CVE-2026-3888 Local Privilege Escalation in snapd

Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS...

USN-7942-2 glib2.0 vulnerabilities

USN-7942-1 fixed vulnerabilities in GLib. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. CVE-2025-3360 only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that GLib...

Ubuntu: Security Advisory (USN-7992-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7950-1: Tornado vulnerabilities

It was discovered that Tornado incorrectly handled special characters in HTTP headers. An attacker could possibly use this issue to execute a cross- site scripting XSS attack. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 25.04, and Ubuntu 25.10...

EUVD-2011-3119

Malware in sbrugna...

EUVD-2018-18305

Malware in sbrugna...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : Twig vulnerabilities (USN-7456-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7456-1 advisory. Fabien Potencier discovered that Twig did not run sandbox security checks in some circumstances. An attacker could possibly use...

USN-7375-1: Org Mode vulnerabilities

It was discovered that Org Mode did not correctly handle filenames containing shell metacharacters. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. CVE-2023-28617 It was discovered that Org Mode could run...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : xmltok library vulnerability (USN-7307-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7307-1 advisory. Tim Boddy discovered that Expat, contained within the xmltok library, did not properly handle memory reallocation when...

USN-7103-1 ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2024-46951, CVE-2024-46953, CVE-2024-46955, CVE-2024-46956 It was discovered...

USN-5764-1 u-boot vulnerabilities

It was discovered that U-Boot incorrectly handled certain USB DFU download setup packets. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2022-2347 Nicolas Bidron and Nicolas Guigo discovered that U-Boot...

UBUNTU-CVE-2021-44142

The Samba vfsfruit module uses extended file attributes EA, xattr to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfsfruit configured allow out-of-bounds heap read and wri...

USN-4697-1 pillow vulnerabilities

It was discovered that Pillow incorrectly handled certain PCX image files. If a user or automated system were tricked into opening a specially-crafted PCX file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service. CVE-2020-35653 It was discovered that Pillow...

UBUNTU-CVE-2020-16128

The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5...

USN-3498-1 curl vulnerabilities

Alex Nichols discovered that curl incorrectly handled NTLM authentication credentials. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 17.04 and Ubuntu 17.10...

UBUNTU-CVE-2017-3450

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Memcached. Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via multiple protocols to...

USN-3172-1 bind9 vulnerabilities

It was discovered that Bind incorrectly handled certain malformed responses to an ANY query. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. CVE-2016-9131 It was discovered that Bind incorrectly handled certain malformed responses to an AN...

USN-2724-1 qemu, qemu-kvm vulnerabilities

It was discovered that QEMU incorrectly handled a PRDT with zero complete sectors in the IDE functionality. A malicious guest could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2014-9718 Donghai Zhu discovered that QEMU...