Lucene search
K
UbuntuMost viewed

10904 matches found

Ubuntu
Ubuntu
added 2021/07/21 1:8 p.m.204 views

USN-4336-2: GNU binutils vulnerabilities

USN-4336-1 fixed several vulnerabilities in GNU binutils. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that GNU binutils contained a large number of security issues. If a user or automated system were tricked into processing a...

9.8CVSS7AI score0.08544EPSS
Exploits67
Ubuntu
Ubuntu
added 2019/05/15 3:58 a.m.204 views

USN-3984-1: Linux kernel vulnerabilities

Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...

5.9CVSS6.5AI score0.01553EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2018/10/10 11:49 a.m.204 views

USN-3781-2: WebKitGTK+ regression

USN-3781-1 fixed vulnerabilities in WebKitGTK+. The updated package was missing some header files, preventing certain applications from building. This update fixes the problem. We apologize for the inconvenience. Original advisory details: A large number of security issues were discovered in the...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2023/05/31 2:5 a.m.203 views

USN-6125-1: snapd vulnerability

It was discovered that the snap sandbox did not restrict the use of the ioctl system call with a TIOCLINUX request. This could be exploited by a malicious snap to inject commands into the controlling terminal which would then be executed outside of the snap sandbox once the snap had exited. This...

10CVSS8.7AI score0.01447EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/02/01 5:55 p.m.203 views

USN-5261-1: Phusion Passenger vulnerabilities

It was discovered that Phusion Passenger incorrectly handled a file path in the application root folder. An attacker could possibly use this issue to read arbitrary files. CVE-2017-16355 It was discovered that Phusion Passenger had a race condition in the nginx module that could be used to perfor...

7CVSS6.7AI score0.00358EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/06/06 1:44 p.m.203 views

USN-4011-2: Jinja2 vulnerabilities

USN-4011-1 fixed several vulnerabilities in Jinja2. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Olivier Dony discovered that Jinja incorrectly handled str.format. An attacker could possibly use this issue to escape the sandbo...

8.6CVSS7.2AI score0.03603EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/12/03 5:36 p.m.203 views

USN-3834-1: Perl vulnerabilities

Jayakrishna Menon discovered that Perl incorrectly handled Perlmysetenv. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2018-18311 Eiichi Tsukata discovered that Perl incorrectly handled certain regular expression...

9.8CVSS7.5AI score0.12093EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/06/17 2:0 a.m.202 views

USN-5485-1: Linux kernel vulnerabilities

It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. CVE-2022-21123 It was discovered that some Intel processors did not completely perform cleanup actions on...

5.5CVSS6.5AI score0.06451EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/03/25 3:12 a.m.202 views

USN-4302-1: Linux kernel vulnerabilities

Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested level 2 guest access the resources of a parent level 1 guest in certain situations. An attacker could use this to expose sensitive information. CVE-2020-2732 Gregory Herrero discovere...

6.8CVSS6.5AI score0.02745EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/05/30 3:3 p.m.202 views

USN-4000-1: Corosync vulnerability

It was discovered that Corosync incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

7.5CVSS7.7AI score0.03172EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/05/28 10:38 p.m.202 views

USN-3997-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass same-origin protections, or execute arbitrary code. CVE-2019-18511,...

9.8CVSS7.7AI score0.09393EPSS
Exploits4
Ubuntu
Ubuntu
added 2013/07/04 1:36 a.m.202 views

USN-1898-1: OpenSSL vulnerability

The TLS protocol 1.2 and earlier can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows machine-in-the-middle attackers to obtain plaintext content by observing length differences during a series of guesses in which a provided string potentially...

2.6CVSS7.1AI score0.04266EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/01/28 1:40 p.m.201 views

USN-4706-1: Ceph vulnerabilities

Olle Segerdahl found that ceph-mon and ceph-mgr daemons did not properly restrict access, resulting in gaining access to unauthorized resources. An authenticated user could use this vulnerability to modify the configuration and possibly conduct further attacks. CVE-2020-10736 Adam Mohammed found...

8.8CVSS6.9AI score0.01627EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/03/06 2:22 p.m.201 views

USN-3902-1: PHP vulnerabilities

It was discovered that the PHP XML-RPC module incorrectly handled decoding XML data. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. CVE-2019-9020, CVE-2019-9024 It was discovered that the PHP PHAR module incorrectly handled certain...

9.8CVSS7.1AI score0.10059EPSS
Exploits5
Ubuntu
Ubuntu
added 2024/06/18 11:24 p.m.200 views

USN-6818-4: Linux kernel (HWE) vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 It was...

7.8CVSS6.9AI score0.78388EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/10/12 3:14 p.m.200 views

USN-6430-1: FFmpeg vulnerabilities

It was discovered that FFmpeg did not properly handle certain inputs in vflagfun.c, resulting in a buffer overflow vulnerability. An attacker could possibly use this issue to cause a denial of service via application crash. This issue only affected Ubuntu 20.04 LTS. CVE-2020-22024 It was discover...

6.5CVSS6.8AI score0.01041EPSS
Exploits5
Ubuntu
Ubuntu
added 2023/05/30 8:40 a.m.200 views

USN-6114-1: nth-check vulnerability

Yeting Li discovered that nth-check incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.4AI score0.02014EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/09/28 4:30 p.m.200 views

USN-4141-1: Exim vulnerability

It was discovered that Exim incorrectly handled certain string operations. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS8.9AI score0.41589EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/08/29 7:57 p.m.199 views

USN-6315-1: Linux kernel vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

7.8CVSS7.9AI score0.05794EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/03/15 6:12 p.m.199 views

USN-5328-2: OpenSSL vulnerability

USN-5328-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Tavis Ormandy discovered that OpenSSL incorrectly parsed certain certificates. A remote attacker could possibly use this issue to cause...

7.5CVSS7AI score0.70561EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/09/02 9:7 p.m.199 views

USN-4116-1: Linux kernel vulnerabilities

It was discovered that a use-after-free error existed in the block layer subsystem of the Linux kernel when certain failure conditions occurred. A local attacker could possibly use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2018-20856 Amit Klein and Ben...

7.8CVSS7.4AI score0.04425EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/06/10 2:2 p.m.199 views

USN-4012-1: elfutils vulnerabilities

It was discovered that elfutils incorrectly handled certain malformed files. If a user or automated system were tricked into processing a specially crafted file, elfutils could be made to crash or consume resources, resulting in a denial of service...

9.8CVSS6.3AI score0.03691EPSS
Exploits8
Ubuntu
Ubuntu
added 2019/06/03 12:35 p.m.199 views

USN-4002-1: Doxygen vulnerability

It was discovered that Doxygen incorrectly handled certain queries. An attacker could possibly use this issue to execute arbitrary code and compromise sensitive information...

6.1CVSS6.9AI score0.01823EPSS
Exploits0
Ubuntu
Ubuntu
added 2008/07/15 4:42 p.m.199 views

USN-625-1: Linux kernel vulnerabilities

Dirk Nehring discovered that the IPsec protocol stack did not correctly handle fragmented ESP packets. A remote attacker could exploit this to crash the system, leading to a denial of service. CVE-2007-6282 Johannes Bauer discovered that the 64bit kernel did not correctly handle hrtimer updates. ...

10CVSS7.9AI score0.07091EPSS
Exploits12
Ubuntu
Ubuntu
added 2020/05/24 2:16 a.m.198 views

USN-4367-1: Linux kernel vulnerabilities

It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service system crash. CVE-2019-19377 It was...

7.8CVSS6.4AI score0.034EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/09/17 12:24 p.m.198 views

USN-4113-2: Apache HTTP Server regression

USN-4113-1 fixed vulnerabilities in the Apache HTTP server. Unfortunately, that update introduced a regression when proxying balancer manager connections in some configurations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Stefan Eissing discovered...

7.1AI score
Exploits0References1
Ubuntu
Ubuntu
added 2019/05/28 12:38 p.m.198 views

USN-3995-1: Keepalived vulnerability

It was discovered that Keepalived incorrectly handled certain HTTP status response codes. A remote attacker could use this issue to cause Keepalived to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS8AI score0.03746EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/03/12 1:8 p.m.198 views

USN-3906-1: LibTIFF vulnerabilities

It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges...

8.8CVSS7.4AI score0.25183EPSS
Exploits6
Ubuntu
Ubuntu
added 2021/06/23 3:36 a.m.197 views

USN-5000-1: Linux kernel vulnerabilities

Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. CVE-2021-3609 Piotr Krysiuk discovered that the eBPF implementation in the Linux...

7.8CVSS7.5AI score0.07604EPSS
Exploits8
Ubuntu
Ubuntu
added 2020/01/29 12:39 a.m.197 views

USN-4258-1: Linux kernel vulnerabilities

It was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2019-15099 It was discovered that a race condition existed in the...

7.8CVSS7AI score0.06623EPSS
Exploits5
Ubuntu
Ubuntu
added 2019/06/21 6:49 p.m.197 views

USN-4030-1: web2py vulnerabilities

It was discovered that web2py does not properly check denied hosts before verifying passwords. An attacker could possibly use this issue to perform brute-force attacks. CVE-2016-10321 It was discovered that web2py allows remote attackers to obtain environment variable values. An attacker could...

9.8CVSS7.8AI score0.0499EPSS
Exploits4
Ubuntu
Ubuntu
added 2019/05/27 5:39 p.m.197 views

USN-3976-4: Samba vulnerability

USN-3976-1 fixed a vulnerability in Samba. The update introduced a regression causing Samba to occasionally crash. This update fixes the problem. Original advisory details: Isaac Boukris and Andrew Bartlett discovered that Samba incorrectly checked S4U2Self packets. In certain environments, a...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2022/08/10 11:17 a.m.196 views

USN-5560-1: Linux kernel vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.3AI score0.12746EPSS
Exploits26
Ubuntu
Ubuntu
added 2019/06/12 2:50 p.m.196 views

USN-4015-2: DBus vulnerability

USN-4015-1 fixed a vulnerability in DBus. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Joe Vennix discovered that DBus incorrectly handled DBUSCOOKIESHA1 authentication. A local attacker could possibly use this issue to bypass...

7.1CVSS7.2AI score0.00555EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/06/06 11:14 a.m.196 views

USN-4011-1: Jinja2 vulnerabilities

Olivier Dony discovered that Jinja incorrectly handled str.format. An attacker could possibly use this issue to escape the sandbox. This issue only affected Ubuntu 16.04 LTS. CVE-2016-10745 Brian Welch discovered that Jinja incorrectly handled str.formatmap. An attacker could possibly use this...

8.6CVSS7.2AI score0.03603EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/05/29 4:42 p.m.196 views

USN-3968-2: Sudo vulnerability

USN-3968-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that Sudo did not properly parse the contents of /proc/pid/stat when attempting to determine its controlling tty. A local attacker in some...

8.2CVSS7.5AI score0.00573EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/05/22 11:58 a.m.196 views

USN-3566-2: PHP vulnerabilities

USN-3566-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. CVE-2018-20783 It was...

9.8CVSS7.6AI score0.07031EPSS
Exploits2
Ubuntu
Ubuntu
added 2018/10/04 9:34 p.m.195 views

USN-3784-1: AppArmor update

As a security improvement, this update adjusts the private-files abstraction to disallow writing to thumbnailer configuration files. Additionally adjust the private-files, private-files-strict and user-files abstractions to disallow writes on parent directories of sensitive files...

5.4AI score
Exploits0References2
Ubuntu
Ubuntu
added 2018/10/01 7:24 p.m.195 views

USN-3777-2: Linux kernel (HWE) vulnerabilities

USN-3777-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the vmacache subsystem did not properly handle sequence numb...

8.3CVSS8AI score0.60631EPSS
Exploits6References1
Ubuntu
Ubuntu
added 2021/10/25 3:5 p.m.194 views

USN-5123-2: MySQL vulnerabilities

USN-5123-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to...

5.5CVSS6.7AI score0.02497EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/16 5:38 a.m.194 views

USN-4876-1: Linux kernel vulnerabilities

Olivier Benjamin and Pawel Wieczorkiewicz discovered a race condition the Xen paravirt block backend in the Linux kernel, leading to a use-after-free vulnerability. An attacker in a guest VM could use this to cause a denial of service in the host OS. CVE-2020-29569 It was discovered that the...

8.8CVSS6.5AI score0.02417EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/10/14 2:6 a.m.194 views

USN-4578-1: Linux kernel vulnerabilities

Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-16119 Wen Xu discover...

7.8CVSS6.9AI score0.02143EPSS
Exploits3
Ubuntu
Ubuntu
added 2019/10/04 3:38 p.m.194 views

USN-4147-1: Linux kernel vulnerabilities

It was discovered that the Intel Wi-Fi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup TDLS. A physically proximate attacker could use this to cause a denial of service Wi-Fi disconnect. CVE-2019-0136 It was discovered that the Bluetooth UART...

9.4CVSS7.1AI score0.05189EPSS
Exploits11
Ubuntu
Ubuntu
added 2019/05/30 9:45 p.m.194 views

USN-4001-1: libseccomp vulnerability

Jann Horn discovered that libseccomp did not correctly generate 64-bit syscall argument comparisons with arithmetic operators LT, GT, LE, GE. An attacker could use this to bypass intended access restrictions for argument-filtered system calls...

9.8CVSS7.3AI score0.03041EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/08/07 7:3 p.m.194 views

USN-3381-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3381-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Peter Pi discovered that the colormap handling for frame buffer devices in the Linux...

7.8CVSS6.8AI score0.01551EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/02/21 2:48 p.m.193 views

USN-5288-1: Expat vulnerabilities

It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

9.8CVSS7.5AI score0.34174EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/02/09 1:26 p.m.193 views

USN-5279-1: util-linux vulnerabilities

It was discovered that util-linux incorrectly handled unmounting FUSE filesystems. A local attacker could possibly use this issue to unmount FUSE filesystems belonging to other users...

5.5CVSS6.4AI score0.00634EPSS
Exploits4
Ubuntu
Ubuntu
added 2021/06/21 3:25 p.m.193 views

USN-4994-2: Apache HTTP Server vulnerabilities

USN-4994-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Antonio Morales discovered that the Apache modauthdigest module incorrectly handled certain Digest nonces. A remote attacker coul...

9.8CVSS7.8AI score0.68067EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/09/02 9:34 p.m.193 views

USN-4118-1: Linux kernel (AWS) vulnerabilities

It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. CVE-2018-13053 Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track...

10CVSS7.7AI score0.52199EPSS
Exploits50
Ubuntu
Ubuntu
added 2019/02/04 10:47 p.m.193 views

USN-3879-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3879-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Wen Xu discovered that the ext4 file system implementation in the Linux kernel could...

7.8CVSS6.5AI score0.00586EPSS
Exploits0
Total number of security vulnerabilities5000