104 matches found
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : GStreamer Base Plugins vulnerabilities (USN-7175-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7175-1 advisory. Antonio Morales discovered that GStreamer Base Plugins incorrectly handled certain malformed media files. An attacker cou...
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel (AWS) vulnerabilities (USN-7166-2)
"The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7166-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : GStreamer Good Plugins vulnerabilities (USN-7176-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7176-1 advisory. Antonio Morales discovered that GStreamer Good Plugins incorrectly handled certain malformed media files. An attacker cou...
USN-7158-1: Smarty vulnerabilities
It was discovered that Smarty incorrectly handled query parameters in requests. An attacker could possibly use this issue to inject arbitrary Javascript code, resulting in denial of service or potential execution of arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubun...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : ZBar vulnerabilities (USN-7118-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7118-1 advisory. It was discovered that ZBar did not properly handle certain QR codes. If a user or automated system using ZBar were...
Decades-Old Security Vulnerabilities Found in Ubuntu's Needrestart Package
Multiple decade-old security vulnerabilities have been disclosed in the needrestart package installed by default in Ubuntu Server since version 21.04 that could allow a local attacker to gain root privileges without requiring user interaction. The Qualys Threat Research Unit TRU, which identified...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : Python vulnerabilities (USN-7015-5)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7015-5 advisory. USN-7015-1 fixed several vulnerabilities in Python. This update provides the corresponding update for...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : Go vulnerabilities (USN-7109-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7109-1 advisory. Philippe Antoine discovered that Go incorrectly handled crafted HTTP/2 streams. An attacker could possibly use this...
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-7100-1)
"The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7100-1 advisory. Supraja Sridhara, Benedict Schlter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in t...
CVE-2024-10465
A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox 132, Firefox ESR 128.4, Thunderbird 128.4, and Thunderbird 132...
USN-6517-1 perl vulnerabilities
It was discovered that Perl incorrectly handled printing certain warning messages. An attacker could possibly use this issue to cause Perl to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS. CVE-2022-48522 Nathan Mills discovered that Perl incorrectly...
USN-5724-1 thunderbird vulnerabilities
Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass Content Security Policy CSP or other security restrictions, or execute...
USN-5461-1 freerdp2 vulnerabilities
It was discovered that FreeRDP incorrectly handled empty password values. A remote attacker could use this issue to bypass server authentication. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10. CVE-2022-24882 It was discovered that FreeRDP incorrectly handled server...
Vulnerabilities fixed in Ubuntu
Vulnerabilities have been fixed in Ubuntu. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Accessing sensitive data Increased user privileges -= Ubuntu =- Canonical has made...
USN-5080-1: Libgcrypt vulnerabilities
It was discovered that Libgcrypt incorrectly handled ElGamal encryption. An attacker could possibly use this issue to recover sensitive information...
Canonical Ubuntu 安全漏洞
Canonical Ubuntu is a set of GNU/Linux operating systems from the British company Canonical that focuses on desktop applications. Ubuntu has security vulnerabilities that can be exploited by a local attacker to cause Please to crash, resulting in a denial of service, or possibly escalation of...
Vulnerabilities fixed in Ubuntu
Ubuntu has fixed vulnerabilities in the apport component. Apport collects data about stuck processes and compiles reports automatically that can be shared with developers shared. For the stable-version of Ubuntu, apport is disabled. The vulnerabilities allow a malicious person to perform attacks...
USN-3935-1 busybox vulnerabilities
Tyler Hicks discovered that BusyBox incorrectly handled symlinks inside tar archives. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could overwrite arbitrary files outside of the current directory. This issue only affected Ubuntu 14....
USN-3712-1 libpng, libpng1.6 vulnerabilities
Patrick Keshishian discovered that libpng incorrectly handled certain PNG files. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-10087 Thuan Pham discovered that libpng incorrectly handled certain PNG files...
USN-3649-1 qemu vulnerabilities
Cyrille Chatras discovered that QEMU incorrectly handled certain PS2 values during migration. An attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. CVE-2017-16845 Cyrille...