Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
added 2019/09/02 8:25 p.m.162 views

USN-4114-1: Linux kernel vulnerabilities

Amit Klein and Benny Pinkas discovered that the Linux kernel did not sufficiently randomize IP ID values generated for connectionless networking protocols. A remote attacker could use this to track particular Linux devices. CVE-2019-10638 Praveen Pandey discovered that the Linux kernel did not...

7.7CVSS6.9AI score0.04425EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/05/21 9:5 p.m.162 views

USN-3991-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, trick the user in to launching local executable binaries, obtain sensitive...

9.8CVSS7.2AI score0.09393EPSS
Exploits6
Ubuntu
Ubuntu
added 2025/01/16 5:0 p.m.161 views

USN-7206-2: rsync regression

USN-7206-1 fixed vulnerabilities in rsync. The update introduced a regression in rsync. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync did not properly handle checksum lengths. ...

7.7AI score
Exploits0References1
Ubuntu
Ubuntu
added 2022/09/01 7:14 p.m.161 views

USN-5592-1: Linux kernel vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 It was discovered that the virtual terminal driver in the...

6.8CVSS7.1AI score0.00537EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/03/22 7:46 a.m.161 views

USN-5339-1: Linux kernel vulnerabilities

Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 releaseagent feature. A local attacker could use this to gain administrative privileges. CVE-2022-0492 It was discovered that an out-of-bounds OOB memory acces...

9CVSS7.7AI score0.67994EPSS
Exploits16
Ubuntu
Ubuntu
added 2021/09/15 11:11 a.m.161 views

USN-5079-1: curl vulnerabilities

It was discovered that curl incorrect handled memory when sending data to an MQTT server. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2021-22945 Patrick Monnerat discovered that curl incorrectly handled...

9.1CVSS6.9AI score0.06216EPSS
Exploits3
Ubuntu
Ubuntu
added 2021/07/07 12:11 p.m.161 views

USN-5006-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain PHAR files. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2020-7068 It wa...

7.5CVSS6.9AI score0.03152EPSS
Exploits4
Ubuntu
Ubuntu
added 2021/04/13 8:41 p.m.161 views

USN-4910-1: Linux kernel vulnerabilities

Ryota Shiga discovered that the sockopt BPF hooks in the Linux kernel could allow a user space program to probe for valid kernel addresses. A local attacker could use this to ease exploitation of another kernel vulnerability. CVE-2021-20239 It was discovered that the BPF verifier in the Linux...

7.8CVSS7.1AI score0.02417EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/02/10 12:54 a.m.161 views

USN-4727-1: Linux kernel vulnerability

Alexander Popov discovered that multiple race conditions existed in the AFVSOCK implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7CVSS7.1AI score0.01602EPSS
Exploits1
Ubuntu
Ubuntu
added 2017/04/05 3:38 a.m.161 views

USN-3256-1: Linux kernel vulnerability

Andrey Konovalov discovered that the AFPACKET implementation in the Linux kernel did not properly validate certain block-size data. A local attacker could use this to cause a denial of service system crash...

7.8CVSS6.7AI score0.17827EPSS
Exploits17
Ubuntu
Ubuntu
added 2022/02/17 6:11 a.m.160 views

USN-5267-3: Linux kernel (Raspberry Pi) vulnerabilities

USN-5267-1 fixed vulnerabilities in the Linux kernel. This update provides the corresponding updates for the Linux kernel for Raspberry Pi devices. Original advisory details: It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local...

7.9CVSS6.9AI score0.01736EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/10/18 10:15 p.m.160 views

USN-5092-3: Linux kernel (Azure) regression

USN-5092-2 fixed vulnerabilities in Linux 5.11-based kernels. Unfortunately, for Linux kernels intended for use within Microsoft Azure environments, that update introduced a regression that could cause the kernel to fail to boot in large Azure instance types. This update fixes the problem. We...

7.5AI score0.03365EPSS
Exploits8References2
Ubuntu
Ubuntu
added 2021/07/15 5:53 p.m.160 views

USN-5010-1: QEMU vulnerabilities

Lei Sun discovered that QEMU incorrectly handled certain MMIO operations. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2020-15469 Wenxiang Qian discovered that QEMU incorrectly handled certain ATAPI commands. An attacker...

8.2CVSS6.8AI score0.00522EPSS
Exploits3
Ubuntu
Ubuntu
added 2021/05/19 5:48 a.m.160 views

USN-4945-2: Linux kernel (Raspberry Pi) vulnerabilities

USN-4945-1 fixed vulnerabilities in the Linux kernel for Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. This update provides the corresponding Linux kernel updates targeted specifically for Raspberry Pi devices in those same Ubuntu Releases. Original advisory details: It was discovered that the Nouveau G...

8.8CVSS6.5AI score0.01316EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/04/29 11:11 a.m.160 views

USN-4929-1: Bind vulnerabilities

Greg Kuechle discovered that Bind incorrectly handled certain incremental zone updates. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. CVE-2021-25214 Siva Kakarla discovered that Bind incorrectly handled certain DNAME records. A remote...

9.8CVSS7.8AI score0.83406EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/04/14 4:53 p.m.160 views

USN-4913-1: Underscore vulnerability

It was discovered that Underscore incorrectly handled certain inputs. An attacker could possibly use this issue to inject arbitrary code...

7.2CVSS6.7AI score0.04087EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/01/07 2:10 p.m.160 views

USN-4686-1: Ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly handled certain image files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary co...

8.8CVSS6.7AI score0.04932EPSS
Exploits4
Ubuntu
Ubuntu
added 2020/03/25 1:13 a.m.160 views

USN-4300-1: Linux kernel vulnerabilities

It was discovered that the KVM implementation in the Linux kernel, when paravirtual TLB flushes are enabled in guests, the hypervisor in some situations could miss deferred TLB flushes or otherwise mishandle them. An attacker in a guest VM could use this to expose sensitive information read memor...

7.8CVSS6.5AI score0.03286EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/10/23 4:54 a.m.160 views

USN-4162-2: Linux kernel (Azure) vulnerabilities

USN-4162-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 ESM. It was discovered that the RSI 91x Wi-Fi driver in the Linux kernel did not did not handle detach...

10CVSS7.1AI score0.07619EPSS
Exploits3
Ubuntu
Ubuntu
added 2019/08/15 4:31 p.m.160 views

USN-4099-1: nginx vulnerabilities

Jonathan Looney discovered that nginx incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to consume resources, leading to a denial of service...

7.8CVSS7.4AI score0.82017EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/01/29 5:33 p.m.159 views

USN-7241-1: Bind vulnerabilities

Toshifumi Sakaguchi discovered that Bind incorrectly handled many records in the additional section. A remote attacker could possibly use this issue to cause Bind to consume CPU resources, leading to a denial of service. CVE-2024-11187 Jean-François Billaud discovered that the Bind DNS-over-HTTPS...

7.5CVSS7AI score0.16182EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/03/28 9:39 a.m.159 views

USN-5342-1: Python vulnerabilities

David Schwörer discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. CVE-2021-3426 It was discovered that Python incorrectly handled certain FTP requests. An attacker could...

7.5CVSS7.8AI score0.08325EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/03/09 2:2 a.m.159 views

USN-5319-1: Linux kernel vulnerabilities

Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered that hardware mitigations added by Intel to their processors to address Spectre-BTI were insufficient. A local attacker could potentially use this to expose sensitive information...

6.5CVSS6.7AI score0.00508EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2022/02/18 12:41 a.m.159 views

USN-5295-1: Linux kernel (HWE) vulnerabilities

It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-22600 Jann Horn discovered a race condition in the Un...

7.8CVSS7.3AI score0.05918EPSS
Exploits5
Ubuntu
Ubuntu
added 2021/09/28 3:5 p.m.159 views

USN-5090-4: Apache HTTP Server regression

USN-5090-1 fixed vulnerabilities in Apache HTTP Server. One of the upstream fixes introduced a regression in UDS URIs. This update fixes the problem. Original advisory details: James Kettle discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain crafted methods. A remote...

7.6AI score
Exploits0References1
Ubuntu
Ubuntu
added 2021/06/09 5:22 a.m.159 views

USN-4985-1: Intel Microcode vulnerabilities

It was discovered that some Intel processors may not properly invalidate cache entries used by Intel Virtualization Technology for Directed I/O VT-d. This may allow a local user to perform a privilege escalation attack. CVE-2020-24489 Joseph Nuzman discovered that some Intel processors may not...

8.8CVSS7AI score0.00472EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/05/31 12:8 p.m.159 views

USN-4968-2: LZ4 vulnerability

USN-4968-1 fixed a vulnerability in LZ4. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that LZ4 incorrectly handled certain memory operations. If a user or automated system were tricked into uncompressing a...

9.8CVSS7.4AI score0.03216EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/18 5:0 p.m.159 views

USN-4882-1: Ruby vulnerabilities

It was discovered that the Ruby JSON gem incorrectly handled certain JSON files. If a user or automated system were tricked into parsing a specially crafted JSON file, a remote attacker could use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS...

7.5CVSS7.4AI score0.06811EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/01/08 1:40 a.m.159 views

USN-4687-1: Firefox vulnerability

A use-after-free was discovered in Firefox when handling SCTP packets. An attacker could potentially exploit this to cause a denial of service, or execute arbitrary code...

8.8CVSS8.6AI score0.01304EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/12/13 10:41 p.m.159 views

USN-4658-2: Linux kernel regression

USN-4658-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression in the software raid10 driver when used with fstrim that could lead to data corruption. This update fixes the problem. Original advisory details: It was discovered that a race condition existe...

7.5AI score0.06692EPSS
Exploits7References1
Ubuntu
Ubuntu
added 2019/08/13 4:40 p.m.159 views

USN-4095-2: Linux kernel (Xenial HWE) vulnerabilities

USN-4095-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Eli Biham and Lior Neumann discovered that the Bluetooth implementation in the Linux...

9.8CVSS7.4AI score0.06821EPSS
Exploits6
Ubuntu
Ubuntu
added 2019/05/22 12:35 p.m.159 views

USN-3992-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS7.1AI score0.01884EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/02/20 10:42 a.m.159 views

USN-3892-1: GDM vulnerability

Burghard Britzke discovered that GDM incorrectly handled certain configurations. An attacker could possibly use this issue to get unauthorized access to a different user...

6.9CVSS6.8AI score0.00504EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/11/14 10:55 p.m.159 views

USN-3820-3: Linux kernel (Azure) vulnerabilities

Felix Wilhelm discovered that the Xen netback driver in the Linux kernel did not properly perform input validation in some situations. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2018-15471 It was discovered that the generic SCSI...

8.4CVSS7.1AI score0.00552EPSS
Exploits0
Ubuntu
Ubuntu
added 2012/07/17 12:31 a.m.159 views

USN-1507-1: Linux kernel vulnerabilities

A flaw was found in the Linux kernel's KVM Kernel Virtual Machine virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. CVE-2012-1601 An error was found in the Linux kernel's IPv6 netfilter when connection tracking is enabled. A...

7.8CVSS6.7AI score0.04433EPSS
Exploits2
Ubuntu
Ubuntu
added 2025/01/29 3:20 p.m.158 views

USN-7240-1: libxml2 vulnerabilities

It was discovered that libxml2 incorrectly handled certain memory operations. A remote attacker could use this issue to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2022-49043 It was discovered that the libxml2 xmllint tool incorrectly handled...

8.1CVSS6.9AI score0.02298EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/04/27 9:32 a.m.158 views

USN-5391-1: libsepol vulnerabilities

Nicolas Iooss discovered that libsepol incorrectly handled memory when handling policies. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2021-36084 It was discovered that libsepol incorrectly handled memory whe...

3.3CVSS6.6AI score0.00592EPSS
Exploits4
Ubuntu
Ubuntu
added 2021/09/29 10:27 p.m.158 views

USN-5096-1: Linux kernel (OEM) vulnerabilities

Valentina Palmiotti discovered that the iouring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. CVE-2021-41073 Benedict Schlueter discovered that the BPF subsystem in the Linux kernel did not properly protect again...

7.8CVSS7.7AI score0.03365EPSS
Exploits5
Ubuntu
Ubuntu
added 2019/11/07 2:2 p.m.158 views

USN-4178-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS6.7AI score0.01543EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/05/22 9:9 p.m.158 views

USN-3977-2: Intel Microcode update

USN-3977-1 provided mitigations for Microarchitectural Data Sampling MDS vulnerabilities in Intel Microcode for a large number of Intel processor families. This update provides the corresponding updated microcode mitigations for Intel Cherry Trail and Bay Trail processor families. Original adviso...

5.9CVSS6.6AI score0.01553EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2019/03/15 10:3 p.m.158 views

USN-3910-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3910-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the f2fs filesystem implementation in the Linux kernel did not...

6.7CVSS6.4AI score0.07291EPSS
Exploits6
Ubuntu
Ubuntu
added 2019/02/06 2:21 p.m.158 views

USN-3883-1: LibreOffice vulnerabilities

It was discovered that LibreOffice incorrectly handled certain document files. If a user were tricked into opening a specially crafted document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code. CVE-2018-10119, CVE-2018-10120, CVE-2018-11790 It was discovere...

9.8CVSS7.3AI score0.78905EPSS
Exploits16
Ubuntu
Ubuntu
added 2018/09/11 2:48 a.m.158 views

USN-3762-2: Linux kernel (HWE) vulnerabilities

USN-3762-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that the VirtIO subsystem in the Linux kernel did not properly...

5.5CVSS6.5AI score0.00436EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/06/07 4:48 a.m.158 views

USN-3312-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3312-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the netfilter netlink implementation in the Linux kernel did no...

10CVSS7.4AI score0.1081EPSS
Exploits6
Ubuntu
Ubuntu
added 2017/06/07 4:45 a.m.158 views

USN-3312-1: Linux kernel vulnerabilities

It was discovered that the netfilter netlink implementation in the Linux kernel did not properly validate batch messages. A local attacker with the CAPNETADMIN capability could use this to expose sensitive information or cause a denial of service. CVE-2016-7917 Qian Zhang discovered a heap-based...

10CVSS7.3AI score0.1081EPSS
Exploits6
Ubuntu
Ubuntu
added 2025/01/28 7:30 p.m.157 views

USN-7234-1: Linux kernel vulnerabilities

Ye Zhang and Nicolas Wu discovered that the iouring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.4AI score0.00396EPSS
Exploits2
Ubuntu
Ubuntu
added 2025/01/22 3:35 p.m.157 views

USN-7223-1: OpenJPEG vulnerabilities

Frank Zeng discovered that OpenJPEG incorrectly handled memory when using the decompression utility. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2024-56826, CVE-2024-56827...

5.6CVSS7.2AI score0.00309EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/12/18 1:24 p.m.157 views

USN-7175-1: GStreamer Base Plugins vulnerabilities

Antonio Morales discovered that GStreamer Base Plugins incorrectly handled certain malformed media files. An attacker could use these issues to cause GStreamer Base Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.4AI score0.01298EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/06/10 4:9 p.m.157 views

USN-6818-2: Linux kernel (ARM laptop) vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 It was...

7.8CVSS6.9AI score0.78388EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/08/12 10:28 p.m.157 views

USN-5039-1: Linux kernel vulnerability

Andy Nguyen discovered that the netfilter subsystem in the Linux kernel contained an out-of-bounds write in its setsockopt implementation. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

8.3CVSS7AI score0.78684EPSS
Exploits21
Total number of security vulnerabilities5000