Ubuntu 24.04 LTS : Linux kernel (NVIDIA) vulnerabilities (USN-8289-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8289-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A...

Ubuntu 24.04 LTS : wheel vulnerability (USN-8221-1)

The remote Ubuntu 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8221-1 advisory. It was discovered that wheel did not correctly handle certain file paths. If a user or automated system were tricked into opening a specially crafted file, an...

Ubuntu 24.04 LTS : Linux kernel (Azure) vulnerabilities (USN-8074-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8074-1 advisory. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory...

Ubuntu 24.04 LTS : Linux kernel (Low Latency) vulnerabilities (USN-8052-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8052-1 advisory. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory...

USN-8025-2: .NET vulnerability

USN 8025-1 fixed a vulnerability in .NET. This update provides the corresponding fix for Ubuntu 24.04 LTS. Original advisory details: Kevin Jones discovered that the System.Security.Cryptography.Cose component in .NET did not properly handle certain missing special elements in input data. An...

USN-8025-2 dotnet8, dotnet10 vulnerability

USN 8025-1 fixed a vulnerability in .NET. This update provides the corresponding fix for Ubuntu 24.04 LTS. Original advisory details: Kevin Jones discovered that the System.Security.Cryptography.Cose component in .NET did not properly handle certain missing special elements in input data. An...

Ubuntu 24.04 LTS : libpng vulnerabilities (USN-7993-1)

The remote Ubuntu 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7993-1 advisory. It was discovered that libpng incorrectly handled memory when processing certain malformed PNG files. If a user or automated system were tricked into...

Ubuntu 24.04 LTS : Erlang vulnerability (USN-7961-1)

The remote Ubuntu 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7961-1 advisory. It was discovered that Erlang incorrectly validated peer certificates when incorrect extended key usage was presented. A remote attacker could possibly use this...

Ubuntu 22.04 LTS / 24.04 LTS / 25.04 : WebKitGTK vulnerabilities (USN-7817-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7817-1 advisory. Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious...

Ubuntu 24.04 LTS : Linux kernel (OEM) vulnerabilities (USN-7771-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7771-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...

USN-7705-1 tomcat10 vulnerabilities

It was discovered that Tomcat did not correctly handle case sensitivity. An attacker could possibly use this issue to bypass authentication mechanisms. CVE-2025-46701 Elysee Franchuk discovered that Tomcat did not correctly limit the number of attributes for a session. An attacker could possibly...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : AIOHTTP vulnerabilities (USN-7642-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7642-1 advisory. Ben Kallus discovered that AIOHTTP did not correctly parse HTTP headers. A remote attacker could possibly use this...

Ubuntu: Security Advisory (USN-7650-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7642-1: AIOHTTP vulnerabilities

Ben Kallus discovered that AIOHTTP did not correctly parse HTTP headers. A remote attacker could possibly use this issue to perform request smuggling. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2023-47627 Ivan Novikov discovered that AIOHTTP did not properly validate...

Ubuntu 24.04 LTS : Linux kernel (OEM) vulnerabilities (USN-7650-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7650-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

Ubuntu 24.04 LTS / 25.04 : FreeRDP vulnerability (USN-7624-1)

The remote Ubuntu 24.04 LTS / 25.04 host has packages installed that are affected by a vulnerability as referenced in the USN-7624-1 advisory. It was discovered that FreeRDP incorrectly handled certain RDP packets. A remote attacker could possibly use this issue to cause FreeRDP to crash, resulti...

Ubuntu 24.04 LTS : nginx vulnerability (USN-7285-2)

The remote Ubuntu 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7285-2 advisory. USN-7285-1 fixed vulnerabilities in nginx. This update provides the corresponding updates for Ubuntu 24.04 LTS. Tenable has extracted the preceding description...

Ubuntu 24.04 LTS / 24.10 : Linux kernel (Azure) vulnerabilities (USN-7628-1)

"The remote Ubuntu 24.04 LTS / 24.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7628-1 advisory. It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handlin...

Ubuntu 22.04 LTS / 24.04 LTS / 24.10 / 25.04 : libssh vulnerabilities (USN-7619-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 24.10 / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7619-1 advisory. Ronald Crane discovered that libssh incorrectly handled certain base64 conversions. An attacker could use this issue to cause...

Ubuntu 24.04 LTS : Linux kernel (OEM) vulnerabilities (USN-7618-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7618-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...