Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2021/07/20 3:40 p.m.•157 views

USN-5013-1: systemd vulnerabilities

It was discovered that systemd incorrectly handled certain mount paths. A local attacker could possibly use this issue to cause systemd to crash, resulting in a denial of service. CVE-2021-33910 Mitchell Frank discovered that systemd incorrectly handled DHCP FORCERENEW packets. A remote attacker...

6.1CVSS6.6AI score0.0865EPSS
Exploits3
Ubuntu
Ubuntu
•added 2021/05/12 2:31 a.m.•157 views

USN-4951-1: Flatpak vulnerability

Anton Lydike discovered that Flatpak did not properly handle special tokens in desktop files. An attacker could use this to specially craft a Flatpak application that could escape sandbox confinement...

8.2CVSS7.4AI score0.01546EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/03/29 12:57 p.m.•157 views

USN-4894-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

9.8CVSS7.2AI score0.14542EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/02/25 6:54 p.m.•157 views

USN-4754-2: Python regression

USN-4754-1 fixed a vulnerability in Python. The fix for CVE-2021-3177 introduced a regression in Python 2.7. This update reverts the security fix pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovered that Python incorrectly handled certain...

7.8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2021/01/06 3:35 a.m.•157 views

USN-4681-1: Linux kernel vulnerabilities

Ryan Hall discovered that the Intel 700 Series Ethernet Controllers driver in the Linux kernel did not properly deallocate memory in some conditions. A local attacker could use this to cause a denial of service kernel memory exhaustion. CVE-2019-0148 It was discovered that the console keyboard...

7CVSS6.4AI score0.01026EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/07/16 5:20 p.m.•157 views

USN-4062-1: WavPack vulnerabilities

Rohan Padhye discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to cause a denial of service. CVE-2019-1010315, CVE-2019-1010317, CVE-2019-1010318, CVE-2019-1010319...

5.5CVSS5.9AI score0.01534EPSS
Exploits3
Ubuntu
Ubuntu
•added 2017/10/16 3:39 p.m.•157 views

USN-3455-1: wpa_supplicant and hostapd vulnerabilities

Mathy Vanhoef discovered that wpasupplicant and hostapd incorrectly handled WPA2. A remote attacker could use this issue with key reinstallation attacks to obtain sensitive information. CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086,...

8.1CVSS7.3AI score0.04575EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/09/28 1:24 p.m.•157 views

USN-2747-1: NVIDIA graphics drivers vulnerability

Dario Weisser discovered that the NVIDIA graphics drivers incorrectly handled certain IOCTL writes. A local attacker could use this issue to possibly gain root privileges...

6.9CVSS5.2AI score0.00364EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/02/05 4:26 a.m.•156 views

USN-7253-1: OpenJDK 17 vulnerability

It was discovered that the Hotspot component of OpenJDK 17 did not properly handle API access under certain circumstances. An unauthenticated attacker could possibly use this issue to access unauthorized resources and expose sensitive information...

4.8CVSS6.7AI score0.00971EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/30 1:13 a.m.•156 views

USN-7244-1: Jinja2 vulnerabilities

It was discovered that Jinja2 incorrectly handled certain filenames when compiling template content. An attacker could possibly use this issue to execute arbitrary code. CVE-2024-56201 It was discovered that Jinja2 incorrectly handled string formatting calls. An attacker could possibly use this...

8.8CVSS7.5AI score0.005EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/12/18 1:29 p.m.•156 views

USN-7176-1: GStreamer Good Plugins vulnerabilities

Antonio Morales discovered that GStreamer Good Plugins incorrectly handled certain malformed media files. An attacker could use these issues to cause GStreamer Good Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.2AI score0.01344EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/01/03 6:9 p.m.•156 views

USN-6566-1: SQLite vulnerabilities

It was discovered that SQLite incorrectly handled certain protection mechanisms when using a CLI script with the --safe option, contrary to expectations. This issue only affected Ubuntu 22.04 LTS. CVE-2022-46908 It was discovered that SQLite incorrectly handled certain memory operations in the...

7.3CVSS6.1AI score0.01249EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/03/30 4:31 p.m.•156 views

USN-5355-2: zlib vulnerability

USN-5355-1 fixed a vulnerability in zlib. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Danilo Ramos discovered that zlib incorrectly handled memory when performing certain deflating operations. An attacker could use this issue...

7.5CVSS7.5AI score0.51733EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/07/29 2:2 a.m.•156 views

USN-5025-1: libsndfile vulnerability

It was discovered that libsndfile incorrectly handled certain malformed files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.8CVSS8.2AI score0.03292EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/07/15 5:23 p.m.•156 views

USN-5009-1: libslirp vulnerabilities

Qiuhao Li discovered that libslirp incorrectly handled certain header data lengths. An attacker inside a guest could possibly use this issue to leak sensitive information from the host. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. CVE-2020-29129, CVE-2020-29130 It was discovered th...

4.3CVSS6.6AI score0.0183EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/06/23 4:12 a.m.•156 views

USN-5002-1: Linux kernel (HWE) vulnerability

Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code...

7CVSS6.7AI score0.00431EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/05/11 10:42 p.m.•156 views

USN-4950-1: Linux kernel vulnerabilities

Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2021-3489...

8.8CVSS7.2AI score0.27477EPSS
Exploits8References1
Ubuntu
Ubuntu
•added 2021/02/10 1:17 a.m.•156 views

USN-4713-2: Linux kernel vulnerability

It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data...

8.1CVSS6.7AI score0.06563EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/01/06 2:33 p.m.•156 views

USN-4677-2: p11-kit vulnerability

USN-4677-1 fixed a vulnerability in p11-kit. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: David Cook discovered that p11-kit incorrectly handled certain memory operations. An attacker could use this issue to cause p11-kit to crash, resulting in a...

7.5CVSS7.4AI score0.0335EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/06 1:41 p.m.•155 views

USN-7182-1: Ceph vulnerability

It was discovered that Ceph incorrectly handled unsupported JWT algorithms in the RadosGW gateway. An attacker could possibly use this issue to bypass certain authentication checks and restrictions...

8.1CVSS7.5AI score0.00192EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/17 12:19 p.m.•155 views

USN-7000-2: Expat vulnerabilities

USN-7000-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: Shang-Hung Wan discovered that Expat did not properly handle certain function calls when a negative input length was provided. An attacker could use this issu...

9.8CVSS7.5AI score0.01686EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/07/04 3:29 p.m.•155 views

USN-6878-1: Linux kernel (Oracle) vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...

9.1CVSS7.4AI score0.01635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/06/08 7:20 p.m.•155 views

USN-5474-1: Varnish Cache vulnerabilities

It was dicovered that Varnish Cache did not clear a pointer between the handling of one client request and the next request within the same connection. A remote attacker could possibly use this issue to obtain sensitive information. CVE-2019-20637 It was discovered that Varnish Cache could have a...

9.1CVSS6.7AI score0.02106EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/01/11 4:58 a.m.•155 views

USN-5218-1: Linux kernel (OEM) vulnerabilities

Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. CVE-2021-4002 It was discovered that the eBPF implementation in the Linux...

9.8CVSS7.8AI score0.57853EPSS
Exploits5References1
Ubuntu
Ubuntu
•added 2021/04/06 4:11 a.m.•155 views

USN-4901-1: Linux kernel (Trusty HWE) vulnerabilities

Adam Nichols discovered that heap overflows existed in the iSCSI subsystem in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-27365 It was discovered that the LIO SCSI target implementation in the Linux kerne...

8.1CVSS7AI score0.06563EPSS
Exploits3
Ubuntu
Ubuntu
•added 2021/03/16 10:32 a.m.•155 views

USN-4880-1: OpenJPEG vulnerabilities

It was discovered that OpenJPEG incorrectly handled certain image data. An attacker could use this issue to cause OpenJPEG to crash, leading to a denial of service, or possibly execute arbitrary code...

7.8CVSS7.3AI score0.02008EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/01/06 10:27 p.m.•155 views

USN-4678-1: Linux kernel vulnerabilities

It was discovered that the AMD Running Average Power Limit RAPL driver in the Linux kernel did not properly restrict access to power data. A local attacker could possibly use this to expose sensitive information. CVE-2020-12912 Jann Horn discovered that the iouring subsystem in the Linux kernel d...

7.8CVSS6.4AI score0.00462EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/06/10 9:50 p.m.•155 views

USN-4385-2: Intel Microcode regression

USN-4385-1 provided updated Intel Processor Microcode. Unfortunately, that update prevented certain processors in the Intel Skylake family 064EH from booting successfully. Additonally, on Ubuntu 20.04 LTS, late loading of microcode was enabled, which could lead to system instability. This update...

6.8AI score
Exploits0References2
Ubuntu
Ubuntu
•added 2018/11/15 1:47 p.m.•155 views

USN-3817-2: Python vulnerabilities

USN-3817-1 fixed a vulnerability in Python. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Python incorrectly handled large amounts of data. A remote attacker could use this issue to cause Python to crash, resulting in a denia...

9.8CVSS7AI score0.20807EPSS
Exploits2
Ubuntu
Ubuntu
•added 2018/10/01 2:2 p.m.•155 views

USN-3769-2: Bind vulnerability

USN-3769-1 fixed a vulnerability in Bind. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Bind incorrectly handled the deny-answer-aliases feature. If this feature is enabled, a remote attacker could use this issue to cause Bin...

7.5CVSS7.4AI score0.59353EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/27 2:24 p.m.•154 views

USN-7228-1: LibreOffice vulnerabilities

Thomas Rinsma discovered that LibreOffice incorrectly handled paths when processing embedded font files. If a user or automated system were tricked into opening a specially crafted LibreOffice file, a remote attacker could possibly use this issue to create arbitrary files ending with ".ttf"...

6.7CVSS5.5AI score0.00528EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/16 12:30 p.m.•154 views

USN-7210-1: .NET vulnerabilities

It was discovered that .NET did not properly handle input provided to its Convert.TryToHexString method. An attacker could possibly use this issue to execute arbitrary code. CVE-2025-21171 It was discovered that .NET did not properly handle an integer overflow when processing certain specially...

8.8CVSS8.1AI score0.02262EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/12/18 1:12 p.m.•154 views

USN-7174-1: GStreamer vulnerability

Antonio Morales discovered that GStreamer incorrectly handled allocating memory for certain buffers. An attacker could use this issue to cause GStreamer to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.5AI score0.01344EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/08/09 6:8 a.m.•154 views

USN-6279-1: OpenSSH update

It was discovered that OpenSSH has an observable discrepancy leading to an information leak in the algorithm negotiation. This update mitigates the issue by tweaking the client hostkey preference ordering algorithm to prefer the default ordering if the user has a key that matches the...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2022/04/01 1:11 a.m.•154 views

USN-5362-1: Linux kernel (Intel IOTG) vulnerabilities

Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-25636 Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida...

9.1CVSS7.8AI score0.88106EPSS
Exploits135
Ubuntu
Ubuntu
•added 2021/08/02 4:3 p.m.•154 views

USN-5028-1: Exiv2 vulnerability

It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service...

6.6AI score
Exploits0
Ubuntu
Ubuntu
•added 2021/06/25 2:44 p.m.•154 views

USN-4995-2: Thunderbird vulnerabilities

USN-4995-1 fixed vulnerabilities in Thunderbird. This update provides the corresponding updates for Ubuntu 18.04 LTS. Original advisory details: Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an...

8.8CVSS8.1AI score0.01764EPSS
Exploits5
Ubuntu
Ubuntu
•added 2021/06/22 11:9 a.m.•154 views

USN-4996-1: OpenEXR vulnerabilities

It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...

5.5CVSS6.4AI score0.01747EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/03/25 3:43 p.m.•154 views

USN-3685-2: Ruby regression

USN-3685-1 fixed a vulnerability in Ruby. The fix for CVE-2017-0903 introduced a regression in Ruby. This update fixes the problem. Original advisory details: Some of these CVE were already addressed in previous USN: 3439-1, 3553-1, 3528-1. Here we address for the remain releases. It was discover...

9.8CVSS7.8AI score0.15853EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2020/10/20 1:16 p.m.•154 views

USN-4586-1: PHP ImageMagick vulnerability

It was discovered that PHP ImageMagick extension didn't check the address used by an array. An attacker could use this issue to cause PHP ImageMagick to crash, resulting in a denial of service...

9.8CVSS7.1AI score0.01972EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/09/18 10:10 a.m.•154 views

USN-4135-1: Linux kernel vulnerabilities

Peter Pi discovered a buffer overflow in the virtio network backend vhostnet implementation in the Linux kernel. An attacker in a guest may be able to use this to cause a denial of service host OS crash or possibly execute arbitrary code in the host OS. CVE-2019-14835 It was discovered that the...

7.8CVSS7.3AI score0.00627EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/08/01 6:10 a.m.•154 views

USN-4069-2: Linux kernel (HWE) vulnerabilities

USN-4069-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.04. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 19.04 for Ubuntu 18.04 LTS. It was discovered that an integer overflow existed in the Linux kernel when reference counting...

7.8CVSS6.9AI score0.00989EPSS
Exploits4
Ubuntu
Ubuntu
•added 2019/07/16 1:47 p.m.•154 views

USN-4061-1: Redis vulnerabilities

It was discovered that Redis incorrectly handled the hyperloglog data structure. An attacker could use this issue to cause Redis to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.2CVSS7.6AI score0.26048EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/09 12:33 a.m.•154 views

USN-4052-1: Whoopsie vulnerability

Kevin Backhouse discovered Whoopsie incorrectly handled very large crash reports. A local attacker could possibly use this issue to cause a denial of service or expose sensitive information...

7.8CVSS6.8AI score0.00577EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/05/21 12:54 p.m.•154 views

USN-3989-1: LibRaw vulnerabilities

It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.8CVSS6.7AI score0.02842EPSS
Exploits4
Ubuntu
Ubuntu
•added 2018/01/04 1:34 p.m.•154 views

USN-3430-3: Dnsmasq regression

USN-3430-2 fixed several vulnerabilities. The update introduced a new regression that breaks DNS resolution. This update addresses the problem. We apologize for the inconvenience. Original advisory details: Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq...

7.8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2011/02/01 11:25 p.m.•154 views

USN-1054-1: Linux kernel vulnerabilities

Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this to crash the host system, leading to a denial of service. CVE-2010-0435 Dan Rosenberg discovered that the Linux kernel TIPC implementation...

7.8CVSS6.3AI score0.04308EPSS
Exploits39
Ubuntu
Ubuntu
•added 2025/01/14 7:55 p.m.•153 views

USN-7207-1: Git vulnerabilities

It was discovered that Git incorrectly handled certain URLs when asking for credentials. An attacker could possibly use this issue to mislead the user into typing passwords for trusted sites that would then be sent to untrusted sites instead. CVE-2024-50349 It was discovered that git incorrectly...

7.5CVSS7.4AI score0.01019EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/03/22 8:5 p.m.•153 views

USN-5343-1: Linux kernel vulnerabilities

Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 releaseagent feature. A local attacker could use this to gain administrative privileges. CVE-2022-0492 It was discovered that the aufs file system in the Linux...

7.8CVSS7.8AI score0.07604EPSS
Exploits34
Ubuntu
Ubuntu
•added 2021/08/26 12:53 p.m.•153 views

USN-5051-3: OpenSSL vulnerability

USN-5051-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for the openssl1.0 package in Ubuntu 18.04 LTS. Original advisory details: Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1 strings. A remote attacker could use this issue to cause...

7.4CVSS6.8AI score0.50445EPSS
Exploits0
Total number of security vulnerabilities5000