Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
added 2021/06/02 10:49 a.m.153 views

USN-4975-1: Django vulnerabilities

It was discovered that the Django URLValidator function incorrectly handled newlines and tabs. A remote attacker could possibly use this issue to perform a header injection attack. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. CVE-2021-32052 Rasmus Lerchedahl Petersen...

7.5CVSS6.8AI score0.03146EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/06/02 3:15 a.m.153 views

USN-4974-1: Lasso vulnerability

It was discovered that Lasso did not properly verify that all assertions in a SAML response were properly signed. An attacker could possibly use this to impersonate users or otherwise bypass access controls...

7.5CVSS7.2AI score0.01325EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/01 6:12 p.m.153 views

USN-4737-2: Bind vulnerability

USN-4737-1 fixed a vulnerability in Bind. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that Bind incorrectly handled GSSAPI security policy negotiation. A remote attacker could use this issue to cause Bind to...

8.1CVSS7.4AI score0.64161EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/12/04 5:37 a.m.153 views

USN-4182-3: Intel Microcode regression

USN-4182-1 provided updated Intel Processor Microcode. A regression was discovered that caused some Skylake processors to hang after a warm reboot. This update reverts the microcode for that specific processor family. We apologize for the inconvenience. Original advisory details: Stephan van...

7.2AI score
Exploits0References1
Ubuntu
Ubuntu
added 2019/09/18 10:10 a.m.153 views

USN-4135-1: Linux kernel vulnerabilities

Peter Pi discovered a buffer overflow in the virtio network backend vhostnet implementation in the Linux kernel. An attacker in a guest may be able to use this to cause a denial of service host OS crash or possibly execute arbitrary code in the host OS. CVE-2019-14835 It was discovered that the...

7.8CVSS7.3AI score0.00627EPSS
Exploits3
Ubuntu
Ubuntu
added 2019/07/22 2:46 p.m.153 views

USN-4065-2: Squid vulnerabilities

USN-4065-1 fixed several vulnerabilities in Squid. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Squid incorrectly handled Digest authentication. A remote attacker could possibly use this issue to cause Squid to crash,...

9.8CVSS6.4AI score0.24401EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/01/04 1:34 p.m.153 views

USN-3430-3: Dnsmasq regression

USN-3430-2 fixed several vulnerabilities. The update introduced a new regression that breaks DNS resolution. This update addresses the problem. We apologize for the inconvenience. Original advisory details: Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq...

7.8AI score
Exploits0References1
Ubuntu
Ubuntu
added 2025/02/05 4:24 a.m.152 views

USN-7252-1: OpenJDK 11 vulnerability

It was discovered that the Hotspot component of OpenJDK 11 did not properly handle API access under certain circumstances. An unauthenticated attacker could possibly use this issue to access unauthorized resources and expose sensitive information...

4.8CVSS6.7AI score0.00971EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/01/20 3:13 p.m.152 views

USN-7219-1: Python vulnerability

It was discovered that Python incorrectly handled asyncio write buffers. A remote attacker could possibly use this issue to cause Python to consume memory, leading to a denial of service...

8.7CVSS7.6AI score0.0188EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/04 1:32 a.m.152 views

USN-6871-1: Linux kernel (HWE) vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

9.1CVSS7.4AI score0.01635EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/05/17 3:31 p.m.152 views

USN-5425-1: PCRE vulnerabilities

Yunho Kim discovered that PCRE incorrectly handled memory when handling certain regular expressions. An attacker could possibly use this issue to cause applications using PCRE to expose sensitive information. This issue only affects Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 21.10 and Ubuntu 22.0...

7.5CVSS6.8AI score0.04182EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/13 2:49 a.m.152 views

USN-5377-1: Linux kernel (BlueField) vulnerabilities

It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-1055 Yiqi Sun and Kevin Wang discovered that the...

9CVSS8AI score0.67994EPSS
Exploits20
Ubuntu
Ubuntu
added 2021/09/21 11:34 a.m.152 views

USN-5079-3: curl vulnerabilities

USN-5079-1 fixed vulnerabilities in curl. One of the fixes introduced a regression on Ubuntu 18.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that curl incorrect handled memory when sending data to an MQTT server. A remote...

6.9AI score
Exploits0References1
Ubuntu
Ubuntu
added 2021/09/16 5:27 p.m.152 views

USN-5083-1: Python vulnerabilities

It was discovered that Python incorrectly handled certain RFCs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM. CVE-2021-3733 It was discovered that Python incorrectly handled certain server responses. An attacker could possibly u...

7.5CVSS7AI score0.11586EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/07/20 9:29 p.m.152 views

USN-5016-1: Linux kernel vulnerabilities

It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2021-33909 Or Cohen and Nadav Markus discovered a...

7.8CVSS7.5AI score0.09729EPSS
Exploits8
Ubuntu
Ubuntu
added 2021/06/01 11:48 a.m.152 views

USN-4972-1: PostgreSQL vulnerabilities

Tom Lane discovered that PostgreSQL incorrect handled certain array subscripting calculations. An authenticated attacker could possibly use this issue to overwrite server memory and escalate privileges. CVE-2021-32027 Andres Freund discovered that PostgreSQL incorrect handled certain INSERT ... O...

8.8CVSS7.2AI score0.0199EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/05/06 11:23 a.m.152 views

USN-4934-2: Exim vulnerabilities

USN-4934-1 fixed several vulnerabilities in Exim. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. CVE-2020-28026 only affected Ubuntu 16.04 ESM. Original advisory details: It was discovered that Exim contained multiple security issues. An attacker could us...

9.8CVSS7.9AI score0.36071EPSS
Exploits6
Ubuntu
Ubuntu
added 2021/01/07 1:59 p.m.152 views

USN-4685-1: OpenJPEG vulnerabilities

It was discovered that OpenJPEG incorrectly handled certain image data. An attacker could use this issue to cause OpenJPEG to crash, leading to a denial of service, or possibly execute arbitrary code...

7.8CVSS7.2AI score0.02595EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/09/02 4:42 a.m.152 views

USN-4484-1: Linux kernel vulnerability

It was discovered that the cgroup v2 subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service or possibly gain administrative privileges...

7.8CVSS6.4AI score0.00965EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/05/30 5:47 p.m.152 views

USN-3665-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly handled being configured with HTTP PUTs enabled. A remote attacker could use this issue to upload a JSP file to the server and execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 17.10. CVE-2017-12616,...

9.8CVSS7.5AI score0.99988EPSS
Exploits29
Ubuntu
Ubuntu
added 2025/02/05 4:27 a.m.151 views

USN-7254-1: OpenJDK 21 vulnerability

It was discovered that the Hotspot component of OpenJDK 21 did not properly handle API access under certain circumstances. An unauthenticated attacker could possibly use this issue to access unauthorized resources and expose sensitive information...

4.8CVSS6.7AI score0.00971EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/30 5:24 p.m.151 views

USN-6496-2: Linux kernel vulnerabilities

Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. CVE-2023-25775 Yu Hao discover...

9.8CVSS7.2AI score0.00978EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/10/19 5:18 a.m.151 views

USN-5688-1: Libksba vulnerability

It was discovered that an integer overflow could be triggered in Libksba when decoding certain data. An attacker could use this issue to cause a denial of service application crash or possibly execute arbitrary code...

9.8CVSS7.5AI score0.01635EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/07/13 7:9 p.m.151 views

USN-5515-1: Linux kernel vulnerabilities

Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. CVE-2021-4197 Jann Horn discovered that the FUSE file system i...

7.8CVSS6.7AI score0.0155EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/04/13 2:47 p.m.151 views

USN-5378-3: XZ Utils vulnerability

USN-5378-2 fixed a vulnerability in XZ Utils. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Original advisory details: Cleemy Desu Wayo discovered that Gzip incorrectly handled certain filenames. If a user or automated system were tricked into performing zgrep...

8.8CVSS7.2AI score0.04271EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/02/22 9:27 a.m.151 views

USN-5298-1: Linux kernel vulnerabilities

It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-22600 Jürgen Groß discovered that the Xen subsystem...

7.8CVSS7.5AI score0.05918EPSS
Exploits8
Ubuntu
Ubuntu
added 2022/01/06 2:5 a.m.151 views

USN-5208-1: Linux kernel vulnerabilities

Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. CVE-2021-4002 It was discovered that a race condition existed in the...

9.8CVSS7.7AI score0.57853EPSS
Exploits4
Ubuntu
Ubuntu
added 2021/10/15 12:11 a.m.151 views

USN-5091-3: Linux kernel (Azure) regression

USN-5091-1 fixed vulnerabilities in Linux 5.4-based kernels. Unfortunately, for Linux kernels intended for use within Microsoft Azure environments, that update introduced a regression that could cause the kernel to fail to boot in large Azure instance types. This update fixes the problem. We...

7.4AI score
Exploits0References1
Ubuntu
Ubuntu
added 2021/09/16 4:7 p.m.151 views

USN-5080-2: Libgcrypt vulnerabilities

USN-5080-1 fixed several vulnerabilities in Libgcrypt. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Libgcrypt incorrectly handled ElGamal encryption. An attacker could possibly use this issue to recover sensitive information...

7.5CVSS6.8AI score0.02342EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/09/09 1:48 a.m.151 views

USN-5073-1: Linux kernel vulnerabilities

Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory...

8.8CVSS7.3AI score0.00687EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/04/20 1:38 p.m.151 views

USN-4563-2: NTP vulnerability

USN-4563-1 fixed a vulnerability in NTP. This update provides the corresponding update for Ubuntu 20.04 LTS and Ubuntu 20.10. Original advisory details: It was discovered that the fix for CVE-2018-7182 introduced a NULL pointer dereference into NTP. An attacker could use this vulnerability to cau...

7.5CVSS7.3AI score0.05726EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/04/15 11:26 p.m.151 views

USN-4916-1: Linux kernel vulnerabilities

It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. CVE-2021-3493 Piotr Krysiuk discovered that the BPF JIT...

8.8CVSS7.5AI score0.43988EPSS
Exploits27
Ubuntu
Ubuntu
added 2021/04/13 9:35 p.m.151 views

USN-4912-1: Linux kernel (OEM) vulnerabilities

Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-29154 It was...

8.8CVSS7AI score0.02417EPSS
Exploits5
Ubuntu
Ubuntu
added 2020/12/15 10:52 p.m.151 views

USN-4671-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass the CSS sanitizer, bypass security restrictions, spoof the URL bar, ...

9.8CVSS8AI score0.01876EPSS
Exploits2
Ubuntu
Ubuntu
added 2020/11/12 9:58 p.m.151 views

USN-4607-2: OpenJDK regressions

USN-4607-1 fixed vulnerabilities and added features in OpenJDK. Unfortunately, that update introduced a regression that could cause TLS connections with client certificate authentication to fail in some situations. This update fixes the problem. We apologize for the inconvenience. Original adviso...

5.8CVSS6.2AI score0.03713EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/07/15 2:31 p.m.151 views

USN-4058-1: Bash vulnerability

It was discovered that Bash incorrectly handled the restricted shell. An attacker could possibly use this issue to escape restrictions and execute any command...

7.8CVSS7AI score0.00415EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/06/06 9:27 p.m.151 views

USN-3991-2: Firefox regression

USN-3991-1 fixed vulnerabilities in Firefox. The update caused a regression which resulted in issues when upgrading between Ubuntu releases. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user...

7.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2025/02/03 1:11 p.m.150 views

USN-7251-1: HarfBuzz vulnerability

It was discovered that HarfBuzz incorrectly handled shaping certain fonts. A remote attacker could possibly use this issue to cause HarfBuzz to consume resources, leading to a denial of service...

7.5CVSS6.5AI score0.01812EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/01/16 2:12 p.m.150 views

USN-7213-1: poppler vulnerability

It was discovered that poppler incorrectly handled memory when opening certain PDF files. An attacker could possibly use this issue to cause denial of service or obtain sensitive information...

4.3CVSS6.6AI score0.0062EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/11/14 10:43 a.m.150 views

USN-6478-1: Traceroute vulnerability

It was discovered that Traceroute did not properly parse command line arguments. An attacker could possibly use this issue to execute arbitrary commands...

5.5CVSS6.5AI score0.00367EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/02/22 10:45 p.m.150 views

USN-5302-1: Linux kernel (OEM) vulnerabilities

Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 releaseagent feature. A local attacker could use this to gain administrative privileges. CVE-2022-0492 Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex...

9CVSS7.3AI score0.67994EPSS
Exploits15
Ubuntu
Ubuntu
added 2021/09/08 11:41 p.m.150 views

USN-5071-1: Linux kernel vulnerabilities

Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory...

8.8CVSS7.2AI score0.00687EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/05/26 5:29 p.m.150 views

USN-4968-1: LZ4 vulnerability

It was discovered that LZ4 incorrectly handled certain memory operations. If a user or automated system were tricked into uncompressing a specially- crafted LZ4 file, a remote attacker could use this issue to cause LZ4 to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.4AI score0.03216EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/05/03 8:44 p.m.150 views

USN-4931-1: Samba vulnerabilities

Steven French discovered that Samba incorrectly handled ChangeNotify permissions. A remote attacker could possibly use this issue to obtain file name information. CVE-2020-14318 Bas Alberts discovered that Samba incorrectly handled certain winbind requests. A remote attacker could possibly use th...

6.8CVSS7AI score0.0218EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/04/28 12:10 p.m.150 views

USN-4913-2: Underscore vulnerability

USN-4913-1 fixed vulnerabilities in Underscore. This update provides the corresponding updates for Ubuntu 21.04. Original advisory details: It was discovered that Underscore incorrectly handled certain inputs. An attacker could possibly use this issue to inject arbitrary code...

7.2CVSS6.7AI score0.04087EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/04/13 10:6 p.m.150 views

USN-4911-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Nouveau GPU driver in the Linux kernel did not properly handle error conditions in some situations. A local attacker could use this to cause a denial of service system crash. CVE-2020-25639 Jan Beulich discovered that the Xen netback backend in the Linux kernel did not...

7.8CVSS6.6AI score0.00708EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/04/21 8:14 p.m.150 views

USN-4335-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, bypass same-origin...

9.8CVSS8AI score0.46589EPSS
Exploits18
Ubuntu
Ubuntu
added 2020/02/25 1:11 a.m.150 views

USN-4292-1: rsync vulnerabilities

It was discovered that rsync incorrectly handled pointer arithmetic in zlib. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2016-9840, CVE-2016-9841 It was discovered that rsync incorrectly handled vectors...

9.8CVSS7.8AI score0.07489EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/12/04 5:45 a.m.150 views

USN-4182-4: Intel Microcode regression

USN-4182-2 provided updated Intel Processor Microcode. A regression was discovered that caused some Skylake processors to hang after a warm reboot. This update reverts the microcode for that specific processor family. We apologize for the inconvenience. Original advisory details: Stephan van...

7.2AI score
Exploits0References1
Ubuntu
Ubuntu
added 2019/11/14 12:25 a.m.150 views

USN-4191-2: QEMU vulnerabilities

USN-4191-2 fixed a vulnerability in QEMU. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that the LSI SCSI adapter emulator implementation in QEMU did not properly validate executed scripts. A local attacker could use this to cause...

8.8CVSS7.6AI score0.16658EPSS
Exploits4
Total number of security vulnerabilities5000