Vulnerabilities (CVE)

Filtered by vendor Canonical Subscribe
Filtered by product Ubuntu Linux
Total 3874 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-12749 2 Canonical, Freedesktop 2 Ubuntu Linux, Dbus 2024-12-06 3.6 LOW 7.1 HIGH
dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case, this could result in the DBusServer reusing a cookie that is known to the malicious client, and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid, allowing authentication bypass.
CVE-2020-10109 4 Canonical, Debian, Fedoraproject and 1 more 4 Ubuntu Linux, Debian Linux, Fedora and 1 more 2024-11-25 7.5 HIGH 9.8 CRITICAL
In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header, the content-length took precedence and the remainder of the request body was interpreted as a pipelined request.
CVE-2020-10108 5 Canonical, Debian, Fedoraproject and 2 more 6 Ubuntu Linux, Debian Linux, Fedora and 3 more 2024-11-25 7.5 HIGH 9.8 CRITICAL
In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the first header. When the second content-length value was set to zero, the request body was interpreted as a pipelined request.
CVE-2019-12387 4 Canonical, Fedoraproject, Oracle and 1 more 5 Ubuntu Linux, Fedora, Solaris and 2 more 2024-11-25 4.3 MEDIUM 6.1 MEDIUM
In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.
CVE-2024-6387 9 Amazon, Canonical, Debian and 6 more 20 Linux 2023, Ubuntu Linux, Debian Linux and 17 more 2024-11-21 N/A 8.1 HIGH
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
CVE-2024-0093 5 Canonical, Citrix, Nvidia and 2 more 6 Ubuntu Linux, Hypervisor, Cloud Gaming and 3 more 2024-11-21 N/A 6.5 MEDIUM
NVIDIA GPU software for Linux contains a vulnerability where it can expose sensitive information to an actor that is not explicitly authorized to have access to that information. A successful exploit of this vulnerability might lead to information disclosure.
CVE-2024-0092 6 Canonical, Citrix, Microsoft and 3 more 14 Ubuntu Linux, Hypervisor, Azure Stack Hci and 11 more 2024-11-21 N/A 5.5 MEDIUM
NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service.
CVE-2024-0091 7 Canonical, Citrix, Linux and 4 more 16 Ubuntu Linux, Hypervisor, Linux Kernel and 13 more 2024-11-21 N/A 7.8 HIGH
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. A successful exploit of this vulnerability might lead to denial of service, information disclosure, and data tampering.
CVE-2024-0090 7 Canonical, Citrix, Linux and 4 more 16 Ubuntu Linux, Hypervisor, Linux Kernel and 13 more 2024-11-21 N/A 7.8 HIGH
NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
CVE-2024-0086 5 Canonical, Citrix, Nvidia and 2 more 6 Ubuntu Linux, Hypervisor, Cloud Gaming and 3 more 2024-11-21 N/A 5.5 MEDIUM
NVIDIA vGPU software for Linux contains a vulnerability where the software can dereference a NULL pointer. A successful exploit of this vulnerability might lead to denial of service and undefined behavior in the vGPU plugin.
CVE-2024-0085 6 Canonical, Citrix, Microsoft and 3 more 7 Ubuntu Linux, Hypervisor, Azure Stack Hci and 4 more 2024-11-21 N/A 6.3 MEDIUM
NVIDIA vGPU software for Windows and Linux contains a vulnerability where unprivileged users could execute privileged operations on the host. A successful exploit of this vulnerability might lead to data tampering, escalation of privileges, and denial of service.
CVE-2024-0084 5 Canonical, Citrix, Nvidia and 2 more 6 Ubuntu Linux, Hypervisor, Cloud Gaming and 3 more 2024-11-21 N/A 7.8 HIGH
NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could execute privileged operations. A successful exploit of this vulnerability might lead to information disclosure, data tampering, escalation of privileges, and denial of service.
CVE-2023-5536 1 Canonical 1 Ubuntu Linux 2024-11-21 N/A 5.0 MEDIUM
A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows privileged users in the lxd group to escalate their privilege to root without requiring a sudo password.
CVE-2023-4911 5 Canonical, Debian, Fedoraproject and 2 more 17 Ubuntu Linux, Debian Linux, Fedora and 14 more 2024-11-21 N/A 7.8 HIGH
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
CVE-2023-45866 6 Apple, Bluproducts, Canonical and 3 more 16 Ipad Os, Iphone Os, Iphone Se and 13 more 2024-11-21 N/A 6.3 MEDIUM
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.
CVE-2023-44216 7 Amd, Apple, Canonical and 4 more 16 Ryzen 5 7600x, Ryzen 7 4800u, M1 Mac Mini and 13 more 2024-11-21 N/A 5.3 MEDIUM
PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately determine text contained on a web page from one origin if they control a resource from a different origin.
CVE-2023-40283 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2024-11-21 N/A 7.8 HIGH
An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled.
CVE-2023-3777 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2024-11-21 N/A 7.8 HIGH
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain circumstances. We recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.
CVE-2023-3567 3 Canonical, Linux, Redhat 3 Ubuntu Linux, Linux Kernel, Enterprise Linux 2024-11-21 N/A 7.1 HIGH
A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.
CVE-2023-3297 2 Canonical, Linux 3 Accountsservice, Ubuntu Linux, Linux Kernel 2024-11-21 N/A 8.1 HIGH
In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process.