Filtered by vendor Canonical
Subscriptions
Filtered by product Ubuntu Linux
Subscriptions
Total
4189 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-2586 | 3 Canonical, Linux, Redhat | 5 Ubuntu Linux, Linux Kernel, Enterprise Linux and 2 more | 2025-10-28 | 5.3 Medium |
| It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted. | ||||
| CVE-2019-0211 | 8 Apache, Canonical, Debian and 5 more | 28 Http Server, Ubuntu Linux, Debian Linux and 25 more | 2025-10-27 | 7.8 High |
| In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected. | ||||
| CVE-2019-2215 | 5 Canonical, Debian, Google and 2 more | 145 Ubuntu Linux, Debian Linux, Android and 142 more | 2025-10-24 | 7.8 High |
| A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095 | ||||
| CVE-2020-14362 | 3 Canonical, Redhat, X.org | 3 Ubuntu Linux, Enterprise Linux, X Server | 2025-08-29 | 7.8 High |
| A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | ||||
| CVE-2020-14361 | 3 Canonical, Redhat, X.org | 3 Ubuntu Linux, Enterprise Linux, X Server | 2025-08-29 | 7.8 High |
| A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | ||||
| CVE-2020-14347 | 4 Canonical, Debian, Redhat and 1 more | 4 Ubuntu Linux, Debian Linux, Enterprise Linux and 1 more | 2025-08-29 | 5.5 Medium |
| A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable. | ||||
| CVE-2020-14346 | 3 Canonical, Redhat, X.org | 3 Ubuntu Linux, Enterprise Linux, X Server | 2025-08-29 | 7.8 High |
| A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | ||||
| CVE-2018-14665 | 4 Canonical, Debian, Redhat and 1 more | 10 Ubuntu Linux, Debian Linux, Enterprise Linux and 7 more | 2025-08-29 | N/A |
| A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges. | ||||
| CVE-2022-1736 | 2 Canonical, Gnome | 2 Ubuntu Linux, Gnome-remote-desktop | 2025-08-26 | 9.8 Critical |
| Ubuntu's configuration of gnome-control-center allowed Remote Desktop Sharing to be enabled by default. | ||||
| CVE-2024-11586 | 2 Canonical, Pulseaudio | 2 Ubuntu Linux, Pulseaudio | 2025-08-26 | 4 Medium |
| Ubuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth headset is connected. | ||||
| CVE-2021-3899 | 1 Canonical | 2 Apport, Ubuntu Linux | 2025-08-26 | 7.8 High |
| There is a race condition in the 'replaced executable' detection that, with the correct local configuration, allow an attacker to execute arbitrary code as root. | ||||
| CVE-2020-27352 | 1 Canonical | 2 Snapd, Ubuntu Linux | 2025-08-26 | 9.3 Critical |
| When generating the systemd service units for the docker snap (and other similar snaps), snapd does not specify Delegate=yes - as a result systemd will move processes from the containers created and managed by these snaps into the cgroup of the main daemon within the snap itself when reloading system units. This may grant additional privileges to a container within the snap that were not originally intended. | ||||
| CVE-2022-1804 | 1 Canonical | 2 Accountsservice, Ubuntu Linux | 2025-08-26 | 5.5 Medium |
| accountsservice no longer drops permissions when writting .pam_environment | ||||
| CVE-2023-5616 | 2 Canonical, Gnome | 2 Ubuntu Linux, Control Center | 2025-08-26 | 4.9 Medium |
| In Ubuntu, gnome-control-center did not properly reflect SSH remote login status when the system was configured to use systemd socket activation for openssh-server. This could unknowingly leave the local machine exposed to remote SSH access contrary to expectation of the user. | ||||
| CVE-2008-0888 | 5 Apple, Canonical, Debian and 2 more | 5 Mac Os X, Ubuntu Linux, Debian Linux and 2 more | 2025-08-26 | N/A |
| The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data. | ||||
| CVE-2022-1242 | 1 Canonical | 2 Apport, Ubuntu Linux | 2025-08-22 | 7.8 High |
| Apport can be tricked into connecting to arbitrary sockets as the root user | ||||
| CVE-2018-17095 | 3 Audiofile, Canonical, Redhat | 3 Audiofile, Ubuntu Linux, Enterprise Linux | 2025-08-13 | 8.8 High |
| An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert. | ||||
| CVE-2015-7747 | 3 Audiofile, Canonical, Fedoraproject | 3 Audiofile, Ubuntu Linux, Fedora | 2025-08-13 | 8.8 High |
| Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File Library) allows user-assisted remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted audio file, as demonstrated by sixteen-stereo-to-eight-mono.c. | ||||
| CVE-2018-13440 | 3 Audiofile, Canonical, Redhat | 3 Audiofile, Ubuntu Linux, Enterprise Linux | 2025-08-13 | N/A |
| The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert. | ||||
| CVE-2019-13454 | 5 Canonical, Debian, Imagemagick and 2 more | 5 Ubuntu Linux, Debian Linux, Imagemagick and 2 more | 2025-07-11 | 6.5 Medium |
| ImageMagick 7.0.1-0 to 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c. | ||||