Canonical Ubuntu 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
過去の問題は主に バッファオーバーフロー and パス処理の欠陥 などに関し、一部は vendor impact memory corruption を招き、vendor surface system components and vendor surface server deployment 関連の場面に影響します。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2026-6862 | A flaw was found in libefiboot, a component of efivar. The device path node parser in libefiboot fails to validate that each node's Length field is at least 4 bytes, which is the minimum size for an EFI (Extensible Firmware Interface) device path node header. A local user could exploit this vulnerability by providing a specially crafted device path node. This can lead to infinite recursion, causing stack exhaustion and a process crash, resulting in a denial of service (DoS). | [email protected] | 5.5 | 0.01% | 2026-04-22 | 2026-05-13 |
| CVE-2025-6966 | NULL pointer dereference in TagSection.keys() in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service (process crash) via a crafted deb822 file with a malformed non-UTF-8 key. | [email protected] | 6.9 | 0.01% | 2025-12-05 | 2026-01-07 |
| CVE-2019-15796 | Python-apt doesn't check if hashes are signed in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py or in `_fetch_archives()` of apt/cache.py in version 1.9.3ubuntu2 and earlier. This allows downloads from unsigned repositories which shouldn't be allowed and has been fixed in verisions 1.9.5, 1.9.0ubuntu1.2, 1.6.5ubuntu0.1, 1.1.0~beta1ubuntu0.16.04.7, 0.9.3.5ubuntu3+esm2, and 0.8.3ubuntu7.5. | [email protected] | 4.7 | 0.17% | 2020-03-26 | 2024-11-21 |
| CVE-2019-15795 | python-apt only checks the MD5 sums of downloaded files in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py in version 1.9.0ubuntu1 and earlier. This allows a man-in-the-middle attack which could potentially be used to install altered packages and has been fixed in versions 1.9.0ubuntu1.2, 1.6.5ubuntu0.1, 1.1.0~beta1ubuntu0.16.04.7, 0.9.3.5ubuntu3+esm2, and 0.8.3ubuntu7.5. | [email protected] | 4.7 | 0.18% | 2020-03-26 | 2024-11-21 |
| CVE-2017-14461 | A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. In order to trigger this vulnerability, an attacker needs to send a specially crafted email message to the server. | [email protected] | 5.9 | 1.66% | 2018-03-02 | 2024-11-21 |
| CVE-2015-5479 | The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav before 11.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a file with crafted dimensions. | [email protected] | 6.5 | 1.33% | 2016-04-19 | 2026-05-06 |
| CVE-2015-1322 | Directory traversal vulnerability in the Ubuntu network-manager package for Ubuntu (vivid) before 0.9.10.0-4ubuntu15.1, Ubuntu 14.10 before 0.9.8.8-0ubuntu28.1, and Ubuntu 14.04 LTS before 0.9.8.8-0ubuntu7.1 allows local users to change the modem device configuration or read arbitrary files via a .. (dot dot) in the file name in a request to read modem device contexts (com.canonical.NMOfono.ReadImsiContexts). | [email protected] | 4.6 | 0.02% | 2015-04-29 | 2026-05-06 |
| CVE-2015-2285 | The logrotation script (/etc/cron.daily/upstart) in the Ubuntu Upstart package before 1.13.2-0ubuntu9, as used in Ubuntu Vivid 15.04, allows local users to execute arbitrary commands and gain privileges via a crafted file in /run/user/*/upstart/sessions/. | [email protected] | 7.2 | 0.74% | 2015-03-12 | 2026-05-06 |
| CVE-2015-2150 | Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response. | [email protected] | 4.9 | 0.10% | 2015-03-12 | 2026-05-06 |
| CVE-2014-1424 | apparmor_parser in the apparmor package before 2.8.95~2430-0ubuntu5.1 in Ubuntu 14.04 allows attackers to bypass AppArmor policies via unspecified vectors, related to a "miscompilation flaw." | [email protected] | 6.4 | 0.35% | 2014-11-24 | 2026-05-06 |
| CVE-2013-1070 | Cross-site scripting (XSS) vulnerability in the API in Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 allows remote attackers to inject arbitrary web script or HTML via the op parameter to nodes/. | [email protected] | 4.3 | 0.34% | 2014-02-17 | 2026-04-29 |
| CVE-2013-1069 | Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 uses world-readable permissions for txlongpoll.yaml, which allows local users to obtain RabbitMQ authentication credentials by reading the file. | [email protected] | 2.1 | 0.05% | 2014-02-17 | 2026-04-29 |
| CVE-2011-4613 | The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY. | [email protected] | 4.6 | 0.08% | 2014-02-05 | 2026-04-29 |
| CVE-2013-2186 | The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance. | [email protected] | 7.5 | 87.10% | 2013-10-28 | 2026-04-29 |
| CVE-2011-1842 | dbus_backend/lsd.py in the D-Bus backend in language-selector before 0.6.7 does not validate the arguments to the (1) SetSystemDefaultLangEnv and (2) SetSystemDefaultLanguageEnv functions, which allows local users to gain privileges via shell metacharacters in a string argument, a different vulnerability than CVE-2011-0729. | [email protected] | 7.2 | 0.05% | 2011-05-03 | 2026-04-29 |
| CVE-2011-0729 | dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector before 0.6.7 does not restrict access on the basis of a PolicyKit check result, which allows local users to modify the /etc/default/locale and /etc/environment files via a (1) SetSystemDefaultLangEnv or (2) SetSystemDefaultLanguageEnv call. | [email protected] | 7.2 | 0.05% | 2011-04-29 | 2026-04-29 |
| CVE-2011-0724 | The Live DVD for Edubuntu 9.10, 10.04 LTS, and 10.10 does not correctly regenerate iTALC private keys after installation, which causes each installation to have the same fixed key, which allows remote attackers to gain privileges. | [email protected] | 9.3 | 1.19% | 2011-02-19 | 2026-04-29 |
| CVE-2010-0834 | The base-files package before 5.0.0ubuntu7.1 on Ubuntu 9.10 and before 5.0.0ubuntu20.10.04.2 on Ubuntu 10.04 LTS, as shipped on Dell Latitude 2110 netbooks, does not require authentication for package installation, which allows remote archive servers and man-in-the-middle attackers to execute arbitrary code via a crafted package. | [email protected] | 9.3 | 0.37% | 2010-08-10 | 2026-04-29 |
| CVE-2009-1296 | The eCryptfs support utilities (ecryptfs-utils) 73-0ubuntu6.1 on Ubuntu 9.04 stores the mount passphrase in installation logs, which might allow local users to obtain access to the filesystem by reading the log files from disk. NOTE: the log files are only readable by root. | [email protected] | 1.9 | 0.07% | 2009-06-09 | 2026-04-23 |
| CVE-2009-1601 | The Ubuntu clamav-milter.init script in clamav-milter before 0.95.1+dfsg-1ubuntu1.2 in Ubuntu 9.04 sets the ownership of the current working directory to the clamav account, which might allow local users to bypass intended access restrictions via read or write operations involving this directory. | [email protected] | 6.8 | 0.14% | 2009-05-11 | 2026-04-23 |