📦 Ubuntu Linux

This vulnerability in Sudo allows local users to escalate privileges to root by exploiting the --chroot option to load a malicious /etc/nsswitch.conf file from a user-controlled directory. It affects ...

Ubuntu's default configuration of gnome-control-center enabled Remote Desktop Sharing by default, allowing unauthorized remote access to desktop sessions. This affects Ubuntu systems with GNOME deskto...

A privilege escalation vulnerability in snapd's systemd service unit generation allows Docker containers within snaps to gain unintended privileges. When systemd reloads units without Delegate=yes, co...

This vulnerability allows malicious snaps to inject terminal input via TIOCLINUX ioctl, potentially executing arbitrary commands outside the snap sandbox after the snap exits. Only affects snaps runni...

This vulnerability in strongSwan allows a malicious VPN responder to bypass authentication by sending an EAP-Success message prematurely. Attackers can establish unauthorized VPN connections without p...

Ubuntu 20.04 LTS's libvirt package created a control socket with overly permissive world read/write permissions. This allows local attackers to overwrite arbitrary files or execute arbitrary code by w...

This vulnerability in WordPress allows authenticated users with author-level permissions to delete arbitrary files on the server due to improper validation of protected meta keys. It affects all WordP...

This vulnerability allows attackers to perform XML External Entity (XXE) injection attacks through the WebDAV implementation in Yaws web server. Attackers can read arbitrary files from the server, pot...

This vulnerability in Apport's crash reporting tool allows local attackers to escape chroot restrictions by exploiting the Python crash handler. It affects Ubuntu systems where Apport is enabled, pote...

CVE-2022-28655 is a vulnerability in the is_closing_session() function that allows users to create arbitrary TCP D-Bus connections, potentially bypassing intended access controls. This affects systems...

CVE-2022-1242 is a vulnerability in Apport, Ubuntu's crash reporting tool, that allows local attackers to trick Apport into connecting to arbitrary sockets as the root user. This affects Ubuntu system...

CVE-2021-3899 is a race condition vulnerability in Apport's 'replaced executable' detection mechanism that allows local attackers to execute arbitrary code with root privileges. This affects Ubuntu sy...

CVE-2022-3328 is a race condition vulnerability in snap-confine's must_mkdir_and_open_with_perms() function that could allow local privilege escalation. Attackers could exploit this to gain root privi...

CVE-2023-4911 is a buffer overflow vulnerability in the GNU C Library's dynamic loader (ld.so) that allows local attackers to exploit SUID binaries. By crafting malicious GLIBC_TUNABLES environment va...

This CVE describes a use-after-free vulnerability in the Linux kernel's netfilter nf_tables component. It allows a local attacker to escalate privileges from an unprivileged user to root. Any Linux sy...

CVE-2023-3297 is a use-after-free vulnerability in Ubuntu's accountsservice that allows an unprivileged local attacker to potentially execute arbitrary code or crash the accounts-daemon process by sen...

CVE-2023-2640 is a privilege escalation vulnerability in Ubuntu's overlayfs implementation where unprivileged users can set privileged extended attributes on mounted files, bypassing security checks. ...

This CVE describes a use-after-free vulnerability in the Linux kernel's virtual console screen driver (vc_screen). An attacker with local user access can exploit this flaw to cause a system crash (den...

This CVE-2023-31248 is a use-after-free vulnerability in the Linux kernel's nftables subsystem that allows local attackers to escalate privileges. The flaw occurs when nft_chain_lookup_byid() fails to...

This vulnerability allows attackers to perform out-of-bounds writes in the Linux kernel's flower classifier code via specially crafted GENEVE packets. It affects Linux systems running kernel versions ...

This CVE describes a local privilege escalation vulnerability in apport-cli versions 2.26.0 and earlier. It allows unprivileged users to gain root privileges when specific conditions are met: sudo is ...

A buffer overflow vulnerability in the Linux Kernel's Netfilter subsystem allows local attackers to leak memory addresses and potentially execute arbitrary code. This could lead to local privilege esc...

This CVE describes an out-of-bounds read vulnerability in the Broadcom brcmfmac WiFi driver in the Linux kernel. When processing association request data, the driver can read beyond allocated memory b...

This Linux kernel vulnerability allows local users to escalate privileges by exploiting a uid mapping bug in OverlayFS when copying capable files between mounts. Attackers can gain root access on affe...

A local privilege escalation vulnerability in the Linux kernel's net/sched subsystem allows attackers with local access to gain root privileges. This affects Linux kernel versions 4.14 through 5.17. T...

CVE-2022-1055 is a use-after-free vulnerability in the Linux kernel's tc_new_tfilter function that allows local attackers to escalate privileges. The exploit requires unprivileged user namespaces to b...

This CVE describes a use-after-free vulnerability in the Linux kernel's Bluetooth HCI subsystem. A privileged local attacker can trigger a race condition to crash the system or potentially escalate pr...

CVE-2022-0492 is a Linux kernel vulnerability in the cgroups v1 release_agent feature that allows local attackers to escalate privileges and escape container namespaces. This affects Linux systems usi...

CVE-2020-25717 is a privilege escalation vulnerability in Samba's domain user mapping mechanism. Authenticated attackers can exploit this flaw to gain elevated privileges on Samba servers. This affect...

This vulnerability in Samba's Active Directory Domain Controller allows attackers to bypass Kerberos authentication by exploiting confusion about user identity when Kerberos PAC (Privilege Attribute C...

CVE-2021-44730 is a privilege escalation vulnerability in snapd where improper validation of the snap-confine binary location allows local attackers to create hardlinks to arbitrary binaries. When exp...

This vulnerability in snapd allows malicious snaps to bypass strict confinement by injecting arbitrary AppArmor policy rules through malformed content interface and layout declarations. It affects sys...

CVE-2021-3560 is a privilege escalation vulnerability in polkit's D-Bus authentication mechanism that allows unprivileged local users to bypass credential checks and gain root privileges. This affects...

CVE-2021-4034 (PwnKit) is a local privilege escalation vulnerability in polkit's pkexec utility that allows unprivileged local users to gain root privileges by exploiting improper argument handling. T...

CVE-2021-45417 is a heap-based buffer overflow vulnerability in AIDE (Advanced Intrusion Detection Environment) that allows local users to escalate privileges to root by exploiting crafted file metada...

This vulnerability in ClamAV's OOXML parsing module allows remote attackers to crash the antivirus scanning process by sending specially crafted OOXML files. This causes a denial of service, potential...

This Django vulnerability allows attackers to bypass URL-based access controls by appending trailing newlines to HTTP request URLs. Attackers could access restricted resources that should be protected...

This CVE describes a double-free memory corruption vulnerability in Ubuntu's accountsservice. Attackers can exploit this via the SetLanguage D-Bus function to potentially execute arbitrary code or cra...

This vulnerability in Apport's read_file() function allows local attackers to read arbitrary files by exploiting symbolic links or FIFOs. When used by openjdk-17 package hooks, it can expose sensitive...

CVE-2021-32555 is a path traversal vulnerability in Apport's read_file() function that follows symbolic links and opens FIFOs, potentially exposing sensitive data. This affects Ubuntu systems with the...

This vulnerability in Apport's read_file() function allows local attackers to read arbitrary files by exploiting symbolic links or FIFOs. It affects Ubuntu systems with openjdk-13 package apport hooks...

This vulnerability in Apport's read_file() function allows local attackers to read arbitrary files by exploiting symbolic links or FIFOs. It affects Ubuntu systems with openjdk-15 package apport hooks...

This vulnerability in Apport's read_file() function allows local attackers to read arbitrary files via symbolic link or FIFO manipulation. When exploited through the openjdk-lts package hooks, it can ...

This CVE-2021-3490 is a Linux kernel vulnerability in eBPF's ALU32 bounds tracking for bitwise operations (AND, OR, XOR). It allows local attackers to trigger out-of-bounds reads/writes, potentially l...

CVE-2021-3492 is a kernel vulnerability in Ubuntu's Shiftfs filesystem where improper error handling during copy_from_user() operations can cause memory corruption. This allows attackers to potentiall...

CVE-2021-27364 is a Linux kernel vulnerability in the iSCSI subsystem that allows unprivileged local users to cause a denial of service or potentially escalate privileges by sending specially crafted ...

A race condition vulnerability in Canonical's apport crash reporting tool allows local attackers to leak sensitive information from core dumps. By exploiting PID reuse in container environments, attac...

This vulnerability in Ubuntu's gnome-control-center fails to accurately display SSH remote login status when systemd socket activation is used for openssh-server. This could mislead users into believi...

CVE-2022-1804 is a privilege escalation vulnerability in accountsservice where the service fails to drop elevated permissions when writing to .pam_environment files. This allows local attackers to wri...

This vulnerability in Apport's settings file parsing allows a billion laughs attack (XML entity expansion) that can cause denial of service through excessive memory consumption. It affects Ubuntu syst...

CVE-2020-1472 (Zerologon) is a critical authentication bypass vulnerability in Microsoft's Netlogon protocol that allows unauthenticated attackers to gain domain administrator privileges. It affects W...