VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Apport Project
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-06-04
CVE-2022-28652
XML Entity Expansion vulnerability in multiple products
~/.config/apport/settings parsing is vulnerable to "billion laughs" attack
local
low complexity
apport-project
canonical
CWE-776
5.5
5.5
2024-06-04
CVE-2022-28654
Allocation of Resources Without Limits or Throttling vulnerability in multiple products
is_closing_session() allows users to fill up apport.log
local
low complexity
apport-project
canonical
CWE-770
5.5
5.5
2024-06-04
CVE-2022-28655
Allocation of Resources Without Limits or Throttling vulnerability in multiple products
is_closing_session() allows users to create arbitrary tcp dbus connections
local
low complexity
apport-project
canonical
CWE-770
7.1
7.1
2024-06-04
CVE-2022-28656
Allocation of Resources Without Limits or Throttling vulnerability in multiple products
is_closing_session() allows users to consume RAM in the Apport process
local
low complexity
apport-project
canonical
CWE-770
5.5
5.5
2024-06-04
CVE-2022-28657
Apport does not disable python crash handler before entering chroot
local
low complexity
apport-project
canonical
7.8
7.8
2024-06-04
CVE-2022-28658
Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing
local
low complexity
apport-project
canonical
5.5
5.5
2020-04-28
CVE-2019-15790
Improper Privilege Management vulnerability in multiple products
Apport reads and writes information on a crashed process to /proc/pid with elevated privileges.
local
low complexity
apport-project
canonical
CWE-269
3.3
3.3
2020-04-22
CVE-2020-8833
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
Time-of-check Time-of-use Race Condition vulnerability on crash report ownership change in Apport allows for a possible privilege escalation opportunity.
local
high complexity
canonical
apport-project
CWE-367
4.7
4.7
2020-04-22
CVE-2020-8831
Link Following vulnerability in multiple products
Apport creates a world writable lock file with root ownership in the world writable /var/lock/apport directory.
local
low complexity
canonical
apport-project
CWE-59
5.5
5.5
2020-02-08
CVE-2019-11485
Sander Bos discovered Apport's lock file was in a world-writable directory which allowed all users to prevent crash handling.
local
low complexity
apport-project
canonical
3.3
3.3
«
1
(current)
2
3
»
Next