Lucene search
K
UbuntuMost viewed

10905 matches found

Ubuntu
Ubuntu
added 2023/11/29 3:46 p.m.69 views

USN-6524-1: PyPy vulnerability

Nicky Mouha discovered that PyPy incorrectly handled certain SHA-3 operations. An attacker could possibly use this issue to cause PyPy to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.4AI score0.05193EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/11/27 2:8 p.m.69 views

USN-6502-2: Linux kernel (Oracle) vulnerabilities

Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. CVE-2023-25775 Yu Hao discover...

9.8CVSS7.5AI score0.00978EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/21 9:15 a.m.69 views

USN-6491-1: Node.js vulnerabilities

Axel Chong discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2022-32212 Zeyu Zhang discovered that Node.js incorrectl...

8.1CVSS7.5AI score0.77766EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/10/11 3:15 a.m.69 views

USN-6404-2: Firefox regressions

USN-6404-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...

8.6AI score
Exploits0References1
Ubuntu
Ubuntu
added 2023/09/08 10:26 p.m.69 views

USN-6338-2: Linux kernel vulnerabilities

Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-21255 It was discovered that a race condition existed in th...

9.8CVSS7.1AI score0.0406EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/09/06 9:41 p.m.69 views

USN-6351-1: Linux kernel (GKE) vulnerabilities

It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service system crash. CVE-2022-48425...

9.8CVSS6.7AI score0.02975EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/09/06 12:32 p.m.69 views

USN-6343-1: Linux kernel (OEM) vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Ross Lagerwall discovered that the Xen netback backend...

7.8CVSS7.6AI score0.00664EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/08/30 12:46 a.m.69 views

USN-6319-1: AMD Microcode vulnerability

Daniël Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel...

4.7CVSS7.1AI score0.0616EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/07/31 2:27 p.m.69 views

USN-6265-1: RabbitMQ vulnerability

It was discovered that RabbitMQ incorrectly handled certain signed-in user credentials. An attacker could possibly use this issue to expose sensitive information...

7.8CVSS5.8AI score0.00394EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/07/31 12:32 p.m.69 views

USN-6264-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS7.7AI score0.23788EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/07/27 9:41 a.m.69 views

USN-5193-3: X.Org X Server vulnerabilities

USN-5193-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain inputs. An attacker could use this issue to cause the server to crash,...

7.8CVSS7.5AI score0.00571EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/07/07 7:40 p.m.69 views

USN-6212-1: Linux kernel (Intel IoTG) vulnerabilities

Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-35788, LP: 2023577 It was discovered that for some...

7.8CVSS7.2AI score0.00532EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2023/06/21 5:11 p.m.69 views

USN-6183-1: Bind vulnerabilities

Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled the cache size limit. A remote attacker could possibly use this issue to consume memory, leading to a denial of service. CVE-2023-2828 It was discovered that Bind incorrectly handled the...

7.5CVSS7.4AI score0.03776EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/06/08 2:43 p.m.69 views

USN-6149-1: Linux kernel vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS7.3AI score0.16642EPSS
Exploits7
Ubuntu
Ubuntu
added 2023/06/05 4:55 p.m.69 views

USN-6139-1: Python vulnerability

Yebo Cao discovered that Python incorrectly handled certain URLs. An attacker could use this issue to bypass blockinglisting methods. This issue was first addressed in USN-5960-1, but was incomplete. Here we address an additional fix to that issue. CVE-2023-24329...

7.5CVSS7.4AI score0.20459EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/05/16 2:11 p.m.69 views

USN-6080-1: Linux kernel vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Zheng Wang discovered that the Intel i915 graphics...

8.1CVSS7.1AI score0.00635EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/05/01 9:37 a.m.69 views

USN-6050-1: Git vulnerabilities

It was discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to overwriting some paths. CVE-2023-25652 Maxime Escourbiac and Yassine BENGANA discovered that Git incorrectly handled some gettext machinery. An attacker could possibly use this issue to...

7.8CVSS7.3AI score0.52164EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/03/16 9:21 p.m.69 views

USN-5962-1: Linux kernel (Intel IoTG) vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

7.8CVSS7.3AI score0.06346EPSS
Exploits8
Ubuntu
Ubuntu
added 2023/03/13 4:35 p.m.69 views

USN-5949-1: Chromium vulnerabilities

It was discovered that Chromium could be made to write out of bounds in several components. A remote attacker could possibly use this issue to corrupt memory via a crafted HTML page, resulting in a denial of service, or possibly execute arbitrary code. CVE-2023-0930, CVE-2023-1219, CVE-2023-1220,...

8.8CVSS7.5AI score0.01163EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/10/26 8:22 a.m.69 views

USN-5700-1: Linux kernel vulnerabilities

David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the iouring subsystem in the Linux kernel, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-2602...

8.8CVSS7.3AI score0.03763EPSS
Exploits7
Ubuntu
Ubuntu
added 2022/10/13 8:0 p.m.69 views

USN-5678-1: Linux kernel vulnerabilities

It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information kernel memory. CVE-2022-0812 Moshe Kol, Amit Klein and Yossi Gilad discovered tha...

8.2CVSS6.7AI score0.02972EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/09/14 3:1 a.m.69 views

USN-5583-2: systemd regression

USN-5583-1 fixed vulnerabilities in systemd. Unfortunately this caused a regression by introducing networking problems for some users. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that systemd incorrectly handled certain DNS...

9.8CVSS7.9AI score0.01052EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2022/06/13 2:52 p.m.69 views

USN-5476-1: Liblouis vulnerabilities

Han Zheng discovered that Liblouis incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash. This issue was addressed in Ubuntu 21.10 and Ubuntu 22.04 LTS. CVE-2022-26981 It was discovered that Liblouis incorrectly handled certain inputs. An attacker could...

7.8CVSS7.1AI score0.01463EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/11/11 10:30 p.m.69 views

USN-5146-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code...

8.8CVSS8.4AI score0.01205EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/12/08 3:32 p.m.69 views

USN-4663-1: GDK-PixBuf vulnerability

Melvin Kool discovered that the GDK-PixBuf library did not properly handle certain GIF images. If an user or automated system were tricked into opening a specially crafted GIF file, a remote attacker could use this flaw to cause GDK-PixBuf to hang, resulting in a denial of service...

5.5CVSS6.7AI score0.01477EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/10/21 7:28 p.m.69 views

USN-4552-2: Pam-python vulnerability

Malte Kraus discovered that Pam-python mishandled certain environment variables. A local attacker could potentially use this vulnerability to execute programs as root...

7.8CVSS7.2AI score0.00356EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/07/06 5:11 p.m.69 views

USN-4415-1: coTURN vulnerabilities

Felix Dörre discovered that coTURN response buffer is not initialized properly. An attacker could possibly use this issue to obtain sensitive information. CVE-2020-4067 It was discovered that coTURN web server incorrectly handled HTTP POST requests. An attacker could possibly use this issue to...

9.8CVSS7.1AI score0.06102EPSS
Exploits2
Ubuntu
Ubuntu
added 2020/05/21 6:47 p.m.69 views

USN-4370-2: ClamAV vulnerabilities

USN-4370-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Original advisory details: It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause ClamAV ...

7.5CVSS8AI score0.05063EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/04/28 11:27 p.m.69 views

USN-4343-1: Linux kernel vulnerability

Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondary address mode. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7CVSS7.1AI score0.00397EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/03/31 1:42 p.m.69 views

USN-4314-1: pam-krb5 vulnerability

Russ Allbery discovered that pam-krb5 incorrectly handled some responses. An attacker could possibly use this issue to execute arbitrary code...

9.8CVSS8.7AI score0.04784EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/03/18 2:49 p.m.69 views

USN-4307-1: Apache HTTP Server update

As a security improvement, this update adds TLSv1.3 support to the Apache HTTP Server package in Ubuntu 18.04 LTS. TLSv1.3 is enabled by default, and in certain environments may cause compatibility issues. The SSLProtocol directive may be used to disable TLSv1.3 in these problematic environments...

5.1AI score
Exploits0References1
Ubuntu
Ubuntu
added 2020/01/14 1:0 p.m.69 views

USN-4236-2: Libgcrypt vulnerability

USN-4236-1 fixed a vulnerability in Libgcrypt. This update provides the corresponding fix for Ubuntu 16.04 LTS. Original advisory details: It was discovered that Libgcrypt was susceptible to a ECDSA timing attack. An attacker could possibly use this attack to recover sensitive information...

6.3CVSS6.8AI score0.0051EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/12/11 4:53 p.m.69 views

USN-4214-2: RabbitMQ vulnerability

USN-4214-1 fixed a vulnerability in RabbitMQ. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that RabbitMQ incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary cod...

9.8CVSS8.7AI score0.03317EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/09/10 10:18 p.m.69 views

USN-4120-2: systemd regression

USN-4120-1 fixed a vulnerability in systemd. The update included a recent SRU from the updates pocket that introduced networking problems for some users. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the systemd-resolved D-Bus...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
added 2019/08/28 7:15 p.m.69 views

USN-4110-3: Dovecot regression

USN-4110-1 fixed a vulnerability in Dovecot. The update introduced a regression causing a wrong check. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Nick Roessler and Rafi Rubin discovered that Dovecot incorrectly handled certain data. An attacker...

9.8CVSS8.5AI score0.62579EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/06/26 6:36 p.m.69 views

USN-4040-1: Expat vulnerability

It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to cause a denial of service...

7.8CVSS6.5AI score0.07107EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/02/12 4:42 p.m.69 views

USN-3888-1: GVfs vulnerability

It was discovered that GVfs incorrectly handled certain inputs. An attacker could possibly use this issue to access sensitive information...

7CVSS7AI score0.00368EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/12/03 7:40 p.m.69 views

USN-3836-1: Linux kernel vulnerabilities

Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could use this to bypass access controls on resources outside the namespace. CVE-2018-18955 Philipp Wendler discovered that the overlayfs implementati...

7CVSS6.9AI score0.07611EPSS
Exploits25
Ubuntu
Ubuntu
added 2018/11/29 1:1 p.m.69 views

USN-3831-1: Ghostscript vulnerabilities

It was discovered that Ghostscript contained multiple security issues. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service...

9.8CVSS8.3AI score0.09548EPSS
Exploits3
Ubuntu
Ubuntu
added 2018/07/17 3:5 p.m.69 views

USN-3717-2: PolicyKit vulnerabilities

USN-3717-1 fixed a vulnerability in PolicyKit. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that PolicyKit incorrectly handled certain duplicate action IDs. A local attacker could use this issue to cause PolicyKit to crash,...

4.7CVSS5.7AI score0.01196EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/07/11 12:27 p.m.69 views

USN-3711-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of th...

8.8CVSS7.8AI score0.03965EPSS
Exploits3
Ubuntu
Ubuntu
added 2018/07/11 12:14 p.m.69 views

USN-3710-1: curl vulnerability

Peter Wu discovered that curl incorrectly handled certain SMTP buffers. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS8.3AI score0.06433EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/04/17 9:0 p.m.69 views

USN-3625-2: Perl vulnerabilities

USN-3625-1 fixed a vulnerability in Perl. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Perl incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause Perl to hang, resulting in a...

9.8CVSS7.5AI score0.10866EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/03/27 2:16 p.m.69 views

USN-3608-1: Zsh vulnerabilities

Richard Maciel Costa discovered that Zsh incorrectly handled certain inputs. An attacker could possibly use this to cause a denial of service. CVE-2018-1071 It was discovered that Zsh incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code. CVE-2018-1083...

7.8CVSS7.5AI score0.00628EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/10/23 7:47 p.m.69 views

USN-3441-2: curl vulnerabilities

USN-3441-1 fixed several vulnerabilities in curl. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Daniel Stenberg discovered that curl incorrectly handled large floating point output. A remote attacker could use this issue to cause curl to crash,...

9.1CVSS6.8AI score0.08465EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/10/10 12:54 p.m.69 views

USN-3441-1: curl vulnerabilities

Daniel Stenberg discovered that curl incorrectly handled large floating point output. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-9586...

8.1CVSS6.7AI score0.08465EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/07/27 4:41 p.m.71 views

USN-3370-1: Apache HTTP Server vulnerability

Robert Święcki discovered that the Apache HTTP Server modauthdigest module incorrectly cleared values when processing certain requests. A remote attacker could use this issue to cause the server to crash, resulting in a denial or service, or possibly obtain sensitive information...

9.1CVSS7.2AI score0.5677EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/10/27 10:19 p.m.69 views

USN-3112-1: Thunderbird vulnerabilities

Catalin Dumitru discovered that URLs of resources loaded after a navigation start could be leaked to the following page via the Resource Timing API. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit this to obtain sensiti...

9.8CVSS7.8AI score0.05037EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/10/20 2:11 a.m.69 views

USN-3106-1: Linux kernel vulnerability

It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges...

7.2CVSS7.6AI score0.83524EPSS
Exploits81
Ubuntu
Ubuntu
added 2016/09/19 6:59 p.m.69 views

USN-3084-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3084-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A...

6.5CVSS6.4AI score0.00348EPSS
Exploits0
Total number of security vulnerabilities5000