Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2022/01/06 2:26 a.m.•142 views

USN-5209-1: Linux kernel vulnerabilities

Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. CVE-2021-4002 It was discovered that a race condition existed in the time...

7.8CVSS7.2AI score0.00669EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/09/08 11:48 p.m.•142 views

USN-5072-1: Linux kernel vulnerabilities

Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory...

8.8CVSS6.6AI score0.00658EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/02/22 2:8 p.m.•142 views

USN-4742-1: Django vulnerability

It was discovered that Django incorrectly accepted semicolons as query parameters. A remote attacker could possibly use this issue to perform a Web Cache Poisoning attack...

5.9CVSS7.5AI score0.35963EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/05/19 12:55 p.m.•142 views

USN-4366-1: Exim vulnerability

It was discovered that Exim incorrectly handled certain inputs. An remote attacker could possibly use this issue to access sensitive information or authentication bypass...

7.5CVSS8AI score0.04467EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/09/10 1:8 p.m.•142 views

USN-4127-2: Python vulnerabilities

USN-4127-1 fixed several vulnerabilities in Python. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that Python incorrectly handled certain pickle files. An attacker could possibly use this issue to consume...

9.8CVSS7.2AI score0.20743EPSS
Exploits6
Ubuntu
Ubuntu
•added 2019/06/19 4:42 p.m.•142 views

USN-4021-1: libvirt vulnerabilities

Daniel P. Berrangé discovered that libvirt incorrectly handled socket permissions. A local attacker could possibly use this issue to access libvirt. CVE-2019-10132 It was discovered that libvirt incorrectly performed certain permission checks. A remote attacker could possibly use this issue to...

8.8CVSS7AI score0.01411EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/02/04 11:0 p.m.•142 views

USN-3871-3: Linux kernel (AWS, GCP, KVM, OEM, Raspberry Pi 2) vulnerabilities

Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code...

8.8CVSS6.9AI score0.02914EPSS
Exploits7
Ubuntu
Ubuntu
•added 2018/11/16 12:53 a.m.•142 views

USN-3824-1: OpenJDK 7 vulnerabilities

It was discovered that the Security component of OpenJDK did not properly ensure that manifest elements were signed before use. An attacker could possibly use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. CVE-2018-3136 Artem Smotrakov...

8.3CVSS7AI score0.07215EPSS
Exploits2
Ubuntu
Ubuntu
•added 2017/04/17 6:21 p.m.•142 views

USN-3259-1: Bind vulnerabilities

It was discovered that the resolver in Bind made incorrect assumptions about ordering when processing responses containing a CNAME or DNAME. An attacker could use this cause a denial of service. CVE-2017-3137 Oleg Gorokhov discovered that in some situations, Bind did not properly handle DNS64...

7.5CVSS6.7AI score0.11093EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/21 3:30 p.m.•141 views

USN-6495-1: Linux kernel vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Manfred Rudigier discovered that the IntelR PCI-Express Gigab...

7.5CVSS7.5AI score0.00544EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/06/13 2:58 p.m.•141 views

USN-6159-1: Tornado vulnerability

It was discovered that Tornado incorrectly handled certain redirect. An remote attacker could possibly use this issue to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL...

6.1CVSS6.3AI score0.01132EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/01/11 4:56 a.m.•141 views

USN-5217-1: Linux kernel (OEM) vulnerabilities

It was discovered that the NFS server implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-4090 It was discovered that the eBPF implementation in th...

7.1CVSS7.5AI score0.01095EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2021/11/11 5:32 a.m.•141 views

USN-5139-1: Linux kernel (OEM 5.10) vulnerabilities

Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information kernel memory. CVE-2021-3655 It was discovered that the AMD...

7.8CVSS7.3AI score0.00669EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/10/20 6:46 p.m.•141 views

USN-5117-1: Linux kernel (OEM) vulnerabilities

It was discovered that the btrfs file system in the Linux kernel did not properly handle removing a non-existent device id. An attacker with CAPSYSADMIN could use this to cause a denial of service. CVE-2021-3739 It was discovered that the Qualcomm IPC Router protocol implementation in the Linux...

7.1CVSS6.7AI score0.0072EPSS
Exploits3
Ubuntu
Ubuntu
•added 2021/10/20 6:39 p.m.•141 views

USN-5115-1: Linux kernel (OEM) vulnerabilities

It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information WiFi network traffic. CVE-2020-3702 Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF...

7.8CVSS7.4AI score0.01476EPSS
Exploits11
Ubuntu
Ubuntu
•added 2021/08/16 2:4 p.m.•141 views

LSN-0080-1: Kernel Live Patch Security Notice

Andy Nguyen discovered that the netfilter subsystem in the Linux kernel contained an out-of-bounds write in its setsockopt implementation. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code.CVE-2021-22555...

8.3CVSS7AI score0.78684EPSS
Exploits21
Ubuntu
Ubuntu
•added 2021/07/22 6:17 p.m.•141 views

USN-5021-1: curl vulnerabilities

Harry Sintonen and Tomas Hoger discovered that curl incorrectly handled TELNET connections when the -t option was used on the command line. Uninitialized data possibly containing sensitive information could be sent to the remote server, contrary to expectations. CVE-2021-22898, CVE-2021-22925 Har...

5.3CVSS6.5AI score0.0627EPSS
Exploits3
Ubuntu
Ubuntu
•added 2021/06/09 11:10 a.m.•141 views

USN-4986-1: rpcbind vulnerability

It was discovered that rpcbind incorrectly handled certain large data sizes. A remote attacker could use this issue to cause rpcbind to consume resources, leading to a denial of service...

7.8CVSS7.4AI score0.81921EPSS
Exploits4
Ubuntu
Ubuntu
•added 2021/05/04 11:59 a.m.•141 views

USN-4933-1: OpenVPN vulnerabilities

It was discovered that OpenVPN incorrectly handled certain data channel v2 packets. A remote attacker could possibly use this issue to inject packets using a victim's peer-id. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2020-11810 It was discovered that OpenVPN incorrectly...

7.5CVSS6.8AI score0.05107EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/04/13 3:23 p.m.•141 views

USN-4907-1: Linux kernel vulnerabilities

Wen Xu discovered that the xfs file system implementation in the Linux kernel did not properly validate the number of extents in an inode. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service system crash. CVE-2018-13095 It was discover...

7.8CVSS7AI score0.01534EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/03/25 10:36 p.m.•141 views

USN-4893-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. CVE-2021-23981, CVE-2021-23982, CVE-2021-23983,...

8.8CVSS8.2AI score0.01404EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/02/08 12:55 p.m.•141 views

USN-4724-1: OpenLDAP vulnerabilities

It was discovered that OpenLDAP incorrectly handled Certificate Exact Assertion processing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. CVE-2020-36221 It was discovered that OpenLDAP incorrectly handled saslAuthzTo processing. A...

7.5CVSS7.5AI score0.84224EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/29 3:55 p.m.•141 views

USN-4077-1: tmpreaper vulnerability

It was discovered that tmpreaper incorrectly handled certain mount operations. A local attacker could possibly use this issue to create arbitrary files, leading to privilege escalation...

7CVSS7.1AI score0.00253EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/01/29 2:49 a.m.•141 views

USN-3871-1: Linux kernel vulnerabilities

Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code...

8.8CVSS6.9AI score0.02914EPSS
Exploits7
Ubuntu
Ubuntu
•added 2019/01/16 6:18 p.m.•141 views

USN-3861-1: PolicyKit vulnerability

It was discovered that PolicyKit incorrectly handled certain large user UIDs. A local attacker with a large UID could possibly use this issue to perform privileged actions...

9CVSS7.4AI score0.11483EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/11/15 4:42 a.m.•141 views

USN-3823-1: Linux kernel vulnerabilities

It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault L1TF. A local attacker in a guest virtual machine could use this to expose sensitive...

5.6CVSS7.2AI score0.08101EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2018/09/11 2:6 a.m.•141 views

USN-3762-1: Linux kernel vulnerabilities

It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information kernel memory. CVE-2018-1118 Seunghun Han discovered an information leak in the ACPI handling code in the...

5.5CVSS6.5AI score0.00436EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/07/13 11:52 p.m.•140 views

USN-5517-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-1679...

7.8CVSS7.1AI score0.00804EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/04/01 12:37 a.m.•140 views

USN-5361-1: Linux kernel vulnerabilities

It was discovered that the VFIO PCI driver in the Linux kernel did not properly handle attempts to access disabled memory spaces. A local attacker could use this to cause a denial of service system crash. CVE-2020-12888 Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not...

7.2CVSS7.5AI score0.03515EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/03/31 10:55 p.m.•140 views

USN-5358-2: Linux kernel vulnerabilities

It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-1055 It was discovered that the IPsec implementati...

8.6CVSS7.4AI score0.05524EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/03/17 11:19 a.m.•140 views

USN-5332-1: Bind vulnerabilities

Xiang Li, Baojun Liu, Chaoyi Lu, and Changgen Zou discovered that Bind incorrectly handled certain bogus NS records when using forwarders. A remote attacker could possibly use this issue to manipulate cache results. CVE-2021-25220 It was discovered that Bind incorrectly handled certain crafted TC...

6.8CVSS6.6AI score0.0325EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/02/08 12:17 p.m.•140 views

USN-4754-5: Python vulnerability

USN-4754-1 fixed vulnerabilities in Python. Because of a regression, a subsequent update removed the fix for CVE-2021-3177. This update reinstates the security fix for CVE-2021-3177 in Ubuntu 14.04 ESM. Original advisory details: It was discovered that Python incorrectly handled certain inputs. A...

9.8CVSS7.8AI score0.23293EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/10/25 4:14 p.m.•140 views

USN-5124-1: GNU binutils vulnerabilities

It was discovered that GNU binutils incorrectly handled certain hash lookups. An attacker could use this issue to cause GNU binutils to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2020-16592 It was discovered that GNU binutils incorrectly handled certain corru...

5.5CVSS7.2AI score0.01046EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/09/29 9:2 a.m.•140 views

USN-5092-2: Linux kernel vulnerabilities

Valentina Palmiotti discovered that the iouring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. CVE-2021-41073 Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in...

7.8CVSS7.4AI score0.03365EPSS
Exploits8
Ubuntu
Ubuntu
•added 2021/09/16 11:12 a.m.•140 views

USN-5080-1: Libgcrypt vulnerabilities

It was discovered that Libgcrypt incorrectly handled ElGamal encryption. An attacker could possibly use this issue to recover sensitive information...

7.5CVSS6.8AI score0.02342EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/03/16 2:27 p.m.•140 views

USN-4843-1: phpMyAdmin vulnerabilities

Javier Nieto and Andres Rojas discovered that phpMyAdmin incorrectly managed input in the form of passwords. An attacker could use this vulnerability to cause a denial-of-service DoS. This issue only affected Ubuntu 14.04 ESM. CVE-2014-9218 Emanuel Bronshtein discovered that phpMyAdmin failed to...

9.8CVSS7.5AI score0.67081EPSS
Exploits19
Ubuntu
Ubuntu
•added 2021/03/11 2:56 p.m.•140 views

USN-4763-1: Pillow vulnerabilities

It was discovered that Pillow incorrectly handled certain Tiff image files. If a user or automated system were tricked into opening a specially-crafted Tiff file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only...

9.8CVSS7.5AI score0.04851EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/02/01 11:55 a.m.•140 views

USN-4715-1: Django vulnerability

Wang Baohua discovered that Django incorrectly extracted archive files. A remote attacker could possibly use this issue to extract files outside of their expected location...

5.3CVSS6.7AI score0.07605EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/01/18 12:30 p.m.•140 views

USN-4695-1: icoutils vulnerabilities

Choongwoo Han discovered that icoutils incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2017-5208 It was discovered that icoutils incorrectly handled certain files. An attacker could possibly use this issue to...

8.8CVSS7AI score0.03591EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/10/05 12:5 p.m.•140 views

USN-4568-1: Brotli vulnerability

It was discovered that Brotli incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash...

6.5CVSS6.9AI score0.03217EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/12/09 12:34 p.m.•140 views

USN-4215-1: NSS vulnerability

It was discovered that NSS incorrectly handled certain certificates. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS6.8AI score0.01382EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/08/13 4:19 p.m.•140 views

USN-4095-1: Linux kernel vulnerabilities

Eli Biham and Lior Neumann discovered that the Bluetooth implementation in the Linux kernel did not properly validate elliptic curve parameters during Diffie-Hellman key exchange in some situations. An attacker could use this to expose sensitive information. CVE-2018-5383 It was discovered that a...

9.8CVSS7.5AI score0.52199EPSS
Exploits30
Ubuntu
Ubuntu
•added 2019/07/24 1:33 p.m.•140 views

USN-4071-1: Patch vulnerabilities

It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. CVE-2019-13636 It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code...

9.3CVSS7.3AI score0.0453EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/06/24 2:4 p.m.•140 views

USN-4031-1: Linux kernel vulnerability

It was discovered that the Linux kernel did not properly separate certain memory mappings when creating new userspace processes on 64-bit Power ppc64el systems. A local attacker could use this to access memory contents or cause memory corruption of other processes on the system...

7CVSS7.3AI score0.00386EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/06/19 3:32 p.m.•140 views

USN-4019-1: SQLite vulnerabilities

It was discovered that SQLite incorrectly handled certain SQL files. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2017-2518, CVE-2017-2520 It was discovered that SQLite incorrectly handled certain...

9.8CVSS7.3AI score0.45426EPSS
Exploits2
Ubuntu
Ubuntu
•added 2017/10/02 2:9 p.m.•140 views

USN-3430-1: Dnsmasq vulnerabilities

Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. A remote attacker could use this issue to cause Dnsmasq to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2017-14491 Felix Wilhelm, Fermin...

9.8CVSS7.8AI score0.93307EPSS
Exploits32
Ubuntu
Ubuntu
•added 2015/11/24 6:6 p.m.•140 views

USN-2817-1: IcedTea Web vulnerabilities

It was discovered that IcedTea Web incorrectly handled applet URLs. A remote attacker could possibly use this issue to inject applets into the .appletTrustSettings configuration file and bypass user approval. CVE-2015-5234 Andrea Palazzo discovered that IcedTea Web incorrectly determined the orig...

6.8CVSS5.4AI score0.03037EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/10/27 5:2 p.m.•140 views

USN-2783-1: NTP vulnerabilities

Aleksis Kauppinen discovered that NTP incorrectly handled certain remote config packets. In a non-default configuration, a remote authenticated attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. CVE-2015-5146 Miroslav Lichvar discovered that NTP...

9.8CVSS7.1AI score0.81762EPSS
Exploits6
Ubuntu
Ubuntu
•added 2024/07/11 7:1 p.m.•139 views

USN-6893-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. CVE-2024-24857, CVE-2024-24858, CVE-2024-24859 Several security issues we...

9.1CVSS7AI score0.01401EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/10 11:45 a.m.•139 views

USN-5179-2: BusyBox vulnerability

USN-5179-1 fixed vulnerabilities in BusyBox. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: It was discovered that BusyBox incorrectly handled certain malformed gzip archives. If a user or automated system were tricked into processing a specially...

7.5CVSS7.3AI score0.02719EPSS
Exploits0
Total number of security vulnerabilities5000