Lucene search
K
UbuntuMost viewed

10915 matches found

Ubuntu
Ubuntu
added 2021/07/20 9:22 p.m.168 views

USN-5015-1: Linux kernel (OEM) vulnerabilities

It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2021-33909 Michael Brown discovered that the Xen...

7.8CVSS7.5AI score0.09729EPSS
Exploits8
Ubuntu
Ubuntu
added 2021/03/16 6:2 a.m.168 views

USN-4877-1: Linux kernel vulnerabilities

It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-36158 吴异 discovered that the NFS implementation in the Linux...

8.8CVSS6.7AI score0.02417EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/02/01 1:48 p.m.168 views

USN-4716-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.23 in Ubuntu 20.04 LTS and Ubuntu 20.10. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.33. In addition to security fixes...

7.1CVSS6.5AI score0.10093EPSS
Exploits3
Ubuntu
Ubuntu
added 2020/09/08 7:20 a.m.168 views

USN-4489-1: Linux kernel vulnerability

Or Cohen discovered that the AFPACKET implementation in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7AI score0.01308EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/12/03 2:17 a.m.168 views

USN-4211-1: Linux kernel vulnerabilities

Zhipeng Xie discovered that an infinite loop could be triggered in the CFS Linux kernel process scheduler. A local attacker could possibly use this to cause a denial of service. CVE-2018-20784 Nicolas Waisman discovered that the WiFi driver stack in the Linux kernel did not properly validate SSID...

9.8CVSS6.9AI score0.06652EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/08/29 1:31 a.m.168 views

USN-4111-1: Ghostscript vulnerabilities

Hiroki Matsukuma discovered that the PDF interpreter in Ghostscript did not properly restrict privileged calls when ‘-dSAFER’ restrictions were in effect. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access...

9.8CVSS7.6AI score0.11397EPSS
Exploits2
Ubuntu
Ubuntu
added 2017/10/03 12:24 p.m.168 views

USN-3430-2: Dnsmasq vulnerabilities

USN-3430-1 fixed several vulnerabilities in Dnsmasq. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. A remote attacker could...

9.8CVSS7.8AI score0.93307EPSS
Exploits32
Ubuntu
Ubuntu
added 2015/08/14 3:26 p.m.168 views

USN-2710-1: OpenSSH vulnerabilities

Moritz Jodeit discovered that OpenSSH incorrectly handled usernames when using PAM authentication. If an additional vulnerability were discovered in the OpenSSH unprivileged child process, this issue could allow a remote attacker to perform user impersonation. CVE number pending Moritz Jodeit...

8.5CVSS6.7AI score0.09302EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/01/30 1:39 p.m.167 views

USN-7245-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.41 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. In addition to security fixes, the updated packages contain bug...

6.5CVSS6.3AI score0.01236EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/12/16 12:24 p.m.167 views

USN-7162-1: curl vulnerability

Harry Sintonen discovered that curl incorrectly handled credentials from .netrc files when following HTTP redirects. In certain configurations, the password for the first host could be leaked to the followed-to host, contrary to expectations...

3.4CVSS6.9AI score0.01378EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/04/26 1:39 p.m.167 views

USN-6043-1: Linux kernel vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS7AI score0.0788EPSS
Exploits15
Ubuntu
Ubuntu
added 2022/02/22 8:26 p.m.167 views

USN-5300-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. CVE-2015-9253, CVE-2017-8923, CVE-2017-9118, CVE-2017-9120 It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this iss...

9.8CVSS7AI score0.25951EPSS
Exploits6
Ubuntu
Ubuntu
added 2020/07/31 1:22 a.m.167 views

USN-4440-1: linux kernel vulnerabilities

It was discovered that the network block device nbd implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service system crash. CVE-2019-16089 It was discovered that the kernel-user space relay...

7.8CVSS7.2AI score0.01314EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/09/18 10:27 a.m.167 views

USN-4135-2: Linux kernel vulnerabilities

Peter Pi discovered a buffer overflow in the virtio network backend vhostnet implementation in the Linux kernel. An attacker in a guest may be able to use this to cause a denial of service host OS crash or possibly execute arbitrary code in the host OS. CVE-2019-14835 It was discovered that the...

7.8CVSS7.3AI score0.00627EPSS
Exploits3
Ubuntu
Ubuntu
added 2019/08/29 4:49 a.m.167 views

USN-4112-1: Ceph vulnerability

Abhishek Lekshmanan discovered that the RADOS gateway implementation in Ceph did not handle client disconnects properly in some situations. A remote attacker could use this to cause a denial of service...

7.5CVSS7.3AI score0.0461EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/07/16 12:14 p.m.167 views

USN-4060-1: NSS vulnerabilities

Henry Corrigan-Gibbs discovered that NSS incorrectly handled importing certain curve25519 private keys. An attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly obtain sensitive information. CVE-2019-11719 Hubert Kario discovered that NSS incorrectly...

7.5CVSS7.6AI score0.02794EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/05/28 5:2 p.m.167 views

USN-3995-2: Keepalived vulnerability

USN-3995-1 fixed a vulnerability in keepalived. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that Keepalived incorrectly handled certain HTTP status response codes. A remote attacker could use this issue to...

9.8CVSS8AI score0.03746EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/04/17 3:26 p.m.166 views

USN-6729-2: Apache HTTP Server vulnerabilities

USN-6729-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly...

7.5CVSS7.5AI score0.91327EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/05/13 5:12 p.m.166 views

USN-4953-1: AWStats vulnerabilities

Sean Boran discovered that AWStats incorrectly filtered certain parameters. A remote attacker could possibly use this issue to execute arbitrary code. CVE-2020-29600 It was discovered that AWStats incorrectly filtered certain parameters. A remote attacker could possibly use this issue to access...

9.8CVSS7.8AI score0.04352EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/05/11 8:52 p.m.166 views

USN-4945-1: Linux kernel vulnerabilities

It was discovered that the Nouveau GPU driver in the Linux kernel did not properly handle error conditions in some situations. A local attacker could use this to cause a denial of service system crash. CVE-2020-25639 Jan Beulich discovered that the Xen netback backend in the Linux kernel did not...

8.8CVSS6.5AI score0.01316EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/02/05 1:4 a.m.166 views

USN-4711-1: Linux kernel vulnerabilities

It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data...

8.1CVSS6.4AI score0.06563EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/01/28 8:4 p.m.165 views

USN-7235-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; - Network traffic control; - VMware vSockets driver; CVE-2024-53164, CVE-2024-53103, CVE-2024-53141...

7.8CVSS7.1AI score0.00396EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/08/08 9:48 p.m.165 views

USN-6949-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - M68K architecture; - OpenRISC architecture; - PowerPC architecture; -...

9.8CVSS7.1AI score0.01483EPSS
Exploits3
Ubuntu
Ubuntu
added 2021/08/24 3:26 p.m.165 views

USN-5051-1: OpenSSL vulnerabilities

John Ouyang discovered that OpenSSL incorrectly handled decrypting SM2 data. A remote attacker could use this issue to cause applications using OpenSSL to crash, resulting in a denial of service, or possibly change application behaviour. CVE-2021-3711 Ingo Schwarze discovered that OpenSSL...

9.8CVSS6.8AI score0.87816EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/02/16 9:33 p.m.165 views

USN-4734-2: wpa_supplicant and hostapd vulnerabilities

USN-4734-1 fixed several vulnerabilities in wpasupplicant. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that wpasupplicant did not properly handle P2P Wi-Fi Direct group information in some situations, leading to a heap overflow. A physically proximate...

7.9CVSS7.5AI score0.15193EPSS
Exploits4
Ubuntu
Ubuntu
added 2021/01/19 12:48 p.m.165 views

USN-4698-1: Dnsmasq vulnerabilities

Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled memory when sorting RRsets. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. CVE-2020-25681, CVE-2020-25687 Moshe Kol and Shlomi Oberman...

8.3CVSS6.2AI score0.86692EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/10/02 11:39 a.m.165 views

USN-4146-1: ClamAV vulnerabilities

It was discovered that ClamAV incorrectly handled unpacking ZIP files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. CVE-2019-12625 It was discovered that ClamAV incorrectly handled unpacking bzip2 files. A remote attacker could use th...

9.8CVSS7.5AI score0.08042EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/06/11 4:38 p.m.165 views

USN-4015-1: DBus vulnerability

Joe Vennix discovered that DBus incorrectly handled DBUSCOOKIESHA1 authentication. A local attacker could possibly use this issue to bypass authentication and connect to DBus servers with elevated privileges...

7.1CVSS7.2AI score0.00555EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/03/05 8:44 p.m.165 views

USN-3901-1: Linux kernel vulnerabilities

Jann Horn discovered that the userfaultd implementation in the Linux kernel did not properly restrict access to certain ioctls. A local attacker could use this possibly to modify files. CVE-2018-18397 It was discovered that the crypto subsystem of the Linux kernel leaked uninitialized memory to...

6.7CVSS6.3AI score0.0051EPSS
Exploits5
Ubuntu
Ubuntu
added 2024/12/17 2:50 p.m.164 views

USN-7167-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-50264, CVE-2024-49967, CVE-2024-530...

7.8CVSS7.1AI score0.00352EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/08/24 3:49 p.m.164 views

USN-5580-1: Linux kernel (AWS) vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 It was...

7.8CVSS7.2AI score0.05542EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/02/22 7:43 a.m.164 views

USN-5297-1: Linux kernel (GKE) vulnerabilities

Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service system crash or possibly...

7.8CVSS7.1AI score0.02579EPSS
Exploits7
Ubuntu
Ubuntu
added 2021/02/01 3:53 p.m.164 views

USN-4715-2: Django vulnerability

USN-4715-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Wang Baohua discovered that Django incorrectly extracted archive files. A remote attacker could possibly use this issue to extract files outside of their...

5.3CVSS6.8AI score0.07605EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/09/24 3:59 a.m.164 views

USN-4525-1: Linux kernel vulnerabilities

It was discovered that the AMD Cryptographic Coprocessor device driver in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2019-18808 It was discovered that the Conexant 23885 TV card device...

7CVSS7AI score0.05228EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/05/28 10:34 p.m.164 views

USN-4369-2: Linux kernel regression

USN-4369-1 fixed vulnerabilities in the 5.3 Linux kernel. Unfortunately, that update introduced a regression in overlayfs. This update corrects the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the btrfs implementation in the Linux kernel did not...

6.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2019/05/13 12:3 p.m.164 views

USN-3972-1: PostgreSQL vulnerabilities

It was discovered that PostgreSQL incorrectly handled partition routing. A remote user could possibly use this issue to read arbitrary bytes of server memory. This issue only affected Ubuntu 19.04. CVE-2019-10129 Dean Rasheed discovered that PostgreSQL incorrectly handled selectivity estimators. ...

6.5CVSS6.7AI score0.01633EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/01/09 11:7 p.m.164 views

USN-3523-1: Linux kernel vulnerabilities

Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory...

7.8CVSS7.2AI score0.84172EPSS
Exploits19
Ubuntu
Ubuntu
added 2022/03/22 7:46 a.m.163 views

USN-5339-1: Linux kernel vulnerabilities

Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 releaseagent feature. A local attacker could use this to gain administrative privileges. CVE-2022-0492 It was discovered that an out-of-bounds OOB memory acces...

9CVSS7.7AI score0.67994EPSS
Exploits16
Ubuntu
Ubuntu
added 2022/02/28 1:3 p.m.163 views

USN-5307-1: QEMU vulnerabilities

Gaoning Pan discovered that QEMU incorrectly handled the floppy disk emulator. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2021-20196 Gaoning Pan discovered that the QEMU vmxnet3 NIC emulator incorrectly handled certain values. A...

8.5CVSS7.3AI score0.02904EPSS
Exploits3
Ubuntu
Ubuntu
added 2021/09/16 4:49 p.m.163 views

USN-5082-1: Linux kernel (OEM) vulnerabilities

Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory...

8.8CVSS6.8AI score0.00658EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/05/11 9:41 a.m.163 views

USN-4943-1: XStream vulnerabilities

Zhihong Tian and Hui Lu found that XStream was vulnerable to remote code execution. A remote attacker could run arbitrary shell commands by manipulating the processed input stream. This issue affected only affected Ubuntu 20.10. CVE-2020-26217 It was discovered that XStream was vulnerable to...

9.9CVSS7AI score0.85001EPSS
Exploits21
Ubuntu
Ubuntu
added 2021/01/07 12:3 a.m.163 views

USN-4683-1: Linux kernel (OEM) vulnerability

Minh Yuan discovered that the framebuffer console driver in the Linux kernel did not properly handle fonts in some conditions. A local attacker could use this to cause a denial of service system crash or possibly expose sensitive information kernel memory...

6.1CVSS6.4AI score0.00511EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/05/21 9:5 p.m.163 views

USN-3991-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, trick the user in to launching local executable binaries, obtain sensitive...

9.8CVSS7.2AI score0.09393EPSS
Exploits6
Ubuntu
Ubuntu
added 2019/03/11 11:58 a.m.163 views

USN-3905-1: poppler vulnerability

It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service...

8.8CVSS7.5AI score0.03473EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/01/28 8:53 p.m.162 views

USN-7236-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; - Network traffic control; - VMware vSockets driver; CVE-2024-53164, CVE-2024-53103, CVE-2024-53141...

7.8CVSS7.1AI score0.00396EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/01/20 3:6 p.m.162 views

USN-7218-1: Python vulnerability

It was discovered that Python incorrectly handled parsing bracketed hosts. A remote attacker could possibly use this issue to perform a Server-Side Request Forgery SSRF attack...

6.3CVSS6.8AI score0.0067EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/05/01 12:19 p.m.162 views

USN-6052-1: Linux kernel vulnerability

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS6.6AI score0.01029EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/01/23 1:14 p.m.162 views

USN-5818-1: PHP vulnerability

It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

9.1CVSS7.6AI score0.02154EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/09/15 11:11 a.m.162 views

USN-5079-1: curl vulnerabilities

It was discovered that curl incorrect handled memory when sending data to an MQTT server. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2021-22945 Patrick Monnerat discovered that curl incorrectly handled...

9.1CVSS6.9AI score0.06216EPSS
Exploits3
Ubuntu
Ubuntu
added 2021/08/13 1:3 p.m.162 views

USN-5022-2: MariaDB vulnerabilities

USN-5022-1 fixed multiple vulnerabilities in MySQL. This update provides the corresponding fixes for CVE-2021-2372 and CVE-2021-2389 in MariaDB 10.3 and 10.5. In addition to security fixes, the updated package contain bug fixes, new features, and possibly incompatible changes. Please see the...

7.1CVSS7AI score0.08216EPSS
Exploits0
Total number of security vulnerabilities5000