Known Vulnerabilities for products from Ubuntu
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Ubuntu".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-43298 json | Not Provided | 2026-05-08 | 2026-05-11 | |
| CVE-2026-43252 json | Not Provided | 2026-05-06 | 2026-05-06 | |
| CVE-2026-43046 json | Not Provided | 2026-05-01 | 2026-05-02 | |
| CVE-2026-40489 json | Not Provided | 2026-04-18 | 2026-04-20 | |
| CVE-2026-31654 json | Not Provided | 2026-04-24 | 2026-04-24 | |
| CVE-2026-23428 json | Not Provided | 2026-04-03 | 2026-04-27 | |
| CVE-2026-23427 json | Not Provided | 2026-04-03 | 2026-04-27 | |
| CVE-2026-23321 json | Not Provided | 2026-03-25 | 2026-04-13 | |
| CVE-2026-6369 json | Not Provided | 2026-04-20 | 2026-04-20 | |
| CVE-2025-71293 json | Not Provided | 2026-05-06 | 2026-05-06 | |
| CVE-2019-15796 json | Python-apt doesn't check if hashes are signed in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py or i... | 4.7 - MEDIUM | 2020-03-26 | 2020-10-19 |
| CVE-2019-15795 json | python-apt only checks the MD5 sums of downloaded files in `Version.fetch_binary()` and `Version.fetch_source()` of apt/packa... | 4.7 - MEDIUM | 2020-03-26 | 2020-04-08 |
| CVE-2017-14461 json | A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in ... | 7.1 - HIGH | 2018-03-02 | 2022-04-19 |
| CVE-2015-5479 json | The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav before 11.5 allows remote attackers to cause a denial of ... | Not Provided | 2016-04-19 | 2026-05-06 |
| CVE-2015-2285 json | The logrotation script (/etc/cron.daily/upstart) in the Ubuntu Upstart package before 1.13.2-0ubuntu9, as used in Ubuntu Vivi... | Not Provided | 2015-03-12 | 2026-05-06 |
| CVE-2015-2150 json | Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which m... | Not Provided | 2015-03-12 | 2026-05-06 |
| CVE-2015-1322 json | Directory traversal vulnerability in the Ubuntu network-manager package for Ubuntu (vivid) before 0.9.10.0-4ubuntu15.1, Ubunt... | Not Provided | 2015-04-29 | 2026-05-06 |
| CVE-2014-1424 json | apparmor_parser in the apparmor package before 2.8.95~2430-0ubuntu5.1 in Ubuntu 14.04 allows attackers to bypass AppArmor pol... | Not Provided | 2014-11-24 | 2026-05-06 |
| CVE-2013-2186 json | The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6... | Not Provided | 2013-10-28 | 2026-04-29 |
| CVE-2013-1070 json | Cross-site scripting (XSS) vulnerability in the API in Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 allows remote attackers t... | Not Provided | 2014-02-17 | 2026-04-29 |