Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
added 2019/10/09 12:4 p.m.150 views

USN-4151-1: Python vulnerabilities

It was discovered that Python incorrectly parsed certain email addresses. A remote attacker could possibly use this issue to trick Python applications into accepting email addresses that should be denied. CVE-2019-16056 It was discovered that the Python documentation XML-RPC server incorrectly...

7.5CVSS7.5AI score0.05366EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/02/27 5:16 p.m.150 views

USN-3898-1: NSS vulnerability

Hanno Böck and Damian Poddebniak discovered that NSS incorrectly handled certain CMS functions. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service...

6.5CVSS6.8AI score0.01956EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/02/04 11:5 p.m.150 views

USN-3880-1: Linux kernel vulnerabilities

It was discovered that the CIFS client implementation in the Linux kernel did not properly handle setup negotiation during session recovery, leading to a NULL pointer exception. An attacker could use this to create a malicious CIFS server that caused a denial of service client system crash...

7.8CVSS7.1AI score0.0363EPSS
Exploits2
Ubuntu
Ubuntu
added 2025/02/05 4:20 a.m.149 views

USN-7096-2: OpenJDK 8 regressions

USN-7096-1 fixed vulnerabilities in OpenJDK 8. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Andy Boothe discovered that the Networking component of OpenJDK 8 did not properly handle access under...

7.8AI score
Exploits0References1
Ubuntu
Ubuntu
added 2022/08/02 5:39 p.m.149 views

USN-5545-1: Linux kernel (OEM) vulnerability

Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations...

7.8CVSS6.6AI score0.05451EPSS
Exploits10
Ubuntu
Ubuntu
added 2022/05/30 8:24 a.m.149 views

USN-5431-1: GnuPG vulnerability

It was discovered that GnuPG was not properly processing keys with large amounts of signatures. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS6.9AI score0.02663EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/03/24 5:3 a.m.149 views

USN-5346-1: Linux kernel (OEM) vulnerability

It was discovered that the ICMPv6 implementation in the Linux kernel did not properly deallocate memory in certain situations. A remote attacker could possibly use this to cause a denial of service memory exhaustion...

9.1CVSS7AI score0.04919EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/03/10 6:57 p.m.149 views

USN-5321-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, obtain sensitive information, or execute arbitrary...

9.6CVSS7.3AI score0.00931EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/02/22 7:52 a.m.149 views

USN-5294-2: Linux kernel vulnerabilities

It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-22600 Szymon Heidrich discovered that the USB Gadget...

7.8CVSS7.4AI score0.05918EPSS
Exploits9
Ubuntu
Ubuntu
added 2021/10/06 7:9 p.m.149 views

USN-5106-1: Linux kernel (OEM) vulnerabilities

Valentina Palmiotti discovered that the iouring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. CVE-2021-41073 It was discovered that the Linux kernel did not properly enforce certain types of entries in the Secure...

8.7CVSS7.4AI score0.01692EPSS
Exploits4
Ubuntu
Ubuntu
added 2021/09/29 8:14 a.m.149 views

USN-5094-1: Linux kernel vulnerabilities

It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute...

8.7CVSS7.3AI score0.00734EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/02/02 7:14 a.m.149 views

USN-4712-1: Linux kernel regression

USN-4576-1 fixed a vulnerability in the overlay file system implementation in the Linux kernel. Unfortunately, that fix introduced a regression that could incorrectly deny access to overlay files in some situations. This update fixes the problem. We apologize for the inconvenience. Original...

5.5AI score
Exploits0References2
Ubuntu
Ubuntu
added 2021/01/21 2:34 a.m.149 views

USN-4689-4: Linux kernel update

USN-4689-3 fixed vulnerabilities in the NVIDIA server graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules. Original advisory details: It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that...

7.8CVSS6.5AI score0.00452EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/09/28 7:52 p.m.149 views

USN-4547-2: SSVNC vulnerabilities

It was discovered that the LibVNCClient vendored in SSVNC incorrectly handled certain packet lengths. A remote attacker could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code. CVE-2018-20020, CVE-2018-20021, CVE-2018-20022, CVE-2018-202...

9.8CVSS7.1AI score0.08553EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/07/06 7:54 p.m.149 views

USN-4412-1: Linux kernel vulnerabilities

Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service system crash. CVE-2020-10711 It was discovered that the SCSI generic sg driver in...

6.7CVSS6.8AI score0.04505EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/06/14 8:29 p.m.149 views

USN-3991-3: Firefox regression

USN-3991-1 fixed vulnerabilities in Firefox, and USN-3991-2 fixed a subsequent regression. The update caused an additional regression that resulted in Firefox failing to load correctly after executing it in safe mode. This update fixes the problem. We apologize for the inconvenience. Original...

7.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2019/01/15 11:37 a.m.149 views

USN-3858-1: HAProxy vulnerabilities

It was discovered that HAProxy incorrectly handled certain requests. An attacker could possibly use this to expose sensitive information. CVE-2018-20102 It was discovered that HAProxy incorrectly handled certain requests. A attacker could possibly use this issue to cause a denial of service. This...

7.5CVSS6.5AI score0.06593EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/01/14 1:45 p.m.149 views

USN-3856-1: GNOME Bluetooth vulnerability

Chris Marchesi discovered that BlueZ incorrectly handled disabling Bluetooth visibility. A remote attacker could possibly pair to devices, contrary to expectations. This update adds a workaround to GNOME Bluetooth to fix the issue...

4.5CVSS5.6AI score0.00458EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/08/24 3:13 p.m.148 views

USN-5579-1: Linux kernel vulnerabilities

Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information guest kernel memory. CVE-2022-26365 Roger Pau Monné...

7.1CVSS6.4AI score0.00322EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/06/23 9:29 a.m.148 views

USN-5487-2: Apache HTTP Server regression

USN-5487-1 fixed several vulnerabilities in Apache. Unfortunately, that update introduced a regression when proxying balancer manager connections in some configurations on Ubuntu 14.04 ESM. This update reverts those changes till further fix. We apologize for the inconvenience. Original advisory...

8.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2022/04/20 7:9 p.m.148 views

USN-5381-1: Linux kernel (OEM) vulnerabilities

David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-1015 It was discovered that the block layer subsystem in the...

8.8CVSS7.2AI score0.021EPSS
Exploits13
Ubuntu
Ubuntu
added 2022/03/10 1:19 p.m.148 views

USN-5320-1: Expat vulnerabilities and regression

USN-5288-1 fixed several vulnerabilities in Expat. For CVE-2022-25236 it caused a regression and an additional patch was required. This update address this regression and several other vulnerabilities. It was discovered that Expat incorrectly handled certain files. An attacker could possibly use...

9.8CVSS7.7AI score0.04781EPSS
Exploits1References1
Ubuntu
Ubuntu
added 2022/02/21 3:55 p.m.148 views

USN-5293-1: c3p0 vulnerability

Aaron Massey discovered that c3p0 could be made to crash when parsing certain input. An attacker able to modify the application's XML configuration file could cause a denial of service...

7.5CVSS7AI score0.04882EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/06/22 4:43 p.m.148 views

USN-4995-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, spoof the UI, bypass security restrictions, or...

8.8CVSS8AI score0.01764EPSS
Exploits5
Ubuntu
Ubuntu
added 2020/09/21 6:50 p.m.148 views

USN-4522-1: noVNC vulnerability

It was discovered that noVNC did not properly manage certain messages, resulting in the remote VNC server injecting arbitrary HTML into the noVNC web page. An attacker could use this issue to conduct cross-site scripting XSS attacks. CVE-2017-18635...

6.1CVSS5.9AI score0.0481EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/08/09 12:7 a.m.148 views

USN-4090-1: PostgreSQL vulnerabilities

Tom Lane discovered that PostgreSQL did not properly restrict functions declared as "SECURITY DEFINER". An attacker could use this to execute arbitrary SQL with the permissions of the function owner. CVE-2019-10208 Andreas Seltenreich discovered that PostgreSQL did not properly handle user-define...

8.8CVSS7AI score0.0217EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/04/02 6:21 p.m.148 views

USN-3930-1: Linux kernel vulnerabilities

Mathias Payer and Hui Peng discovered a use-after-free vulnerability in the Advanced Linux Sound Architecture ALSA subsystem. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2018-19824 Shlomi Oberman, Yuli Shapiro, and Ran Menscher discovered an...

8.1CVSS6.9AI score0.16523EPSS
Exploits15
Ubuntu
Ubuntu
added 2023/02/27 12:34 p.m.147 views

USN-5891-1: curl vulnerabilities

Harry Sintonen discovered that curl incorrectly handled HSTS support when multiple URLs are requested serially. A remote attacker could possibly use this issue to cause curl to use unencrypted connections. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10. CVE-2023-23914 Harry Sintonen...

9.1CVSS6.5AI score0.01703EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/06/16 11:56 p.m.147 views

USN-5484-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 It was discovered that a race condition existed in the network...

7CVSS6.6AI score0.06451EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/03/17 12:47 p.m.147 views

USN-5321-2: Firefox vulnerabilities

USN-5321-1 fixed vulnerabilities in Firefox. The update didn't include arm64 because of a regression. This update provides the corresponding update for arm64. This update also removes Yandex and Mail.ru as optional search providers in the drop-down search menu. Original advisory details: Multiple...

9.6CVSS7.5AI score0.00931EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/03/07 12:38 p.m.147 views

USN-5300-3: PHP vulnerabilities

USN-5300-1 fixed vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 21.10. Original advisory details: It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. CVE-2015-9253, CVE-2017-8923...

9.8CVSS7.2AI score0.25951EPSS
Exploits6
Ubuntu
Ubuntu
added 2021/09/28 2:30 a.m.147 views

USN-5091-1: Linux kernel vulnerabilities

Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. CVE-2021-33624 It was...

7.8CVSS7.4AI score0.01245EPSS
Exploits4
Ubuntu
Ubuntu
added 2021/08/24 6:29 a.m.147 views

USN-5050-1: Linux kernel vulnerabilities

It was discovered that the bluetooth subsystem in the Linux kernel did not properly perform access control. An authenticated attacker could possibly use this to expose sensitive information. CVE-2020-26558, CVE-2021-0129 Michael Brown discovered that the Xen netback driver in the Linux kernel did...

7.8CVSS7.4AI score0.00872EPSS
Exploits3
Ubuntu
Ubuntu
added 2021/06/25 8:1 p.m.147 views

USN-4997-2: Linux kernel (KVM) vulnerabilities

USN-4997-1 fixed vulnerabilities in the Linux kernel for Ubuntu 21.04. This update provides the corresponding updates for the Linux KVM kernel for Ubuntu 21.04. Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free...

8.8CVSS7.5AI score0.07604EPSS
Exploits9
Ubuntu
Ubuntu
added 2021/01/14 11:48 p.m.147 views

USN-4694-1: Linux kernel vulnerability

It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data...

8.1CVSS6.7AI score0.06563EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/11/05 1:38 p.m.147 views

USN-4618-1: tmux vulnerability

Sergey Nizovtsev discovered that tmux incorrectly handled some inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

8.8CVSS7.7AI score0.00679EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/07/18 5:32 p.m.147 views

USN-4066-1: libmspack vulnerability

It was discovered that libmspack incorrectly handled certain CHM files. A remote attacker could possibly use this issue to access sensitive information...

5.5CVSS6.8AI score0.01464EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/05/16 3:29 p.m.147 views

USN-3986-1: Wireshark vulnerabilities

It was discovered that Wireshark improperly handled certain input. A remote or local attacker could cause Wireshark to crash by injecting malform packets onto the wire or convincing someone to read a malformed packet trace file...

7.5CVSS6.8AI score0.05803EPSS
Exploits8
Ubuntu
Ubuntu
added 2014/04/14 12:33 p.m.147 views

USN-2166-1: Net-SNMP vulnerabilities

Ken Farnen discovered that Net-SNMP incorrectly handled AgentX timeouts. A remote attacker could use this issue to cause the server to crash or to hang, resulting in a denial of service. CVE-2012-6151 It was discovered that the Net-SNMP ICMP-MIB incorrectly validated input. A remote attacker coul...

5CVSS8.2AI score0.09451EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/12/19 1:8 p.m.146 views

USN-6561-1: libssh vulnerability

Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being...

5.9CVSS7AI score0.9378EPSS
Exploits4
Ubuntu
Ubuntu
added 2022/10/10 5:11 a.m.146 views

USN-5662-1: Oniguruma vulnerabilities

It was discovered that Oniguruma incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service, obtain sensitive information or other unspecified impact. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. CVE-2019-16163,...

9.8CVSS7.1AI score0.10539EPSS
Exploits6
Ubuntu
Ubuntu
added 2022/06/21 8:47 p.m.146 views

USN-5490-1: Protocol Buffers vulnerability

It was discovered that Protocol Buffers did not properly parse certain symbols. An attacker could possibly use this issue to cause a denial of service or other unspecified impact...

6.5CVSS6.6AI score0.0266EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/03/14 11:1 a.m.146 views

USN-5324-1: libxml2 vulnerability

It was discovered that libxml2 incorrectly handled certain XML files. An attacker could use this issue to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.7AI score0.0601EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/03/03 1:58 p.m.146 views

USN-5300-2: PHP vulnerabilities

USN-5300-1 fixed vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service...

9.8CVSS7.2AI score0.25951EPSS
Exploits5
Ubuntu
Ubuntu
added 2021/09/29 4:49 p.m.146 views

USN-5095-1: Apache Commons IO vulnerability

It was discovered that Apache Commons IO incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information...

5.8CVSS6.8AI score0.10608EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/07/13 12:1 p.m.146 views

USN-5006-2: PHP vulnerabilities

USN-5006-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that PHP incorrectly handled certain PHAR files. A remote attacker could possibly use this issue to cause PHP to...

7.5CVSS6.9AI score0.03179EPSS
Exploits4
Ubuntu
Ubuntu
added 2021/06/03 8:43 p.m.146 views

USN-4983-1: Linux kernel (OEM) vulnerabilities

Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33200 Piotr Krysiuk and Benedict Schlueter...

7.8CVSS6.7AI score0.01071EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/05/25 7:2 p.m.146 views

USN-4966-2: libx11 vulnerability

USN-4966-1 fixed a vulnerability in libx11. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that libx11 incorrectly validated certain parameter lengths. A remote attacker could possibly use this issue to trick...

9.8CVSS7.5AI score0.10634EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/03/29 1:5 p.m.146 views

USN-4895-1: Squid vulnerabilities

Alex Rousskov and Amit Klein discovered that Squid incorrectly handled certain Content-Length headers. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. This issue only affected Ubuntu 20.04 LTS. CVE-2020-15049 Jianjun Chen...

9.9CVSS6.9AI score0.08161EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/11/13 1:38 a.m.146 views

USN-4186-2: Linux kernel (Xenial HWE) vulnerabilities

USN-4186-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi,...

8.8CVSS7.7AI score0.03133EPSS
Exploits0References1
Total number of security vulnerabilities5000