Skip to main content

Ubuntu Linux

3390 CVEs product

Monthly

CVE-2026-3497 MEDIUM PATCH This Month

Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself.

SSH Information Disclosure Microsoft Ubuntu Linux Openssh +2
NVD VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-32463 CRITICAL POC KEV PATCH THREAT Act Now

Sudo before 1.9.17p1 contains a local root escalation vulnerability (CVE-2025-32463, CVSS 9.3) through the --chroot option, which loads /etc/nsswitch.conf from the user-controlled chroot directory instead of the host system. KEV-listed with EPSS 26.5% and public PoC, this vulnerability allows any user with sudo --chroot access to achieve root privileges by placing a malicious nsswitch configuration and library in their chroot.

Information Disclosure Ubuntu Debian Leap Linux Enterprise Desktop +8
NVD Exploit-DB
CVSS 3.1
9.3
EPSS
26.5%
Threat
5.7
CVE-2025-5054 MEDIUM POC Monitor

Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces. Rated medium severity (CVSS 4.7). Public exploit code available and no vendor patch available.

Race Condition Denial Of Service Canonical Apport Ubuntu Linux
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2023-5616 MEDIUM POC PATCH This Month

In Ubuntu, gnome-control-center did not properly reflect SSH remote login status when the system was configured to use systemd socket activation for openssh-server. Rated medium severity (CVSS 4.9), this vulnerability is no authentication required. Public exploit code available.

Authentication Bypass Ubuntu SSH Control Center Ubuntu Linux +2
NVD
CVSS 3.1
4.9
EPSS
0.0%
CVE-2022-1804 MEDIUM PATCH This Month

accountsservice no longer drops permissions when writting .pam_environment. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Accountsservice Ubuntu Linux Suse
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-26466 MEDIUM PATCH This Month

A flaw was found in the OpenSSH package. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 42.5% and no vendor patch available.

Microsoft SSH Denial Of Service Openssh Ubuntu Linux +1
NVD
CVSS 3.1
5.9
EPSS
42.5%
CVE-2022-1736 CRITICAL PATCH Act Now

Ubuntu's configuration of gnome-control-center allowed Remote Desktop Sharing to be enabled by default. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Ubuntu Gnome Remote Desktop Ubuntu Linux Red Hat +1
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-6387 HIGH POC PATCH THREAT Act Now

Remote code execution in OpenSSH's sshd server (regression of CVE-2006-5051) allows unauthenticated remote attackers to exploit a signal handler race condition by failing to authenticate within the LoginGraceTime window, potentially yielding root-level code execution on glibc-based Linux systems. The flaw - widely known as 'regreSSHion' - affects numerous distributions and vendor appliances including Ubuntu 23.10/24.04, AlmaLinux 9, SonicWall SMA firmware, Arista EOS, NetApp ONTAP, and others. Publicly available exploit code exists and EPSS scores it at 48.06% (98th percentile), reflecting very high exploitation likelihood, though it is not currently listed in CISA KEV.

Information Disclosure SSH Sma 6200 Firmware Sma 7200 Firmware Eos +51
NVD GitHub Exploit-DB
CVSS 3.1
8.1
EPSS
48.1%
Threat
4.6
CVE-2023-1032 MEDIUM This Month

The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c. Rated medium severity (CVSS 4.7). No vendor patch available.

Linux Information Disclosure Linux Kernel Ubuntu Linux
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2021-3600 HIGH PATCH This Week

It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. Rated high severity (CVSS 7.8). This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Linux Buffer Overflow RCE Information Disclosure Linux Kernel +3
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-3328 Go HIGH POC PATCH This Week

Race condition in snap-confine's must_mkdir_and_open_with_perms(). Rated high severity (CVSS 7.8). Public exploit code available.

Race Condition Information Disclosure Snapd Ubuntu Linux
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-2602 MEDIUM POC This Month

io_uring UAF, Unix SCM garbage collection. Rated medium severity (CVSS 5.3). No vendor patch available.

Memory Corruption Use After Free Information Disclosure Linux Kernel Ubuntu Linux
NVD
CVSS 3.1
5.3
EPSS
1.4%
CVE-2022-2588 MEDIUM POC PATCH THREAT This Month

It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0. Rated medium severity (CVSS 5.3). Public exploit code available and EPSS exploitation probability 59.4%.

Linux Memory Corruption Use After Free Information Disclosure Linux Kernel +1
NVD GitHub
CVSS 3.1
5.3
EPSS
59.4%
Threat
4.3
CVE-2022-2586 MEDIUM POC KEV PATCH THREAT Act Now

It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted. Rated medium severity (CVSS 5.3). Actively exploited in the wild (cisa kev) and public exploit code available.

Memory Corruption Use After Free Information Disclosure Linux Kernel Ubuntu Linux
NVD
CVSS 3.1
5.3
EPSS
2.3%
Threat
4.1
CVE-2022-2585 MEDIUM PATCH This Month

It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free. Rated medium severity (CVSS 5.3). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Information Disclosure Linux Kernel Ubuntu Linux
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-5536 MEDIUM This Month

A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows privileged users in the lxd group to escalate their privilege to root without requiring a sudo password. Rated medium severity (CVSS 6.4). No vendor patch available.

Privilege Escalation Ubuntu Ubuntu Linux
NVD
CVSS 3.1
6.4
EPSS
0.2%
CVE-2023-45866 MEDIUM PATCH This Month

Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Ubuntu Authentication Bypass Android Ubuntu Linux Iphone Os +4
NVD GitHub
CVSS 3.1
6.3
EPSS
7.9%
CVE-2023-44216 MEDIUM POC This Month

PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Ubuntu Linux Ryzen 7 4800U Core I7 10510U Core I7 12700K +12
NVD GitHub
CVSS 3.1
5.3
EPSS
1.8%
CVE-2023-3777 HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Privilege Escalation Linux Memory Corruption Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-3297 HIGH POC This Week

In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Information Disclosure Memory Corruption Ubuntu Accountsservice +1
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-1523 CRITICAL POC PATCH Act Now

Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Code Injection Snapd Ubuntu Linux
NVD GitHub
CVSS 3.1
10.0
EPSS
1.4%
CVE-2023-40283 HIGH PATCH This Week

An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Linux Memory Corruption Linux Kernel +2
NVD GitHub
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-32629 HIGH POC PATCH Act Now

Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip permission checks when calling ovl_do_setxattr on Ubuntu kernels. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Ubuntu Privilege Escalation Authentication Bypass Ubuntu Linux
NVD
CVSS 3.1
7.8
EPSS
8.9%
CVE-2023-2640 HIGH POC PATCH THREAT Act Now

On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs", an unprivileged user may set privileged extended attributes on. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Ubuntu Authentication Bypass Ubuntu Linux
NVD
CVSS 3.1
7.8
EPSS
15.8%
CVE-2023-3567 HIGH PATCH This Week

A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Denial Of Service Linux Memory Corruption Linux Kernel +2
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2023-31248 HIGH PATCH This Week

Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Privilege Escalation Linux Memory Corruption Linux Kernel +3
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2023-3389 HIGH PATCH This Week

A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Privilege Escalation Linux Memory Corruption Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-35788 HIGH POC PATCH This Week

An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Privilege Escalation Linux Memory Corruption +8
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-2612 MEDIUM PATCH This Month

Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. Rated medium severity (CVSS 4.7).

Ubuntu Denial Of Service Linux Ubuntu Linux
NVD
CVSS 3.1
4.7
EPSS
0.3%
CVE-2023-1786 MEDIUM PATCH This Month

Sensitive data could be exposed in logs of cloud-init before version 23.1.2. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Cloud Init Ubuntu Linux Fedora
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-1326 HIGH PATCH This Week

A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Apport Ubuntu Linux
NVD GitHub
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-0179 HIGH POC This Week

A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Privilege Escalation Linux Integer Overflow RCE +13
NVD
CVSS 3.1
7.8
EPSS
1.9%
CVE-2023-1380 HIGH PATCH This Week

A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Denial Of Service Linux Broadcom Information Disclosure +9
NVD
CVSS 3.1
7.1
EPSS
16.6%
CVE-2023-0386 HIGH POC KEV PATCH THREAT Act Now

A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Linux Authentication Bypass Debian Linux H300s Firmware H500s Firmware +5
NVD
CVSS 3.1
7.8
EPSS
7.9%
CVE-2022-40617 HIGH This Week

strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Strongswan Ubuntu Linux Debian Linux Fedora +1
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-41222 HIGH POC PATCH This Week

mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move. Rated high severity (CVSS 7.0). Public exploit code available.

Memory Corruption Information Disclosure Linux Use After Free Linux Kernel +3
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-39177 HIGH PATCH This Week

BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Bluez Ubuntu Linux Debian Linux
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2022-39176 HIGH PATCH This Week

BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Bluez Ubuntu Linux Debian Linux
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2022-1184 MEDIUM PATCH This Month

A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Linux Denial Of Service Use After Free Linux Kernel +3
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-34918 HIGH POC PATCH Act Now

An issue was discovered in the Linux kernel through 5.18.9. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Memory Corruption Linux Buffer Overflow Linux Kernel Debian Linux +6
NVD
CVSS 3.1
7.8
EPSS
5.5%
CVE-2022-29581 HIGH POC PATCH This Week

Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Linux Linux Kernel Debian Linux Ubuntu Linux +8
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-1055 HIGH POC PATCH This Week

A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. Rated high severity (CVSS 8.6). Public exploit code available.

Privilege Escalation Memory Corruption Use After Free Linux Linux Kernel +11
NVD
CVSS 4.0
8.6
EPSS
0.5%
CVE-2021-44420 PyPI HIGH PATCH This Week

In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Python Authentication Bypass Django Satellite Debian Linux +2
NVD
CVSS 3.1
7.3
EPSS
2.3%
CVE-2021-3939 HIGH This Week

Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language.patch) caused the fallback_locale variable, pointing to static storage, to be freed, in the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Debian Ubuntu Information Disclosure Accountsservice Ubuntu Linux
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-32555 MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-32554 MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-32553 MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux Openjdk
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-32552 MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-32551 MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-32550 MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-32549 MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-32548 MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-32547 MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-3491 HIGH PATCH This Week

The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operation, which led to negative values being usedin mem_rw when reading. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Linux RCE Linux Kernel Ubuntu Linux
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2021-3490 HIGH POC PATCH THREAT Act Now

The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Linux RCE Linux Kernel Ubuntu Linux
NVD
CVSS 3.1
7.8
EPSS
27.5%
CVE-2021-3489 HIGH PATCH This Week

The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Linux RCE Linux Kernel Ubuntu Linux
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-3493 HIGH POC KEV PATCH THREAT Act Now

The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Linux Ubuntu Information Disclosure Ubuntu Linux
NVD
CVSS 3.1
7.8
EPSS
44.0%
CVE-2021-3492 HIGH PATCH This Week

Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Linux RCE Ubuntu Denial Of Service Ubuntu Linux
NVD
CVSS 3.1
7.8
EPSS
1.5%
CVE-2021-3444 HIGH PATCH This Week

The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Linux RCE Information Disclosure Linux Kernel Debian Linux +1
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2021-27364 HIGH POC PATCH This Week

An issue was discovered in the Linux kernel through 5.11.3. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Linux Information Disclosure Linux Kernel Debian Linux +3
NVD
CVSS 3.1
7.1
EPSS
1.0%
CVE-2020-29385 MEDIUM PATCH This Month

GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service (infinite loop) in lzw.c in the function write_indexes. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Gdk Pixbuf Ubuntu Linux Fedora
NVD
CVSS 3.1
5.5
EPSS
1.5%
CVE-2020-27349 MEDIUM PATCH This Month

Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-16128 LOW PATCH Monitor

The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity.

Information Disclosure Ubuntu Linux
NVD
CVSS 3.1
3.8
EPSS
0.3%
CVE-2020-27348 PyPI MEDIUM POC PATCH This Month

In some conditions, a snap package built by snapcraft includes the current directory in LD_LIBRARY_PATH, allowing a malicious snap to gain code execution within the context of another snap if both. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. Public exploit code available.

RCE Snapcraft Ubuntu Linux
NVD GitHub
CVSS 3.1
6.8
EPSS
0.7%
CVE-2020-16123 MEDIUM POC PATCH This Month

An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as coming from a snap if SCM_CREDENTIALS were. Rated medium severity (CVSS 4.7). Public exploit code available.

Race Condition Ubuntu Information Disclosure Ubuntu Linux
NVD
CVSS 3.1
4.7
EPSS
0.3%
CVE-2020-29372 MEDIUM POC PATCH This Month

An issue was discovered in do_madvise in mm/madvise.c in the Linux kernel before 5.6.8. Rated medium severity (CVSS 4.7). Public exploit code available.

Information Disclosure Race Condition Linux Linux Kernel Ubuntu Linux
NVD VulDB
CVSS 3.1
4.7
EPSS
0.1%
CVE-2020-0569 MEDIUM PATCH This Month

Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Denial Of Service Microsoft Buffer Overflow Memory Corruption Intel +15
NVD
CVSS 3.1
5.7
EPSS
0.6%
CVE-2020-16122 HIGH This Week

PackageKit's apt backend mistakenly treated all local debs as trusted. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Packagekit Ubuntu Linux
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-16121 LOW POC Monitor

PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Packagekit Ubuntu Linux
NVD
CVSS 3.1
3.3
EPSS
0.5%
CVE-2020-15708 HIGH This Week

Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Ubuntu RCE Ubuntu Linux
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-28040 MEDIUM This Month

WordPress before 5.5.2 allows CSRF attacks that change a theme's background image. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Debian Linux Ubuntu Linux
NVD WPScan
CVSS 3.1
4.3
EPSS
1.1%
CVE-2020-28039 CRITICAL PATCH Act Now

is_protected_meta in wp-includes/meta.php in WordPress before 5.5.2 allows arbitrary file deletion because it does not properly determine whether a meta key is considered protected. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure WordPress PHP Debian Linux Ubuntu Linux
NVD GitHub WPScan
CVSS 3.1
9.1
EPSS
4.1%
CVE-2020-14837 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
4.9
EPSS
2.3%
CVE-2020-15157 Go MEDIUM PATCH This Month

In containerd (an industry-standard container runtime) before version 1.2.14 there is a credential leaking vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Kubernetes Docker Information Disclosure Containerd Ubuntu Linux +1
NVD GitHub
CVSS 3.1
6.1
EPSS
2.2%
CVE-2020-25645 HIGH POC This Week

A flaw was found in the Linux kernel in versions before 5.9-rc7. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Linux Information Disclosure Linux Kernel Debian Linux Solidfire Hci Management Node +4
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2020-14355 MEDIUM PATCH This Month

Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow RCE Spice Openstack Ubuntu Linux +7
NVD
CVSS 3.1
6.6
EPSS
2.7%
CVE-2020-25641 MEDIUM PATCH This Month

A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Denial Of Service Linux Kernel Enterprise Linux Leap +2
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-7070 MEDIUM POC This Month

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Fedora Debian Linux Leap +3
NVD
CVSS 3.1
5.3
EPSS
5.0%
CVE-2020-7069 MEDIUM PATCH This Month

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure PHP Fedora Debian Linux Leap +4
NVD
CVSS 3.1
6.5
EPSS
2.1%
CVE-2020-14374 HIGH PATCH This Week

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Data Plane Development Kit Ubuntu Linux Leap
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2020-14378 LOW PATCH Monitor

An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU cycles being eaten up in a long running loop. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Information Disclosure Integer Overflow Data Plane Development Kit Ubuntu Linux Leap
NVD
CVSS 3.1
3.3
EPSS
0.4%
CVE-2020-14377 HIGH PATCH This Week

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Data Plane Development Kit Ubuntu Linux Leap
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2020-14376 HIGH PATCH This Week

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Rated high severity (CVSS 7.8). This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Data Plane Development Kit Ubuntu Linux Leap
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-14375 HIGH PATCH This Week

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Rated high severity (CVSS 7.8).

Information Disclosure Data Plane Development Kit Ubuntu Linux Leap
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-26137 PyPI MEDIUM PATCH This Month

urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Code Injection Urllib3 Ubuntu Linux Debian Linux Communications Cloud Native Core Network Function Cloud Native Environment +1
NVD GitHub
CVSS 3.1
6.5
EPSS
2.3%
CVE-2020-26116 HIGH POC PATCH This Week

http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Code Injection Python Fedora Ubuntu Linux Solidfire +4
NVD
CVSS 3.1
7.2
EPSS
6.4%
CVE-2020-26088 MEDIUM PATCH This Month

A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Linux Privilege Escalation Linux Kernel Debian Linux Leap +1
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-25739 Ruby MEDIUM PATCH This Month

An issue was discovered in the gon gem before gon-6.4.0 for Ruby. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Gon Ubuntu Linux Debian Linux
NVD GitHub
CVSS 3.1
6.1
EPSS
1.4%
CVE-2020-14382 HIGH PATCH This Week

A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Cryptsetup Enterprise Linux Ubuntu Linux +1
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2020-14392 MEDIUM This Month

An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Database Interface Ubuntu Linux Leap Fedora +1
NVD
CVSS 3.1
5.5
EPSS
0.6%
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself.

SSH Information Disclosure Microsoft +4
NVD VulDB
EPSS 27% 5.7 CVSS 9.3
CRITICAL POC KEV PATCH THREAT Act Now

Sudo before 1.9.17p1 contains a local root escalation vulnerability (CVE-2025-32463, CVSS 9.3) through the --chroot option, which loads /etc/nsswitch.conf from the user-controlled chroot directory instead of the host system. KEV-listed with EPSS 26.5% and public PoC, this vulnerability allows any user with sudo --chroot access to achieve root privileges by placing a malicious nsswitch configuration and library in their chroot.

Information Disclosure Ubuntu Debian +10
NVD Exploit-DB
EPSS 0% CVSS 4.7
MEDIUM POC Monitor

Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces. Rated medium severity (CVSS 4.7). Public exploit code available and no vendor patch available.

Race Condition Denial Of Service Canonical +2
NVD
EPSS 0% CVSS 4.9
MEDIUM POC PATCH This Month

In Ubuntu, gnome-control-center did not properly reflect SSH remote login status when the system was configured to use systemd socket activation for openssh-server. Rated medium severity (CVSS 4.9), this vulnerability is no authentication required. Public exploit code available.

Authentication Bypass Ubuntu SSH +4
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

accountsservice no longer drops permissions when writting .pam_environment. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Accountsservice Ubuntu Linux +1
NVD
EPSS 43% CVSS 5.9
MEDIUM PATCH This Month

A flaw was found in the OpenSSH package. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 42.5% and no vendor patch available.

Microsoft SSH Denial Of Service +3
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Ubuntu's configuration of gnome-control-center allowed Remote Desktop Sharing to be enabled by default. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Ubuntu Gnome Remote Desktop +3
NVD
EPSS 48% 4.6 CVSS 8.1
HIGH POC PATCH THREAT Act Now

Remote code execution in OpenSSH's sshd server (regression of CVE-2006-5051) allows unauthenticated remote attackers to exploit a signal handler race condition by failing to authenticate within the LoginGraceTime window, potentially yielding root-level code execution on glibc-based Linux systems. The flaw - widely known as 'regreSSHion' - affects numerous distributions and vendor appliances including Ubuntu 23.10/24.04, AlmaLinux 9, SonicWall SMA firmware, Arista EOS, NetApp ONTAP, and others. Publicly available exploit code exists and EPSS scores it at 48.06% (98th percentile), reflecting very high exploitation likelihood, though it is not currently listed in CISA KEV.

Information Disclosure SSH Sma 6200 Firmware +53
NVD GitHub Exploit-DB
EPSS 0% CVSS 4.7
MEDIUM This Month

The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c. Rated medium severity (CVSS 4.7). No vendor patch available.

Linux Information Disclosure Linux Kernel +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. Rated high severity (CVSS 7.8). This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Linux Buffer Overflow RCE +5
NVD
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Race condition in snap-confine's must_mkdir_and_open_with_perms(). Rated high severity (CVSS 7.8). Public exploit code available.

Race Condition Information Disclosure Snapd +1
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC This Month

io_uring UAF, Unix SCM garbage collection. Rated medium severity (CVSS 5.3). No vendor patch available.

Memory Corruption Use After Free Information Disclosure +2
NVD
EPSS 59% 4.3 CVSS 5.3
MEDIUM POC PATCH THREAT This Month

It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0. Rated medium severity (CVSS 5.3). Public exploit code available and EPSS exploitation probability 59.4%.

Linux Memory Corruption Use After Free +3
NVD GitHub
EPSS 2% 4.1 CVSS 5.3
MEDIUM POC KEV PATCH THREAT Act Now

It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted. Rated medium severity (CVSS 5.3). Actively exploited in the wild (cisa kev) and public exploit code available.

Memory Corruption Use After Free Information Disclosure +2
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free. Rated medium severity (CVSS 5.3). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Information Disclosure +2
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows privileged users in the lxd group to escalate their privilege to root without requiring a sudo password. Rated medium severity (CVSS 6.4). No vendor patch available.

Privilege Escalation Ubuntu Ubuntu Linux
NVD
EPSS 8% CVSS 6.3
MEDIUM PATCH This Month

Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Ubuntu Authentication Bypass Android +6
NVD GitHub
EPSS 2% CVSS 5.3
MEDIUM POC This Month

PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Ubuntu Linux Ryzen 7 4800U +14
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Privilege Escalation Linux +4
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Information Disclosure Memory Corruption +3
NVD GitHub
EPSS 1% CVSS 10.0
CRITICAL POC PATCH Act Now

Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Code Injection Snapd Ubuntu Linux
NVD GitHub
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Linux +4
NVD GitHub
EPSS 9% CVSS 7.8
HIGH POC PATCH Act Now

Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip permission checks when calling ovl_do_setxattr on Ubuntu kernels. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Ubuntu Privilege Escalation Authentication Bypass +1
NVD
EPSS 16% CVSS 7.8
HIGH POC PATCH THREAT Act Now

On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs", an unprivileged user may set privileged extended attributes on. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Ubuntu Authentication Bypass Ubuntu Linux
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Denial Of Service Linux +4
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Privilege Escalation Linux +5
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Privilege Escalation Linux +4
NVD
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Privilege Escalation +10
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. Rated medium severity (CVSS 4.7).

Ubuntu Denial Of Service Linux +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Sensitive data could be exposed in logs of cloud-init before version 23.1.2. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Cloud Init Ubuntu Linux +1
NVD GitHub
EPSS 1% CVSS 7.8
HIGH PATCH This Week

A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Apport Ubuntu Linux
NVD GitHub
EPSS 2% CVSS 7.8
HIGH POC This Week

A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Privilege Escalation Linux +15
NVD
EPSS 17% CVSS 7.1
HIGH PATCH This Week

A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Denial Of Service Linux +11
NVD
EPSS 8% CVSS 7.8
HIGH POC KEV PATCH THREAT Act Now

A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Linux Authentication Bypass Debian Linux +7
NVD
EPSS 2% CVSS 7.5
HIGH This Week

strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Strongswan Ubuntu Linux +3
NVD
EPSS 0% CVSS 7.0
HIGH POC PATCH This Week

mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move. Rated high severity (CVSS 7.0). Public exploit code available.

Memory Corruption Information Disclosure Linux +5
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Bluez Ubuntu Linux +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Bluez Ubuntu Linux +1
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Linux Denial Of Service +5
NVD
EPSS 5% CVSS 7.8
HIGH POC PATCH Act Now

An issue was discovered in the Linux kernel through 5.18.9. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Memory Corruption Linux Buffer Overflow +8
NVD
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Linux Linux Kernel +10
NVD
EPSS 0% CVSS 8.6
HIGH POC PATCH This Week

A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. Rated high severity (CVSS 8.6). Public exploit code available.

Privilege Escalation Memory Corruption Use After Free +13
NVD
EPSS 2% CVSS 7.3
HIGH PATCH This Week

In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Python Authentication Bypass Django +4
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language.patch) caused the fallback_locale variable, pointing to static storage, to be freed, in the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Debian Ubuntu Information Disclosure +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux Openjdk
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operation, which led to negative values being usedin mem_rw when reading. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Linux RCE Linux Kernel +1
NVD
EPSS 27% CVSS 7.8
HIGH POC PATCH THREAT Act Now

The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Linux RCE Linux Kernel +1
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Linux RCE +2
NVD
EPSS 44% CVSS 7.8
HIGH POC KEV PATCH THREAT Act Now

The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Linux Ubuntu Information Disclosure +1
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Linux RCE Ubuntu +2
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Linux RCE Information Disclosure +3
NVD
EPSS 1% CVSS 7.1
HIGH POC PATCH This Week

An issue was discovered in the Linux kernel through 5.11.3. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Linux Information Disclosure +5
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service (infinite loop) in lzw.c in the function write_indexes. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Gdk Pixbuf Ubuntu Linux +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Ubuntu Linux
NVD
EPSS 0% CVSS 3.8
LOW PATCH Monitor

The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity.

Information Disclosure Ubuntu Linux
NVD
EPSS 1% CVSS 6.8
MEDIUM POC PATCH This Month

In some conditions, a snap package built by snapcraft includes the current directory in LD_LIBRARY_PATH, allowing a malicious snap to gain code execution within the context of another snap if both. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. Public exploit code available.

RCE Snapcraft Ubuntu Linux
NVD GitHub
EPSS 0% CVSS 4.7
MEDIUM POC PATCH This Month

An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as coming from a snap if SCM_CREDENTIALS were. Rated medium severity (CVSS 4.7). Public exploit code available.

Race Condition Ubuntu Information Disclosure +1
NVD
EPSS 0% CVSS 4.7
MEDIUM POC PATCH This Month

An issue was discovered in do_madvise in mm/madvise.c in the Linux kernel before 5.6.8. Rated medium severity (CVSS 4.7). Public exploit code available.

Information Disclosure Race Condition Linux +2
NVD VulDB
EPSS 1% CVSS 5.7
MEDIUM PATCH This Month

Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Denial Of Service Microsoft Buffer Overflow +17
NVD
EPSS 0% CVSS 7.8
HIGH This Week

PackageKit's apt backend mistakenly treated all local debs as trusted. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Packagekit Ubuntu Linux
NVD
EPSS 0% CVSS 3.3
LOW POC Monitor

PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Packagekit Ubuntu Linux
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Ubuntu RCE Ubuntu Linux
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

WordPress before 5.5.2 allows CSRF attacks that change a theme's background image. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Debian Linux +1
NVD WPScan
EPSS 4% CVSS 9.1
CRITICAL PATCH Act Now

is_protected_meta in wp-includes/meta.php in WordPress before 5.5.2 allows arbitrary file deletion because it does not properly determine whether a meta key is considered protected. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure WordPress PHP +2
NVD GitHub WPScan
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +5
NVD
EPSS 2% CVSS 6.1
MEDIUM PATCH This Month

In containerd (an industry-standard container runtime) before version 1.2.14 there is a credential leaking vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Kubernetes Docker Information Disclosure +3
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC This Week

A flaw was found in the Linux kernel in versions before 5.9-rc7. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Linux Information Disclosure Linux Kernel +6
NVD
EPSS 3% CVSS 6.6
MEDIUM PATCH This Month

Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow RCE Spice +9
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Denial Of Service Linux Kernel +4
NVD
EPSS 5% CVSS 5.3
MEDIUM POC This Month

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Fedora +5
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure PHP Fedora +6
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Data Plane Development Kit Ubuntu Linux +1
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU cycles being eaten up in a long running loop. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Information Disclosure Integer Overflow Data Plane Development Kit +2
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Data Plane Development Kit +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Rated high severity (CVSS 7.8). This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Data Plane Development Kit Ubuntu Linux +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Rated high severity (CVSS 7.8).

Information Disclosure Data Plane Development Kit Ubuntu Linux +1
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Code Injection Urllib3 Ubuntu Linux +3
NVD GitHub
EPSS 6% CVSS 7.2
HIGH POC PATCH This Week

http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Code Injection Python Fedora +6
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Linux Privilege Escalation Linux Kernel +3
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

An issue was discovered in the gon gem before gon-6.4.0 for Ruby. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Gon Ubuntu Linux +1
NVD GitHub
EPSS 1% CVSS 7.8
HIGH PATCH This Week

A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Cryptsetup +3
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Database Interface Ubuntu Linux +3
NVD
Page 1 of 38 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy