Canonical: Security Vulnerabilities
An issue was discovered in provd before version 0.1.5 with a setuid binary, which allows a local attacker to escalate their privilege.
CVSS Score
8.8
EPSS Score
0.003
Published
2024-07-23
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVSS Score
8.8
EPSS Score
0.005
Published
2024-07-16
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
CVSS Score
8.1
EPSS Score
0.995
Published
2024-07-01
Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks the Pro token to unprivileged users by passing the token as an argument in plaintext.
CVSS Score
5.9
EPSS Score
0.001
Published
2024-06-27
When generating the systemd service units for the docker snap (and other similar snaps), snapd does not specify Delegate=yes - as a result systemd will move processes from the containers created and managed by these snaps into the cgroup of the main daemon within the snap itself when reloading system units. This may grant additional privileges to a container within the snap that were not originally intended.
CVSS Score
9.3
EPSS Score
0.003
Published
2024-06-21
NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
CVSS Score
7.8
EPSS Score
0.003
Published
2024-06-13
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. A successful exploit of this vulnerability might lead to denial of service, information disclosure, and data tampering.
CVSS Score
7.8
EPSS Score
0.002
Published
2024-06-13
NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service.
CVSS Score
5.5
EPSS Score
0.002
Published
2024-06-13
NVIDIA GPU software for Linux contains a vulnerability where it can expose sensitive information to an actor that is not explicitly authorized to have access to that information. A successful exploit of this vulnerability might lead to information disclosure.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-06-13
NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could execute privileged operations. A successful exploit of this vulnerability might lead to information disclosure, data tampering, escalation of privileges, and denial of service.
CVSS Score
7.8
EPSS Score
0.002
Published
2024-06-13