Lucene search
K
UbuntuMost viewed

10905 matches found

Ubuntu
Ubuntu
added 2020/02/18 8:34 p.m.127 views

USN-4286-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. CVE-2019-14615 It was discovered that a race condition existed in the Softmac USB Prism54 devi...

7.4CVSS6.5AI score0.10114EPSS
Exploits5
Ubuntu
Ubuntu
added 2020/02/10 1:34 p.m.127 views

USN-4275-1: Qt vulnerabilities

It was discovered that Qt incorrectly handled certain PPM images. If a user or automated system were tricked into opening a specially crafted PPM file, a remote attacker could cause Qt to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS...

7.3CVSS6.8AI score0.0205EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/09/16 12:8 p.m.127 views

USN-4134-1: IBus vulnerability

Simon McVittie discovered that IBus did not enforce appropriate access controls on its private D-Bus socket. A local unprivileged user who discovers the IBus socket address of another user could exploit this to capture the key strokes of the other user...

7.1CVSS7AI score0.00365EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/09/10 6:22 p.m.127 views

USN-4128-1: Tomcat vulnerabilities

It was discovered that the Tomcat 8 SSI printenv command echoed user provided data without escaping it. An attacker could possibly use this issue to perform an XSS attack. CVE-2019-0221 It was discovered that Tomcat 8 did not address HTTP/2 connection window exhaustion on write while addressing...

7.5CVSS6.7AI score0.72988EPSS
Exploits3
Ubuntu
Ubuntu
added 2019/07/24 11:7 p.m.127 views

USN-4072-1: Ansible vulnerabilities

It was discovered that Ansible failed to properly handle sensitive information. A local attacker could use those vulnerabilities to extract them. CVE-2017-7481 CVE-2018-10855 CVE-2018-16837 CVE-2018-16876 CVE-2019-10156 It was discovered that Ansible could load configuration files from the curren...

9.8CVSS6.6AI score0.04804EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/05/14 11:44 a.m.127 views

USN-3976-1: Samba vulnerability

Isaac Boukris and Andrew Bartlett discovered that Samba incorrectly checked S4U2Self packets. In certain environments, a remote attacker could possibly use this issue to escalate privileges...

7.5CVSS7.4AI score0.02486EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/02/04 11:25 p.m.127 views

USN-3880-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3880-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that the CIFS client implementation in the Linux kernel did not...

7.8CVSS7.1AI score0.0363EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/01/22 1:30 p.m.127 views

USN-3864-1: LibTIFF vulnerabilities

It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges...

8.8CVSS7.4AI score0.1496EPSS
Exploits7
Ubuntu
Ubuntu
added 2018/08/01 2:56 p.m.127 views

USN-3727-1: Bouncy Castle vulnerabilities

It was discovered that Bouncy Castle incorrectly handled certain crypto algorithms. A remote attacker could possibly use these issues to obtain sensitive information, including private keys...

7.5CVSS6.6AI score0.0482EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/06/15 11:46 a.m.127 views

USN-3315-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information, spoof the addressbar contents, or execute...

9.8CVSS7.4AI score0.05216EPSS
Exploits12
Ubuntu
Ubuntu
added 2017/02/14 6:44 p.m.127 views

USN-3196-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain arguments to the localegetdisplayname function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2014-9912 It was discovered that PHP incorrectly handled...

9.8CVSS8.1AI score0.42401EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/10/31 9:14 p.m.126 views

USN-6464-1: Linux kernel vulnerabilities

Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2023-31083 Lin Ma discovered that the Netlink...

9.1CVSS7.5AI score0.54577EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/06/13 1:43 p.m.126 views

USN-5475-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, spoof the browser UI, conduct cross-site scripting XSS attacks, bypass...

9.8CVSS7.1AI score0.01112EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/13 12:37 p.m.126 views

USN-5378-1: Gzip vulnerability

Cleemy Desu Wayo discovered that Gzip incorrectly handled certain filenames. If a user or automated system were tricked into performing zgrep operations with specially crafted filenames, a remote attacker could overwrite arbitrary files...

8.8CVSS7.2AI score0.04271EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/03/03 1:18 p.m.126 views

USN-5312-1: HAProxy vulnerability

It was discovered that HAProxy incorrectly handled certain headers. A remote attacker could possibly use this issue to cause HAProxy to stop responding, resulting in a denial of service...

7.5CVSS7.4AI score0.16563EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/08/02 5:25 p.m.126 views

USN-5029-1: GnuTLS vulnerabilities

It was discovered that GnuTLS incorrectly handled sending certain extensions when being used as a client. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.4AI score0.03751EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/07/28 4:33 p.m.126 views

USN-5024-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

9.3CVSS7.1AI score0.03692EPSS
Exploits5
Ubuntu
Ubuntu
added 2021/05/27 12:7 p.m.126 views

USN-4969-2: DHCP vulnerability

USN-4969-1 fixed a vulnerability in DHCP. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Original advisory details: Jon Franklin and Pawel Wieczorkiewicz discovered that DHCP incorrectly handled lease file parsing. A remote attacker could possibly use this issue...

7.4CVSS7.4AI score0.06118EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/02/11 12:37 p.m.126 views

USN-4732-1: SQLite vulnerability

It was discovered that SQLite incorrectly handled certain sub-queries. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code...

5.5CVSS7.2AI score0.00496EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/01/18 2:21 p.m.126 views

USN-4696-1: HTMLDOC vulnerability

It was discovered that HTMLDOC incorrectly handled certain HTML files. An attacker could possibly use this issue to cause a denial of service...

7.8CVSS7.2AI score0.01135EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/01/11 9:2 p.m.126 views

USN-4689-1: NVIDIA graphics drivers vulnerabilities

It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. CVE-2021-1052 It was discovered that the NVIDIA...

7.8CVSS6.4AI score0.01777EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/10/27 10:46 a.m.126 views

USN-4604-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.22 in Ubuntu 20.04 LTS and Ubuntu 20.10. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.32. In addition to security fixes...

8CVSS7AI score0.03012EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/06/11 11:1 p.m.126 views

USN-4391-1: Linux kernel vulnerabilities

It was discovered that the ext4 file system implementation in the Linux kernel did not properly handle setxattr operations in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2019-19319 It was discovered that memory...

7.5CVSS7.3AI score0.0124EPSS
Exploits4References1
Ubuntu
Ubuntu
added 2020/02/19 8:33 a.m.126 views

USN-4284-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. CVE-2019-14615 It was discovered that the Atheros 802.11ac wireless USB device driver in the...

7.8CVSS7AI score0.06623EPSS
Exploits9
Ubuntu
Ubuntu
added 2019/11/13 2:3 a.m.126 views

USN-4188-1: Linux kernel vulnerability

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...

6.5CVSS7.3AI score0.03133EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2019/10/30 4:14 a.m.126 views

USN-4170-1: Whoopsie vulnerability

Kevin Backhouse discovered Whoopsie incorrectly handled very large crash reports. A local attacker could possibly use this issue to cause a denial of service, expose sensitive information or execute code as the whoopsie user...

7.8CVSS7.4AI score0.00426EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/01/10 1:27 p.m.126 views

USN-3523-3: Linux kernel (Raspberry Pi 2) vulnerabilities

Jann Horn discovered that the Berkeley Packet Filter BPF implementation in the Linux kernel did not properly check the relationship between pointer values and the BPF stack. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-1786...

7.8CVSS6.8AI score0.30052EPSS
Exploits16
Ubuntu
Ubuntu
added 2013/01/09 3:59 a.m.126 views

USN-1681-2: Thunderbird vulnerabilities

USN-1681-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Original advisory details: Christoph Diehl, Christian Holler, Mats Palmgren, Chiaki Ishikawa, Bill Gianopoulos, Benoit Jacob, Gary Kwong, Robert O'Callahan, Jesse Ruderman, and Julian Sewa...

10CVSS9.3AI score0.73364EPSS
Exploits30References1
Ubuntu
Ubuntu
added 2024/04/25 8:13 p.m.125 views

USN-6751-1: Zabbix vulnerabilities

It was discovered that Zabbix incorrectly handled input data in the discovery and graphs pages. A remote authenticated attacker could possibly use this issue to perform reflected cross-site scripting XSS attacks. CVE-2022-35229, CVE-2022-35230...

5.4CVSS5.9AI score0.00725EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/03/06 12:11 p.m.125 views

USN-5921-1: rsync vulnerabilities

Koen van Hove discovered that the rsync client incorrectly validated filenames returned by servers. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could use this issue to write arbitrary files, and possibly escalate privileges...

7.4CVSS8.2AI score0.0165EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/11/24 2:2 p.m.125 views

USN-5741-1: Exim vulnerability

It was discovered that Exim incorrectly handled certain regular expressions. An attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.5AI score0.03661EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/02/14 3:13 p.m.125 views

USN-5284-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, obtain sensitive information, or execute arbitrary code. CVE-2022-0511,...

9.6CVSS8AI score0.00926EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/08/31 12:34 a.m.125 views

USN-5057-1: Squashfs-Tools vulnerability

Etienne Stalmans discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem...

8.1CVSS6.7AI score0.025EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/07/05 1:12 p.m.125 views

USN-5005-1: DjVuLibre vulnerability

It was discovered that DjVuLibre incorrectly handled certain djvu files. An attacker could possibly use this issue to execute arbitrary code or cause a crash...

5.5CVSS6.2AI score0.01055EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/04/26 4:47 p.m.125 views

USN-4922-2: Ruby vulnerability

USN-4922-1 fixed a vulnerability in Ruby. This update provides the corresponding update for Ubuntu 21.04. Original advisory details: Juho Nurminen discovered that the REXML gem bundled with Ruby incorrectly parsed and serialized XML documents. A remote attacker could possibly use this issue to...

7.5CVSS7.4AI score0.05061EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/04/20 5:8 p.m.125 views

USN-4923-1: EDK II vulnerabilities

Laszlo Ersek discovered that EDK II incorrectly handled recursion. A remote attacker could possibly use this issue to cause EDK II to consume resources, leading to a denial of service. CVE-2021-28210 Satoshi Tanda discovered that EDK II incorrectly handled decompressing certain images. A remote...

7.8CVSS6.8AI score0.00399EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/02/26 6:11 p.m.125 views

USN-4756-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct cross-site scripting XSS attacks, bypass HTTP auth phishing warning...

8.8CVSS7.4AI score0.0153EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/01/13 6:56 p.m.125 views

USN-4692-1: tar vulnerabilities

Chris Siebenmann discovered that tar incorrectly handled extracting files resized during extraction when invoked with the --sparse flag. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu...

7.5CVSS6.5AI score0.03028EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/07/15 2:37 p.m.125 views

USN-4057-1: Zipios vulnerability

Mike Salvatore discovered that Zipios mishandled certain malformed ZIP files. An attacker could use this vulnerability to cause a denial of service or consume system resources. CVE-2019-13453...

6.5CVSS6.3AI score0.02026EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/05/16 6:55 p.m.125 views

USN-3988-1: MediaInfoLib vulnerabilities

It was discovered that MediaInfoLib contained multiple security issues when handling certain multimedia files. If a user were tricked into opening a crafted multimedia file, an attacker could cause MediaInfoLib to crash, resulting in a denial of service...

6.5CVSS6.3AI score0.02503EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/05/14 7:55 p.m.125 views

USN-3980-1: Linux kernel vulnerabilities

Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...

8.3CVSS7.7AI score0.03844EPSS
Exploits1References1
Ubuntu
Ubuntu
added 2019/05/06 1:33 p.m.125 views

USN-3965-1: aria2 vulnerability

Dhiraj Mishra discovered that aria2 incorrectly stored authentication information. A local attacker could possibly use this issue to obtain credentials...

7.8CVSS7.2AI score0.00351EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/07/09 4:48 p.m.125 views

USN-3707-1: NTP vulnerabilities

Yihan Lian discovered that NTP incorrectly handled certain malformed mode 6 packets. A remote attacker could possibly use this issue to cause ntpd to crash, resulting in a denial of service. This issue only affected Ubuntu 17.10 and Ubuntu 18.04 LTS. CVE-2018-7182 Michael Macnair discovered that...

9.8CVSS7.5AI score0.2985EPSS
Exploits5
Ubuntu
Ubuntu
added 2014/09/25 10:34 p.m.125 views

USN-2363-1: Bash vulnerability

Tavis Ormandy discovered that the security fix for Bash included in USN-2362-1 was incomplete. An attacker could use this issue to bypass certain environment restrictions. CVE-2014-7169...

10CVSS8.5AI score0.9994EPSS
Exploits17
Ubuntu
Ubuntu
added 2007/07/19 1:57 p.m.125 views

USN-489-1: Linux kernel vulnerabilities

A flaw was discovered in dvb ULE decapsulation. A remote attacker could send a specially crafted message and cause a denial of service. CVE-2006-4623 The compatsysmount function allowed local users to cause a denial of service when mounting a smbfs filesystem in compatibility mode. CVE-2006-7203...

7.8CVSS5.8AI score0.04012EPSS
Exploits16
Ubuntu
Ubuntu
added 2023/06/16 7:47 p.m.124 views

USN-6172-1: Linux kernel vulnerabilities

It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service system crash. CVE-2023-1076 It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type...

7.8CVSS6.4AI score0.01377EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/04/19 2:27 a.m.124 views

USN-6025-1: Linux kernel vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 It was discovered that the OverlayFS...

7.8CVSS7.6AI score0.0788EPSS
Exploits15
Ubuntu
Ubuntu
added 2022/04/12 5:8 p.m.124 views

USN-5372-1: Subversion vulnerabilities

Evgeny Kotkov discovered that Subversion servers did not properly follow path-based authorization rules in certain cases. An attacker could potentially use this issue to retrieve information about private paths. CVE-2021-28544 Thomas Weißschuh discovered that Subversion servers did not properly...

7.5CVSS6.4AI score0.09254EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/02/17 5:24 p.m.124 views

USN-5292-1: snapd vulnerabilities

James Troup discovered that snap did not properly manage the permissions for the snap directories. A local attacker could possibly use this issue to expose sensitive information. CVE-2021-3155 Ian Johnson discovered that snapd did not properly validate content interfaces and layout paths. A local...

8.8CVSS7.4AI score0.00966EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/01/12 9:6 p.m.124 views

USN-5210-2: Linux kernel regression

USN-5210-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused failures to boot in environments with AMD Secure Encrypted Virtualization SEV enabled. This update fixes the problem. We apologize for the inconvenience. Original advisory details:...

7.4AI score
Exploits0References1
Total number of security vulnerabilities5000