Filtered by vendor Canonical Subscriptions
Total 4208 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-28655 2 Apport Project, Canonical 2 Apport, Ubuntu Linux 2024-11-21 7.1 High
is_closing_session() allows users to create arbitrary tcp dbus connections
CVE-2022-28654 2 Apport Project, Canonical 2 Apport, Ubuntu Linux 2024-11-21 5.5 Medium
is_closing_session() allows users to fill up apport.log
CVE-2022-28652 2 Apport Project, Canonical 2 Apport, Ubuntu Linux 2024-11-21 5.5 Medium
~/.config/apport/settings parsing is vulnerable to "billion laughs" attack
CVE-2022-24760 3 Canonical, Microsoft, Parseplatform 3 Ubuntu Linux, Windows, Parse-server 2024-11-21 10 Critical
Parse Server is an open source http web server backend. In versions prior to 4.10.7 there is a Remote Code Execution (RCE) vulnerability in Parse Server. This vulnerability affects Parse Server in the default configuration with MongoDB. The main weakness that leads to RCE is the Prototype Pollution vulnerable code in the file `DatabaseController.js`, so it is likely to affect Postgres and any other database backend as well. This vulnerability has been confirmed on Linux (Ubuntu) and Windows. Users are advised to upgrade as soon as possible. The only known workaround is to manually patch your installation with code referenced at the source GHSA-p6h4-93qp-jhcm.
CVE-2022-23238 5 Canonical, Centos, Linux and 2 more 5 Ubuntu Linux, Centos, Linux Kernel and 2 more 2024-11-21 6.5 Medium
Linux deployments of StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.2 deployed with a Linux kernel version less than 4.7.0 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to view limited metrics information and modify alert email recipients and content.
CVE-2022-23220 4 Canonical, Debian, Gentoo and 1 more 4 Ubuntu Linux, Debian Linux, Linux and 1 more 2024-11-21 7.8 High
USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute arbitrary code as root because certain Polkit settings (e.g., allow_any=yes) for pkexec disable the authentication requirement. Code execution can, for example, use the --gtk-module option. This affects Ubuntu, Debian, and Gentoo.
CVE-2022-20698 3 Canonical, Clamav, Debian 3 Ubuntu Linux, Clamav, Debian Linux 2024-11-21 7.5 High
A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper checks that may result in an invalid pointer read. An attacker could exploit this vulnerability by sending a crafted OOXML file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition.
CVE-2022-1184 4 Canonical, Debian, Linux and 1 more 6 Ubuntu Linux, Debian Linux, Linux Kernel and 3 more 2024-11-21 5.5 Medium
A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.
CVE-2022-1055 5 Canonical, Fedoraproject, Linux and 2 more 22 Ubuntu Linux, Fedora, Linux Kernel and 19 more 2024-11-21 7.8 High
A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5
CVE-2022-0543 3 Canonical, Debian, Redis 3 Ubuntu Linux, Debian Linux, Redis 2024-11-21 10.0 Critical
It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.
CVE-2022-0492 6 Canonical, Debian, Fedoraproject and 3 more 36 Ubuntu Linux, Debian Linux, Fedora and 33 more 2024-11-21 7.8 High
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
CVE-2022-0319 4 Apple, Canonical, Debian and 1 more 4 Macos, Ubuntu Linux, Debian Linux and 1 more 2024-11-21 5.5 Medium
Out-of-bounds Read in vim/vim prior to 8.2.
CVE-2021-4120 2 Canonical, Fedoraproject 3 Snapd, Ubuntu Linux, Fedora 2024-11-21 8.2 High
snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1
CVE-2021-4115 6 Canonical, Debian, Fedoraproject and 3 more 6 Ubuntu Linux, Debian Linux, Fedora and 3 more 2024-11-21 5.5 Medium
There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned
CVE-2021-4093 4 Canonical, Fedoraproject, Linux and 1 more 4 Ubuntu Linux, Fedora, Linux Kernel and 1 more 2024-11-21 8.8 High
A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (for example, outs or ins) using the exit reason SVM_EXIT_IOIO. This issue results in a crash of the entire system or a potential guest-to-host escape scenario.
CVE-2021-4034 7 Canonical, Oracle, Polkit Project and 4 more 37 Ubuntu Linux, Http Server, Zfs Storage Appliance Kit and 34 more 2024-11-21 7.8 High
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
CVE-2021-45417 5 Advanced Intrusion Detection Environment Project, Canonical, Debian and 2 more 11 Advanced Intrusion Detection Environment, Ubuntu Linux, Debian Linux and 8 more 2024-11-21 7.8 High
AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.
CVE-2021-45079 4 Canonical, Debian, Fedoraproject and 1 more 5 Ubuntu Linux, Debian Linux, Extra Packages For Enterprise Linux and 2 more 2024-11-21 9.1 Critical
In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication.
CVE-2021-44731 3 Canonical, Debian, Fedoraproject 4 Snapd, Ubuntu Linux, Debian Linux and 1 more 2024-11-21 7.8 High
A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local attacker to gain root privileges by bind-mounting their own contents inside the snap's private mount namespace and causing snap-confine to execute arbitrary code and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1
CVE-2021-44730 3 Canonical, Debian, Fedoraproject 4 Snapd, Ubuntu Linux, Debian Linux and 1 more 2024-11-21 7.8 High
snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1