Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2021/10/04 12:4 p.m.•183 views

USN-4973-2: Python vulnerability

USN-4973-1 fixed this vulnerability previously, but it was re-introduced in python3.8 in focal because of the SRU in LP: 1928057. This update fixes the problem. Original advisory details: It was discovered that the Python stdlib ipaddress API incorrectly handled octal strings. A remote attacker...

9.8CVSS7.5AI score0.06827EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2021/09/16 5:13 p.m.•183 views

USN-5071-2: Linux kernel (HWE) vulnerabilities

USN-5071-1 fixed vulnerabilities in the Linux kernel for Ubuntu 20.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 20.04 LTS for Ubuntu 18.04 LTS. Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for...

8.8CVSS7.2AI score0.00687EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/06/05 6:45 p.m.•183 views

USN-1462-1: Bind vulnerabilities

Dan Luther discovered that Bind incorrectly handled zero length rdata fields. A remote attacker could use this flaw to cause Bind to crash or behave erratically, resulting in a denial of service. CVE-2012-1667 It was discovered that Bind incorrectly handled revoked domain names. A remote attacker...

8.5CVSS6.9AI score0.13538EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/03/22 5:43 p.m.•182 views

USN-5942-2: Apache HTTP Server vulnerability

USN-5942-1 fixed vulnerabilities in Apache HTTP Server. This update provides the corresponding update for CVE-2023-25690 for Ubuntu 16.04 ESM. Original advisory details: Lars Krapf discovered that the Apache HTTP Server modproxy module incorrectly handled certain configurations. A remote attacker...

9.8CVSS7.1AI score0.8377EPSS
Exploits5
Ubuntu
Ubuntu
•added 2022/02/01 11:56 a.m.•182 views

USN-5260-2: Samba vulnerability

Orange Tsai discovered that the Samba vfsfruit module incorrectly handled certain memory operations. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code as root. CVE-2021-44142...

9CVSS8AI score0.74042EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/01/27 2:59 p.m.•182 views

USN-4250-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.19 in Ubuntu 19.10. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.29. In addition to security fixes, the updated package...

6.5CVSS6.4AI score0.03485EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/12/02 11:45 p.m.•182 views

USN-4209-1: Linux kernel vulnerabilities

Jann Horn discovered that the OverlayFS and ShiftFS Drivers in the Linux kernel did not properly handle reference counting during memory mapping operations when used in conjunction with AUFS. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary...

9.8CVSS7.3AI score0.12651EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/07/18 5:22 p.m.•182 views

USN-4065-1: Squid vulnerabilities

It was discovered that Squid incorrectly handled Digest authentication. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. CVE-2019-12525 It was discovered that Squid incorrectly handled Basic authentication. A remote attacker could use this...

9.8CVSS6.7AI score0.50454EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/02/11 11:44 a.m.•182 views

USN-3886-1: poppler vulnerabilities

It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. CVE-2018-20551, CVE-2019-7310...

7.8CVSS6.7AI score0.02196EPSS
Exploits2
Ubuntu
Ubuntu
•added 2017/07/31 4:7 p.m.•182 views

USN-3373-1: Apache HTTP Server vulnerabilities

Emmanuel Dreyfus discovered that third-party modules using the apgetbasicauthpw function outside of the authentication phase may lead to authentication requirements being bypassed. This update adds a new apgetbasicauthcomponents function for use by third-party modules. CVE-2017-3167 Vasileios...

9.8CVSS7.2AI score0.57472EPSS
Exploits4
Ubuntu
Ubuntu
•added 2021/05/11 9:53 p.m.•181 views

USN-4946-1: Linux kernel vulnerabilities

It was discovered that the DRM subsystem in the Linux kernel contained double-free vulnerabilities. A privileged attacker could possibly use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-20292 Olivier Benjamin, Norbert Manthey, Martin Mazein, and Jan ...

7.8CVSS6.6AI score0.00872EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/09/17 12:31 p.m.•181 views

USN-4510-2: Samba vulnerability

USN-4510-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Tom Tervoort discovered that the Netlogon protocol implemented by Samba incorrectly handled the authentication scheme. A remote attacker could use this issue t...

10CVSS7.8AI score0.99512EPSS
Exploits75
Ubuntu
Ubuntu
•added 2020/03/25 1:39 a.m.•181 views

USN-4301-1: Linux kernel vulnerabilities

It was discovered that the KVM implementation in the Linux kernel, when paravirtual TLB flushes are enabled in guests, the hypervisor in some situations could miss deferred TLB flushes or otherwise mishandle them. An attacker in a guest VM could use this to expose sensitive information read memor...

7.8CVSS6.4AI score0.03286EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/02/18 7:35 p.m.•181 views

USN-4285-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. CVE-2019-14615 It was discovered that the HSA Linux kernel driver for AMD GPU devices did not...

7.8CVSS6.9AI score0.10114EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/01/13 12:43 a.m.•180 views

USN-5226-1: systemd vulnerability

It was discovered that systemd-tmpfiles employed uncontrolled recursion when removing deeply nested directory hierarchies. A local attacker could exploit this to cause systemd-tmpfiles to crash or have other unspecified impacts...

5.5CVSS7.1AI score0.01561EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/06/16 12:18 p.m.•180 views

USN-4989-1: BlueZ vulnerabilities

It was discovered that BlueZ incorrectly checked certain permissions when pairing. A local attacker could possibly use this issue to impersonate devices. CVE-2020-26558 Jay LV discovered that BlueZ incorrectly handled redundant disconnect MGMT events. A local attacker could use this issue to caus...

8.6CVSS7.5AI score0.04067EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/12/08 3:27 p.m.•180 views

USN-4662-1: OpenSSL vulnerability

David Benjamin discovered that OpenSSL incorrectly handled comparing certificates containing a EDIPartyName name type. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service...

5.9CVSS7AI score0.06968EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/10/23 3:29 a.m.•180 views

USN-4163-2: Linux kernel (Xenial HWE) vulnerabilities

USN-4163-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. It was discovered that a race condition existed in the ARC EMAC ethernet driver for th...

10CVSS6.9AI score0.07619EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/07/08 6:1 p.m.•180 views

USN-4050-1: ZeroMQ vulnerability

It was discovered that ZeroMQ incorrectly handled certain application metadata. A remote attacker could use this issue to cause ZeroMQ to crash, or possibly execute arbitrary code...

9.8CVSS8AI score0.42464EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/06 11:34 a.m.•179 views

USN-7180-1: Python vulnerabilities

It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code or cause a crash. CVE-2022-48560 It was discovered that Python did not properly handle XML entity declarations in plist files. An attacker could possibly use this...

9.8CVSS7.9AI score0.20459EPSS
Exploits8
Ubuntu
Ubuntu
•added 2022/01/21 1:56 p.m.•179 views

USN-5246-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct spoofing attacks, bypass security...

10CVSS8AI score0.0202EPSS
Exploits7
Ubuntu
Ubuntu
•added 2022/01/12 7:31 p.m.•179 views

USN-5223-1: Apache Log4j 1.2 vulnerability

It was discovered that Apache Log4j 1.2 was vulnerable to deserialization of untrusted data if the configuration file was editable. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code...

7.5CVSS8.1AI score0.81147EPSS
Exploits9
Ubuntu
Ubuntu
•added 2021/06/17 11:1 a.m.•179 views

USN-4990-1: Nettle vulnerabilities

It was discovered that Nettle incorrectly handled RSA decryption. A remote attacker could possibly use this issue to cause Nettle to crash, resulting in a denial of service. CVE-2021-3580 It was discovered that Nettle incorrectly handled certain padding oracles. A remote attacker could possibly u...

7.5CVSS5.8AI score0.02686EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/14 12:19 a.m.•179 views

USN-4954-1: GNU C Library vulnerabilities

Jason Royes and Samuel Dytrych discovered that the memcpy implementation for 32 bit ARM processors in the GNU C Library contained an integer underflow vulnerability. An attacker could possibly use this to cause a denial of service application crash or execute arbitrary code. CVE-2020-6096 It was...

8.1CVSS6.5AI score0.05223EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/04/22 11:1 p.m.•179 views

USN-4925-1: Shibboleth vulnerability

Toni Huttunen and Fraktal Oy discovered that the Shibboleth Service provider allowed content injection due to allowing attacker-controlled parameters in error or other status pages. An attacker could use this to inject malicious content...

5.3CVSS5.8AI score0.01294EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/04/22 11:40 a.m.•179 views

USN-4336-1: GNU binutils vulnerabilities

It was discovered that GNU binutils contained a large number of security issues. If a user or automated system were tricked into processing a specially-crafted file, a remote attacker could cause GNU binutils to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS6.5AI score0.0669EPSS
Exploits36
Ubuntu
Ubuntu
•added 2020/01/07 8:10 p.m.•179 views

USN-4228-2: Linux kernel (Xenial HWE) vulnerabilities

USN-4228-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex...

10CVSS7.3AI score0.16908EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/25 11:57 a.m.•179 views

USN-4074-1: VLC vulnerabilities

It was discovered that the VLC CAF demuxer incorrectly handled certain files. If a user were tricked into opening a specially-crafted CAF file, a remote attacker could use this issue to cause VLC to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2018-19857...

9.8CVSS8.3AI score0.05295EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/02/06 1:12 p.m.•178 views

USN-7259-1: GNU C Library vulnerability

It was discovered that GNU C Library incorrectly handled memory when using the assert function. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

6.2CVSS7.1AI score0.00349EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/03/17 7:10 p.m.•178 views

USN-5333-2: Apache HTTP Server vulnerabilities

USN-5333-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Chamal De Silva discovered that the Apache HTTP Server modlua module incorrectly handled certain crafted request bodies. A remote...

9.8CVSS8.6AI score0.69803EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/09/08 11:40 a.m.•178 views

USN-5067-1: SSSD vulnerabilities

Jakub Hrozek discovered that SSSD incorrectly handled file permissions. A local attacker could possibly use this issue to read the sudo rules available for any user. This issue only affected Ubuntu 18.04 LTS. CVE-2018-10852 It was discovered that SSSD incorrectly handled Group Policy Objects. Whe...

9.3CVSS6.3AI score0.02524EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/08/26 12:40 p.m.•178 views

USN-5051-2: OpenSSL vulnerability

USN-5051-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1 strings. A remote attacker could use this issue to cause OpenSSL...

7.4CVSS6.8AI score0.50445EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/04/15 11:35 p.m.•178 views

USN-4917-1: Linux kernel vulnerabilities

It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. CVE-2021-3493 Vincent Dehors discovered that the shiftfs file...

8.8CVSS7.5AI score0.43988EPSS
Exploits28
Ubuntu
Ubuntu
•added 2020/11/11 12:31 a.m.•178 views

USN-4626-1: Linux kernel vulnerabilities

Simon Scannell discovered that the bpf verifier in the Linux kernel did not properly calculate register bounds for certain operations. A local attacker could use this to expose sensitive information kernel memory or gain administrative privileges. CVE-2020-27194 Moritz Lipp, Michael Schwarz,...

5.5CVSS6.6AI score0.02018EPSS
Exploits5
Ubuntu
Ubuntu
•added 2019/11/11 12:21 p.m.•178 views

USN-4180-1: Bash vulnerability

It was discovered that Bash incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

7.8CVSS7.2AI score0.0051EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/06/24 3:43 p.m.•178 views

USN-4032-1: Firefox vulnerability

It was discovered that a sandboxed child process could open arbitrary web content in the parent process via the Prompt:Open IPC message. When combined with another vulnerability, an attacker could potentially exploit this to execute arbitrary code...

10CVSS8.9AI score0.55874EPSS
Exploits10
Ubuntu
Ubuntu
•added 2019/01/31 7:20 p.m.•178 views

USN-3871-2: Linux kernel regression

USN-3871-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. Unfortunately, that update introduced regressions with docking station displays and mounting ext4 file systems with the metabg option enabled. This update fixes the problems. We apologize for the inconvenience. Original...

6.8AI score
Exploits0References2
Ubuntu
Ubuntu
•added 2018/09/18 7:22 a.m.•178 views

USN-3766-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled restarting certain child processes when php-fpm is used. A remote attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 18.04 LTS. CVE-2015-9253 It was discovered that PHP incorrectly handled...

7.5CVSS6.6AI score0.08975EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/05/04 1:21 p.m.•177 views

USN-5402-1: OpenSSL vulnerabilities

Elison Niven discovered that OpenSSL incorrectly handled the crehash script. A local attacker could possibly use this issue to execute arbitrary commands when crehash is run. CVE-2022-1292 Raul Metsma discovered that OpenSSL incorrectly verified certain response signing certificates. A remote...

10CVSS6.9AI score0.83223EPSS
Exploits5
Ubuntu
Ubuntu
•added 2022/01/11 8:42 p.m.•177 views

USN-5222-1: Apache Log4j 2 vulnerabilities

It was discovered that Apache Log4j 2 was vulnerable to remote code execution RCE attack when configured to use a JDBC Appender with a JNDI LDAP data source URI. A remote attacker could possibly use this issue to cause a crash, leading to a denial of service. CVE-2021-44832 Hideki Okamoto and Guy...

8.5CVSS7.5AI score0.99999EPSS
Exploits22
Ubuntu
Ubuntu
•added 2021/05/19 2:0 p.m.•177 views

USN-4962-1: Babel vulnerability

It was discovered that Babel incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code...

8AI score
Exploits0
Ubuntu
Ubuntu
•added 2020/09/30 1:44 p.m.•177 views

USN-4559-1: Samba update

Tom Tervoort discovered that the Netlogon protocol implemented by Samba incorrectly handled the authentication scheme. A remote attacker could use this issue to forge an authentication token and steal the credentials of the domain admin. While a previous security update fixed the issue by changin...

10CVSS7.8AI score0.99512EPSS
Exploits75
Ubuntu
Ubuntu
•added 2020/05/19 8:33 p.m.•177 views

USN-4364-1: Linux kernel vulnerabilities

It was discovered that the ADIS16400 IIO IMU Driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2019-19060 It was discovered that the vhost net driver in the Linux kernel...

7.8CVSS7AI score0.03755EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/10/14 2:46 p.m.•177 views

USN-4154-1: Sudo vulnerability

Joe Vennix discovered that Sudo incorrectly handled certain user IDs. An attacker could potentially exploit this to execute arbitrary commands as the root user...

9CVSS7.7AI score0.63917EPSS
Exploits10
Ubuntu
Ubuntu
•added 2019/05/15 4:5 a.m.•177 views

USN-3981-2: Linux kernel (HWE) vulnerabilities

USN-3981-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS and for the Linux Azure kernel for Ubuntu 14.04 LTS. Ke Sun, Henrique Kawakami, Kekai H...

8.3CVSS7.7AI score0.03844EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2023/01/24 10:34 p.m.•176 views

USN-5823-2: MySQL vulnerability

USN-5823-1 fixed a vulnerability in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to MySQL...

4.9CVSS7AI score0.01115EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/01/27 6:37 a.m.•176 views

USN-5247-1: Vim vulnerabilities

It was discovered that vim incorrectly handled parsing of filenames in its search functionality. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service. This issue only affected Ubuntu 21.10. CVE-2021-3973 It was...

9.3CVSS7.8AI score0.01792EPSS
Exploits5
Ubuntu
Ubuntu
•added 2021/07/20 9:48 p.m.•176 views

USN-5017-1: Linux kernel vulnerabilities

It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2021-33909 It was discovered that the bluetooth...

7.8CVSS7.2AI score0.09729EPSS
Exploits6
Ubuntu
Ubuntu
•added 2021/05/10 11:40 a.m.•176 views

USN-4939-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

9.8CVSS7.5AI score0.0712EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/03/03 11:38 a.m.•176 views

USN-4754-4: Python 2.7 vulnerability

USN-4754-1 fixed vulnerabilities in Python. Because of a regression, a subsequent update removed the fix for CVE-2021-3177. This update reinstates the security fix for CVE-2021-3177. We apologize for the inconvenience. Original advisory details: It was discovered that Python incorrectly handled...

9.8CVSS7.8AI score0.23293EPSS
Exploits1
Total number of security vulnerabilities5000