Vulnerabilities > Canonical > Ubuntu Linux > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-23 | CVE-2021-3748 | Use After Free vulnerability in multiple products A use-after-free vulnerability was found in the virtio-net device of QEMU. | 7.5 |
2022-03-04 | CVE-2021-3737 | Infinite Loop vulnerability in multiple products A flaw was found in python. | 7.5 |
2022-03-03 | CVE-2021-3640 | A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. | 7.0 |
2022-03-03 | CVE-2022-0492 | Missing Authorization vulnerability in multiple products A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. | 7.8 |
2022-02-21 | CVE-2021-44142 | Out-of-bounds Write vulnerability in multiple products The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. | 8.8 |
2022-02-18 | CVE-2020-25717 | Improper Input Validation vulnerability in multiple products A flaw was found in the way Samba maps domain users to local users. | 8.1 |
2022-02-18 | CVE-2020-25719 | Race Condition vulnerability in multiple products A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. | 7.2 |
2022-02-18 | CVE-2020-25722 | Incorrect Authorization vulnerability in multiple products Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. | 8.8 |
2022-02-18 | CVE-2021-4093 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). | 8.8 |
2022-02-17 | CVE-2021-44730 | Link Following vulnerability in multiple products snapd 2.54.2 did not properly validate the location of the snap-confine binary. | 8.8 |