26 matches found
USN-7495-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Ceph distributed file system; - Netfilter; CVE-2023-52927, CVE-2023-52664, CVE-2024-26689...
USN-7471-1: poppler vulnerabilities
It was discovered that poppler did not properly verify adbe.pkcs7.sha1 signatures in PDF documents. An attacker could possibly use this issue to create documents with forged signatures that are treated as legitimately signed...
USN-7469-1: Apache Traffic Server vulnerability
It was discovered that Apache Traffic Server exhibited poor server resource management in its HTTP/2 protocol. An attacker could possibly use this issue to cause Apache Traffic Server to crash, resulting in a denial of service...
Ubuntu 20.04 ESM : Pydantic vulnerability (USN-6553-1)
The remote Ubuntu 20.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-6553-1 advisory. Nina Jensen discovered that Pydantic incorrectly handled user input in the date and datetime fields. An attacker could possibly use this issue to cause a denial o...
Ubuntu 18.04 ESM / 20.04 ESM / 22.04 ESM : FFmpeg regression (USN-6449-2)
The remote Ubuntu 18.04 ESM / 20.04 ESM / 22.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-6449-2 advisory. USN-6449-1 fixed vulnerabilities in FFmpeg. Unfortunately that update could introduce a regression in tools using an FFmpeg library, like...
Ubuntu 20.04 ESM : Pillow vulnerabilities (USN-5777-2)
The remote Ubuntu 20.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5777-2 advisory. USN-5777-1 fixed vulnerabilities in Pillow Python 3. This update provides the corresponding updates for Pillow Python 2 in Ubuntu 20.04 LTS. Tenable has...
Ubuntu 20.04 ESM : Olm vulnerability (USN-5194-1)
The remote Ubuntu 20.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5194-1 advisory. Denis Kasak discovered that Olm was not verifying the length of input being processed by the olmpkdecrypt module, which introduced a stack-based buffer overflow...
Ubuntu 20.04 ESM : Smarty vulnerabilities (USN-5348-3)
The remote Ubuntu 20.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5348-3 advisory. USN-5348-1 fixed several vulnerabilities in Smarty. This update provides the fixes for CVE-2021-21408, CVE-2021-26119, CVE-2021-26120 and CVE-2021-29454...
Ubuntu 20.04 ESM : LibBPF vulnerabilities (USN-5759-2)
The remote Ubuntu 20.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5759-2 advisory. USN-5759-1 fixed vulnerabilities in LibBPF. This update provides the corresponding updates for Ubuntu 20.04 ESM. Tenable has extracted the preceding...
Ubuntu 20.04 ESM : Tar for Node.js vulnerability (USN-5283-1)
The remote Ubuntu 20.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-5283-1 advisory. It was discovered that Tar for Node.js did not properly sanitize path inputs. An attacker could possibly use this issue to read arbitrary files, resulting in a...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : Cacti vulnerabilities (USN-5214-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5214-1 advisory. It was discovered that Cacti was incorrectly validating permissions for user accounts that had been recently disabled. An...
Ubuntu 18.04 ESM / 20.04 ESM : Axel vulnerability (USN-4872-1)
The remote Ubuntu 18.04 ESM / 20.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-4872-1 advisory. It was discovered that Axel did not properly verify the certificates for hostnames. An attacker could use this vulnerability to impersonate another...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : Apache Ant vulnerability (USN-4874-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-4874-1 advisory. It was discovered that Apache Ant created temporary files with insecure permissions. An attacker could use this vulnerability to read...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : ZeroMQ vulnerabilities (USN-4920-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4920-1 advisory. It was discovered that ZeroMQ incorrectly handled certain application metadata. A remote attacker could use this issue to cause...
Ubuntu 20.04 ESM : Nanopb vulnerabilities (USN-6121-1)
The remote Ubuntu 20.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6121-1 advisory. It was discovered that Nanopb incorrectly handled certain decode messages. An attacker could possibly use this cause a denial of service or expose...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : Kamailio vulnerabilities (USN-6022-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6022-1 advisory. It was discovered that Kamailio did not properly sanitize SIP messages under certain circumstances. An attacker could use this...
Ubuntu: Security Advisory (USN-5953-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-5956-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5953-1: IPython vulnerabilities
It was discovered that IPython incorrectly processed REST API POST requests. An attacker could possibly use this issue to launch a cross-site request forgery CSRF attack and leak user's sensitive information. This issue only affected Ubuntu 14.04 ESM. CVE-2015-5607 It was discovered that IPython...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM : Twig vulnerabilities (USN-5947-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5947-1 advisory. Fabien Potencier discovered that Twig was not properly enforcing sandbox policies when dealing with objects...