Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2019/07/25 8:3 p.m.•146 views

USN-4054-2: Firefox regressions

USN-4054-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. We apologize for the inconvenience. Original advisory details: A sandbox escape was discovered in Firefox. If a user were tricked in to installing a malicious language pac...

7.5AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2019/06/19 12:46 p.m.•146 views

USN-4018-1: Samba vulnerabilities

It was discovered that Samba incorrectly handled certain RPC messages. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. CVE-2019-12435 It was discovered that Samba incorrectly handled LDAP pages searches. A remote attacker could possibly u...

6.5CVSS6.8AI score0.02845EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/05/22 12:45 p.m.•146 views

USN-3993-1: curl vulnerabilities

Wenchao Li discovered that curl incorrectly handled memory in the curlurlset function. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.04. CVE-2019-5435 It was discovered that...

7.8CVSS6.5AI score0.49739EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/03/18 1:57 p.m.•146 views

USN-3906-2: LibTIFF vulnerabilities

USN-3906-1 and USN-3864-1 fixed several vulnerabilities in LibTIFF. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a...

8.8CVSS7.4AI score0.25183EPSS
Exploits7
Ubuntu
Ubuntu
•added 2019/03/06 7:33 p.m.•146 views

USN-3903-2: Linux kernel (HWE) vulnerabilities

USN-3903-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS. Jason Wang discovered that the vhost net driver in the Linux kernel contained an out of bounds...

7CVSS7.3AI score0.00561EPSS
Exploits5
Ubuntu
Ubuntu
•added 2019/01/31 1:0 p.m.•146 views

USN-3876-2: Avahi vulnerabilities

USN-3876-1 fixed a vulnerability in Avahi. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Chad Seaman discovered that Avahi incorrectly handled certain messages. An attacker could possibly use this issue to cause a denial of service. CVE-2017-6519,...

9.1CVSS7.4AI score0.03082EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/12/20 11:11 p.m.•146 views

USN-3848-1: Linux kernel vulnerabilities

It was discovered that a double free existed in the AMD GPIO driver in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-18174 It was discovered that an integer overrun vulnerability existed in the POSIX timers...

9.8CVSS6.9AI score0.03399EPSS
Exploits2
Ubuntu
Ubuntu
•added 2018/11/14 11:21 p.m.•146 views

USN-3822-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3822-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jim Mattson discovered that the KVM implementation in the Linux kernel mismanages the ...

8.4CVSS7.1AI score0.00552EPSS
Exploits0
Ubuntu
Ubuntu
•added 2012/06/11 9:3 p.m.•146 views

USN-1467-1: MySQL vulnerabilities

It was discovered that certain builds of MySQL incorrectly handled password authentication on certain platforms. A remote attacker could use this issue to authenticate with an arbitrary password and establish a connection. CVE-2012-2122 MySQL has been updated to 5.5.24 in Ubuntu 12.04 LTS. Ubuntu...

5.1CVSS8.5AI score0.96188EPSS
Exploits9
Ubuntu
Ubuntu
•added 2006/01/06 6:11 p.m.•146 views

USN-237-1: nbd vulnerability

Kurt Fitzner discovered that the NBD network block device server did not correctly verify the maximum size of request packets. By sending specially crafted large request packets, a remote attacker who is allowed to access the server could exploit this to execute arbitrary code with root privilege...

5.1CVSS5.5AI score0.03788EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/01/15 11:57 a.m.•145 views

USN-6581-1: GNU binutils vulnerabilities

It was discovered that GNU binutils was not properly performing bounds checks in several functions, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service, expose sensitive information or execute arbitrary code. CVE-2022-44840, CVE-2022-45703...

7.8CVSS6.8AI score0.00513EPSS
Exploits6
Ubuntu
Ubuntu
•added 2022/06/21 2:36 p.m.•145 views

USN-5488-1: OpenSSL vulnerability

Chancen and Daniel Fiala discovered that OpenSSL incorrectly handled the crehash script. A local attacker could possibly use this issue to execute arbitrary commands when crehash is run...

10CVSS7.5AI score0.95764EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/02/22 10:16 a.m.•145 views

USN-5299-1: Linux kernel vulnerabilities

Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate attacker could possibly use this issue to inject packets or exfiltrate selected fragments. CVE-2020-26147 It was discovered that the bluetooth...

7.8CVSS8.2AI score0.07604EPSS
Exploits6
Ubuntu
Ubuntu
•added 2022/02/18 12:35 a.m.•145 views

USN-5294-1: Linux kernel vulnerabilities

It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-22600 Szymon Heidrich discovered that the USB Gadget...

7.8CVSS7.4AI score0.05918EPSS
Exploits9
Ubuntu
Ubuntu
•added 2022/02/03 5:48 a.m.•145 views

USN-5268-1: Linux kernel vulnerabilities

Keyu Man discovered that the ICMP implementation in the Linux kernel did not properly handle received ICMP error packets. A remote attacker could use this to facilitate attacks on UDP based services that depend on source port randomization. CVE-2021-20322 It was discovered that the Bluetooth...

7.9CVSS6.9AI score0.06846EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/09/30 5:4 p.m.•145 views

USN-5094-2: Linux kernel (Raspberry Pi) vulnerabilities

It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute...

8.7CVSS7AI score0.00734EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/06/01 11:56 a.m.•145 views

USN-4973-1: Python vulnerability

It was discovered that the Python stdlib ipaddress API incorrectly handled octal strings. A remote attacker could possibly use this issue to perform a wide variety of attacks, including bypassing certain access restrictions...

9.8CVSS7.5AI score0.06827EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/12/03 2:52 a.m.•145 views

USN-4211-2: Linux kernel (Xenial HWE) vulnerabilities

USN-4211-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Zhipeng Xie discovered that an infinite loop could be triggered in the CFS Linux kerne...

9.8CVSS6.9AI score0.06652EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/05/13 7:36 p.m.•145 views

USN-3975-1: OpenJDK vulnerabilities

It was discovered that the BigDecimal implementation in OpenJDK performed excessive computation when given certain values. An attacker could use this to cause a denial of service excessive CPU usage. CVE-2019-2602 Corwin de Boor and Robert Xiao discovered that the RMI registry implementation in...

8.1CVSS7.1AI score0.37618EPSS
Exploits2
Ubuntu
Ubuntu
•added 2018/03/05 4:8 p.m.•145 views

USN-3585-1: Twisted vulnerability

It was discovered that Twisted incorrectly handled certain HTTP requests. An attacker could possibly use this issue to execute arbitrary code...

5.3CVSS6AI score0.02406EPSS
Exploits0
Ubuntu
Ubuntu
•added 2014/12/04 2:5 p.m.•145 views

USN-2433-1: tcpdump vulnerabilities

Steffen Bauch discovered that tcpdump incorrectly handled printing OSLR packets. A remote attacker could use this issue to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2014-8767 Steffen Bauch discovered that tcpdump incorrectly handled printing...

6.4CVSS8.4AI score0.19807EPSS
Exploits10
Ubuntu
Ubuntu
•added 2022/06/13 5:50 p.m.•144 views

USN-5359-2: rsync vulnerability

USN-5359-1 fixed vulnerabilities in rsync. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: Danilo Ramos discovered that rsync incorrectly handled memory when performing certain zlib deflating operations. An attacker could use this issue to cause rsy...

7.5CVSS7.5AI score0.51733EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/26 1:34 p.m.•144 views

USN-5402-2: OpenSSL vulnerabilities

USN-5402-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Elison Niven discovered that OpenSSL incorrectly handled the crehash script. A local attacker could possibly use this issue to execute arbitrary...

10CVSS7AI score0.83223EPSS
Exploits5
Ubuntu
Ubuntu
•added 2022/05/23 10:45 a.m.•144 views

USN-5432-1: libpng vulnerabilities

It was discovered that libpng incorrectly handled memory when parsing certain PNG files. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possible execute arbitrary...

9.8CVSS6.5AI score0.04113EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/09/28 4:9 a.m.•144 views

USN-5092-1: Linux kernel vulnerabilities

Valentina Palmiotti discovered that the iouring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. CVE-2021-41073 Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in...

7.8CVSS7.4AI score0.03365EPSS
Exploits8
Ubuntu
Ubuntu
•added 2021/09/08 12:51 a.m.•144 views

USN-5062-1: Linux kernel vulnerability

Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory...

8.8CVSS6.6AI score0.00413EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/04/12 12:21 p.m.•144 views

USN-4899-2: SpamAssassin vulnerability

USN-4899-1 fixed a vulnerability in SpamAssassin. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Damian Lukowski discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially-...

10CVSS7.7AI score0.06132EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/02/18 12:29 p.m.•144 views

USN-4739-1: WebKitGTK vulnerability

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS7.9AI score0.01792EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/02/18 12:5 p.m.•144 views

USN-4737-1: Bind vulnerability

It was discovered that Bind incorrectly handled GSSAPI security policy negotiation. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, attackers would be isolated by the Bind AppArmor...

8.1CVSS7.3AI score0.64161EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/02/15 12:2 p.m.•144 views

USN-4735-1: PostgreSQL vulnerability

Heikki Linnakangas discovered that PostgreSQL incorrectly leaked values of denied columns when handling certain errors. A remote attacker could possibly use this issue to obtain sensitive information...

4.3CVSS6.5AI score0.01187EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/01/11 9:57 p.m.•144 views

USN-4689-2: Linux kernel vulnerabilities

USN-4689-1 fixed vulnerabilities in the NVIDIA graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules. Original advisory details: It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed...

7.8CVSS6.5AI score0.01777EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/09/23 7:42 a.m.•144 views

USN-4526-1: Linux kernel vulnerabilities

It was discovered that the AMD Cryptographic Coprocessor device driver in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2019-18808 It was discovered that the Conexant 23885 TV card device...

7.8CVSS6.5AI score0.05228EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/04/21 12:15 p.m.•144 views

USN-4333-1: Python vulnerabilities

It was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. CVE-2019-18348 It was discovered that Python incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denia...

7.1CVSS7.3AI score0.06617EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/09/18 2:8 p.m.•144 views

USN-4128-2: Tomcat vulnerabilities

It was discovered that the Tomcat 9 SSI printenv command echoed user provided data without escaping it. An attacker could possibly use this issue to perform an XSS attack. CVE-2019-0221 It was discovered that Tomcat 9 did not address HTTP/2 connection window exhaustion on write while addressing...

7.5CVSS6.7AI score0.72988EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/05/28 3:34 p.m.•144 views

USN-3845-2: FreeRDP vulnerabilities

USN-3845-1 fixed several vulnerabilities in FreeRDP. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 18.10. Original advisory details: Eyal Itkin discovered FreeRDP incorrectly handled certain stream encodings. A malicious server could use this issue to cause FreeRDP...

9.8CVSS7.5AI score0.08357EPSS
Exploits4
Ubuntu
Ubuntu
•added 2019/02/08 8:3 p.m.•144 views

USN-3878-3: Linux kernel regression

USN-3878-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that could prevent systems with certain graphics chipsets from booting. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that a...

6.2AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2022/02/18 1:7 a.m.•143 views

USN-5292-2: snapd vulnerabilities

USN-5292-1 fixed vulnerabilities in snapd. This update provides the corresponding update for the riscv64 architecture. Original advisory details: James Troup discovered that snap did not properly manage the permissions for the snap directories. A local attacker could possibly use this issue to...

8.8CVSS7.5AI score0.00966EPSS
Exploits5
Ubuntu
Ubuntu
•added 2021/09/30 3:51 p.m.•143 views

USN-5091-2: Linux kernel (Raspberry Pi) vulnerabilities

Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. CVE-2021-33624 It was...

7.8CVSS6.9AI score0.01245EPSS
Exploits3
Ubuntu
Ubuntu
•added 2021/08/04 11:8 a.m.•143 views

USN-5030-1: Perl DBI module vulnerabilities

It was discovered that the Perl DBI module incorrectly opened files outside of the folder specified in the data source name. A remote attacker could possibly use this issue to obtain sensitive information. CVE-2014-10402 It was discovered that the Perl DBI module incorrectly handled certain long...

7.1CVSS7AI score0.00602EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/04/13 9:55 p.m.•143 views

USN-4909-1: Linux kernel vulnerabilities

Loris Reiff discovered that the BPF implementation in the Linux kernel did not properly validate attributes in the getsockopt BPF hook. A local attacker could possibly use this to cause a denial of service system crash. CVE-2021-20194 Olivier Benjamin, Norbert Manthey, Martin Mazein, and Jan H...

7.8CVSS7AI score0.00544EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/03/15 5:6 p.m.•143 views

USN-4764-1: GLib vulnerability

It was discovered that GLib incorrectly handled certain symlinks when replacing files. If a user or automated system were tricked into extracting a specially crafted file with File Roller, a remote attacker could possibly create files outside of the intended directory...

5.3CVSS6.8AI score0.02622EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/05/04 12:8 p.m.•143 views

USN-4350-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.80 in Ubuntu 19.10 and Ubuntu 20.04 LTS. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.30. In addition to security fixes...

6.5CVSS6.2AI score0.03306EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/11/14 12:14 a.m.•143 views

USN-4191-1: QEMU vulnerabilities

It was discovered that the LSI SCSI adapter emulator implementation in QEMU did not properly validate executed scripts. A local attacker could use this to cause a denial of service. CVE-2019-12068 Sergej Schumilo, Cornelius Aschermann and Simon Wörner discovered that the qxl paravirtual graphics...

8.8CVSS7.6AI score0.16658EPSS
Exploits4
Ubuntu
Ubuntu
•added 2019/05/16 11:21 p.m.•143 views

USN-3985-2: libvirt update

Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...

5.9CVSS6.5AI score0.01553EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2019/05/09 12:13 p.m.•143 views

USN-3956-2: Bind vulnerability

USN-3956-1 fixed a vulnerability in Bind. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that Bind incorrectly handled limiting the number of simultaneous TCP clients. A remote attacker could possibly use this...

7.5CVSS7.4AI score0.06404EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/04/03 11:40 a.m.•143 views

USN-3934-1: PolicyKit vulnerability

It was discovered that PolicyKit incorrectly relied on the fork system call in the Linux kernel being atomic. A local attacker could possibly use this issue to gain access to services that have cached authorizations...

6.7CVSS6.8AI score0.00446EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/03/29 5:33 p.m.•142 views

USN-5985-1: Linux kernel vulnerabilities

It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2021-3669 It was discovered that the KVM VMX implementation in the Linux kernel did no...

8.8CVSS7.2AI score0.00484EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/04/06 9:21 p.m.•142 views

USN-5368-1: Linux kernel vulnerabilities

It was discovered that the BPF verifier in the Linux kernel did not properly restrict pointer types in certain situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-23222 It was discovered that the network traffic contro...

9.1CVSS7.8AI score0.67994EPSS
Exploits29
Ubuntu
Ubuntu
•added 2022/03/07 11:29 a.m.•142 views

USN-5313-1: OpenJDK vulnerabilities

It was discovered that OpenJDK incorrectly handled deserialization filters. An attacker could possibly use this issue to insert, delete or obtain sensitive information. CVE-2022-21248 It was discovered that OpenJDK incorrectly read uncompressed TIFF files. An attacker could possibly use this issu...

5.3CVSS6.3AI score0.08346EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/01/20 11:40 a.m.•142 views

USN-5021-2: curl vulnerability

USN-5021-1 fixed vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: Harry Sintonen and Tomas Hoger discovered that curl incorrectly handled TELNET connections when the -t option was used on the command line. Uninitialized data...

5.3CVSS6.5AI score0.04929EPSS
Exploits2
Total number of security vulnerabilities5000