Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2021/04/26 10:44 a.m.•136 views

USN-4926-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, trick the user into disclosing confidential...

8.8CVSS7.7AI score0.01764EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/01/11 12:42 p.m.•136 views

USN-4688-1: JasPer vulnerabilities

It was discovered that Jasper incorrectly certain files. An attacker could possibly use this issue to cause a crash. CVE-2018-18873 It was discovered that Jasper incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. CVE-2018-19542 It was...

7.8CVSS6.9AI score0.01946EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/01/28 11:7 p.m.•136 views

USN-4255-2: Linux kernel (HWE) vulnerabilities

USN-4255-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that the Linux kernel did not properly clear data structures on...

7.8CVSS7.3AI score0.01447EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/08/21 5:19 p.m.•136 views

USN-4109-1: OpenJPEG vulnerabilities

It was discovered that OpenJPEG incorrectly handled certain PGX files. An attacker could possibly use this issue to cause a denial of service or possibly remote code execution. CVE-2017-17480 It was discovered that OpenJPEG incorrectly handled certain files. An attacker could possibly use this...

9.8CVSS6.7AI score0.05135EPSS
Exploits4
Ubuntu
Ubuntu
•added 2019/04/09 12:1 a.m.•136 views

USN-3942-1: OpenJDK 7 vulnerability

It was discovered that a memory disclosure issue existed in the OpenJDK Library subsystem. An attacker could use this to expose sensitive information and possibly bypass Java sandbox restrictions...

3.1CVSS6.8AI score0.03374EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/03/20 6:33 p.m.•136 views

USN-3912-1: GDK-PixBuf vulnerability

It was discovered that the GDK-PixBuf library did not properly handle certain BMP images. If an user or automated system were tricked into opening a specially crafted BMP file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execut...

7.8CVSS7.7AI score0.01147EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/11/14 11:1 p.m.•136 views

USN-3822-1: Linux kernel vulnerabilities

Jim Mattson discovered that the KVM implementation in the Linux kernel mismanages the BP and OF exceptions. A local attacker in a guest virtual machine could use this to cause a denial of service guest OS crash. CVE-2016-9588 It was discovered that the generic SCSI driver in the Linux kernel did...

8.4CVSS7.1AI score0.00552EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/04/19 8:57 a.m.•135 views

USN-6026-1: Vim vulnerabilities

It was discovered that Vim was incorrectly processing Vim buffers. An attacker could possibly use this issue to perform illegal memory access and expose sensitive information. This issue only affected Ubuntu 20.04 LTS. CVE-2021-4166 It was discovered that Vim was using freed memory when dealing...

9.8CVSS8.3AI score0.26583EPSS
Exploits20
Ubuntu
Ubuntu
•added 2023/02/22 6:23 p.m.•135 views

USN-5882-1: DCMTK vulnerabilities

Gjoko Krstic discovered that DCMTK incorrectly handled buffers. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2015-8979...

9.8CVSS7.4AI score0.07629EPSS
Exploits5
Ubuntu
Ubuntu
•added 2022/04/12 6:38 p.m.•135 views

USN-5376-1: Git vulnerability

俞晨东 discovered that Git incorrectly handled certain repository paths in platforms with multiple users support. An attacker could possibly use this issue to run arbitrary commands...

7.8CVSS7.7AI score0.00782EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/03/16 12:53 p.m.•135 views

USN-5331-1: tcpdump vulnerabilities

It was discovered that tcpdump incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. CVE-2018-16301 It was discovered that tcpdump incorrectly handled certain captured data. An attacker could possibly use th...

7.8CVSS7.1AI score0.03071EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/10/18 11:7 a.m.•135 views

USN-5109-1: nginx vulnerability

It was discovered that nginx incorrectly handled files with certain modification dates. A remote attacker could possibly use this issue to cause a denial of service or other unspecified impact...

9.8CVSS8.2AI score0.03285EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/01/25 12:37 p.m.•135 views

USN-4702-1: Pound vulnerabilities

It was discovered that Pound incorrectly handled certain HTTP requests A remote attacker could use it to retrieve some sensitive information. CVE-2016-10711, CVE-2018-21245...

9.8CVSS8.3AI score0.02893EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/04/04 1:2 p.m.•135 views

USN-4317-1: Firefox vulnerabilities

Two use-after-free bugs were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could exploit these to cause a denial of service or execute arbitrary code...

8.1CVSS8.6AI score0.06305EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/02/05 4:39 p.m.•135 views

USN-4269-1: systemd vulnerabilities

It was discovered that systemd incorrectly handled certain PIDFile files. A local attacker could possibly use this issue to trick systemd into killing privileged processes. This issue only affected Ubuntu 16.04 LTS. CVE-2018-16888 It was discovered that systemd incorrectly handled certain udevadm...

7.8CVSS6.3AI score0.00912EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/04/23 12:57 p.m.•135 views

USN-3922-2: PHP vulnerabilities

USN-3922-1 fixed vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 14.04 LTS. It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. CVE-2019-9022 It was discovered that PHP incorrectl...

9.8CVSS7AI score0.09395EPSS
Exploits6
Ubuntu
Ubuntu
•added 2019/01/22 1:58 p.m.•135 views

USN-3865-1: poppler vulnerabilities

It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. CVE-2018-20481, CVE-2018-20650...

6.5CVSS6.7AI score0.03422EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/06/11 10:9 p.m.•134 views

USN-6819-2: Linux kernel vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 Chenyuan...

7.8CVSS6.9AI score0.78388EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/02/16 2:38 p.m.•134 views

USN-5879-1: Linux kernel (HWE) vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

8.8CVSS7.5AI score0.02014EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/04/12 3:48 p.m.•134 views

USN-5371-1: nginx vulnerabilities

It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue was fixed for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2020-11724 It was discovered that nginx Lua module mishandled certain input...

7.5CVSS6.8AI score0.02599EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/03/31 10:14 p.m.•134 views

USN-5357-2: Linux kernel vulnerability

It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.2AI score0.05524EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/03/15 6:3 p.m.•134 views

USN-5330-1: LibreOffice vulnerability

It was discovered that LibreOffice incorrectly handled digital signatures. An attacker could possibly use this issue to create a specially crafted document that would display a validly signed indicator, contrary to expectations...

7.5CVSS7.5AI score0.00965EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/09/22 12:34 a.m.•134 views

USN-5071-3: Linux kernel (Raspberry Pi) vulnerabilities

It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute...

8.7CVSS7.4AI score0.00687EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/08/10 12:3 p.m.•134 views

USN-5035-1: GPSd vulnerability

It was discovered that GPSd incorrectly handled certain leap second events which would result in the time jumping back 1024 weeks on 2021-10-31...

5.3AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2021/05/03 9:36 a.m.•134 views

LSN-0076-1: Kernel Live Patch Security Notice

It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges.CVE-2021-3493 Piotr Krysiuk discovered that the BPF JIT compil...

8.8CVSS7.4AI score0.43988EPSS
Exploits27
Ubuntu
Ubuntu
•added 2021/04/13 3:0 p.m.•134 views

USN-4906-1: Nettle vulnerability

It was discovered that Nettle incorrectly handled signature verification. A remote attacker could use this issue to cause Nettle to crash, resulting in a denial of service, or possibly force invalid signatures...

8.1CVSS6.6AI score0.01607EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/08/14 12:51 p.m.•134 views

USN-4098-1: wpa_supplicant and hostapd vulnerability

It was discovered that wpasupplicant and hostapd were vulnerable to a side channel attack against EAP-pwd. A remote attacker could possibly use this issue to recover certain passwords...

5.9CVSS7.2AI score0.02187EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/06/04 6:57 p.m.•134 views

USN-4004-2: Berkeley DB vulnerability

USN-4004-1 fixed a vulnerability in Berkeley DB. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that Berkeley DB incorrectly handled certain inputs. An attacker could possibly use this issue to read sensitive information...

9.8CVSS7.5AI score0.45426EPSS
Exploits0
Ubuntu
Ubuntu
•added 2012/10/02 7:53 p.m.•134 views

USN-1592-1: Python 2.7 vulnerabilities

Niels Heinen discovered that the urllib and urllib2 modules would process Location headers that specify a redirection to file: URLs. A remote attacker could exploit this to obtain sensitive information or cause a denial of service. This issue only affected Ubuntu 11.04. CVE-2011-1521 It was...

6.4CVSS7.1AI score0.0562EPSS
Exploits7
Ubuntu
Ubuntu
•added 2024/06/14 5:24 p.m.•133 views

USN-6817-3: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...

9.1CVSS7.5AI score0.01635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/06 10:24 p.m.•133 views

USN-5792-1: Linux kernel vulnerabilities

Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization SEV. A local attacker could possibly use this to cause a denial of service host system crash. CVE-2022-0171 It was discovered th...

7.8CVSS7.2AI score0.01429EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/03/23 8:58 a.m.•133 views

LSN-0085-1: Kernel Live Patch Security Notice

Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 releaseagent feature. A local attacker could use this to gain administrative privileges.CVE-2022-0492 Nick Gregory discovered that the Linux kernel incorrectly...

7.8CVSS7.5AI score0.05528EPSS
Exploits17
Ubuntu
Ubuntu
•added 2022/01/20 8:11 a.m.•133 views

LSN-0084-1: Kernel Live Patch Security Notice

William Liu and Jamie Hill-Daniel discovered that the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service system crash or execute arbitrary...

8.4CVSS7AI score0.25151EPSS
Exploits11
Ubuntu
Ubuntu
•added 2021/05/17 5:11 p.m.•133 views

USN-4957-1: DjVuLibre vulnerabilities

It was discovered that DjVuLibre incorrectly handled certain memory operations. If a user or automated system were tricked into processing a specially crafted DjVu file, a remote attacker could cause applications to hang or crash, resulting in a denial of service, or possibly execute arbitrary co...

7.8CVSS7.3AI score0.01001EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/04/27 4:49 p.m.•133 views

USN-4892-1: OpenJDK vulnerability

It was discovered that OpenJDK incorrectly verified Jar signatures. An attacker could possibly use this issue to bypass intended security restrictions when using Jar files signed with a disabled algorithm...

5.3CVSS6.4AI score0.03566EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/01/28 8:38 p.m.•133 views

USN-4714-1: XStream vulnerabilities

Zhihong Tian and Hui Lu found that XStream was vulnerable to remote code execution. A remote attacker could run arbitrary shell commands by manipulating the processed input stream. CVE-2020-26217 It was discovered that XStream was vulnerable to server-side forgery attacks. A remote attacker could...

9.3CVSS7.5AI score0.85001EPSS
Exploits11
Ubuntu
Ubuntu
•added 2021/01/04 2:4 p.m.•133 views

USN-4674-1: Dovecot vulnerabilities

It was discovered that Dovecot incorrectly handled certain imap hibernation commands. A remote authenticated attacker could possibly use this issue to access other users' email. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. CVE-2020-24386 Innokentii Sennovskiy...

7.5CVSS7.6AI score0.0466EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/10/20 12:0 a.m.•133 views

USN-4592-1: Linux kernel vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

8.8CVSS7.9AI score0.07693EPSS
Exploits6
Ubuntu
Ubuntu
•added 2019/11/27 4:55 p.m.•133 views

USN-4203-1: NSS vulnerability

It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.8CVSS7.5AI score0.02994EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/04/30 4:34 p.m.•133 views

USN-3627-2: Apache HTTP Server vulnerabilities

USN-3627-1 fixed vulnerabilities in Apache HTTP Server. This update provides the corresponding updates for Ubuntu 18.04 LTS. Original advisory details: Alex Nichols and Jakob Hirsch discovered that the Apache HTTP Server modauthnzldap module incorrectly handled missing charset encoding headers. A...

9.8CVSS6.6AI score0.86006EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/08/10 3:26 p.m.•133 views

USN-3382-1: PHP vulnerabilities

It was discovered that the PHP opcache created keys for files it cached based on their filepath. A local attacker could possibly use this issue in a shared hosting environment to obtain sensitive information. This issue only affected Ubuntu 14.04 LTS. CVE-2015-8994 It was discovered that the PHP...

9.8CVSS7.1AI score0.07511EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/05/30 2:16 p.m.•132 views

USN-6119-1: OpenSSL vulnerabilities

Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1 object identifiers. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. CVE-2023-2650 Anton Romanov discovered that OpenSSL incorrectly handled AES-XTS ciphe...

6.5CVSS7.1AI score0.73461EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/06/27 12:39 p.m.•132 views

USN-5494-1: SpiderMonkey JavaScript Library vulnerabilities

It was discovered that SpiderMonkey JavaScript Library incorrectly generated certain assembly code. An remote attacker could possibly use this issue to cause a crash or expose sensitive information. CVE-2022-28285 It was discovered that SpiderMonkey JavaScript Library incorrectly generated certai...

8.8CVSS7.8AI score0.00752EPSS
Exploits1References2
Ubuntu
Ubuntu
•added 2022/03/18 11:18 a.m.•132 views

USN-5335-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain values when processing XPM image data or large images. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execut...

7.8CVSS7.1AI score0.02011EPSS
Exploits9
Ubuntu
Ubuntu
•added 2022/02/22 9:37 p.m.•132 views

USN-5301-2: Cyrus SASL vulnerability

USN-5301-1 fixed a vulnerability in Cyrus. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that the Cyrus SASL SQL plugin incorrectly handled SQL input. A remote attacker could use this issue to execute arbitrar...

8.8CVSS8.2AI score0.04123EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/02/15 3:20 p.m.•132 views

USN-5286-1: cryptsetup vulnerability

Milan Broz discovered that cryptsetup incorrectly handled LUKS2 reencryption recovery. An attacker with physical access to modify the encrypted device header may trigger the device to be unencrypted the next time it is mounted by the user. On Ubuntu 20.04 LTS, this issue was fixed by disabling th...

4.3CVSS7AI score0.0028EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/01/06 3:56 a.m.•132 views

USN-5211-1: Linux kernel vulnerability

Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages...

4.4CVSS6.6AI score0.00515EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/09/22 12:24 a.m.•132 views

USN-5073-3: Linux kernel (Raspberry Pi) vulnerabilities

Norbert Slusarek discovered that the CAN broadcast manger bcm protocol implementation in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to expose sensitive information kernel memory. CVE-2021-34693 Murray McAllister discovered that the...

7.8CVSS7.3AI score0.00687EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/09/01 6:49 p.m.•132 views

USN-5051-4: OpenSSL regression

USN-5051-2 introduced a regression in OpenSSL that affected only Ubuntu 14.04 ESM. This update fix the regression. Original advisory details: Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1 strings. A remote attacker could use this issue to cause OpenSSL to crash, resultin...

6.8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2021/06/16 2:17 p.m.•132 views

USN-4989-2: BlueZ vulnerabilities

USN-4989-1 fixed several vulnerabilities in BlueZ. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that BlueZ incorrectly checked certain permissions when pairing. A local attacker could possibly use this issue to impersonate device...

8.6CVSS7.5AI score0.04067EPSS
Exploits0
Total number of security vulnerabilities5000