Vulnerabilities > Canonical > Ubuntu Linux > 10.04
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-12 | CVE-2023-5536 | Incorrect Default Permissions vulnerability in Canonical Ubuntu Linux A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows privileged users in the lxd group to escalate their privilege to root without requiring a sudo password. | 6.4 |
| 2021-04-17 | CVE-2021-3493 | Incorrect Authorization vulnerability in Canonical Ubuntu Linux The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. | 7.8 |
| 2021-04-17 | CVE-2021-3492 | Memory Leak vulnerability in Canonical Ubuntu Linux Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. | 7.8 |
| 2020-02-19 | CVE-2012-0055 | Missing Authorization vulnerability in multiple products OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing inode security checks which could allow attackers to bypass security restrictions and perform unauthorized actions. | 7.8 |
| 2020-01-02 | CVE-2013-4532 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. | 7.8 |
| 2019-12-31 | CVE-2013-4357 | Classic Buffer Overflow vulnerability in multiple products The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. | 7.5 |
| 2019-12-26 | CVE-2012-2736 | Missing Authentication for Critical Function vulnerability in multiple products In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network. | 4.4 |
| 2019-11-20 | CVE-2015-1607 | Improper Input Validation vulnerability in multiple products kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x before 2.1.2 does not properly handle bitwise left-shifts, which allows remote attackers to cause a denial of service (invalid read operation) via a crafted keyring file, related to sign extensions and "memcpy with overlapping ranges." | 5.5 |
| 2017-01-27 | CVE-2017-3313 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). | 4.7 |
| 2016-12-17 | CVE-2016-9950 | Path Traversal vulnerability in multiple products An issue was discovered in Apport before 2.20.4. | 7.8 |