Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2021/08/31 12:34 a.m.•124 views

USN-5057-1: Squashfs-Tools vulnerability

Etienne Stalmans discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem...

8.1CVSS6.7AI score0.025EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/06/10 1:12 p.m.•124 views

USN-4971-2: libwebp vulnerabilities

USN-4971-1 fixed several vulnerabilities in libwebp. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that libwebp incorrectly handled certain malformed images. If a user or automated system were tricked into...

9.8CVSS7.6AI score0.02662EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/25 4:52 p.m.•124 views

USN-4965-1: Apport vulnerabilities

Maik Münch discovered that Apport incorrectly handled certain information gathering operations. A local attacker could use these issues to read and write arbitrary files as an administrator, and possibly escalate privileges...

7.3CVSS6.4AI score0.0039EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/04/06 10:56 a.m.•124 views

USN-4902-1: Django vulnerability

Dennis Brinkrolf discovered that Django incorrectly handled certain filenames. A remote attacker could possibly use this issue to create or overwrite files in unexpected directories...

5.3CVSS6.8AI score0.03865EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/01/20 1:13 p.m.•124 views

USN-4689-3: NVIDIA graphics drivers vulnerabilities

It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. CVE-2021-1052 It was discovered that the NVIDIA...

7.8CVSS6.4AI score0.00452EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/01/13 6:56 p.m.•124 views

USN-4692-1: tar vulnerabilities

Chris Siebenmann discovered that tar incorrectly handled extracting files resized during extraction when invoked with the --sparse flag. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu...

7.5CVSS6.5AI score0.03028EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/01/04 5:51 p.m.•124 views

USN-4674-2: Dovecot vulnerability

USN-4674-1 fixed a vulnerability in Dovecot. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Innokentii Sennovskiy discovered that Dovecot incorrectly handled MIME parsing. A remote attacker could possibly use this issue to cause Dovecot to crash,...

7.5CVSS7.4AI score0.0466EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/02/26 1:18 p.m.•124 views

USN-4278-2: Firefox vulnerabilities

USN-4278-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit...

8.8CVSS7.9AI score0.02274EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/12/13 1:7 p.m.•124 views

USN-4216-2: Firefox vulnerabilities

USN-4216-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit...

8.8CVSS7.7AI score0.02994EPSS
Exploits4
Ubuntu
Ubuntu
•added 2019/07/30 4:50 p.m.•124 views

USN-4078-1: OpenLDAP vulnerabilities

It was discovered that OpenLDAP incorrectly handled rootDN delegation. A database administrator could use this issue to request authorization as an identity from another database, contrary to expectations. CVE-2019-13057 It was discovered that OpenLDAP incorrectly handled SASL authentication and...

7.5CVSS6.5AI score0.05015EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/06/04 10:50 p.m.•124 views

USN-4007-1: Linux kernel vulnerability

Federico Manuel Bento discovered that the Linux kernel did not properly apply Address Space Layout Randomization ASLR in some situations for setuid a.out binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid a.out binary. As a hardeni...

2.5CVSS6.6AI score0.00495EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/05/09 2:28 p.m.•124 views

USN-3969-2: wpa_supplicant and hostapd vulnerability

USN-3969-1 fixed a vulnerability in wpasupplicant and hostapd. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that wpasupplicant and hostapd incorrectly handled unexpected fragments when using EAP-pwd. A remote attacker could...

5.9CVSS6.5AI score0.03252EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/04/16 1:45 p.m.•124 views

USN-3948-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

9.8CVSS7.3AI score0.18108EPSS
Exploits8
Ubuntu
Ubuntu
•added 2018/02/14 2:54 p.m.•124 views

USN-3571-1: Erlang vulnerabilities

It was discovered that the Erlang FTP module incorrectly handled certain CRLF sequences. A remote attacker could possibly use this issue to inject arbitrary FTP commands. This issue only affected Ubuntu 14.04 LTS. CVE-2014-1693 It was discovered that Erlang incorrectly checked CBC padding bytes. ...

9.8CVSS6.7AI score0.22098EPSS
Exploits1
Ubuntu
Ubuntu
•added 2017/07/21 8:12 a.m.•124 views

USN-3360-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information kernel memory. CVE-2014-9900 It was discovered that the Linux kernel did not properly restrict access to /proc/iomem. A local attacker...

10CVSS7AI score0.1081EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/06/07 5:33 a.m.•124 views

USN-3314-1: Linux kernel vulnerabilities

It was discovered that the keyring implementation in the Linux kernel in some situations did not prevent special internal keyrings from being joined by userspace keyrings. A privileged local attacker could use this to bypass module verification. CVE-2016-9604 It was discovered that a buffer...

10CVSS7.2AI score0.1081EPSS
Exploits6
Ubuntu
Ubuntu
•added 2014/06/10 12:0 p.m.•124 views

USN-2242-1: dpkg vulnerabilities

It was discovered that dpkg incorrectly handled certain patches when unpacking source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service...

6.4CVSS5.4AI score0.07322EPSS
Exploits1
Ubuntu
Ubuntu
•added 2012/04/26 7:12 p.m.•124 views

USN-1429-1: Jetty vulnerability

It was discovered that Jetty computed hash values for form parameters without restricting the ability to trigger hash collisions predictably. This could allow a remote attacker to cause a denial of service by sending many crafted parameters...

5.3CVSS6.3AI score0.05044EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/06/14 3:39 p.m.•123 views

USN-6821-4: Linux kernel (Azure) vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

9.1CVSS7.5AI score0.01635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/04/25 8:13 p.m.•123 views

USN-6751-1: Zabbix vulnerabilities

It was discovered that Zabbix incorrectly handled input data in the discovery and graphs pages. A remote authenticated attacker could possibly use this issue to perform reflected cross-site scripting XSS attacks. CVE-2022-35229, CVE-2022-35230...

5.4CVSS5.9AI score0.00725EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/03/28 12:33 p.m.•123 views

USN-5350-1: Chromium vulnerability

It was discovered that Chromium incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code...

8.8CVSS8.9AI score0.24237EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/02/22 6:29 p.m.•123 views

USN-5301-1: Cyrus SASL vulnerability

It was discovered that the Cyrus SASL SQL plugin incorrectly handled SQL input. A remote attacker could use this issue to execute arbitrary SQL commands...

8.8CVSS8.2AI score0.04123EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/02/03 11:36 a.m.•123 views

USN-5260-3: Samba vulnerability

USN-5260-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Orange Tsai discovered that the Samba vfsfruit module incorrectly handled certain memory operations. A remote attacker could use this issu...

9CVSS8.2AI score0.74042EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/01/11 5:22 a.m.•123 views

USN-5219-1: Linux kernel vulnerability

It was discovered that the eBPF implementation in the Linux kernel did not properly validate the memory size of certain ring buffer operation arguments. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.1CVSS7.5AI score0.01095EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2021/09/16 4:34 p.m.•123 views

USN-5081-1: Qt vulnerabilities

It was discovered that Qt incorrectly handled certain XBM image files. If a user or automated system were tricked into opening a specially crafted PPM file, a remote attacker could cause Qt to crash, resulting in a denial of service. CVE-2020-17507 It was discovered that Qt incorrectly handled...

7.5CVSS7AI score0.03915EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/09/15 3:26 p.m.•123 views

USN-5078-2: Squashfs-Tools vulnerabilities

USN-5078-1 fixed several vulnerabilities in Squashfs-Tools. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Etienne Stalmans discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write...

8.1CVSS6.7AI score0.025EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/09/15 12:34 p.m.•123 views

USN-5079-2: curl vulnerabilities

USN-5079-1 fixed several vulnerabilities in curl. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Patrick Monnerat discovered that curl incorrectly handled upgrades to TLS. When receiving certain responses from servers, curl woul...

7.5CVSS6.8AI score0.04224EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/09/08 11:14 a.m.•123 views

USN-5064-1: GNU cpio vulnerability

Maverick Chung and Qiaoyi Fang discovered that cpio incorrectly handled certain pattern files. A remote attacker could use this issue to cause cpio to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS7AI score0.0415EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/05/18 2:39 p.m.•123 views

USN-4957-2: DjVuLibre vulnerabilities

USN-4957-1 fixed several vulnerabilities in DjVuLibre. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that DjVuLibre incorrectly handled certain memory operations. If a user or automated system were tricked into processing a...

7.8CVSS7.5AI score0.01001EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/10 6:7 p.m.•123 views

USN-4941-1: Exiv2 vulnerabilities

It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code or cause a crash. CVE-2021-29457 It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of...

7.8CVSS7.2AI score0.02295EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/04/22 4:59 p.m.•123 views

USN-4924-1: Dnsmasq vulnerabilities

It was discovered that Dnsmasq incorrectly handled certain wildcard synthesized NSEC records. A remote attacker could possibly use this issue to prove the non-existence of hostnames that actually exist. CVE-2017-15107 It was discovered that Dnsmasq incorrectly handled certain large DNS packets. A...

7.5CVSS6.8AI score0.02646EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/04/01 12:0 p.m.•123 views

USN-4899-1: SpamAssassin vulnerability

Damian Lukowski discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially- crafted CF file, a remote attacker could possibly run arbitrary code...

10CVSS7.7AI score0.06132EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/02/16 4:59 p.m.•123 views

USN-4736-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. CVE-2020-26976,...

8.8CVSS7.7AI score0.01556EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/10/21 1:55 p.m.•123 views

USN-4596-1: Tomcat vulnerabilities

It was discovered that Tomcat did not properly manage HTTP/2 streams. An attacker could possibly use this to cause Tomcat to consume resources, resulting in a denial of service. CVE-2020-11996 It was discovered that Tomcat did not properly release the HTTP/1.1 processor after the upgrade to HTTP/...

7.5CVSS7.5AI score0.87553EPSS
Exploits16
Ubuntu
Ubuntu
•added 2020/10/14 2:28 a.m.•123 views

USN-4577-1: Linux kernel vulnerabilities

Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-16119 Giuseppe Scriva...

7.8CVSS7.2AI score0.00422EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/01/27 3:5 p.m.•123 views

USN-4251-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly handled the RMI registry when configured with the JMX Remote Lifecycle Listener. A local attacker could possibly use this issue to obtain credentials and gain complete control over the Tomcat instance. CVE-2019-12418 It was discovered that Tomcat...

7.5CVSS7AI score0.10687EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/09/30 2:17 p.m.•123 views

USN-4142-2: e2fsprogs vulnerability

USN-4142-1 fixed a vulnerability in e2fsprogs. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that e2fsprogs incorrectly handled certain ext4 partitions. An attacker could possibly use this issue to execute...

7.5CVSS7.5AI score0.01105EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/08/05 2:40 p.m.•123 views

USN-4058-2: Bash vulnerability

USN-4058-1 fixed a vulnerability in bash. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that Bash incorrectly handled the restricted shell. An attacker could possibly use this issue to escape restrictions and...

7.8CVSS7AI score0.00415EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/05/15 6:18 p.m.•123 views

USN-3985-1: libvirt update

Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...

5.9CVSS6.5AI score0.01553EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2019/05/06 1:29 p.m.•123 views

USN-3966-1: GNOME Shell vulnerability

It was discovered that the GNOME Shell incorrectly handled certain keyboard inputs. An attacker could possibly use this issue to invoke keyboard shortcuts, and potentially other actions while the workstation was locked...

4.8CVSS5.8AI score0.00498EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/04/02 8:50 p.m.•123 views

USN-3931-2: Linux kernel (HWE) vulnerabilities

USN-3931-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS and for the Linux Azure kernel for Ubuntu 14.04 LTS. M. Vefa Bicakci and Andy Lutomirsk...

8.1CVSS6.9AI score0.16523EPSS
Exploits12
Ubuntu
Ubuntu
•added 2019/03/22 1:29 p.m.•123 views

USN-3916-1: libsolv vulnerabilities

It was discovered that libsolv incorrectly handled certain malformed input. If a user or automated system were tricked into opening a specially crafted file, applications that rely on libsolv could be made to crash, resulting in a denial of service...

6.5CVSS6.3AI score0.0233EPSS
Exploits3
Ubuntu
Ubuntu
•added 2018/07/02 8:1 p.m.•123 views

USN-3697-1: Linux kernel vulnerabilities

It was discovered that a null pointer dereference vulnerability existed in the DCCP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2018-1130 Jann Horn discovered that the 32 bit adjtimex syscall implementation for 64 bit...

7.8CVSS6.4AI score0.0172EPSS
Exploits5
Ubuntu
Ubuntu
•added 2018/05/08 10:30 p.m.•123 views

USN-3641-2: Linux kernel vulnerabilities

USN-3641-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 17.10. This update provides the corresponding updates for Ubuntu 12.04 ESM. Nick Peterson discovered that the Linux kernel did not properly handle debug exceptions following a MOV/POP to SS...

8CVSS6.7AI score0.18404EPSS
Exploits9
Ubuntu
Ubuntu
•added 2017/08/11 3:16 a.m.•123 views

USN-3386-1: Linux kernel vulnerabilities

Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload UFO code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. CVE-2017-1000112 Andrey Konovalov discovered a race condition in AFPACKET socket option handling code...

7.8CVSS7AI score0.20797EPSS
Exploits19
Ubuntu
Ubuntu
•added 2017/05/24 10:27 p.m.•123 views

USN-3296-2: Samba vulnerability

USN-3296-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Samba incorrectly handled shared libraries. A remote attacker could use this flaw to upload a shared library to a writable share and...

10CVSS8.3AI score0.99448EPSS
Exploits24
Ubuntu
Ubuntu
•added 2017/03/15 7:32 p.m.•123 views

USN-3234-1: Linux kernel vulnerabilities

Ralf Spenneberg discovered that the ext4 implementation in the Linux kernel did not properly validate meta block groups. An attacker with physical access could use this to specially craft an ext4 image that causes a denial of service system crash. CVE-2016-10208 It was discovered that the Linux...

4.9CVSS6.5AI score0.00428EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/19 7:27 a.m.•122 views

USN-6839-1: MariaDB vulnerability

A security issue was discovered in MariaDB and this update includes new upstream MariaDB versions to fix the issue. MariaDB has been updated to 10.6.18 in Ubuntu 22.04 LTS and to 10.11.8 in Ubuntu 23.10 and Ubuntu 24.04 LTS. In addition to security fixes, the updated packages contain bug fixes, n...

4.9CVSS6.4AI score0.00424EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/03/24 3:26 p.m.•122 views

USN-5321-3: Firefox regressions

USN-5321-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...

7.5AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2022/03/10 8:21 p.m.•122 views

USN-5322-1: Subversion vulnerability

Thomas Akesson discovered that Subversion incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.3AI score0.37516EPSS
Exploits1
Total number of security vulnerabilities5000