Lucene search
K
UbuntuMost viewed

10918 matches found

Ubuntu
Ubuntu
added 2010/07/06 1:1 p.m.70 views

USN-943-1: Thunderbird vulnerabilities

Martin Barbella discovered an integer overflow in an XSLT node sorting routine. An attacker could exploit this to overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2010-1199 An integer overflow was discover...

10CVSS9.2AI score0.11418EPSS
Exploits7
Ubuntu
Ubuntu
added 2010/03/24 1:30 p.m.70 views

USN-918-1: Samba vulnerability

It was discovered the Samba handled symlinks in an unexpected way when both "wide links" and "UNIX extensions" were enabled, which is the default. A remote attacker could create symlinks and access arbitrary files from the server...

3.5CVSS7.3AI score0.3053EPSS
Exploits6
Ubuntu
Ubuntu
added 2009/09/21 6:50 p.m.70 views

USN-835-1: neon vulnerabilities

Joe Orton discovered that neon did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...

5.8CVSS5.3AI score0.02266EPSS
Exploits0
Ubuntu
Ubuntu
added 2009/09/14 5:14 p.m.70 views

USN-830-1: OpenSSL vulnerability

Dan Kaminsky discovered OpenSSL would still accept certificates with MD2 hash signatures. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site. This update handles this issue by completely disabling MD2 for certificate validation...

5.1CVSS6.8AI score0.04506EPSS
Exploits0
Ubuntu
Ubuntu
added 2009/07/29 4:58 a.m.70 views

USN-808-1: Bind vulnerability

Micha Krause discovered that Bind did not correctly validate certain dynamic DNS update packets. An unauthenticated remote attacker could send specially crafted traffic to crash the DNS server, leading to a denial of service...

4.3CVSS6.4AI score0.12649EPSS
Exploits1
Ubuntu
Ubuntu
added 2009/05/04 2:44 p.m.70 views

USN-769-1: libwmf vulnerability

Tavis Ormandy discovered that libwmf incorrectly used memory after it had been freed when using its embedded GD library. If a user or automated system were tricked into opening a crafted WMF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user...

7.5CVSS6.8AI score0.03463EPSS
Exploits0
Ubuntu
Ubuntu
added 2009/02/17 9:21 p.m.70 views

USN-722-1: sudo vulnerability

Harald Koenig discovered that sudo did not correctly handle certain privilege changes when handling groups. If a local attacker belonged to a group included in a "RunAs" list in the /etc/sudoers file, that user could gain root privileges. This was not an issue for the default sudoers file shipped...

7.8CVSS7.4AI score0.00406EPSS
Exploits1
Ubuntu
Ubuntu
added 2009/02/12 7:12 p.m.70 views

USN-719-1: pam-krb5 vulnerabilities

It was discovered that pamkrb5 parsed environment variables when run with setuid applications. A local attacker could exploit this flaw to bypass authentication checks and gain root privileges. CVE-2009-0360 Derek Chan discovered that pamkrb5 incorrectly handled refreshing existing credentials wh...

6.2CVSS5.5AI score0.00695EPSS
Exploits7
Ubuntu
Ubuntu
added 2008/08/06 7:32 p.m.70 views

USN-635-1: xine-lib vulnerabilities

Alin Rad Pop discovered an array index vulnerability in the SDP parser. If a user or automated system were tricked into opening a malicious RTSP stream, a remote attacker may be able to execute arbitrary code with the privileges of the user invoking the program. CVE-2008-0073 Luigi Auriemma...

9.3CVSS8.2AI score0.15038EPSS
Exploits11
Ubuntu
Ubuntu
added 2007/05/18 9:52 p.m.70 views

USN-436-2: KTorrent vulnerability

USN-436-1 fixed a vulnerability in KTorrent. The original fix for path traversal was incomplete, allowing for alternate vectors of attack. This update solves the problem. Original advisory details: Bryan Burns of Juniper Networks discovered that KTorrent did not correctly validate the destination...

6.4CVSS5.9AI score0.02269EPSS
Exploits0
Ubuntu
Ubuntu
added 2005/03/18 11:22 p.m.70 views

USN-99-1: PHP4 vulnerabilities

Stefano Di Paola discovered integer overflows in PHP's pack and unpack functions. A malicious PHP script could exploit these to break out of safe mode and execute arbitrary code with the privileges of the PHP interpreter. CAN-2004-1018 Note: The second part of CAN-2004-1018 buffer overflow in the...

10CVSS6.4AI score0.1616EPSS
Exploits0
Ubuntu
Ubuntu
added 2005/03/16 5:13 p.m.70 views

USN-96-1: mySQL vulnerabilities

Stefano Di Paola discovered three privilege escalation flaws in the MySQL server: - If an authenticated user had INSERT privileges on the 'mysql' administrative database, the CREATE FUNCTION command allowed that user to use libc functions to execute arbitrary code with the privileges of the...

4.6CVSS6AI score0.1844EPSS
Exploits3
Ubuntu
Ubuntu
added 2004/12/22 7:53 p.m.70 views

USN-45-1: nasm vulnerability

Jonathan Rockway discovered a locally exploitable buffer overflow in the error function of nasm. If an attacker tricked a user into assembling a malicious source file, they could exploit this to execute arbitrary code with the privileges of the user that runs nasm...

10CVSS5.7AI score0.17882EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/05/06 4:12 p.m.69 views

USN-7488-1: Python vulnerabilities

It was discovered that Python incorrectly handled parsing bracketed hosts. A remote attacker could possibly use this issue to perform a Server-Side Request Forgery SSRF attack. This issue only affected python 2.7 and python3.4 on Ubuntu 14.04 LTS; python2.7 on Ubuntu 16.04 LTS; python2.7,...

7.8CVSS7.2AI score0.02203EPSS
Exploits2
Ubuntu
Ubuntu
added 2025/04/23 12:20 p.m.69 views

USN-7447-1: Yelp vulnerability

It was discovered that Yelp incorrectly handled paths in ghelp URLs. A remote attacker could use this issue to trick users into opening malicious downloaded help files and exfiltrate sensitive information...

7.4CVSS7.2AI score0.12592EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/05/21 10:34 p.m.69 views

USN-6777-3: Linux kernel (GCP) vulnerabilities

Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service system crash. CVE-2023-47233 Several...

7.8CVSS6.8AI score0.00315EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/20 6:30 p.m.69 views

USN-6707-1: Linux kernel vulnerabilities

Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.7AI score0.28058EPSS
Exploits16
Ubuntu
Ubuntu
added 2024/03/13 5:17 p.m.69 views

USN-6686-2: Linux kernel vulnerabilities

It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-22995 It was discovered that a race...

7.8CVSS7.1AI score0.01657EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/12/07 11:0 a.m.69 views

USN-6522-2: FreeRDP vulnerabilities

USN-6522-1 fixed several vulnerabilities in FreeRDP. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: It was discovered that FreeRDP incorrectly handled drive redirection. If a user were tricked into connection to a malicious server, a remote attacker...

9.8CVSS7.5AI score0.01529EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/12/07 4:7 a.m.69 views

USN-6540-1: BlueZ vulnerability

It was discovered that BlueZ did not properly restrict non-bonded devices from injecting HID events into the input subsystem. This could allow a physically proximate attacker to inject keystrokes and execute arbitrary commands whilst the device is discoverable...

6.3CVSS6.9AI score0.07879EPSS
Exploits8
Ubuntu
Ubuntu
added 2023/11/29 3:46 p.m.69 views

USN-6524-1: PyPy vulnerability

Nicky Mouha discovered that PyPy incorrectly handled certain SHA-3 operations. An attacker could possibly use this issue to cause PyPy to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.4AI score0.05193EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/11/27 2:8 p.m.69 views

USN-6502-2: Linux kernel (Oracle) vulnerabilities

Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. CVE-2023-25775 Yu Hao discover...

9.8CVSS7.5AI score0.00978EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/10/11 3:15 a.m.69 views

USN-6404-2: Firefox regressions

USN-6404-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...

8.6AI score
Exploits0References1
Ubuntu
Ubuntu
added 2023/09/19 10:9 p.m.69 views

USN-6387-1: Linux kernel vulnerabilities

Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. CVE-2023-20588 It was discovered...

7.8CVSS7AI score0.12405EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/09/08 10:26 p.m.69 views

USN-6338-2: Linux kernel vulnerabilities

Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-21255 It was discovered that a race condition existed in th...

9.8CVSS7.1AI score0.0406EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/09/06 9:41 p.m.69 views

USN-6351-1: Linux kernel (GKE) vulnerabilities

It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service system crash. CVE-2022-48425...

9.8CVSS6.7AI score0.02975EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/09/06 12:32 p.m.69 views

USN-6343-1: Linux kernel (OEM) vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Ross Lagerwall discovered that the Xen netback backend...

7.8CVSS7.6AI score0.00664EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/08/02 6:19 a.m.69 views

USN-6267-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-4047, CVE-2023-4048,...

9.8CVSS8AI score0.13694EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/07/31 2:27 p.m.69 views

USN-6265-1: RabbitMQ vulnerability

It was discovered that RabbitMQ incorrectly handled certain signed-in user credentials. An attacker could possibly use this issue to expose sensitive information...

7.8CVSS5.8AI score0.00394EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/07/31 12:32 p.m.69 views

USN-6264-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS7.7AI score0.23788EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/07/27 9:41 a.m.69 views

USN-5193-3: X.Org X Server vulnerabilities

USN-5193-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain inputs. An attacker could use this issue to cause the server to crash,...

7.8CVSS7.5AI score0.00571EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/06/21 5:11 p.m.69 views

USN-6183-1: Bind vulnerabilities

Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled the cache size limit. A remote attacker could possibly use this issue to consume memory, leading to a denial of service. CVE-2023-2828 It was discovered that Bind incorrectly handled the...

7.5CVSS7.4AI score0.03776EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/06/08 2:43 p.m.69 views

USN-6149-1: Linux kernel vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS7.3AI score0.16642EPSS
Exploits7
Ubuntu
Ubuntu
added 2023/06/05 4:55 p.m.69 views

USN-6139-1: Python vulnerability

Yebo Cao discovered that Python incorrectly handled certain URLs. An attacker could use this issue to bypass blockinglisting methods. This issue was first addressed in USN-5960-1, but was incomplete. Here we address an additional fix to that issue. CVE-2023-24329...

7.5CVSS7.4AI score0.20459EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/05/29 6:16 p.m.69 views

USN-6112-1: Perl vulnerability

It was discovered that Perl was not properly verifying TLS certificates when using CPAN together with HTTP::Tiny to download modules over HTTPS. If a remote attacker were able to intercept communications, this flaw could potentially be used to install altered modules...

8.1CVSS8AI score0.01548EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/05/16 2:11 p.m.69 views

USN-6080-1: Linux kernel vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Zheng Wang discovered that the Intel i915 graphics...

8.1CVSS7.1AI score0.00635EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/05/01 9:37 a.m.69 views

USN-6050-1: Git vulnerabilities

It was discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to overwriting some paths. CVE-2023-25652 Maxime Escourbiac and Yassine BENGANA discovered that Git incorrectly handled some gettext machinery. An attacker could possibly use this issue to...

7.8CVSS7.3AI score0.52164EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/03/16 9:21 p.m.69 views

USN-5962-1: Linux kernel (Intel IoTG) vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

7.8CVSS7.3AI score0.06346EPSS
Exploits8
Ubuntu
Ubuntu
added 2023/03/13 4:35 p.m.69 views

USN-5949-1: Chromium vulnerabilities

It was discovered that Chromium could be made to write out of bounds in several components. A remote attacker could possibly use this issue to corrupt memory via a crafted HTML page, resulting in a denial of service, or possibly execute arbitrary code. CVE-2023-0930, CVE-2023-1219, CVE-2023-1220,...

8.8CVSS7.5AI score0.01163EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/09/13 9:3 p.m.69 views

USN-5609-1: .NET 6 vulnerability

Graham Esau discovered that .NET 6 incorrectly parsed certain payloads during model binding. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.4AI score0.03074EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/26 3:22 p.m.69 views

USN-5533-1: Vim vulnerability

It was discovered that Vim incorrectly handled memory access. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause the corruption of sensitive information, a crash, or arbitrary code execution...

7.8CVSS7.8AI score0.01352EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/04/25 4:19 p.m.69 views

USN-5387-1: Barbican vulnerabilities

Douglas Mendizábal discovered that Barbican incorrectly handled access restrictions. An authenticated attacker could possibly use this issue to consume protected resources and possibly cause a denial of service. CVE-2022-23451, CVE-2022-23452...

8.1CVSS6.4AI score0.01018EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/12/14 6:13 p.m.69 views

USN-5193-1: X.Org X Server vulnerabilities

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain inputs. An attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code and escalate privileges...

7.8CVSS7.3AI score0.00571EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/11/11 10:30 p.m.69 views

USN-5146-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code...

8.8CVSS8.4AI score0.01205EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/12/08 3:32 p.m.69 views

USN-4663-1: GDK-PixBuf vulnerability

Melvin Kool discovered that the GDK-PixBuf library did not properly handle certain GIF images. If an user or automated system were tricked into opening a specially crafted GIF file, a remote attacker could use this flaw to cause GDK-PixBuf to hang, resulting in a denial of service...

5.5CVSS6.7AI score0.01477EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/10/21 7:28 p.m.69 views

USN-4552-2: Pam-python vulnerability

Malte Kraus discovered that Pam-python mishandled certain environment variables. A local attacker could potentially use this vulnerability to execute programs as root...

7.8CVSS7.2AI score0.00356EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/10/05 1:24 p.m.69 views

USN-4565-1: OpenConnect vulnerability

It was discovered that OpenConnect has a buffer overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes. An attacker could use it to provoke a denial of service crash...

9.8CVSS7.8AI score0.03445EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/07/06 5:11 p.m.69 views

USN-4415-1: coTURN vulnerabilities

Felix Dörre discovered that coTURN response buffer is not initialized properly. An attacker could possibly use this issue to obtain sensitive information. CVE-2020-4067 It was discovered that coTURN web server incorrectly handled HTTP POST requests. An attacker could possibly use this issue to...

9.8CVSS7.1AI score0.06102EPSS
Exploits2
Ubuntu
Ubuntu
added 2020/05/21 6:47 p.m.69 views

USN-4370-2: ClamAV vulnerabilities

USN-4370-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Original advisory details: It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause ClamAV ...

7.5CVSS8AI score0.05063EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/04/28 11:27 p.m.69 views

USN-4343-1: Linux kernel vulnerability

Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondary address mode. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7CVSS7.1AI score0.00397EPSS
Exploits0
Total number of security vulnerabilities5000