Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 20 results


CVE-2024-43688

Medium priority
Not affected

cron/entry.c in vixie cron before 9cc8ab1, as used in OpenBSD 7.4 and 7.5, allows a heap-based buffer underflow and memory corruption. NOTE: this issue was introduced during a May 2023 refactoring.

1 affected packages

cron

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cron Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2022-24986

Medium priority
Needs evaluation

KDE KCron through 21.12.2 uses a temporary file in /tmp when saving, but reuses the filename during an editing session. Thus, someone watching it be created the first time could potentially intercept the file the following time,...

1 affected packages

kcron

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
kcron Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2019-9706

Low priority

Some fixes available 2 of 5

Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (use-after-free and daemon crash) because of a force_rescan_user error.

1 affected packages

cron

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cron Not affected Not affected Not affected Fixed Fixed
Show less packages

CVE-2019-9705

Low priority

Some fixes available 2 of 5

Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (memory consumption) via a large crontab file because an unlimited number of lines is accepted.

1 affected packages

cron

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cron Not affected Not affected Not affected Fixed Fixed
Show less packages

CVE-2019-9704

Low priority

Some fixes available 2 of 5

Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (daemon crash) via a large crontab file because the calloc return value is not checked.

1 affected packages

cron

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cron Not affected Not affected Not affected Fixed Fixed
Show less packages

CVE-2017-9525

Low priority

Some fixes available 2 of 8

In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown...

1 affected packages

cron

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cron Not affected Not affected Not affected Fixed Fixed
Show less packages

CVE-2016-3992

Medium priority

Not in release

cronic before 3 allows local users to write to arbitrary files via a symlink attack on a (1) cronic.out.$$, (2) cronic.err.$$, or (3) cronic.trace.$$ file in /tmp.

1 affected packages

cronic

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cronic
Show less packages

CVE-2012-6110

Low priority
Ignored

bcron-exec in bcron before 0.10 does not close file descriptors associated with temporary files when running a cron job, which allows local users to modify job files and send spam messages by accessing an open file descriptor.

1 affected packages

bcron

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bcron Not affected
Show less packages

CVE-2010-0792

Medium priority
Ignored

fcrontab in fcron before 3.0.5 allows local users to read arbitrary files via a symlink attack on an unspecified file.

1 affected packages

fcron

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fcron
Show less packages

CVE-2010-0424

Low priority
Not affected

The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a symlink attack...

1 affected packages

cron

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cron
Show less packages