Filtered by vendor Canonical
Subscribe
Total
4203 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-4968 | 1 Canonical | 1 Netplan | 2024-11-21 | N/A | 6.5 MEDIUM |
| netplan leaks the private key of wireguard to local users. Versions after 1.0 are not affected. | |||||
| CVE-2022-4964 | 1 Canonical | 1 Ubuntu Pipewire-pulse | 2024-11-21 | N/A | 5.5 MEDIUM |
| Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio-record is not set. | |||||
| CVE-2022-44544 | 2 Canonical, Mahara | 2 Ubuntu Linux, Mahara | 2024-11-21 | N/A | 9.8 CRITICAL |
| Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0 potentially allow a PDF export to trigger a remote shell if the site is running on Ubuntu and the flag -dSAFER is not set with Ghostscript. | |||||
| CVE-2022-41222 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2024-11-21 | N/A | 7.0 HIGH |
| mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move. | |||||
| CVE-2022-40617 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | N/A | 7.5 HIGH |
| strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control) that doesn't properly respond but (for example) just does nothing after the initial TCP handshake, or sends an excessive amount of application data. | |||||
| CVE-2022-40277 | 3 Canonical, Joplinapp, Linux | 3 Ubuntu Linux, Joplin, Linux Kernel | 2024-11-21 | N/A | 7.8 HIGH |
| Joplin version 2.8.8 allows an external attacker to execute arbitrary commands remotely on any client that opens a link in a malicious markdown file, via Joplin. This is possible because the application does not properly validate the schema/protocol of existing links in the markdown file before passing them to the 'shell.openExternal' function. | |||||
| CVE-2022-3328 | 1 Canonical | 2 Snapd, Ubuntu Linux | 2024-11-21 | N/A | 7.8 HIGH |
| Race condition in snap-confine's must_mkdir_and_open_with_perms() | |||||
| CVE-2022-39177 | 3 Bluez, Canonical, Debian | 3 Bluez, Ubuntu Linux, Debian Linux | 2024-11-21 | N/A | 8.8 HIGH |
| BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c. | |||||
| CVE-2022-39176 | 3 Bluez, Canonical, Debian | 3 Bluez, Ubuntu Linux, Debian Linux | 2024-11-21 | N/A | 8.8 HIGH |
| BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len. | |||||
| CVE-2022-34918 | 4 Canonical, Debian, Linux and 1 more | 13 Ubuntu Linux, Debian Linux, Linux Kernel and 10 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c. | |||||
| CVE-2022-2602 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | N/A | 5.3 MEDIUM |
| io_uring UAF, Unix SCM garbage collection | |||||
| CVE-2022-2588 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | N/A | 5.3 MEDIUM |
| It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0. | |||||
| CVE-2022-2586 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | N/A | 5.3 MEDIUM |
| It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted. | |||||
| CVE-2022-2585 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | N/A | 5.3 MEDIUM |
| It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free. | |||||
| CVE-2022-2084 | 1 Canonical | 2 Cloud-init, Ubuntu Linux | 2024-11-21 | N/A | 5.5 MEDIUM |
| Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords. | |||||
| CVE-2022-29581 | 4 Canonical, Debian, Linux and 1 more | 19 Ubuntu Linux, Debian Linux, Linux Kernel and 16 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. | |||||
| CVE-2022-28658 | 2 Apport Project, Canonical | 2 Apport, Ubuntu Linux | 2024-11-21 | N/A | 5.5 MEDIUM |
| Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing | |||||
| CVE-2022-28657 | 2 Apport Project, Canonical | 2 Apport, Ubuntu Linux | 2024-11-21 | N/A | 7.8 HIGH |
| Apport does not disable python crash handler before entering chroot | |||||
| CVE-2022-28656 | 2 Apport Project, Canonical | 2 Apport, Ubuntu Linux | 2024-11-21 | N/A | 5.5 MEDIUM |
| is_closing_session() allows users to consume RAM in the Apport process | |||||
| CVE-2022-28655 | 2 Apport Project, Canonical | 2 Apport, Ubuntu Linux | 2024-11-21 | N/A | 7.1 HIGH |
| is_closing_session() allows users to create arbitrary tcp dbus connections | |||||