Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2022/03/07 2:1 p.m.•192 views

USN-5310-2: GNU C Library vulnerabilities

USN-5310-1 fixed several vulnerabilities in GNU. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that the GNU C library getcwd function incorrectly handled buffers. An attacker could use this issue to cause the GNU C Library to cras...

9.8CVSS8.2AI score0.04729EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/02/21 2:48 p.m.•192 views

USN-5288-1: Expat vulnerabilities

It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

9.8CVSS7.5AI score0.34174EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/01/10 11:14 a.m.•192 views

USN-5212-2: Apache HTTP Server vulnerabilities

USN-5212-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that the Apache HTTP Server incorrectly handled certain forward proxy requests. A remote attacker could use thi...

9.8CVSS8.3AI score0.97108EPSS
Exploits4
Ubuntu
Ubuntu
•added 2021/12/15 7:2 p.m.•192 views

USN-5197-1: Apache Log4j 2 vulnerability

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. An attacker could use this vulnerability to cause a denial of service. Please see the following link for more information:...

10CVSS7.4AI score0.99999EPSS
Exploits353
Ubuntu
Ubuntu
•added 2019/02/04 10:47 p.m.•192 views

USN-3879-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3879-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Wen Xu discovered that the ext4 file system implementation in the Linux kernel could...

7.8CVSS6.5AI score0.00586EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/01/25 5:58 p.m.•191 views

USN-5252-1: PolicyKit vulnerability

It was discovered that the PolicyKit pkexec tool incorrectly handled command-line arguments. A local attacker could use this issue to escalate privileges to an administrator...

7.8CVSS7.4AI score0.94921EPSS
Exploits151
Ubuntu
Ubuntu
•added 2021/02/25 6:21 a.m.•191 views

USN-4748-1: Linux kernel vulnerabilities

It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service system crash. CVE-2020-27815 It was discovered that the memory management subsystem in the Linux kerne...

7.8CVSS7.1AI score0.01129EPSS
Exploits5
Ubuntu
Ubuntu
•added 2019/10/22 2:37 a.m.•191 views

USN-4157-2: Linux kernel (HWE) vulnerabilities

USN-4157-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.04. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 19.04 for Ubuntu 18.04 LTS. Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly...

10CVSS7.1AI score0.07619EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/06/04 10:47 p.m.•191 views

USN-4005-1: Linux kernel vulnerabilities

It was discovered that a null pointer dereference vulnerability existed in the LSI Logic MegaRAID driver in the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2019-11810 It was discovered that a race condition leading to a use-after-free existed in th...

9.3CVSS6.9AI score0.05789EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/12/17 1:14 p.m.•190 views

USN-7166-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - ACPI...

9.1CVSS7.4AI score0.01367EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/07/24 4:38 p.m.•190 views

USN-6242-1: OpenSSH vulnerability

It was discovered that OpenSSH incorrectly handled loading certain PKCS11 providers. If a user forwarded their ssh-agent to an untrusted system, a remote attacker could possibly use this issue to load arbitrary libraries from the user's system and execute arbitrary code...

9.8CVSS7.5AI score0.76768EPSS
Exploits10
Ubuntu
Ubuntu
•added 2019/05/30 10:57 p.m.•190 views

USN-4001-2: libseccomp vulnerability

USN-4001-1 fixed a vulnerability in libseccomp. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Jann Horn discovered that libseccomp did not correctly generate 64-bit syscall argument comparisons with arithmetic operators LT, GT, LE, GE. An attacker...

9.8CVSS7.3AI score0.03041EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/05/29 1:55 p.m.•190 views

USN-3996-1: GNU Screen vulnerability

Kuang-che Wu discovered that GNU Screen improperly handled certain input. An attacker could use this issue to cause GNU Screen to crash, resulting in a denial of service or the execution of arbitrary code...

5CVSS7.5AI score0.04148EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/03/05 8:48 p.m.•190 views

USN-3901-2: Linux kernel (HWE) vulnerabilities

USN-3901-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the userfaultd implementation in the Linux kernel did not...

6.7CVSS6.4AI score0.0051EPSS
Exploits5
Ubuntu
Ubuntu
•added 2018/10/01 6:47 p.m.•190 views

USN-3775-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3775-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that the paravirtualization implementation in the Linux kernel did n...

8.3CVSS7.6AI score0.14806EPSS
Exploits6
Ubuntu
Ubuntu
•added 2020/01/18 6:40 a.m.•189 views

USN-4225-2: Linux kernel (HWE) vulnerabilities

USN-4225-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 19.10 for Ubuntu 18.04 LTS. It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for...

10CVSS7.3AI score0.16908EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/07 8:52 p.m.•189 views

USN-4227-2: Linux kernel (Azure) vulnerabilities

USN-4227-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 ESM. It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the...

10CVSS7.3AI score0.16908EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/07/09 12:36 a.m.•189 views

USN-4051-1: Apport vulnerability

Kevin Backhouse discovered a race-condition when reading the user's local Apport configuration. This could be used by a local attacker to cause Apport to include arbitrary files in a resulting crash report...

7CVSS6.3AI score0.00314EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/06/10 6:50 p.m.•189 views

USN-4014-1: GLib vulnerability

It was discovered that GLib incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information...

9.8CVSS6.5AI score0.02602EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/10/01 6:52 p.m.•189 views

USN-3776-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3776-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn discovered that the vmacache subsystem did not properly handle sequence numb...

8.3CVSS7.6AI score0.08743EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/02/27 5:8 p.m.•188 views

USN-5888-1: Python vulnerabilities

It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2015-20107 Hamza Avvan discovered that Python incorrectly...

9.8CVSS7.6AI score0.20459EPSS
Exploits6
Ubuntu
Ubuntu
•added 2022/02/03 12:1 p.m.•188 views

USN-5270-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.28 in Ubuntu 20.04 LTS and Ubuntu 21.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.37. In addition to security fixes, the updated packages...

7.1CVSS6.3AI score0.02031EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/06/18 3:57 a.m.•188 views

USN-4992-1: GRUB 2 vulnerabilities

Máté Kukri discovered that the acpi command in GRUB 2 allowed privileged users to load crafted ACPI tables when secure boot is enabled. An attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2020-14372 Chris Coulson discovered that the rmmod command in GRUB 2 contained a use-...

8.2CVSS7.8AI score0.01738EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2019/10/01 3:53 a.m.•188 views

USN-4144-1: Linux kernel vulnerabilities

It was discovered that the XFS file system in the Linux kernel did not properly handle mount failures in some situations. A local attacker could possibly use this to cause a denial of service system crash or execute arbitrary code. CVE-2018-20976 Benjamin Moody discovered that the XFS file system...

7.8CVSS6.4AI score0.03916EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/09/06 12:54 p.m.•188 views

USN-4124-1: Exim vulnerability

It was discovered that Exim incorrectly handled certain decoding operations. A remote attacker could possibly use this issue to execute arbitrary commands...

10CVSS8.6AI score0.35736EPSS
Exploits3References1
Ubuntu
Ubuntu
•added 2019/09/02 9:30 p.m.•188 views

USN-4117-1: Linux kernel (AWS) vulnerabilities

It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2019-10126 Amit Klein and Benny Pinkas discovered that the Linux kerne...

9.8CVSS7.6AI score0.52199EPSS
Exploits23
Ubuntu
Ubuntu
•added 2022/08/02 4:11 a.m.•187 views

USN-5544-1: Linux kernel vulnerabilities

It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-1679...

7.8CVSS7.2AI score0.05451EPSS
Exploits12
Ubuntu
Ubuntu
•added 2021/09/08 11:38 p.m.•187 views

USN-5070-1: Linux kernel vulnerabilities

Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory...

8.8CVSS7.3AI score0.03354EPSS
Exploits5
Ubuntu
Ubuntu
•added 2021/03/20 4:51 a.m.•187 views

USN-4884-1: Linux kernel (OEM) vulnerabilities

Loris Reiff discovered that the BPF implementation in the Linux kernel did not properly validate attributes in the getsockopt BPF hook. A local attacker could possibly use this to cause a denial of service system crash. CVE-2021-20194 It was discovered that the priority inheritance futex...

7.8CVSS7AI score0.01377EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/02/18 12:22 p.m.•187 views

USN-4738-1: OpenSSL vulnerabilities

Paul Kehrer discovered that OpenSSL incorrectly handled certain input lengths in EVP functions. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. CVE-2021-23840 Tavis Ormandy discovered that OpenSSL incorrectly handled parsing issuer...

7.5CVSS6.6AI score0.50732EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/01/06 3:41 a.m.•187 views

USN-4680-1: Linux kernel vulnerabilities

It was discovered that debugfs in the Linux kernel as used by blktrace contained a use-after-free in some situations. A privileged local attacker could possibly use this to cause a denial of service system crash. CVE-2019-19770 It was discovered that a race condition existed in the binder IPC...

8.2CVSS7.2AI score0.06692EPSS
Exploits10
Ubuntu
Ubuntu
•added 2021/01/06 3:24 a.m.•187 views

USN-4679-1: Linux kernel vulnerabilities

It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose sensitive information kernel memory. CVE-2020-25656 Minh Yuan discovered that the tty driver in the Linux kernel contained race conditions when handling...

7.2CVSS6.4AI score0.01026EPSS
Exploits4
Ubuntu
Ubuntu
•added 2021/09/28 1:28 p.m.•186 views

USN-5090-3: Apache HTTP Server regression

USN-5090-1 fixed vulnerabilities in Apache HTTP Server. One of the upstream fixes introduced a regression in UDS URIs. This update fixes the problem. Original advisory details: James Kettle discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain crafted methods. A remote...

7.6AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2021/05/11 10:31 p.m.•186 views

USN-4948-1: Linux kernel (OEM) vulnerabilities

Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2021-3489...

8.8CVSS7.6AI score0.27477EPSS
Exploits11
Ubuntu
Ubuntu
•added 2020/07/27 10:46 p.m.•186 views

USN-4426-1: Linux kernel vulnerabilities

Jason A. Donenfeld discovered that the ACPI implementation in the Linux kernel did not properly restrict loading SSDT code from an EFI variable. A privileged attacker could use this to bypass Secure Boot lockdown restrictions and execute arbitrary code in the kernel. CVE-2019-20908 Fan Yang...

7.8CVSS7.4AI score0.01314EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/05/27 11:39 a.m.•186 views

USN-3976-3: Samba regression

USN-3976-1 fixed a vulnerability in Samba. The update introduced a regression causing Samba to occasionally crash. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Isaac Boukris and Andrew Bartlett discovered that Samba incorrectly checked S4U2Self...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2024/06/11 12:15 p.m.•185 views

USN-6817-2: Linux kernel (OEM) vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...

9.1CVSS7.5AI score0.01635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/03/02 11:22 p.m.•185 views

USN-5912-1: Linux kernel vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

7.8CVSS7.3AI score0.06346EPSS
Exploits8
Ubuntu
Ubuntu
•added 2022/07/14 12:2 p.m.•185 views

USN-5519-1: Python vulnerability

It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code...

8CVSS7.9AI score0.07017EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/06/23 1:18 a.m.•185 views

USN-4997-1: Linux kernel vulnerabilities

Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. CVE-2021-3609 Piotr Krysiuk discovered that the eBPF implementation in the Linux...

8.8CVSS7.5AI score0.07604EPSS
Exploits9
Ubuntu
Ubuntu
•added 2021/02/25 12:5 p.m.•185 views

USN-4754-1: Python vulnerabilities

It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. CVE-2020-27619, CVE-2021-3177...

9.8CVSS7.7AI score0.23293EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/01/28 3:38 a.m.•185 views

USN-4255-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. CVE-2019-14615 It was discovered that a race condition can lead to a use-after-free while...

7.8CVSS7.2AI score0.01447EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/02/04 10:21 p.m.•185 views

USN-3879-1: Linux kernel vulnerabilities

Wen Xu discovered that the ext4 file system implementation in the Linux kernel could possibly perform an out of bounds write when updating the journal for an inline file. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service system cras...

7.8CVSS6.4AI score0.00586EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/04/26 12:59 p.m.•184 views

USN-5390-1: Linux kernel vulnerabilities

David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-1015 David Bouman discovered that the netfilter subsystem in t...

7.8CVSS7.1AI score0.01467EPSS
Exploits11
Ubuntu
Ubuntu
•added 2022/04/26 11:49 a.m.•184 views

USN-5388-1: OpenJDK vulnerabilities

It was discovered that OpenJDK incorrectly limited memory when compiling a specially crafted XPath expression. An attacker could possibly use this issue to cause a denial of service. CVE-2022-21426 It was discovered that OpenJDK incorrectly handled converting certain object arguments into their...

7.5CVSS6.1AI score0.03825EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/07/20 5:36 p.m.•184 views

USN-5013-2: systemd vulnerabilities

USN-5013-1 fixed several vulnerabilities in systemd. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that systemd incorrectly handled certain mount paths. A local attacker could possibly use this issue to cause systemd to crash,...

6.1CVSS6.7AI score0.0865EPSS
Exploits3
Ubuntu
Ubuntu
•added 2021/03/16 6:51 a.m.•184 views

USN-4879-1: Linux kernel vulnerabilities

It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-36158 Loris Reiff discovered that the BPF implementation in t...

8.8CVSS6.6AI score0.02209EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/02/24 1:43 p.m.•184 views

USN-4698-2: Dnsmasq regression

USN-4698-1 fixed vulnerabilities in Dnsmasq. The updates introduced regressions in certain environments related to issues with multiple queries, and issues with retries. This update fixes the problem. Original advisory details: Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly...

6.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2019/02/22 8:8 a.m.•184 views

USN-3893-1: Bind vulnerabilities

Toshifumi Sakaguchi discovered that Bind incorrectly handled memory. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. CVE-2018-5744 It was discovered that Bind incorrectl...

7.5CVSS6.6AI score0.037EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/06/21 1:12 p.m.•183 views

USN-5487-1: Apache HTTP Server vulnerabilities

It was discovered that Apache HTTP Server modproxyajp incorrectly handled certain crafted request. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. CVE-2022-26377 It was discovered that Apache HTTP Server incorrectly handled certain request. An attacker...

9.8CVSS8.3AI score0.90407EPSS
Exploits2
Total number of security vulnerabilities5000