Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
added 2020/04/06 8:15 p.m.218 views

USN-4320-1: Linux kernel vulnerability

Al Viro discovered that the vfs layer in the Linux kernel contained a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly expose sensitive information kernel memory...

7.1CVSS6.8AI score0.00655EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/01/29 12:47 a.m.218 views

USN-4254-2: Linux kernel (Xenial HWE) vulnerabilities

USN-4254-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. It was discovered that the Linux kernel did not properly clear data structures on...

7CVSS6.5AI score0.01447EPSS
Exploits4
Ubuntu
Ubuntu
added 2018/10/01 6:44 p.m.218 views

USN-3775-1: Linux kernel vulnerabilities

It was discovered that the paravirtualization implementation in the Linux kernel did not properly handle some indirect calls, reducing the effectiveness of Spectre v2 mitigations for paravirtual guests. A local attacker could use this to expose sensitive information. CVE-2018-15594 It was...

8.3CVSS7.6AI score0.14806EPSS
Exploits6
Ubuntu
Ubuntu
added 2021/06/01 11:29 a.m.217 views

USN-4971-1: libwebp vulnerabilities

It was discovered that libwebp incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause libwebp to crash, resulting in a denial of service, or possibly execute arbitrary co...

9.8CVSS7.6AI score0.02662EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/05/26 1:50 p.m.217 views

USN-4967-1: nginx vulnerability

Luis Merino, Markus Vervier, and Eric Sesterhenn discovered that nginx incorrectly handled responses to the DNS resolver. A remote attacker could use this issue to cause nginx to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.7CVSS8.1AI score0.52838EPSS
Exploits10
Ubuntu
Ubuntu
added 2020/06/24 11:51 a.m.217 views

USN-4402-1: curl vulnerabilities

Marek Szlagor, Gregory Jefferis and Jeroen Ooms discovered that curl incorrectly handled certain credentials. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 19.10 and Ubuntu 20.04 LTS. CVE-2020-8169 It was discovered that curl incorrectl...

7.8CVSS6.8AI score0.03427EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/08/13 4:1 p.m.217 views

USN-4094-1: Linux kernel vulnerabilities

It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. CVE-2018-13053 Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track...

9.8CVSS7.7AI score0.52199EPSS
Exploits37
Ubuntu
Ubuntu
added 2019/05/21 1:58 p.m.217 views

USN-3990-1: urllib3 vulnerabilities

It was discovered that urllib3 incorrectly removed Authorization HTTP headers when handled cross-origin redirects. This could result in credentials being sent to unintended hosts. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. CVE-2018-20060 It was discovered that...

9.8CVSS7.1AI score0.04488EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/07/26 2:45 p.m.216 views

USN-6251-1: Linux kernel vulnerabilities

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-3090 Sh...

7.8CVSS7.7AI score0.08894EPSS
Exploits15
Ubuntu
Ubuntu
added 2021/09/27 2:6 p.m.216 views

USN-5090-1: Apache HTTP Server vulnerabilities

James Kettle discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain crafted methods. A remote attacker could possibly use this issue to perform request splitting or cache poisoning attacks. CVE-2021-33193 It was discovered that the Apache HTTP Server incorrectly handled...

9.8CVSS7.6AI score0.99999EPSS
Exploits6
Ubuntu
Ubuntu
added 2021/02/25 6:54 a.m.216 views

USN-4752-1: Linux kernel (OEM) vulnerabilities

Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proxima...

7.8CVSS8AI score0.03292EPSS
Exploits13
Ubuntu
Ubuntu
added 2018/10/03 1:41 p.m.216 views

USN-3778-1: Firefox vulnerabilities

A crash was discovered in TransportSecurityInfo used for SSL, which could be triggered by data stored in the local cache directory. An attacker could potentially exploit this in combination with another vulnerability that allowed them to write data to the cache, to execute arbitrary code...

9.1CVSS8.1AI score0.13417EPSS
Exploits3
Ubuntu
Ubuntu
added 2021/06/23 3:45 a.m.215 views

USN-5001-1: Linux kernel (OEM) vulnerabilities

Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. CVE-2021-3609 Mathy Vanhoef discovered that the Linux kernel’s WiFi implementati...

8.8CVSS7.5AI score0.07604EPSS
Exploits9
Ubuntu
Ubuntu
added 2019/06/11 5:34 p.m.215 views

USN-4016-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. CVE-2017-5953 It was discovered that Vim incorrectly handled certain files. An attacker could possibly use this issue to...

9.8CVSS7.5AI score0.19111EPSS
Exploits5
Ubuntu
Ubuntu
added 2019/06/04 5:9 p.m.215 views

USN-4004-1: Berkeley DB vulnerability

It was discovered that Berkeley DB incorrectly handled certain inputs. An attacker could possibly use this issue to read sensitive information...

9.8CVSS7.4AI score0.45426EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/06/26 12:20 p.m.214 views

USN-6852-1: Wget vulnerability

It was discovered that Wget incorrectly handled semicolons in the userinfo subcomponent of a URI. A remote attacker could possibly trick a user into connecting to a different host than expected...

9.1CVSS7AI score0.00672EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/28 1:45 p.m.214 views

USN-5537-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.30 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.39. In addition to security fixes, the updated...

6.5CVSS6.3AI score0.01439EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/05/10 2:15 p.m.214 views

USN-5407-1: Cairo vulnerabilities

Gustavo Grieco, Alberto Garcia, Francisco Oca, Suleman Ali, and others discovered that Cairo incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. CVE-2016-9082, CVE-2017-9814, CVE-2019-6462 Stephan Bergmann discovered that Cairo incorrectly...

7.8CVSS6.4AI score0.03463EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/01/15 1:40 p.m.214 views

USN-3859-1: libarchive vulnerabilities

It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly use this issue to cause a denial of service. CVE-2018-1000880 affected only Ubuntu 18.04 LTS and Ubuntu 18.10. CVE-2018-1000877, CVE-2018-1000878, CVE-2018-1000880 It was discovered that...

8.8CVSS6.4AI score0.04575EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/02/11 10:22 p.m.213 views

USN-4734-1: wpa_supplicant and hostapd vulnerabilities

It was discovered that wpasupplicant did not properly handle P2P Wi-Fi Direct group information in some situations, leading to a heap overflow. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2021-0326 It was discovered that...

7.9CVSS7.4AI score0.15193EPSS
Exploits4
Ubuntu
Ubuntu
added 2020/03/19 5:18 p.m.213 views

USN-4308-1: Twisted vulnerabilities

it was discovered that Twisted incorrectly validated or sanitized certain URIs or HTTP methods. A remote attacker could use this issue to inject invalid characters and possibly perform header injection attacks. CVE-2019-12387 It was discovered that Twisted incorrectly verified XMPP TLS...

9.8CVSS7.4AI score0.87806EPSS
Exploits4
Ubuntu
Ubuntu
added 2018/10/03 12:1 p.m.213 views

USN-3782-1: Liblouis vulnerabilities

Henri Salo discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. CVE-2018-12085 It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. Thi...

8.8CVSS7.1AI score0.02716EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/07/29 1:43 p.m.212 views

USN-3990-2: urllib3 vulnerability

USN-3990-1 fixed a vulnerability in urllib3. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that urllib3 incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection...

6.1CVSS7.6AI score0.02056EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/03/22 6:27 a.m.211 views

USN-5337-1: Linux kernel vulnerabilities

It was discovered that the BPF verifier in the Linux kernel did not properly restrict pointer types in certain situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-23222 Yiqi Sun and Kevin Wang discovered that the cgrou...

9.1CVSS7.6AI score0.67994EPSS
Exploits26
Ubuntu
Ubuntu
added 2022/01/06 2:48 p.m.211 views

USN-5212-1: Apache HTTP Server vulnerabilities

It was discovered that the Apache HTTP Server incorrectly handled certain forward proxy requests. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly perform a Server Side Request Forgery attack. CVE-2021-44224 It was discovered that...

9.8CVSS8.3AI score0.97108EPSS
Exploits4
Ubuntu
Ubuntu
added 2021/03/16 6:21 a.m.211 views

USN-4878-1: Linux kernel vulnerabilities

It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-36158 Ryota Shiga discovered that the sockopt BPF hooks in th...

8.8CVSS7.1AI score0.02417EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/11/28 12:44 p.m.211 views

USN-4204-1: psutil vulnerability

Riccardo Schirone discovered that psutil incorrectly handled certain reference counting operations. An attacker could use this issue to cause psutil to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.6AI score0.03522EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/07/08 11:38 a.m.211 views

USN-4047-1: libvirt vulnerabilities

Matthias Gerstner and Ján Tomko discovered that libvirt incorrectly handled certain API calls. An attacker could possibly use this issue to check for arbitrary files, or execute arbitrary binaries. In the default installation, attackers would be isolated by the libvirt AppArmor profile...

8.8CVSS7.9AI score0.00549EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/05/30 11:41 a.m.211 views

USN-3998-1: Evolution Data Server vulnerability

Marcus Brinkmann discovered that Evolution Data Server did not correctly interpret the output from GPG when decrypting encrypted messages. Under certain circumstances, this could result in displaying clear-text portions of encrypted messages as though they were encrypted...

6.5CVSS6.9AI score0.02443EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/06/21 2:1 p.m.210 views

USN-4994-1: Apache HTTP Server vulnerabilities

Marc Stern discovered that the Apache modproxyhttp module incorrectly handled certain requests. A remote attacker could possibly use this issue to cause Apache to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. CVE-2020-13950...

9.8CVSS7.7AI score0.68067EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/05/28 8:20 p.m.210 views

USN-4363-1: Linux kernel vulnerabilities

It was discovered that the Serial CAN interface driver in the Linux kernel did not properly initialize data. A local attacker could use this to expose sensitive information kernel memory. CVE-2020-11494 It was discovered that the linux kernel did not properly validate certain mount options to the...

7.8CVSS6.4AI score0.00722EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/01/16 1:53 p.m.209 views

USN-7212-1: Python 2.7 vulnerabilities

It was discovered that Python incorrectly handled certain ZIP files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. CVE-2019-9674 It was discovered that Python incorrectly handled certain inputs. If a user or an automated system...

7.5CVSS7.1AI score0.0549EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/06/25 2:38 a.m.209 views

USN-4998-1: Ceph vulnerabilities

It was discovered that in some situations Ceph logged passwords from the mgr module in clear text. An attacker could use this to expose sensitive information. CVE-2020-25678 Goutham Pacha Ravi, Jahson Babel, and John Garbutt discovered that user credentials in Ceph could be manipulated in certain...

7.2CVSS7AI score0.02449EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/09/15 2:58 p.m.209 views

USN-4495-1: Apache Log4j vulnerability

It was discovered that Apache Log4j does not properly deserialize untrusted data. An attacker could possibly use this issue to remotely execute arbitrary code. CVE-2019-17571...

9.8CVSS7.5AI score0.6906EPSS
Exploits3
Ubuntu
Ubuntu
added 2021/07/26 2:12 p.m.208 views

USN-5022-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.26 in Ubuntu 20.04 LTS and Ubuntu 21.04. Ubuntu 18.04 LTS has been updated to MySQL 5.7.35. In addition to security fixes, the updated packages...

8CVSS6.9AI score0.41478EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/09/02 1:23 p.m.208 views

USN-3934-2: PolicyKit vulnerability

USN-3934-1 fixed a vulnerability in Policykit. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that PolicyKit incorrectly relied on the fork system call in the Linux kernel being atomic. A local attacker could possibly use this issu...

6.7CVSS6.8AI score0.00446EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/07/08 2:41 p.m.208 views

USN-4048-1: Docker vulnerabilities

Aleksa Sarai discovered that Docker was vulnerable to a directory traversal attack. An attacker could use this vulnerability to read and write arbitrary files on the host filesystem as root...

9.3CVSS7AI score0.9857EPSS
Exploits34
Ubuntu
Ubuntu
added 2019/07/04 1:41 p.m.208 views

USN-4038-3: bzip2 regression

USN-4038-1 fixed a vulnerability in bzip2. The update introduced a regression causing bzip2 to incorrect raises CRC errors for some files. We apologize for the inconvenience. Original advisory details: It was discovered that bzip2 incorrectly handled certain files. An attacker could possibly use...

5.9AI score
Exploits0References1
Ubuntu
Ubuntu
added 2019/07/04 3:48 p.m.208 views

USN-4038-4: bzip2 regression

USN-4038-1 fixed a vulnerability in bzip2. The update introduced a regression causing bzip2 to incorrect raises CRC errors for some files. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. We apologize for the inconvenience. Original advisory details: It was...

5.9AI score
Exploits0References1
Ubuntu
Ubuntu
added 2019/06/17 9:11 p.m.207 views

USN-4017-1: Linux kernel vulnerabilities

Jonathan Looney discovered that the TCP retransmission queue implementation in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment SACK sequences. A remote attacker could use this to cause a denial of service. CVE-2019-11478 Jonathan Looney discovered that an...

7.8CVSS6.8AI score0.98745EPSS
Exploits4References1
Ubuntu
Ubuntu
added 2019/01/31 11:38 a.m.207 views

USN-3876-1: Avahi vulnerabilities

Chad Seaman discovered that Avahi incorrectly handled certain messages. An attacker could possibly use this issue to cause a denial of service. CVE-2017-6519, CVE-2018-1000845...

9.1CVSS7.3AI score0.03082EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/03/22 7:26 a.m.206 views

USN-5338-1: Linux kernel vulnerabilities

Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 releaseagent feature. A local attacker could use this to gain administrative privileges. CVE-2022-0492 Jürgen Groß discovered that the Xen subsystem within the...

9CVSS7.8AI score0.67994EPSS
Exploits16
Ubuntu
Ubuntu
added 2020/12/03 11:7 p.m.206 views

USN-4658-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-0423 Daniele Antonioli, Nils Ole...

7.8CVSS7.5AI score0.06692EPSS
Exploits7
Ubuntu
Ubuntu
added 2019/08/29 10:31 p.m.206 views

USN-4113-1: Apache HTTP Server vulnerabilities

Stefan Eissing discovered that the HTTP/2 implementation in Apache did not properly handle upgrade requests from HTTP/1.1 to HTTP/2 in some situations. A remote attacker could use this to cause a denial of service daemon crash. This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.04...

9.1CVSS6.8AI score0.81466EPSS
Exploits6
Ubuntu
Ubuntu
added 2019/07/24 11:34 a.m.206 views

USN-4070-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.04 have been updated to MySQL 5.7.27. In addition to security fixes, the updated packages contain bug fixes, new features,...

6.5CVSS6.5AI score0.03972EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/07/04 5:38 p.m.206 views

USN-4046-1: Irssi vulnerabilities

It was discovered that Irssi incorrectly handled certain disconnections. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. CVE-2018-7054 It was discovered that Irssi incorrectly handled certain requests. An...

9.8CVSS6.9AI score0.03333EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/10/02 5:55 p.m.206 views

USN-3780-1: HAProxy vulnerability

It was discovered that HAProxy incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS6.7AI score0.03009EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/01/21 5:0 p.m.205 views

USN-5248-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, trick a user into accepting unwanted permissions,...

10CVSS8AI score0.0383EPSS
Exploits8
Ubuntu
Ubuntu
added 2019/08/13 3:4 p.m.205 views

USN-4093-1: Linux kernel vulnerabilities

It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2019-10126 Andrei Vlad Lutas and Dan Lutas discovered that some x86...

9.8CVSS7.4AI score0.52199EPSS
Exploits27
Ubuntu
Ubuntu
added 2021/08/18 10:17 p.m.204 views

USN-5045-1: Linux kernel vulnerabilities

Norbert Slusarek discovered that the CAN broadcast manger bcm protocol implementation in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to expose sensitive information kernel memory. CVE-2021-34693 It was discovered that the bluetooth...

6.9CVSS7AI score0.00485EPSS
Exploits3
Total number of security vulnerabilities5000