Lucene search
K
UbuntuMost viewed

10894 matches found

Ubuntu
Ubuntu
added 2021/02/08 1:12 p.m.176 views

USN-4725-1: QEMU vulnerabilities

It was discovered that QEMU incorrectly handled memory in iSCSI emulation. An attacker inside the guest could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. CVE-2020-11947 Alexander Bulekov discovered tha...

7.5CVSS6.5AI score0.00654EPSS
Exploits2
Ubuntu
Ubuntu
added 2020/12/13 9:0 p.m.176 views

USN-4659-2: Linux kernel regression

USN-4659-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression in the software raid10 driver when used with fstrim that could lead to data corruption. This update fixes the problem. Original advisory details: It was discovered that a race condition existe...

7.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2019/07/22 11:54 a.m.176 views

USN-4066-2: ClamAV vulnerability

USN-4066-1 fixed a vulnerability in libmspack. This update provides the corresponding update for ClamAV in Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that ClamAV incorrectly handled certain CHM files. A remote attacker could possibly use this issue to acce...

5.5CVSS6.8AI score0.01464EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/05/15 4:18 a.m.176 views

USN-3983-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3983-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Luta...

5.9CVSS6.5AI score0.01553EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2019/04/10 4:53 p.m.176 views

USN-3944-1: wpa_supplicant and hostapd vulnerabilities

It was discovered that wpasupplicant and hostapd were vulnerable to a side channel attack against EAP-pwd. A remote attacker could possibly use this issue to recover certain passwords. CVE-2019-9495 Mathy Vanhoef discovered that wpasupplicant and hostapd incorrectly validated received scalar and...

8.1CVSS6.6AI score0.05372EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/03/24 2:47 a.m.175 views

USN-5971-1: Graphviz vulnerabilities

It was discovered that graphviz contains null pointer dereference vulnerabilities. Exploitation via a specially crafted input file can cause a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2018-10196 It was discovered that graphviz contains null pointer dereference...

8.8CVSS7.5AI score0.05037EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/03/09 2:30 p.m.175 views

USN-5942-1: Apache HTTP Server vulnerabilities

Lars Krapf discovered that the Apache HTTP Server modproxy module incorrectly handled certain configurations. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. CVE-2023-25690 Dimas Fariski Setyawan Putra discovered that the Apache HTTP Server modproxyuws...

9.8CVSS7.2AI score0.8377EPSS
Exploits5
Ubuntu
Ubuntu
added 2023/02/09 3:20 p.m.175 views

USN-5851-1: Linux kernel vulnerabilities

It was discovered that a memory leak existed in the Unix domain socket implementation of the Linux kernel. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2022-3543 It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly...

8.8CVSS7AI score0.01393EPSS
Exploits3
Ubuntu
Ubuntu
added 2021/10/07 4:48 p.m.175 views

USN-5022-3: MySQL vulnerabilities

USN-5022-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to...

7.1CVSS7AI score0.08216EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/05/12 4:53 p.m.175 views

USN-4952-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.25 in Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. Ubuntu 18.04 LTS has been updated to MySQL 5.7.34. In addition to security fixes, the...

6.5CVSS7.3AI score0.04643EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/25 3:9 a.m.175 views

USN-4889-1: Linux kernel vulnerabilities

Adam Nichols discovered that heap overflows existed in the iSCSI subsystem in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-27365 Adam Nichols discovered that the iSCSI subsystem in the Linux kernel did not...

7.8CVSS7AI score0.02079EPSS
Exploits3
Ubuntu
Ubuntu
added 2016/09/13 4:56 p.m.175 views

USN-3078-1: MySQL vulnerability

Dawid Golunski discovered that MySQL incorrectly handled configuration files. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. MySQL has been updated to 5.5.52 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 16.04 LTS has been updated to MySQL 5.7.1...

10CVSS8.2AI score0.6773EPSS
Exploits16
Ubuntu
Ubuntu
added 2021/04/13 2:51 p.m.174 views

USN-4904-1: Linux kernel vulnerabilities

Ben Harris discovered that the Linux kernel would strip extended privilege attributes of files when performing a failed unprivileged system call. A local attacker could use this to cause a denial of service. CVE-2015-1350 Andrey Konovalov discovered that the video4linux driver for Hauppauge HD PV...

7.8CVSS6.9AI score0.03255EPSS
Exploits2
Ubuntu
Ubuntu
added 2020/12/02 2:18 a.m.174 views

USN-4659-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-0423 Daniele Antonioli, Nils Ole...

7.8CVSS7.2AI score0.06692EPSS
Exploits6
Ubuntu
Ubuntu
added 2025/02/05 5:8 a.m.173 views

USN-7257-1: Kerberos vulnerability

Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc Stevens, and Adam Suhl discovered that Kerberos incorrectly authenticated certain responses. An attacker able to intercept communications between a RADIUS client and server could possibly use this issue to forge responses, bypas...

9CVSS8AI score0.14859EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/06/01 4:30 a.m.173 views

USN-5443-2: Linux kernel vulnerabilities

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS6.6AI score0.01027EPSS
Exploits2
Ubuntu
Ubuntu
added 2025/01/14 11:32 p.m.172 views

USN-7206-1: rsync vulnerabilities

Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync did not properly handle checksum lengths. An attacker could use this issue to execute arbitrary code. CVE-2024-12084 Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync compared checksums with...

9.8CVSS7.7AI score0.72059EPSS
Exploits8
Ubuntu
Ubuntu
added 2022/08/10 2:30 p.m.172 views

USN-5562-1: Linux kernel vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.6AI score0.12746EPSS
Exploits25
Ubuntu
Ubuntu
added 2022/08/04 4:17 p.m.172 views

USN-5551-1: mod-wsgi vulnerability

It was discovered that mod-wsgi did not correctly remove the X-Client-IP header when processing requests from untrusted proxies. A remote attacker could use this issue to pass the header to WSGI applications, contrary to expectations...

7.5CVSS7.2AI score0.0069EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/03/09 12:42 a.m.172 views

USN-5318-1: Linux kernel vulnerabilities

Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-25636 Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida...

7.8CVSS7.5AI score0.02633EPSS
Exploits6References1
Ubuntu
Ubuntu
added 2021/12/17 7:43 a.m.172 views

USN-5202-1: OpenJDK vulnerabilities

Varnavas Papaioannou discovered that the FTP client implementation in OpenJDK accepted alternate server IP addresses when connecting with FTP passive mode. An attacker controlling an FTP server that an application connects to could possibly use this to expose sensitive information rudimentary por...

7.5CVSS6.2AI score0.14839EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/09/17 6:27 a.m.172 views

USN-5073-2: Linux kernel (GCP) vulnerabilities

Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory...

8.8CVSS7.3AI score0.00687EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/03/23 9:57 p.m.172 views

USN-4887-1: Linux kernel vulnerabilities

De4dCr0w of 360 Alpha Lab discovered that the BPF verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker could use this to expose sensitive information kernel memory or possibly execute arbitrary code...

7.8CVSS7.5AI score0.02079EPSS
Exploits3
Ubuntu
Ubuntu
added 2019/06/11 11:38 a.m.172 views

USN-4014-2: GLib vulnerability

USN-4014-1 fixed a vulnerability in GLib. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that GLib incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information...

9.8CVSS6.5AI score0.02602EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/05/22 4:19 p.m.172 views

USN-3993-2: curl vulnerability

USN-3993-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that curl incorrectly handled memory when receiving data from a TFTP server. A remote attacker could use this issue to...

7.8CVSS6.5AI score0.49739EPSS
Exploits1
Ubuntu
Ubuntu
added 2010/02/05 12:37 a.m.172 views

USN-894-1: Linux kernel vulnerabilities

Amerigo Wang and Eric Sesterhenn discovered that the HFS and ext4 filesystems did not correctly check certain disk structures. If a user were tricked into mounting a specially crafted filesystem, a remote attacker could crash the system or gain root privileges. CVE-2009-4020, CVE-2009-4308 It was...

10CVSS7.3AI score0.0838EPSS
Exploits10
Ubuntu
Ubuntu
added 2023/02/01 1:9 p.m.171 views

USN-5839-1: Apache HTTP Server vulnerabilities

It was discovered that the Apache HTTP Server moddav module incorrectly handled certain If: request headers. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. CVE-2006-20001 ZeddYuLu discovered that the Apache HTTP Server modproxyajp...

9CVSS7.1AI score0.57941EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/31 10:50 a.m.171 views

USN-4898-1: curl vulnerabilities

Viktor Szakats discovered that curl did not strip off user credentials from referrer header fields. A remote attacker could possibly use this issue to obtain sensitive information. CVE-2021-22876 Mingtao Yang discovered that curl incorrectly handled session tickets when using an HTTPS proxy. A...

5.3CVSS6.6AI score0.05301EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/07/08 3:59 p.m.171 views

USN-4049-1: GLib vulnerability

It was discovered that GLib created directories and files without properly restricting permissions. An attacker could possibly use this issue to access sensitive information...

7.5CVSS7.4AI score0.03211EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/03/26 4:56 p.m.171 views

USN-3922-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. CVE-2019-9637, CVE-2019-9638, CVE-2019-9639, CVE-2019-9640, CVE-2019-9641...

9.8CVSS7.1AI score0.09395EPSS
Exploits5
Ubuntu
Ubuntu
added 2015/08/17 4:31 p.m.171 views

USN-2711-1: Net-SNMP vulnerabilities

It was discovered that Net-SNMP incorrectly handled certain trap messages when the -OQ option was used. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service. CVE-2014-3565 Qinghao Tang discovered that Net-SNMP incorrectly handled SNMP PDU parsing...

7.5CVSS7.6AI score0.40002EPSS
Exploits2
Ubuntu
Ubuntu
added 2025/01/21 3:15 p.m.170 views

USN-7220-1: Vim vulnerability

It was discovered that Vim incorrectly handled memory when closing buffers with the visual mode active. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

5.5CVSS5.8AI score0.00367EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/09/13 9:38 a.m.170 views

USN-7007-1: Linux kernel vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Chenyuan Yang discovered that the USB Gadget subsystem in...

9.8CVSS7.5AI score0.02701EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/11/21 7:16 p.m.170 views

USN-6502-1: Linux kernel vulnerabilities

Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. CVE-2023-25775 Yu Hao discover...

9.8CVSS7.5AI score0.00978EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/07/26 8:29 a.m.170 views

LSN-0079-1: Kernel Live Patch Security Notice

It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code.CVE-2021-3600 It was discovered that the virtual file system...

7.8CVSS7.2AI score0.09729EPSS
Exploits6
Ubuntu
Ubuntu
added 2021/07/20 10:11 p.m.170 views

USN-5018-1: Linux kernel vulnerabilities

It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2021-33909 Piotr Krysiuk discovered that the eBPF...

7.8CVSS7.5AI score0.09729EPSS
Exploits11
Ubuntu
Ubuntu
added 2021/03/29 4:28 p.m.170 views

USN-4890-1: Linux kernel vulnerabilities

Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly compute a speculative execution limit on pointer arithmetic in some situations. A local attacker could use this to expose sensitive information kernel memory. CVE-2020-27171 Piotr Krysiuk discovered that the BPF...

6CVSS7.1AI score0.00577EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/04/10 1:3 p.m.170 views

USN-3937-2: Apache vulnerabilities

USN-3937-1 and USN-3627-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Simon Kappel discovered that the Apache HTTP Server modauthdigest module incorrectly handled threads. A remote attacker with valid...

9.8CVSS7AI score0.18197EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/01/27 3:31 p.m.170 views

USN-2880-1: Firefox vulnerabilities

Bob Clary, Christian Holler, Nils Ohlmeier, Gary Kwong, Jesse Ruderman, Carsten Book, Randell Jesup, Nicolas Pierron, Eric Rescorla, Tyson Smith, and Gabor Krizsanits discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker...

10CVSS8.2AI score0.05992EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/10/04 4:51 p.m.169 views

USN-5100-1: containerd vulnerability

It was discovered that containerd insufficiently restricted permissions on container root and plugin directories. If a user or automated system were tricked into launching a specially crafted container image, a remote attacker could traverse directory contents and modify files and execute program...

7.8CVSS6.6AI score0.00482EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/06/17 2:59 p.m.169 views

USN-4991-1: libxml2 vulnerabilities

Yunho Kim discovered that libxml2 incorrectly handled certain error conditions. A remote attacker could exploit this with a crafted XML file to cause a denial of service, or possibly cause libxml2 to expose sensitive information. This issue only affected Ubuntu 14.04 ESM, and Ubuntu 16.04 ESM...

9.1CVSS7.4AI score0.0828EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/05/04 2:0 p.m.169 views

USN-4934-1: Exim vulnerabilities

It was discovered that Exim contained multiple security issues. An attacker could use these issues to cause a denial of service, execute arbitrary code remotely, obtain sensitive information, or escalate local privileges...

9.8CVSS7.8AI score0.61061EPSS
Exploits6
Ubuntu
Ubuntu
added 2019/12/02 11:37 p.m.169 views

USN-4208-1: Linux kernel vulnerabilities

Jann Horn discovered that the OverlayFS and ShiftFS Drivers in the Linux kernel did not properly handle reference counting during memory mapping operations when used in conjunction with AUFS. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary...

9.8CVSS6.5AI score0.06652EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/07/08 6:15 p.m.169 views

USN-4049-2: GLib vulnerability

USN-4049-1 fixed a vulnerability in GLib. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that GLib created directories and files without properly restricting permissions. An attacker could possibly use this iss...

7.5CVSS7.4AI score0.03211EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/06/19 5:21 p.m.169 views

USN-4019-2: SQLite vulnerabilities

USN-4019-1 fixed several vulnerabilities in sqlite3. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Original advisory details: It was discovered that SQLite incorrectly handled certain SQL files. An attacker could possibly use this issue to execute arbitrary cod...

9.8CVSS7.4AI score0.45426EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/10/01 12:12 p.m.169 views

USN-3773-1: Ghostscript vulnerabilities

It was discovered that Ghostscript contained multiple security issues. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service...

7.8CVSS7.4AI score0.01829EPSS
Exploits1
Ubuntu
Ubuntu
added 2017/07/20 11:18 p.m.169 views

USN-3358-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information kernel memory. CVE-2014-9900 Alexander Potapenko discovered a race condition in the Advanced Linux Sound Architecture ALSA subsystem i...

5.5CVSS6.3AI score0.00721EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/03/22 12:12 p.m.168 views

USN-5341-1: GNU binutils vulnerabilities

It was discovered that GNU binutils incorrectly handled checks for memory allocation when parsing relocs in a corrupt file. An attacker could possibly use this issue to cause a denial of service. CVE-2017-17122 It was discovered that GNU binutils incorrectly handled certain corrupt DWARF debug...

7.8CVSS6.6AI score0.01885EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/07/20 9:22 p.m.168 views

USN-5015-1: Linux kernel (OEM) vulnerabilities

It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2021-33909 Michael Brown discovered that the Xen...

7.8CVSS7.5AI score0.09729EPSS
Exploits8
Ubuntu
Ubuntu
added 2021/03/16 6:2 a.m.168 views

USN-4877-1: Linux kernel vulnerabilities

It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-36158 吴异 discovered that the NFS implementation in the Linux...

8.8CVSS6.7AI score0.02417EPSS
Exploits0
Total number of security vulnerabilities5000