Lucene search
K
UbuntuMost viewed

10889 matches found

Ubuntu
Ubuntu
•added 2020/10/20 4:35 p.m.•139 views

USN-4587-1: iTALC vulnerabilities

Nicolas Ruff discovered that iTALC had buffer overflows, divide-by-zero errors and didn't check malloc return values. A remote attacker could use these issues to cause a denial of service or possibly execute arbitrary code. CVE-2014-6051, CVE-2014-6052, CVE-2014-6053, CVE-2014-6054, CVE-2014-6055...

9.8CVSS7.8AI score0.15089EPSS
Exploits5
Ubuntu
Ubuntu
•added 2020/10/05 12:5 p.m.•139 views

USN-4568-1: Brotli vulnerability

It was discovered that Brotli incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash...

6.5CVSS6.9AI score0.03217EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/12/19 1:2 a.m.•139 views

USN-4224-1: Django vulnerability

Simon Charette discovered that the password reset functionality in Django used a Unicode case insensitive query to retrieve accounts associated with an email address. An attacker could possibly use this to obtain password reset tokens and hijack accounts...

9.8CVSS7.1AI score0.3481EPSS
Exploits7
Ubuntu
Ubuntu
•added 2019/12/03 1:0 a.m.•139 views

USN-4210-1: Linux kernel vulnerabilities

It was discovered that a buffer overflow existed in the 802.11 Wi-Fi configuration interface for the Linux kernel when handling beacon settings. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2019-16746 Nicolas Waisman discovered...

9.8CVSS7.3AI score0.12651EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/06/19 3:32 p.m.•139 views

USN-4019-1: SQLite vulnerabilities

It was discovered that SQLite incorrectly handled certain SQL files. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2017-2518, CVE-2017-2520 It was discovered that SQLite incorrectly handled certain...

9.8CVSS7.3AI score0.45426EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/04/02 9:8 p.m.•139 views

USN-3932-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the f2fs file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service. CVE-2017-18249 Wen Xu discovered that the f2fs file system implementation in the Linux kernel did not properly validate metadat...

8.1CVSS7AI score0.16523EPSS
Exploits19
Ubuntu
Ubuntu
•added 2015/11/24 6:6 p.m.•139 views

USN-2817-1: IcedTea Web vulnerabilities

It was discovered that IcedTea Web incorrectly handled applet URLs. A remote attacker could possibly use this issue to inject applets into the .appletTrustSettings configuration file and bypass user approval. CVE-2015-5234 Andrea Palazzo discovered that IcedTea Web incorrectly determined the orig...

6.8CVSS5.4AI score0.03037EPSS
Exploits0
Ubuntu
Ubuntu
•added 2007/08/31 5:39 p.m.•139 views

USN-510-1: Linux kernel vulnerabilities

A flaw was discovered in the PPP over Ethernet implementation. Local attackers could manipulate ioctls and cause kernel memory consumption leading to a denial of service. CVE-2007-2525 An integer underflow was discovered in the cpuset filesystem. If mounted, local attackers could obtain kernel...

7.8CVSS6AI score0.03872EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/05/07 12:0 a.m.•138 views

Linux kernel (OEM) vulnerabilities

Releases Ubuntu 22.04 LTS Packages linux-oem-6.5 - Linux kernel for OEM systems Details Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause ...

5CVSS7.5AI score0.78388EPSS
Exploits2References123
Ubuntu
Ubuntu
•added 2022/07/28 2:40 p.m.•138 views

USN-5538-1: libtirpc vulnerability

It was discovered that libtirpc incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.6AI score0.02088EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/10/25 4:14 p.m.•138 views

USN-5124-1: GNU binutils vulnerabilities

It was discovered that GNU binutils incorrectly handled certain hash lookups. An attacker could use this issue to cause GNU binutils to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2020-16592 It was discovered that GNU binutils incorrectly handled certain corru...

5.5CVSS7.2AI score0.01046EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/07/21 1:27 a.m.•138 views

USN-5019-1: NVIDIA graphics drivers vulnerabilities

It was discovered that an assert could be triggered in the NVIDIA graphics drivers. A local attacker could use this to cause a denial of service. CVE-2021-1093 It was discovered that the NVIDIA graphics drivers permitted an out-of-bounds array access. A local attacker could use this to cause a...

6.2CVSS5.7AI score0.00414EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/07/20 9:33 p.m.•138 views

USN-5014-1: Linux kernel vulnerability

It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.2AI score0.09808EPSS
Exploits6
Ubuntu
Ubuntu
•added 2021/07/19 7:41 a.m.•138 views

LSN-0078-1: Kernel Live Patch Security Notice

Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code.CVE-2021-3609...

7CVSS6.7AI score0.00431EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/06/22 11:46 a.m.•138 views

USN-4996-2: OpenEXR vulnerabilities

USN-4996-1 fixed several vulnerabilities in OpenEXR. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a...

5.5CVSS6.6AI score0.01747EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/06/03 4:24 p.m.•138 views

USN-4981-1: Squid vulnerabilities

Joshua Rogers discovered that Squid incorrectly handled requests with the urn: scheme. A remote attacker could possibly use this issue to cause Squid to consume resources, leading to a denial of service. CVE-2021-28651 Joshua Rogers discovered that Squid incorrectly handled requests to the Cache...

7.5CVSS6.6AI score0.95785EPSS
Exploits5
Ubuntu
Ubuntu
•added 2021/02/25 5:1 p.m.•138 views

USN-4755-1: LibTIFF vulnerabilities

It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges...

7.8CVSS7.6AI score0.01922EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/12/02 1:54 a.m.•138 views

USN-4657-1: Linux kernel vulnerabilities

Elena Petrova discovered that the pin controller device tree implementation in the Linux kernel did not properly handle string references. A local attacker could use this to expose sensitive information kernel memory. CVE-2020-0427 Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen...

7.8CVSS7.6AI score0.06692EPSS
Exploits9
Ubuntu
Ubuntu
•added 2020/09/28 4:7 p.m.•138 views

USN-4547-1: iTALC vulnerabilities

It was discovered that an information disclosure vulnerability existed in the LibVNCServer vendored in iTALC when sending a ServerCutText message. An attacker could possibly use this issue to expose sensitive information. CVE-2019-15681 It was discovered that the LibVNCServer and LibVNCClient...

9.8CVSS7.3AI score0.15089EPSS
Exploits4
Ubuntu
Ubuntu
•added 2020/01/13 3:29 p.m.•138 views

USN-4235-1: nginx vulnerability

Bert JW Regeer and Francisco Oca Gonzalez discovered that nginx incorrectly handled certain errorpage configurations. A remote attacker could possibly use this issue to perform HTTP request smuggling attacks and access resources contrary to expectations...

5.3CVSS6.8AI score0.14961EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/07/24 3:15 p.m.•138 views

USN-4071-2: Patch vulnerabilities

USN-4071-1 fixed several vulnerabilities in Patch. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. CVE-2019-136...

9.3CVSS7.4AI score0.0453EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/24 1:33 p.m.•138 views

USN-4071-1: Patch vulnerabilities

It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. CVE-2019-13636 It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code...

9.3CVSS7.3AI score0.0453EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/05/23 6:25 p.m.•138 views

USN-3957-2: MariaDB vulnerabilities

USN-3957-1 fixed multiple vulnerabilities in MySQL. This update provides the corresponding fixes for CVE-2019-2614 and CVE-2019-2627 in MariaDB 5.5. Ubuntu 14.04 LTS has been updated to MariaDB 5.5.64. In addition to security fixes, the updated packages contain bug fixes, new features, and possib...

4.9CVSS6.4AI score0.0301EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/05/16 11:55 a.m.•138 views

USN-3648-1: curl vulnerabilities

Dario Weisser discovered that curl incorrectly handled long FTP server command replies. If a user or automated system were tricked into connecting to a malicious FTP server, a remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute...

9.8CVSS7.6AI score0.06003EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/05/09 3:13 p.m.•138 views

USN-3643-2: Wget vulnerability

USN-3643-1 fixed a vulnerability in Wget. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Wget incorrectly handled certain inputs. An attacker could possibly use this to inject arbitrary cookie values...

6.5CVSS6.8AI score0.17249EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/09/19 9:52 p.m.•137 views

USN-6386-1: Linux kernel vulnerabilities

Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. CVE-2023-20588 It was discovered...

7.8CVSS7.1AI score0.12405EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/04/20 7:41 a.m.•137 views

USN-5380-1: Bash vulnerability

It was discovered that Bash did not properly drop privileges when the binary had the setuid bit enabled. An attacker could possibly use this issue to escalate privileges...

7.8CVSS6.9AI score0.02608EPSS
Exploits5
Ubuntu
Ubuntu
•added 2022/01/18 5:13 p.m.•137 views

USN-5235-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled certain HTML files. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. CVE-2021-41816 It was discovered that Ruby incorrectly handled certain regular expressions. An...

9.8CVSS7.3AI score0.04766EPSS
Exploits3
Ubuntu
Ubuntu
•added 2021/10/22 6:7 p.m.•137 views

USN-5114-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information WiFi network traffic. CVE-2020-3702 It was discovered that the KVM hypervisor implementation in the Linux kernel did not proper...

7.8CVSS6.7AI score0.01476EPSS
Exploits4
Ubuntu
Ubuntu
•added 2021/08/31 12:15 p.m.•137 views

USN-5058-1: Thunderbird vulnerabilities

It was discovered that Thunderbird didn't ignore IMAP server responses prior to completion of the STARTTLS handshake. A person-in-the-middle could potentially exploit this to trick Thunderbird into showing incorrect information. CVE-2021-29969 Multiple security issues were discovered in...

8.8CVSS7.8AI score0.03582EPSS
Exploits6
Ubuntu
Ubuntu
•added 2021/08/12 5:19 p.m.•137 views

USN-5038-1: PostgreSQL vulnerabilities

It was discovered that the PostgresQL planner could create incorrect plans in certain circumstances. A remote attacker could use this issue to cause PostgreSQL to crash, resulting in a denial of service, or possibly obtain sensitive information from memory. This issue only affected Ubuntu 20.04 L...

6.5CVSS7.8AI score0.62906EPSS
Exploits3
Ubuntu
Ubuntu
•added 2021/07/21 2:20 p.m.•137 views

USN-5020-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. CVE-2021-31799 It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to conduct port scans and service banner...

7.4CVSS7.5AI score0.0305EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/06/15 11:11 a.m.•137 views

USN-4988-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of th...

7.8CVSS6.3AI score0.02616EPSS
Exploits25
Ubuntu
Ubuntu
•added 2021/05/06 1:13 p.m.•137 views

USN-4936-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. CVE-2021-23968,...

8.8CVSS7.7AI score0.01543EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/04/06 8:29 p.m.•137 views

USN-4318-1: Linux kernel vulnerabilities

Al Viro discovered that the vfs layer in the Linux kernel contained a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly expose sensitive information kernel memory. CVE-2020-8428 Gustavo Romero and Paul Mackerras discovered that th...

7.1CVSS6.7AI score0.00655EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/11/13 7:8 p.m.•137 views

USN-4185-3: Linux kernel vulnerability and regression

USN-4185-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 i915 missing Blitter Command Streamer check was incomplete on 64-bit Intel x86 systems. Also, the update introduced a regression that broke KVM guests where extended page tables EPT are...

7.8CVSS7.7AI score0.00668EPSS
Exploits0References2
Ubuntu
Ubuntu
•added 2019/07/16 4:21 p.m.•137 views

USN-4060-2: NSS vulnerabilities

USN-4060-1 fixed several vulnerabilities in nss. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Henry Corrigan-Gibbs discovered that NSS incorrectly handled importing certain curve25519 private keys. An attacker could use this...

7.5CVSS8.2AI score0.02794EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/11/19 10:3 p.m.•137 views

USN-3816-2: systemd vulnerability

USN-3816-1 fixed several vulnerabilities in systemd. However, the fix for CVE-2018-6954 was not sufficient. This update provides the remaining fixes. We apologize for the inconvenience. Original advisory details: Jann Horn discovered that unitdeserialize incorrectly handled status messages above ...

7.8CVSS6.7AI score0.00532EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/04/19 12:26 p.m.•137 views

USN-3627-1: Apache HTTP Server vulnerabilities

Alex Nichols and Jakob Hirsch discovered that the Apache HTTP Server modauthnzldap module incorrectly handled missing charset encoding headers. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. CVE-2017-15710 Elar Lang discovered that...

9.8CVSS6.6AI score0.86006EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/04/04 10:6 p.m.•138 views

USN-3255-1: LightDM vulnerability

It was discovered that LightDM incorrectly handled home directory creation for guest users. A local attacker could use this issue to gain ownership of arbitrary directory paths and possibly gain administrative privileges...

7.3CVSS7.2AI score0.02669EPSS
Exploits5
Ubuntu
Ubuntu
•added 2022/04/20 11:48 p.m.•136 views

USN-5383-1: Linux kernel vulnerabilities

David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-1015 Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex...

6.6CVSS6.8AI score0.01467EPSS
Exploits13
Ubuntu
Ubuntu
•added 2022/03/17 12:46 p.m.•136 views

USN-5334-1: man-db vulnerability

It was discovered that man-db incorrectly handled permission changing operations in its daily cron job, and was therefore affected by a race condition. An attacker could possibly use this issue to escalate privileges and execute arbitrary code...

7.8CVSS7.6AI score0.01047EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/03/15 4:45 p.m.•136 views

USN-5328-1: OpenSSL vulnerability

Tavis Ormandy discovered that OpenSSL incorrectly parsed certain certificates. A remote attacker could possibly use this issue to cause OpenSSH to stop responding, resulting in a denial of service...

7.5CVSS7AI score0.70561EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/03/14 5:30 p.m.•136 views

USN-5325-1: Zsh vulnerabilities

Sam Foxman discovered that Zsh incorrectly handled certain inputs. An attacker could possibly use this issue to regain dropped privileges. CVE-2019-20044 It was discovered that Zsh incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. CVE-2021-45...

7.8CVSS7.8AI score0.0198EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/11/09 3:49 a.m.•136 views

USN-5137-1: Linux kernel vulnerabilities

It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.2AI score0.02014EPSS
Exploits6
Ubuntu
Ubuntu
•added 2021/10/25 12:56 p.m.•136 views

USN-5123-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.27 in Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.36. In addition to security fixes, the...

7.1CVSS6.4AI score0.03384EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/10/22 1:3 a.m.•136 views

USN-5116-2: Linux kernel vulnerabilities

It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information WiFi network traffic. CVE-2020-3702 Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not...

7.8CVSS6.7AI score0.01476EPSS
Exploits4
Ubuntu
Ubuntu
•added 2021/10/21 11:52 p.m.•136 views

USN-5120-1: Linux kernel (Azure) vulnerabilities

It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service system crash or possibly execute arbitrary code...

8.7CVSS7.4AI score0.03354EPSS
Exploits3
Ubuntu
Ubuntu
•added 2021/04/26 10:44 a.m.•136 views

USN-4926-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, trick the user into disclosing confidential...

8.8CVSS7.7AI score0.01764EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/01/11 12:42 p.m.•136 views

USN-4688-1: JasPer vulnerabilities

It was discovered that Jasper incorrectly certain files. An attacker could possibly use this issue to cause a crash. CVE-2018-18873 It was discovered that Jasper incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. CVE-2018-19542 It was...

7.8CVSS6.9AI score0.01946EPSS
Exploits3
Total number of security vulnerabilities5000