Shodan
Vulnerabilities
Vulnerable Software
Canonical:  Security Vulnerabilities
CVE-2024-3250
It was discovered that Canonical's Pebble service manager read-file API and the associated pebble pull command, before v1.10.2, allowed unprivileged local users to read files with root-equivalent permissions when Pebble was running as root. Fixes are also available as backports to v1.1.1, v1.4.2, and v1.7.4.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-04-04
CVE-2023-48733
An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot.
CVSS Score
6.7
EPSS Score
0.003
Published
2024-02-14
CVE-2023-49721
An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot.
CVSS Score
6.7
EPSS Score
0.002
Published
2024-02-14
CVE-2022-4964
Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio-record is not set.
CVSS Score
5.5
EPSS Score
0.003
Published
2024-01-24
CVE-2021-3600
It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code.
CVSS Score
7.8
EPSS Score
0.003
Published
2024-01-08
CVE-2023-1032
The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c. This issue was introduced in da214a475f8bd1d3e9e7a19ddfeb4d1617551bab and fixed in 649c15c7691e9b13cbe9bf6c65c365350e056067.
CVSS Score
4.7
EPSS Score
0.003
Published
2024-01-08
CVE-2022-2602
io_uring UAF, Unix SCM garbage collection
CVSS Score
5.3
EPSS Score
0.013
Published
2024-01-08
CVE-2022-3328
Race condition in snap-confine's must_mkdir_and_open_with_perms()
CVSS Score
7.8
EPSS Score
0.004
Published
2024-01-08
CVE-2022-2585
It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.
CVSS Score
5.3
EPSS Score
0.013
Published
2024-01-08
CVE-2022-2586
Known exploited
It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted.
CVSS Score
5.3
EPSS Score
0.127
Published
2024-01-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved