Filtered by vendor Canonical
Subscribe
Total
4249 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-14347 | 3 Canonical, Debian, X.org | 3 Ubuntu Linux, Debian Linux, X Server | 2025-08-29 | 2.1 LOW | 5.5 MEDIUM |
| A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable. | |||||
| CVE-2020-14361 | 3 Canonical, Redhat, X.org | 3 Ubuntu Linux, Enterprise Linux, X Server | 2025-08-29 | 4.6 MEDIUM | 7.8 HIGH |
| A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2020-14346 | 3 Canonical, Redhat, X.org | 3 Ubuntu Linux, Enterprise Linux, X Server | 2025-08-29 | 4.6 MEDIUM | 7.8 HIGH |
| A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2018-14665 | 4 Canonical, Debian, Redhat and 1 more | 9 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 6 more | 2025-08-29 | 7.2 HIGH | 6.6 MEDIUM |
| A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges. | |||||
| CVE-2020-14362 | 3 Canonical, Redhat, X.org | 3 Ubuntu Linux, Enterprise Linux, X Server | 2025-08-29 | 4.6 MEDIUM | 7.8 HIGH |
| A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2024-6219 | 1 Canonical | 1 Lxd | 2025-08-28 | N/A | 3.8 LOW |
| Mark Laing discovered in LXD's PKI mode, until version 5.21.1, that a restricted certificate could be added to the trust store with its restrictions not honoured. | |||||
| CVE-2024-6388 | 1 Canonical | 1 Ubuntu Advantage Desktop Daemon | 2025-08-27 | N/A | 5.9 MEDIUM |
| Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks the Pro token to unprivileged users by passing the token as an argument in plaintext. | |||||
| CVE-2024-6107 | 1 Canonical | 1 Metal As A Service | 2025-08-27 | N/A | 9.6 CRITICAL |
| Due to insufficient verification, an attacker could use a malicious client to bypass authentication checks and run RPC commands in a region. This has been addressed in MAAS and updated in the corresponding snaps. | |||||
| CVE-2024-6174 | 1 Canonical | 1 Cloud-init | 2025-08-26 | N/A | 8.8 HIGH |
| When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration. | |||||
| CVE-2024-6714 | 2 Canonical, Linux | 2 Ubuntu Desktop Provision, Linux Kernel | 2025-08-26 | N/A | 8.8 HIGH |
| An issue was discovered in provd before version 0.1.5 with a setuid binary, which allows a local attacker to escalate their privilege. | |||||
| CVE-2025-5199 | 2 Apple, Canonical | 2 Macos, Multipass | 2025-08-26 | N/A | 7.3 HIGH |
| In Canonical Multipass up to and including version 1.15.1 on macOS, incorrect default permissions allow a local attacker to escalate privileges by modifying files executed with administrative privileges by a Launch Daemon during system startup. | |||||
| CVE-2025-0928 | 1 Canonical | 1 Juju | 2025-08-26 | N/A | 8.8 HIGH |
| In Juju versions prior to 3.6.8 and 2.9.52, any authenticated controller user was allowed to upload arbitrary agent binaries to any model or to the controller itself, without verifying model membership or requiring explicit permissions. This enabled the distribution of poisoned binaries to new or upgraded machines, potentially resulting in remote code execution. | |||||
| CVE-2025-53513 | 1 Canonical | 1 Juju | 2025-08-26 | N/A | 8.8 HIGH |
| The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller to upload a charm. Uploading a malicious charm that exploits a Zip Slip vulnerability could allow an attacker to gain access to a machine running a unit through the affected charm. | |||||
| CVE-2025-53512 | 1 Canonical | 1 Juju | 2025-08-26 | N/A | 6.5 MEDIUM |
| The /log endpoint on a Juju controller lacked sufficient authorization checks, allowing unauthorized users to access debug messages that could contain sensitive information. | |||||
| CVE-2022-28653 | 1 Canonical | 1 Apport | 2025-08-26 | N/A | 7.5 HIGH |
| Users can consume unlimited disk space in /var/crash | |||||
| CVE-2020-11936 | 1 Canonical | 1 Apport | 2025-08-26 | N/A | 3.1 LOW |
| gdbus setgid privilege escalation | |||||
| CVE-2022-1736 | 2 Canonical, Gnome | 2 Ubuntu Linux, Gnome-remote-desktop | 2025-08-26 | N/A | 9.8 CRITICAL |
| Ubuntu's configuration of gnome-control-center allowed Remote Desktop Sharing to be enabled by default. | |||||
| CVE-2023-0092 | 1 Canonical | 1 Juju | 2025-08-26 | N/A | 4.9 MEDIUM |
| An authenticated user who has read access to the juju controller model, may construct a remote request to download an arbitrary file from the controller's filesystem. | |||||
| CVE-2024-8037 | 1 Canonical | 1 Juju | 2025-08-26 | N/A | 6.5 MEDIUM |
| Vulnerable juju hook tool abstract UNIX domain socket. When combined with an attack of JUJU_CONTEXT_ID, any user on the local system with access to the default network namespace may connect to the @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and perform actions that are normally reserved to a juju charm. | |||||
| CVE-2024-8038 | 1 Canonical | 1 Juju | 2025-08-26 | N/A | 7.9 HIGH |
| Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This enables denial of service attacks. | |||||