Vulnerabilities > Canonical > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-02-21 CVE-2021-4115 There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. 5.5
5.5
2022-02-18 CVE-2016-2124 Improper Authentication vulnerability in multiple products
A flaw was found in the way samba implemented SMB1 authentication.
network
high complexity
samba debian fedoraproject redhat canonical CWE-287
5.9
5.9
2022-02-17 CVE-2021-3155 Incorrect Default Permissions vulnerability in Canonical Snapd
snapd 2.54.2 and earlier created ~/snap directories in user home directories without specifying owner-only permissions.
local
low complexity
canonical CWE-276
5.5
5.5
2021-10-01 CVE-2021-3709 Path Traversal vulnerability in Canonical Apport
Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file.
local
low complexity
canonical CWE-22
5.5
5.5
2021-10-01 CVE-2021-3710 Path Traversal vulnerability in Canonical Apport
An information disclosure via path traversal was discovered in apport/hookutils.py function read_file().
local
low complexity
canonical CWE-22
5.5
5.5
2021-06-12 CVE-2021-32547 Link Following vulnerability in Canonical Ubuntu Linux
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs.
local
low complexity
canonical CWE-59
5.5
5.5
2021-06-12 CVE-2021-32548 Link Following vulnerability in Canonical Ubuntu Linux
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs.
local
low complexity
canonical CWE-59
5.5
5.5
2021-06-12 CVE-2021-32549 Link Following vulnerability in Canonical Ubuntu Linux
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs.
local
low complexity
canonical CWE-59
5.5
5.5
2021-06-12 CVE-2021-32550 Link Following vulnerability in Canonical Ubuntu Linux
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs.
local
low complexity
canonical CWE-59
5.5
5.5
2021-06-12 CVE-2021-32551 Link Following vulnerability in Canonical Ubuntu Linux
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs.
local
low complexity
canonical CWE-59
5.5
5.5