Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2021/02/22 2:22 p.m.•129 views

USN-4744-1: OpenLDAP vulnerability

Pasi Saarinen discovered that OpenLDAP incorrectly handled certain short timestamps. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service...

7.5CVSS7.5AI score0.64147EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/02/10 1:14 a.m.•129 views

USN-4728-1: snapd vulnerability

Gilad Reti and Nimrod Stoler discovered that snapd did not correctly specify cgroup delegation when generating systemd service units for various container management snaps. This could allow a local attacker to escalate privileges via access to arbitrary devices of the container host from within a...

9.3CVSS8.4AI score0.00256EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/02/01 11:24 p.m.•129 views

USN-4717-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct clickjacking attacks, or execute arbitrary code...

8.8CVSS8AI score0.01323EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/01/05 4:23 p.m.•129 views

USN-4677-1: p11-kit vulnerabilities

David Cook discovered that p11-kit incorrectly handled certain memory operations. An attacker could use this issue to cause p11-kit to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.2AI score0.03515EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/06/09 11:18 p.m.•129 views

USN-4388-1: Linux kernel vulnerabilities

It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2020-0067 It was discovered that memory contents...

7.5CVSS7.2AI score0.0124EPSS
Exploits2References1
Ubuntu
Ubuntu
•added 2020/05/20 6:10 p.m.•129 views

USN-4365-2: Bind vulnerabilities

USN-4365-1 fixed several vulnerabilities in Bind. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Original advisory details: Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Bind incorrectly limited certain fetches. A remote attacker could possibly...

8.6CVSS6.9AI score0.93422EPSS
Exploits6
Ubuntu
Ubuntu
•added 2019/12/02 12:30 p.m.•129 views

USN-4205-1: SQLite vulnerabilities

It was discovered that SQLite incorrectly handled certain schemas. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM. CVE-2018-8740 It was discovered that SQLite incorrectly handled certain schemas. An attacker could possibly use thi...

8.8CVSS7.7AI score0.08186EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/11/13 7:1 p.m.•129 views

USN-4183-2: Linux kernel vulnerability

USN-4183-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 i915 missing Blitter Command Streamer check was incomplete on 64-bit Intel x86 systems. This update addresses the issue. We apologize for the inconvenience. Original advisory details:...

7.8CVSS8AI score0.00668EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2019/10/21 7:26 p.m.•129 views

USN-4160-1: UW IMAP vulnerability

It was discovered that UW IMAP incorrectly handled inputs. A remote attacker could possibly use this issue to execute arbitrary OS commands...

8.5CVSS7.8AI score0.9523EPSS
Exploits6
Ubuntu
Ubuntu
•added 2019/02/13 2:10 p.m.•129 views

USN-3890-1: Django vulnerability

It was discovered that Django incorrectly handled formatting certain numbers. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service...

7.5CVSS6.5AI score0.05399EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/02/13 2:4 p.m.•129 views

USN-3889-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS7.9AI score0.09755EPSS
Exploits3
Ubuntu
Ubuntu
•added 2018/02/07 4:43 p.m.•129 views

USN-3561-1: libvirt update

It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This...

5.6CVSS7.2AI score0.74041EPSS
Exploits9
Ubuntu
Ubuntu
•added 2017/04/27 4:47 p.m.•129 views

USN-3270-1: NSS vulnerabilities

Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update causes NSS to limit use of the same symmetric key...

9.8CVSS7.8AI score0.95707EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/01/06 8:27 p.m.•128 views

USN-5790-1: Linux kernel vulnerabilities

It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information kernel memory. CVE-2021-4159 It was discovered that a race condition existed in the Android Binder IPC subsystem in the Lin...

7.8CVSS7AI score0.00645EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/07/29 12:2 a.m.•128 views

USN-5540-1: Linux kernel vulnerabilities

Liu Jian discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20141 It was discovered that...

7.8CVSS7.1AI score0.05451EPSS
Exploits11
Ubuntu
Ubuntu
•added 2022/05/25 10:41 a.m.•128 views

USN-4781-1: Slurm vulnerabilities

It was discovered that Slurm incorrectly handled certain messages between the daemon and the user. An attacker could possibly use this issue to assume control of an arbitrary file on the system. This issue only affected Ubuntu 16.04 ESM. CVE-2016-10030 It was discovered that Slurm mishandled SPAN...

9.8CVSS7.7AI score0.02902EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/01/05 5:3 p.m.•128 views

USN-5207-1: Linux kernel (OEM) vulnerabilities

Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. CVE-2021-4002 It was discovered that the eBPF implementation in the Linux...

9.8CVSS7.3AI score0.57853EPSS
Exploits3
Ubuntu
Ubuntu
•added 2021/12/06 2:10 p.m.•128 views

USN-5175-1: NTP vulnerability

It was discovered that ntpd incorrectly handled memory when CMAC keys were used. A remote attacker could possibly use this issue to cause ntpd to crash resulting in a denial of service...

4.9CVSS6.2AI score0.03357EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/11/09 2:6 a.m.•128 views

USN-5135-1: Linux kernel vulnerability

It was discovered that the Linux kernel did not properly account for the memory usage of certain IPC objects. A local attacker could use this to cause a denial of service memory exhaustion...

5.5CVSS6.6AI score0.00345EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/08/11 7:25 p.m.•128 views

USN-5037-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, trick a user into accepting unwanted permissions, or execute arbitrary code...

8.8CVSS7.7AI score0.01451EPSS
Exploits6
Ubuntu
Ubuntu
•added 2021/07/29 4:35 p.m.•128 views

USN-5027-1: PEAR vulnerability

It was discovered that PEAR incorrectly handled symbolic links in archives. A remote attacker could possibly use this issue to execute arbitrary code...

7.1CVSS7.8AI score0.73377EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/27 10:41 a.m.•128 views

USN-4969-1: DHCP vulnerability

Jon Franklin and Pawel Wieczorkiewicz discovered that DHCP incorrectly handled lease file parsing. A remote attacker could possibly use this issue to cause DHCP to crash, resulting in a denial of service...

7.4CVSS7.4AI score0.06118EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/01/26 4:23 p.m.•128 views

USN-4704-1: libsndfile vulnerabilities

It was discovered that libsndfile incorrectly handled certain malformed files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2017-12562 It was discovered that libsndfile incorrectly handled certain...

9.8CVSS6.7AI score0.03978EPSS
Exploits6
Ubuntu
Ubuntu
•added 2020/08/20 12:25 p.m.•128 views

USN-4466-2: curl vulnerability

USN-4466-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Marc Aldorasi discovered that curl incorrectly handled the libcurl CURLOPTCONNECTONLY option. This could result in data being sent to the wrong destination,...

7.5CVSS6.7AI score0.03721EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/07/06 10:7 p.m.•128 views

USN-4419-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the Precision Time Protocol PTP implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could possibly use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-10690...

6.7CVSS6.9AI score0.04505EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/02/19 5:33 p.m.•128 views

USN-4279-2: PHP regression

USN-4279-1 fixed vulnerabilities in PHP. The updated packages caused a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a...

7.6AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/01/15 6:22 p.m.•128 views

USN-4235-2: nginx vulnerability

USN-4235-1 fixed a vulnerability in nginx. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Bert JW Regeer and Francisco Oca Gonzalez discovered that nginx incorrectly handled certain errorpage configurations. A remote attacker could possibly use this...

5.3CVSS6.8AI score0.14961EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/07/15 2:38 p.m.•128 views

USN-4059-1: Squid vulnerabilities

It was discovered that Squid incorrectly handled certain SNMP packets. A remote attacker could possibly use this issue to cause memory consumption, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2018-19132 It was discovered that Squid incorrect...

6.1CVSS6.3AI score0.74477EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/05/14 9:4 p.m.•128 views

USN-3981-1: Linux kernel vulnerabilities

Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...

8.3CVSS7.7AI score0.03844EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2019/04/01 11:34 a.m.•128 views

USN-3928-1: Dovecot vulnerability

It was discovered that Dovecot incorrectly handled reading certain headers from the index. A local attacker could possibly use this issue to escalate privileges...

8.8CVSS6.7AI score0.01178EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/05/22 11:19 p.m.•128 views

USN-3657-1: Linux kernel (Raspberry Pi 2) vulnerabilities

It was discovered that the netlink subsystem in the Linux kernel did not properly restrict observations of netlink messages to the appropriate net namespace. A local attacker could use this to expose sensitive information kernel netlink traffic. CVE-2017-17449 Tuba Yavuz discovered that a...

7.8CVSS7.1AI score0.0053EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/03/19 11:53 a.m.•128 views

USN-3600-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain stream metadata. A remote attacker could possibly use this issue to set arbitrary metadata. This issue only affected Ubuntu 14.04 LTS. CVE-2016-10712 It was discovered that PHP incorrectly handled the PHAR 404 error page. A remote attacker...

9.8CVSS8AI score0.87883EPSS
Exploits4
Ubuntu
Ubuntu
•added 2018/02/23 9:14 a.m.•128 views

USN-3583-1: Linux kernel vulnerabilities

It was discovered that an out-of-bounds write vulnerability existed in the Flash-Friendly File System f2fs in the Linux kernel. An attacker could construct a malicious file system that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-0750 It...

10CVSS7.6AI score0.84172EPSS
Exploits17
Ubuntu
Ubuntu
•added 2017/05/09 2:16 p.m.•128 views

USN-3279-1: Apache HTTP Server vulnerabilities

It was discovered that the Apache modsessioncrypto module was encrypting data and cookies using either CBC or ECB modes. A remote attacker could possibly use this issue to perform padding oracle attacks. CVE-2016-0736 Maksim Malyutin discovered that the Apache modauthdigest module incorrectly...

7.5CVSS6.6AI score0.49024EPSS
Exploits4
Ubuntu
Ubuntu
•added 2016/08/02 3:44 p.m.•128 views

USN-3045-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain SplMinHeap::compare operations. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2015-4116 ...

9.8CVSS8AI score0.50427EPSS
Exploits26
Ubuntu
Ubuntu
•added 2023/12/13 1:55 p.m.•127 views

USN-6534-3: Linux kernel vulnerabilities

It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-37453 Lin Ma...

8.8CVSS7AI score0.09141EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/04/26 3:48 p.m.•127 views

USN-6044-1: Linux kernel vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS6.8AI score0.01029EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/04/05 9:26 p.m.•127 views

USN-5998-1: Apache Log4j vulnerabilities

It was discovered that the SocketServer component of Apache Log4j 1.2 incorrectly handled deserialization. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 ESM. CVE-2019-17571 It was discovered that the JMSSink component of Apache Log4j 1....

9.8CVSS7.5AI score0.6906EPSS
Exploits4
Ubuntu
Ubuntu
•added 2022/08/01 11:50 a.m.•127 views

USN-5542-1: Samba vulnerabilities

It was discovered that Samba did not handle MaxQueryDuration when being used in AD DC configurations, contrary to expectations. This issue only affected Ubuntu 20.04 LTS. CVE-2021-3670 Luke Howard discovered that Samba incorrectly handled certain restrictions associated with changing passwords. A...

8.8CVSS6.8AI score0.01731EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/02/01 2:38 p.m.•127 views

USN-5259-1: Cron vulnerabilities

It was discovered that the postinst maintainer script in Cron unsafely handled file permissions during package install or update operations. An attacker could possibly use this issue to perform a privilege escalation attack. CVE-2017-9525 Florian Weimer discovered that Cron incorrectly handled...

6.9CVSS6.1AI score0.00551EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/01/13 10:52 p.m.•127 views

USN-5229-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, obtain sensitive information across domains, or execu...

10CVSS7.6AI score0.0134EPSS
Exploits6
Ubuntu
Ubuntu
•added 2021/10/07 8:22 a.m.•127 views

USN-5107-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof another origin, or execute arbitrary code...

9.8CVSS8.1AI score0.01923EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/04 5:25 p.m.•127 views

USN-4935-1: NVIDIA graphics drivers vulnerabilities

It was discovered that the NVIDIA GPU display driver for the Linux kernel incorrectly performed access control. A local attacker could use this issue to cause a denial of service, expose sensitive information, or escalate privileges. CVE-2021-1076 It was discovered that the NVIDIA GPU display...

7.8CVSS6.3AI score0.00347EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/04 12:1 p.m.•127 views

USN-4932-1: Django vulnerability

It was discovered that Django incorrectly handled certain filenames. A remote attacker could possibly use this issue to create or overwrite files in unexpected directories...

7.5CVSS7.5AI score0.05291EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/04/15 10:22 p.m.•127 views

USN-4915-1: Linux kernel (OEM) vulnerabilities

It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. CVE-2021-3493 Vincent Dehors discovered that the shiftfs file...

8.8CVSS7.6AI score0.43988EPSS
Exploits28
Ubuntu
Ubuntu
•added 2021/02/02 6:6 p.m.•127 views

USN-4720-1: Apport vulnerabilities

Itai Greenhut discovered that Apport incorrectly parsed certain files in the /proc filesystem. A local attacker could use this issue to escalate privileges and run arbitrary code. CVE-2021-25682, CVE-2021-25683 Itai Greenhut discovered that Apport incorrectly handled opening certain special files...

8.8CVSS7.6AI score0.00525EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/11/25 3:18 p.m.•127 views

USN-4645-1: Mutt vulnerability

It was discovered that Mutt incorrectly handled certain connections. An attacker could possibly use this issue to expose sensitive information...

5.3CVSS5.7AI score0.02323EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/09/03 4:41 p.m.•127 views

USN-4483-1: Linux kernel vulnerabilities

Chuhong Yuan discovered that go7007 USB audio device driver in the Linux kernel did not properly deallocate memory in some failure conditions. A physically proximate attacker could use this to cause a denial of service memory exhaustion. CVE-2019-20810 Fan Yang discovered that the mremap...

7.8CVSS6.7AI score0.00992EPSS
Exploits4
Ubuntu
Ubuntu
•added 2020/05/27 6:0 p.m.•127 views

USN-4375-1: PHP vulnerability

It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service...

5.3CVSS7.1AI score0.06264EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/04/15 1:9 p.m.•127 views

USN-4330-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain file uploads. An attacker could possibly use this issue to cause a crash. CVE-2020-7062 It was discovered that PHP incorrectly handled certain PHAR archive files. An attacker could possibly use this issue to access sensitive information...

8.8CVSS7.1AI score0.04764EPSS
Exploits5
Total number of security vulnerabilities5000