canonical

4,226 tracked vulnerabilities.

CVE-2021-3429 MEDIUM
cloud-init < 21.2 - Sensitive Information Disclosure via World-Readable Log File
Apr 19, 2023
CVSS 5.5
EPSS 0.00
CVE-2021-3975 MEDIUM
libvirt < 7.1.0 - Use-After-Free in qemuMonitorUnregister
Aug 23, 2022
CVSS 6.5
EPSS 0.01
CVE-2021-3905 HIGH
Openvswitch < 2.17.0 - Memory Leak
Aug 23, 2022
CVSS 7.5
EPSS 0.00
CVE-2021-3748 HIGH
QEMU 0.10.0-6.1.0 - Use-After-Free in virtio-net Descriptor Handling
Mar 23, 2022
CVSS 7.5
EPSS 0.00
CVE-2021-3737 HIGH
Python >=3.6.0 <3.6.14 - Denial of Service via HTTP Response Handling
Mar 04, 2022
CVSS 7.5
EPSS 0.00
CVE-2021-3640 HIGH
Linux Kernel < 4.4.293 - Use-After-Free in sco_sock_sendmsg
Mar 03, 2022
CVSS 7.0
EPSS 0.00
CVE-2021-4115 MEDIUM
polkit - Unauthenticated Denial of Service via File Descriptor Exhaustion
Feb 21, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-44142 HIGH
Samba < 4.13.17 - Out-of-bounds Read and Write via Extended File Attributes
Feb 21, 2022
CVSS 8.8
EPSS 0.36
CVE-2021-4093 HIGH
Linux Kernel 5.11-5.14.15 - Out-of-bounds Read and Write via SEV-ES String I/O VMGEXIT
Feb 18, 2022
CVSS 8.8
EPSS 0.00
CVE-2021-4120 HIGH
snapd < 2.54.3 - AppArmor Policy Rule Injection via Malformed Content Interface and Layout Declarations
Feb 17, 2022
CVSS 8.2
EPSS 0.00
CVE-2021-44731 HIGH
snapd < 2.54.3 - Local Privilege Escalation via Race Condition in snap-confine
Feb 17, 2022
CVSS 7.8
EPSS 0.01
CVE-2021-44730 HIGH
snapd < 2.54.3 - Privilege Escalation via Hardlink Attack on snap-confine Binary
Feb 17, 2022
CVSS 7.8
EPSS 0.00
CVE-2021-3155 LOW
snapd < 2.54.3 - Unprotected User Data Exposure via Home Directory Permissions
Feb 17, 2022
CVSS 3.8
EPSS 0.00
CVE-2021-3560 HIGH KEV
polkit < 0.119 - Unauthenticated Privilege Escalation via D-Bus Request
Feb 16, 2022
CVSS 7.8
EPSS 0.06
CVE-2021-45079 CRITICAL
strongSwan < 5.9.5 - Unauthenticated EAP-Success Spoofing via Early Response
Jan 31, 2022
CVSS 9.1
EPSS 0.00
CVE-2021-4034 HIGH KEV
Local Privilege Escalation in polkits pkexec
Jan 28, 2022
CVSS 7.8
EPSS 0.89
CVE-2021-45417 HIGH
Advanced Intrusion Detection Environment - Out-of-Bounds Write
Jan 20, 2022
CVSS 7.8
EPSS 0.00
CVE-2021-44420 HIGH
Django <2.2.25-<3.2.10 - Auth Bypass
Dec 08, 2021
CVSS 7.3
EPSS 0.00
CVE-2021-3939 HIGH
Ubuntu accountsservice <0.6.55-0ubuntu12~20.04.5 - Use After Free
Nov 17, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-3747 HIGH
Multipass <1.7.2 - Privilege Escalation
Oct 01, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-3710 MEDIUM
apport - Information Disclosure via Path Traversal in read_file()
Oct 01, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-3709 MEDIUM
apport Path Traversal in check_attachment_for_errors()
Oct 01, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-3626 HIGH
Multipass < 1.7.0 - Unauthenticated Privilege Escalation via Localhost TCP Control Socket
Oct 01, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-32557 MEDIUM
apport 2.14.1-0ubuntu3-2.14.1-0ubuntu3.29+esm7 - Arbitrary File Write via Symlink
Jun 12, 2021
CVSS 5.2
EPSS 0.00
CVE-2021-32556 LOW
apport 2.14.1-0ubuntu3-2.14.1-0ubuntu3.29+esm7 - OS Command Injection via Modified Package Name
Jun 12, 2021
CVSS 3.8
EPSS 0.00
Products
ubuntu_linux 4,106 juju 20 lxd 19 apport 17 snapd 16 cloud-init 9 Juju 7 metal_as_a_service 5 accountsservice 4 authd 4 ubuntu_core 4 ubuntu_touch 4 landscape 3 maas 3 multipass 3 subiquity 3 Ubuntu 2 acpi-support 2 lxcfs 2 software-properties 2 ubuntu 2 ubuntu_desktop_provision 2 unity-firefox-extension 2 update-manager 2 Ubuntu 16.04 LTS 1 Ubuntu 18.04 LTS 1 Ubuntu 20.04 LTS 1 Ubuntu 22.04 LTS 1 Ubuntu 24.04 LTS 1 Ubuntu Linux 1
Quick Filters
Critical CVEs With Exploits In CISA KEV