Lucene search
K
UbuntuRecent

10868 matches found

Ubuntu
Ubuntu
added yesterday3 views

USN-8486-1: libssh2 vulnerabilities

It was discovered that libssh2 incorrectly handled the sftpsymlink function. A malicious SSH server or machine-in-the-middle attacker could possibly use this issue to obtain sensitive information or cause a denial of service. CVE-2025-15661 It was discovered that libssh2 had a pre-authentication...

9.2CVSS7.6AI score0.00922EPSS
Exploits8
Ubuntu
Ubuntu
added yesterday2 views

USN-8485-1: libyang vulnerability

It was discovered that libyang incorrectly handled certain metadata list pointers. An attacker could use this issue to cause libyang to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.1CVSS6AI score0.00519EPSS
Exploits0
Ubuntu
Ubuntu
added yesterday2 views

USN-8484-1: GD.pm vulnerability

It was discovered that GD.pm incorrectly handled filename arguments. An attacker could possibly use this issue to execute arbitrary commands or overwrite files...

9.8CVSS6AI score0.01353EPSS
Exploits0
Ubuntu
Ubuntu
added yesterday2 views

USN-8483-1: HPLIP vulnerabilities

It was discovered that HPLIP incorrectly handled certain print data. An attacker could possibly use this issue to cause HPLIP to execute arbitrary code. CVE-2026-8631 It was discovered that HPLIP incorrectly handled certain inputs. A local attacker could possibly use this issue to execute arbitra...

9.8CVSS6AI score0.01333EPSS
Exploits0
Ubuntu
Ubuntu
added yesterday2 views

USN-8482-1: Roundcube Webmail vulnerability

It was discovered that Roundcube Webmail was prone to a Cross-Site-Scripting XSS vulnerability via the animate tag in an SVG document. An attacker could use this issue to execute arbitrary web script in the context of an affected user's session...

7.2CVSS7.5AI score0.19769EPSS
Exploits1
Ubuntu
Ubuntu
added 2 days ago3 views

USN-8481-1: NSS vulnerability

Haruto Kimura discovered that NSS had incorrecty handled parsing PKCS11 URI escape sequences. An attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service, or obtain sensitive information...

7.3CVSS5.8AI score0.00206EPSS
Exploits0
Ubuntu
Ubuntu
added 2 days ago5 views

USN-8480-1: SQLite vulnerabilities

It was discovered that SQLite incorrectly handled certain memory operations in the FTS5 full-text search extension. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.5CVSS5.9AI score0.00175EPSS
Exploits0
Ubuntu
Ubuntu
added 2 days ago4 views

USN-8479-1: libheif vulnerabilities

It was discovered that libheif incorrectly handled certain crafted HEIF files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2026-47178 It was discovered that libheif incorrectly validated offsets when decoding certain crafted HEIF files. An...

6.5CVSS6AI score0.00199EPSS
Exploits0
Ubuntu
Ubuntu
added 3 days ago4 views

USN-8412-3: QEMU regression

USN-8412-1 fixed vulnerabilities QEMU. On Ubuntu 20.04 LTS, the fix for CVE-2024-4467 was incomplete and prevented the creation of boot volumes from qcow2 images. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Felipe Franciosi, Raphael Norwitz, and...

6.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 6 days ago7 views

USN-8477-1: tar vulnerability

It was discovered that tar incorrectly handled certain crafted archive files. An attacker could possibly use this to inject hidden files with attacker-controlled content, bypassing pre-extraction inspection mechanisms...

5.5CVSS5.8AI score0.0043EPSS
Exploits1
Ubuntu
Ubuntu
added 6 days ago8 views

USN-8475-1: AMD Microcode vulnerabilities

Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to...

7.2CVSS7AI score0.00425EPSS
Exploits0
Ubuntu
Ubuntu
added 6 days ago8 views

USN-8476-1: xrdp vulnerabilities

It was discovered that xrdp incorrectly handled bounds checking when processing user domain information during the connection sequence. An unauthenticated remote attacker could use this issue to cause xrdp to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS6.7AI score0.01318EPSS
Exploits0
Ubuntu
Ubuntu
added 6 days ago6 views

USN-8472-1: containerd vulnerabilities

It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibly use this issue to cause containerd to enter an infinite loop, resulting in a denial of service. CVE-2026-33814 Jakub Ciolek and Kyle Elliott discovered that containerd incorrectly handle...

7.5CVSS6.4AI score0.00781EPSS
Exploits0
Ubuntu
Ubuntu
added 6 days ago7 views

USN-8471-1: containerd vulnerabilities

It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibly use this issue to cause containerd to enter an infinite loop, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu...

7.5CVSS6.4AI score0.00781EPSS
Exploits0
Ubuntu
Ubuntu
added 6 days ago7 views

USN-8473-1: containerd vulnerabilities

It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibly use this issue to cause containerd to enter an infinite loop, resulting in a denial of service. CVE-2026-33814 Jakub Ciolek and Kyle Elliott discovered that containerd incorrectly handle...

7.5CVSS6.4AI score0.00781EPSS
Exploits0
Ubuntu
Ubuntu
added 6 days ago6 views

USN-8474-1: NSD vulnerabilities

It was discovered that NSD incorrectly handled APL resource records with an address length larger than permitted for the address family. A remote attacker could use this to cause a stack-based buffer overflow when the zone is written to disk, potentially executing arbitrary code with the privileg...

8.8CVSS6.6AI score0.00303EPSS
Exploits0
Ubuntu
Ubuntu
added 6 days ago6 views

USN-8470-1: cpp-httplib vulnerability

It was discovered that cpp-httplib incorrectly percent-decoded HTTP request header values. A remote attacker could use this to inject crafted header content possibly leading to response splitting, log injection or proxy smuggling...

9.9CVSS5.9AI score0.00295EPSS
Exploits1
Ubuntu
Ubuntu
added last week7 views

USN-8468-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain images when using the wavelet-denoise operator. An attacker could possibly use this issue to trigger a heap buffer over-read, resulting in information disclosure. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22....

8.1CVSS7.7AI score0.00353EPSS
Exploits0
Ubuntu
Ubuntu
added last week4 views

USN-8469-1: FFmpeg vulnerabilities

Jiasheng Jiang discovered that FFmpeg incorrectly handled memory in certain error-handling paths of its TensorFlow DNN backend. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 24.04 LTS. CVE-2025-12343 Quang Luong discovered that FFmpeg...

9.8CVSS6.9AI score0.00149EPSS
Exploits0
Ubuntu
Ubuntu
added last week8 views

USN-8467-1: Perl vulnerabilities

It was discovered that Perl's Archive::Tar module incorrectly handled symlink and hardlink targets during extraction. An attacker could use this issue to read or overwrite arbitrary files outside the extraction directory. CVE-2026-42496 It was discovered that Perl had a heap buffer overflow when...

9.8CVSS6.3AI score0.00398EPSS
Exploits1
Ubuntu
Ubuntu
added last week6 views

USN-8466-1: Perl DBI module vulnerabilities

It was discovered that the Perl DBI module incorrectly handled certain error messages. An attacker could use this issue to cause applications using the Perl DBI module to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2026-9698 It was discovered that the Perl DBI...

9.8CVSS6.2AI score0.00413EPSS
Exploits0
Ubuntu
Ubuntu
added last week9 views

USN-8457-2: MySQL vulnerabilities

USN-8457-1 fixed several vulnerabilities in MySQL. This update provides the corresponding fixes for MySQL on Ubuntu 20.04 LTS Original advisory details: It was discovered that MySQL Router incorrectly handled repeated TLS protocol upgrade requests. An unauthenticated remote attacker could possibl...

7.5CVSS5.9AI score0.00471EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/06/23 7:9 p.m.5 views

USN-8193-2: libcap vulnerability

USN-8193-1 fixed a vulnerability in libcap. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: Ali Raza discovered that libcap incorrectly handled file capability updates. A local attacker could...

7CVSS6AI score0.00188EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/06/23 3:35 p.m.7 views

USN-8465-1: Apache MINA vulnerabilities

It was discovered that Apache MINA lacked an acceptMatchers allowlist mechanism to restrict which classes could be deserialized. An attacker could use this to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. CVE-2024-52046 It was discovered that Apache MINA'...

10CVSS7.4AI score0.23932EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/06/23 2:57 p.m.6 views

USN-8464-1: LIBNFS vulnerability

It was discovered that LIBNFS incorrectly handled certain string sizes when connecting to an NFS server. An attacker could use this issue to cause LIBNFS to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.1CVSS5.9AI score0.00192EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/06/23 2:46 p.m.6 views

USN-8463-1: LibVNCServer vulnerabilities

It was discovered that LibVNCServer had a memory leak in the client cleanup function. An attacker could possibly use this issue to cause LibVNCServer to consume memory, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS. CVE-2020-29260 It was discovered that LibVNCServer di...

8.8CVSS7.3AI score0.05322EPSS
Exploits2
Ubuntu
Ubuntu
added 2026/06/22 11:17 p.m.6 views

USN-8462-1: Linux kernel (Oracle) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

9.8CVSS7.1AI score0.96775EPSS
Exploits281
Ubuntu
Ubuntu
added 2026/06/22 11:1 p.m.6 views

USN-8388-2: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS7AI score0.93235EPSS
Exploits57
Ubuntu
Ubuntu
added 2026/06/22 10:51 p.m.9 views

USN-8461-1: Linux kernel (Azure) vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS7AI score0.93235EPSS
Exploits57
Ubuntu
Ubuntu
added 2026/06/22 5:23 p.m.4 views

USN-8447-3: Google Guest Agent vulnerabilities

USN-8447-1 fixed vulnerabilities in Go Cryptography. This update provides the corresponding updates for Go Cryptography code embedded in Google Guest Agent. Original advisory details: It was discovered that Go Cryptography did not properly handle SSH global request responses. A remote attacker...

10CVSS6.2AI score0.005EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/06/22 5:10 p.m.4 views

USN-8460-1: libxml2 vulnerabilities

It was discovered that libxml2 did not properly release memory allocated in the xmllint utility. An attacker could possibly use this issue to cause a denial of service. CVE-2026-1757 A type confusion vulnerability was found in libxml2 when processing a specially crafted XML document. A remote...

7.5CVSS5.8AI score0.00632EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/06/22 1:55 p.m.6 views

USN-8459-1: HAProxy vulnerabilities

It was discovered that HAProxy incorrectly handled the FCGI demultiplexer record length field. A remote attacker could possibly use this issue to cause incorrect request routing, response smuggling, or other memory safety issues. CVE-2026-55203 It was discovered that HAProxy failed to validate th...

9.1CVSS5.9AI score0.00431EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/06/22 1:28 p.m.6 views

USN-8458-1: nginx vulnerabilities

It was discovered that nginx incorrectly handled large headers when proxying HTTP/2 traffic. A remote attacker could use this issue to cause nginx to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the...

9.2CVSS6.2AI score0.02887EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/06/22 1:11 p.m.5 views

USN-8457-1: MySQL vulnerabilities

It was discovered that MySQL Router incorrectly handled repeated TLS protocol upgrade requests. An unauthenticated remote attacker could possibly use this issue to cause MySQL Router to crash, resulting in a denial of service. CVE-2026-46862 It was discovered that MySQL Server incorrectly handled...

7.5CVSS5.9AI score0.00471EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/06/22 12:9 p.m.7 views

USN-8456-1: libxml2 vulnerability

Geoffrey Humphreys discovered that libxml2 had a use after free when parsing the internal subset of a DTD. A remote attacker could possibly use this issue to cause a denial of service or possibly execute arbitrary code...

8.3CVSS6.2AI score0.00289EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/06/22 2:53 a.m.4 views

USN-8455-1: Netatalk vulnerabilities

Arjun Basnet discovered that Netatalk improperly validated inputs when unmarshalling Spotlight Remote Procedure Call. A remote authenticated attacker could possibly use this issue to cause a denial of service or obtain sensitive information. CVE-2026-44066 Arjun Basnet discovered that Netatalk...

7.6CVSS5.9AI score0.00322EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/06/18 8:5 p.m.17 views

USN-8447-2: LXD vulnerabilities

USN-8447-1 fixed vulnerabilities in Go Cryptography. This update provides the corresponding updates for Go Cryptography code embedded in LXD for CVE-2026-39830, CVE-2026-39833, CVE-2026-39834, and CVE-2026-42508. Original advisory details: It was discovered that Go Cryptography did not properly...

9.1CVSS5.8AI score0.005EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/06/18 4:41 p.m.15 views

USN-8454-1: libheif vulnerabilities

Elhanan Haenel discovered that libheif incorrectly handled certain malformed HEIF sequence files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS. CVE-2026-32738 Elhanan Haenel discovered that libheif incorrectly...

8.8CVSS5.1AI score0.00514EPSS
Exploits5
Ubuntu
Ubuntu
added 2026/06/18 4:30 p.m.14 views

USN-8452-1: pbkdf2 vulnerability

Nikita Skovoroda discovered that pbkdf2 did not properly validate certain algorithm names. An attacker could possibly use this issue to generate predictable cryptographic keys, resulting in signature spoofing...

9.1CVSS5.4AI score0.00359EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/06/18 4:15 p.m.8 views

USN-8453-1: Net::CIDR::Lite vulnerabilities

It was discovered that Net::CIDR::Lite incorrectly validated IP address and CIDR mask inputs. An attacker could possibly use this issue to bypass IP access control lists. CVE-2026-45190 It was discovered that Net::CIDR::Lite incorrectly handled extraneous zero characters in CIDR mask values. An...

6.5CVSS5.4AI score0.00311EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/06/18 4:5 p.m.11 views

USN-8451-1: Vim vulnerabilities

Srinivas Piskala Ganesh Babu discovered that Vim incorrectly handled directory names when serializing browsed paths to the netrw history file. An attacker could possibly use this issue to execute arbitrary code. CVE-2026-47162 It was discovered that Vim incorrectly handled step-definition pattern...

8.8CVSS5.9AI score0.00303EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/06/18 3:56 p.m.18 views

USN-8450-1: Tomcat vulnerabilities

It was discovered that Tomcat did not properly limit the size of WebDAV LOCK and PROPFIND request bodies. A remote attacker could possibly use this issue to cause Tomcat to consume excessive memory, resulting in a denial of service. CVE-2026-41284 It was discovered that Tomcat incorrectly validat...

9.8CVSS8.1AI score0.01339EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/06/18 1:33 p.m.12 views

USN-8449-1: ldns vulnerability

Pablo Ruiz discovered that ldns did not properly validate DNS responses when used as a stub resolver over UDP. A remote attacker could possibly use this issue to inject arbitrary DNS responses...

8.2CVSS5.6AI score0.00147EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/06/17 3:37 p.m.8 views

USN-8442-1: kitty vulnerabilities

It was discovered that kitty incorrectly handled certain image data. An attacker able to write to the terminal's input could possibly use this issue to cause kitty to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2026-33633 It was discovered that kitty incorrect...

9.9CVSS6.1AI score0.00367EPSS
Exploits2
Ubuntu
Ubuntu
added 2026/06/17 10:34 a.m.13 views

USN-8390-2: Linux kernel vulnerability

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS5.8AI score0.93235EPSS
Exploits31
Ubuntu
Ubuntu
added 2026/06/17 10:27 a.m.16 views

USN-8441-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

7.8CVSS5.7AI score0.96775EPSS
Exploits228
Ubuntu
Ubuntu
added 2026/06/17 9:53 a.m.16 views

USN-8361-3: Linux kernel vulnerability

A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystem: - Packet sockets; CVE-2026-31504...

7.8CVSS5.5AI score0.00129EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/06/16 10:30 p.m.16 views

USN-8440-1: Linux kernel (Azure) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS6.6AI score0.96775EPSS
Exploits282
Ubuntu
Ubuntu
added 2026/06/16 10:14 p.m.19 views

USN-8426-2: Linux kernel (Azure) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

9.8CVSS5.9AI score0.96775EPSS
Exploits281
Ubuntu
Ubuntu
added 2026/06/16 9:2 p.m.7 views

USN-8438-1: OpenImageIO vulnerabilities

It was discovered that OpenImageIO incorrectly performed bounds checking when processing SGI files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2026-43903 It was discovered that OpenImageIO incorrectly handled run-length encoding when...

8.8CVSS6.1AI score0.00371EPSS
Exploits5
Total number of security vulnerabilities10868