Css Parser vulnerability (USN-7502-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-7502-1 advisory. It was discovered that Horde Css Parser did not correctly handle parsing uncontrolled CSS data. An attacker could possibly use this issue to perform...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Scrapy vulnerabilities (USN-7476-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7476-1 advisory. It was discovered that Scrapy improperly exposed HTTP authentication credentials to request targets, including during...

Ubuntu 18.04 LTS : Docker vulnerabilities (USN-7474-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7474-1 advisory. Cory Snider discovered that Docker incorrectly handled networking packet encapsulation. An attacker could use this issue to inject internet packets in...

Ubuntu: Security Advisory (USN-7467-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...