142 matches found
Ubuntu 24.04 LTS / 24.10 : XZ Utils vulnerability (USN-7414-1)
The remote Ubuntu 24.04 LTS / 24.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7414-1 advisory. Harri K. Koskinen discovered that XZ Utils incorrectly handled the threaded xz decoder. If a user or automated system were tricked into processing an xz...
CVE-2025-3073
Inappropriate implementation in Autofill in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-7406-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7406-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
CVE-2025-3030
Memory safety bugs present in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firef...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : RabbitMQ Server vulnerability (USN-7399-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has a package installed that is affected by a vulnerability as referenced in the USN-7399-1 advisory. It was discovered that RabbitMQ Server's management UI did not sanitize certain input. An attacker could possibly use this issue t...
Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-7344-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7344-1 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use...
CVE-2025-2136
Use after free in Inspector in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-1939
Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could have been used to trick a user into granting sensitive permissions by hiding what the user was actually clicking. This vulnerability was fixed in Firefox 136...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : cmark-gfm vulnerabilities (USN-7319-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7319-1 advisory. It was discovered that cmark-gfm's autolink extension did not correctly handle parsing large inputs. An attacker could...
Ubuntu: Security Advisory (USN-7272-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS / 18.04 LTS : OpenSSH vulnerability (USN-7270-2)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7270-2 advisory. USN-7270-1 fixed a vulnerability in OpenSSH. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Tenable has...
Ubuntu 24.10 : Linux kernel (AWS) vulnerabilities (USN-7238-4)
The remote Ubuntu 24.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7238-4 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : FFmpeg vulnerability (USN-7188-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7188-1 advisory. It was discovered that FFmpeg incorrectly handled certain input, which could lead to an integer overflow. An attacker could...
CVE-2024-12693
Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : oFono vulnerabilities (USN-7141-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7141-1 advisory. It was discovered that oFono incorrectly handled decoding SMS messages leading to a stack overflo...
CVE-2024-11692
An attacker could cause a select dropdown to be shown over another tab; this could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox 133, Firefox ESR 128.5, Thunderbird 133, and Thunderbird 128.5...
CVE-2024-11708
Missing thread synchronization primitives could have led to a data race on members of the PlaybackParams structure. This vulnerability affects Firefox 133 and Thunderbird 133...
CVE-2024-11703
On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. This vulnerability affects Firefox 133...
Ubuntu 24.04 LTS / 24.10 : GitHub CLI vulnerability (USN-7130-1)
The remote Ubuntu 24.04 LTS / 24.10 host has a package installed that is affected by a vulnerability as referenced in the USN-7130-1 advisory. It was discovered that GitHub CLI incorrectly handled username validation. An attacker could possibly use this issue to perform remote code execution if t...
CVE-2024-10460
The origin of an external protocol handler prompt could have been obscured using a data: URL within an iframe. This vulnerability affects Firefox 132, Firefox ESR 128.4, Thunderbird 128.4, and Thunderbird 132...