Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

1 – 10 of 10 results

CVE-2022-46871

Medium priority

Some fixes available 10 of 19

An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108.

8 affected packages

firefox, libusrsctp, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Not affected Not affected Fixed Fixed Ignored
libusrsctp Not affected Not affected Vulnerable Not in release Not in release
mozjs38 Not in release Not in release Ignored Not in release
mozjs52 Not in release Ignored Ignored Not in release
mozjs68 Not in release Ignored Not in release Not in release
mozjs78 Not in release Ignored Not in release Not in release Not in release
mozjs91 Ignored Not in release Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Ignored
Show all 8 packages Show less packages

CVE-2019-20503

Medium priority

Some fixes available 28 of 39

usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init.

4 affected packages

chromium-browser, firefox, libusrsctp, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Not affected Not affected Not affected Fixed Fixed
firefox Fixed Fixed Fixed Fixed Fixed
libusrsctp Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
thunderbird Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2012-5644

Medium priority
Vulnerable

libuser has information disclosure when moving user's home directory

1 affected packages

libuser

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libuser Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2012-5630

Medium priority
Vulnerable

libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees.

1 affected packages

libuser

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libuser Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2019-14822

Medium priority

Some fixes available 3 of 4

A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may...

1 affected packages

ibus

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ibus Fixed Fixed
Show less packages

CVE-2016-5104

Medium priority
Fixed

The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket.

2 affected packages

libimobiledevice, libusbmuxd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libimobiledevice Fixed
libusbmuxd Fixed
Show less packages

CVE-2015-3246

Medium priority

Some fixes available 1 of 5

libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service (inconsistent file state) by causing...

1 affected packages

libuser

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libuser Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2015-3245

Low priority

Some fixes available 1 of 5

Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service (/etc/passwd...

1 affected packages

libuser

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libuser Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2013-4509

Medium priority
Ignored

The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlier, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which allows physically...

1 affected packages

ibus

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ibus
Show less packages

CVE-2011-0002

Medium priority
Ignored

libuser before 0.57 uses a cleartext password value of (1) !! or (2) x for new LDAP user accounts, which makes it easier for remote attackers to obtain access by specifying one of these values.

1 affected packages

libuser

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libuser
Show less packages