UBUNTU-CVE-2026-8696

radare2 6.1.5 contains a use-after-free vulnerability in the gdbrpidslist function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbitrary code by sending malformed thread information responses. Attackers can trigger the vulnerability ...

UBUNTU-CVE-2026-6845

A flaw was found in binutils, specifically within the readelf utility. This vulnerability allows a local attacker to cause a Denial of Service DoS by tricking a user into processing a specially crafted Executable and Linkable Format ELF file. The exploitation of this flaw can lead to the system...

UBUNTU-CVE-2026-20644

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash...

UBUNTU-CVE-2025-31180

A flaw was found in gnuplot. The CANVAStext function may lead to a segmentation fault and cause a system crash...

UBUNTU-CVE-2024-38858

Improper neutralization of input in Checkmk before version 2.3.0p14 allows attackers to inject and run malicious scripts in the Robotmk logs view...

UBUNTU-CVE-2023-52890

NTFS-3G before 75dcdc2 has a use-after-free in ntfsuppercasembs in libntfs-3g/unistr.c. NOTE: discussion suggests that exploitation would be challenging...

UBUNTU-CVE-2024-23301

Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root...

UBUNTU-CVE-2023-35668

In visitUris of Notification.java, there is a possible way to display images from another user due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

UBUNTU-CVE-2021-36409

There is an Assertion scalinglistpredmatrixiddelta==1' failed at sps.cc:925 in libde265 v1.0.8 when decoding file, which allows attackers to cause a Denial of Service DoS by running the application with a crafted file or possibly have unspecified other impact...

UBUNTU-CVE-2020-1734

A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by...

UBUNTU-CVE-2017-13082

Wi-Fi Protected Access WPA and WPA2 that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key PTK Temporal Key TK during the fast BSS transmission FT handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames...