Lucene search
K
UbuntuMost viewed

10894 matches found

Ubuntu
Ubuntu
•added 2022/01/12 9:6 p.m.•122 views

USN-5210-2: Linux kernel regression

USN-5210-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused failures to boot in environments with AMD Secure Encrypted Virtualization SEV enabled. This update fixes the problem. We apologize for the inconvenience. Original advisory details:...

7.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2021/10/19 3:10 p.m.•122 views

USN-5111-2: strongSwan vulnerability

USN-5111-1 fixed a vulnerability in strongSwan. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that strongSwan incorrectly handled replacing certificates in the cache. A remote attacker could use this issue to...

7.5CVSS7.7AI score0.04804EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/08/26 1:55 a.m.•122 views

USN-5052-1: MongoDB vulnerability

MongoDB would fail to properly invalidate existing sessions for deleted users. This could allow a remote authenticated attacker to gain elevated privileges if their user account was recreated with elevated privileges...

7.1CVSS7AI score0.01225EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/07/20 10:56 a.m.•122 views

USN-5012-1: containerd vulnerabilities

It was discovered that containerd incorrectly handled file permission changes. If a user or automated system were tricked into launching a specially crafted container image, a remote attacker could change permissions on files on the host filesystem and possibly escalate privileges...

6.8CVSS6.5AI score0.01608EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/07/07 5:19 p.m.•122 views

USN-5008-1: Avahi vulnerabilities

Thomas Kremer discovered that Avahi incorrectly handled termination signals on the Unix socket. A local attacker could possibly use this issue to cause Avahi to hang, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. CVE-2021-3468 It...

5.5CVSS6.7AI score0.0045EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/04/28 5:15 p.m.•122 views

USN-4928-1: GStreamer Good Plugins vulnerabilities

It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to cause access sensitive information or cause a crash. CVE-2021-3497 It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could...

7.8CVSS8AI score0.0177EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/04/07 5:9 p.m.•122 views

USN-4903-1: curl vulnerability

Viktor Szakats discovered that curl did not strip off user credentials from referrer header fields. A remote attacker could possibly use this issue to obtain sensitive information...

5.3CVSS6.8AI score0.05301EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/04/06 11:13 a.m.•122 views

USN-4561-2: Rack vulnerabilities

USN-4561-1 fixed vulnerabilities in Rack. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 20.04 LTS and Ubuntu 20.10. Original advisory details: It was discovered that Rack incorrectly handled certain paths. An attacker could possibly use this issue to obtain sensitive...

8.6CVSS7.1AI score0.03593EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/03/30 4:33 p.m.•122 views

USN-4897-1: Pygments vulnerability

Ben Caller discovered that Pygments incorrectly handled parsing certain files. If a user or automated system were tricked into parsing a specially crafted file, a remote attacker could cause Pygments to hang or consume resources, resulting in a denial of service...

7.5CVSS7.5AI score0.03832EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/03/15 8:16 p.m.•122 views

USN-4772-1: VNC4 vulnerabilities

USN-2500-1 addressed CVE-2015-0255 for xorg-server. This update provides the corresponding fix for VNC4 on Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. CVE-2015-0255 USN-2726-1 addressed CVE-2015-1283 for Expat. This update provides the corresponding fix for VNC4 on Ubuntu 14.04 ESM and Ubuntu 16.04 ES...

6.8CVSS7.5AI score0.19069EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/02/11 12:46 p.m.•122 views

USN-4733-1: GNOME Autoar vulnerability

Yiğit Can Yılmaz discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution...

5.5CVSS7.1AI score0.00639EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/11 6:56 a.m.•122 views

USN-4628-1: Intel Microcode vulnerabilities

Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit RAPL feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker coul...

5.5CVSS6.9AI score0.0051EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/10/14 1:18 a.m.•122 views

USN-4576-1: Linux kernel vulnerabilities

Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-16119 Jay Shin...

7.8CVSS7.1AI score0.00422EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/10/13 11:28 p.m.•122 views

USN-4575-1: dom4j vulnerability

It was discovered that dom4j incorrectly handled reading XML data. A remote attacker could exploit this with a crafted XML file to expose sensitive data or possibly execute arbitrary code. CVE-2020-10683...

9.8CVSS7.4AI score0.07269EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/07/27 10:38 p.m.•122 views

USN-4439-1: Linux kernel vulnerabilities

It was discovered that the network block device nbd implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service system crash. CVE-2019-16089 It was discovered that the btrfs file system...

7.8CVSS7.2AI score0.01841EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/07/27 8:24 a.m.•122 views

LSN-0069-1: Kernel Live Patch Security Notice

Relayopen in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service such as relay blockage by triggering a NULL allocpercpu result. CVE-2019-19462 Fan Yang discovered that the mremap implementation in the Linux kernel did not properly handle DAX Huge Page...

9CVSS6.6AI score0.19039EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/05/20 8:16 a.m.•122 views

LSN-0067-1: Kernel Live Patch Security Notice

It was discovered that the Serial CAN interface driver in the Linux kernel did not properly initialize data. A local attacker could use this to expose sensitive information kernel memory. CVE-2020-11494...

4.4CVSS6.6AI score0.00722EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/05/19 11:43 a.m.•122 views

USN-4365-1: Bind vulnerabilities

Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Bind incorrectly limited certain fetches. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service, or possibly use Bind to perform a reflection attack. CVE-2020-8616 Tobias...

8.6CVSS6.8AI score0.93422EPSS
Exploits6
Ubuntu
Ubuntu
•added 2020/02/04 2:44 a.m.•122 views

USN-4264-1: Django vulnerability

Simon Charette discovered that Django incorrectly handled input in the PostgreSQL module. A remote attacker could possibly use this to perform SQL injection attacks...

9.8CVSS7.1AI score0.65336EPSS
Exploits9
Ubuntu
Ubuntu
•added 2019/11/25 1:25 p.m.•122 views

USN-4199-1: libvpx vulnerabilities

It was discovered that libvpx did not properly handle certain malformed WebM media files. If an application using libvpx opened a specially crafted WebM file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...

9.3CVSS6.9AI score0.05392EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/11/13 1:58 a.m.•122 views

USN-4185-2: Linux kernel (Azure) vulnerabilities

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...

6.5CVSS7AI score0.03133EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2019/09/11 8:37 a.m.•122 views

USN-4129-1: curl vulnerabilities

Thomas Vegas discovered that curl incorrectly handled memory when using Kerberos over FTP. A remote attacker could use this issue to crash curl, resulting in a denial of service. CVE-2019-5481 Thomas Vegas discovered that curl incorrectly handled memory during TFTP transfers. A remote attacker...

9.8CVSS6.9AI score0.17939EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/04/23 12:5 p.m.•122 views

USN-3953-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain exif tags in JPEG images. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.1CVSS7.1AI score0.04409EPSS
Exploits1
Ubuntu
Ubuntu
•added 2017/04/10 5:32 p.m.•122 views

USN-3257-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS7.2AI score0.09283EPSS
Exploits57
Ubuntu
Ubuntu
•added 2015/06/25 11:58 a.m.•122 views

USN-2653-1: Python vulnerabilities

It was discovered that multiple Python protocol libraries incorrectly limited certain data when connecting to servers. A malicious ftp, http, imap, nntp, pop or smtp server could use this issue to cause a denial of service. CVE-2013-1752 It was discovered that the Python xmlrpc library did not...

9.8CVSS7.9AI score0.24148EPSS
Exploits8
Ubuntu
Ubuntu
•added 2011/09/01 8:43 p.m.•122 views

USN-1199-1: Apache vulnerability

A flaw was discovered in the byterange filter in Apache. A remote attacker could exploit this to cause a denial of service via resource exhaustion...

7.8CVSS7.5AI score0.98945EPSS
Exploits17
Ubuntu
Ubuntu
•added 2023/12/14 3:56 p.m.•121 views

USN-6556-1: Budgie Extras vulnerabilities

It was discovered that Budgie Extras incorrectly handled certain temporary file paths. An attacker could possibly use this issue to inject false information or deny access to the application. CVE-2023-49342, CVE-2023-49343, CVE-2023-49347 Matthias Gerstner discovered that Budgie Extras incorrectl...

7.8CVSS7.4AI score0.00303EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/01/13 1:26 p.m.•121 views

USN-5227-1: Pillow vulnerabilities

It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to hang, resulting in a denial of service. CVE-2021-23437 It was discovered that Pillow incorrectly handled...

9.8CVSS7.4AI score0.03399EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/09/22 4:32 p.m.•121 views

USN-5087-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS7.5AI score0.13486EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/08/30 1:52 p.m.•121 views

USN-5056-1: APR vulnerability

It was discovered that APR incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information...

7.1CVSS6.5AI score0.01185EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/08/10 11:53 a.m.•121 views

USN-5034-1: c-ares vulnerability

Philipp Jeitner and Haya Shulman discovered that c-ares incorrectly validated certain hostnames returned by DNS servers. A remote attacker could possibly use this issue to perform Domain Hijacking attacks...

6.8CVSS7.1AI score0.02617EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/07/07 12:12 p.m.•121 views

USN-5007-1: libuv vulnerability

Eric Sesterhenn discovered that libuv incorrectly handled certain strings. An attacker could possibly use this issue to access sensitive information or cause a crash...

5.3CVSS7.3AI score0.23132EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/06/21 1:50 p.m.•121 views

USN-4993-1: Dovecot vulnerabilities

Kirin discovered that Dovecot incorrectly escaped kid and azp fields in JWT tokens. A local attacker could possibly use this issue to validate tokens using arbitrary keys. This issue only affected Ubuntu 20.10 and Ubuntu 21.04. CVE-2021-29157 Fabian Ising and Damian Poddebniak discovered that...

7.5CVSS7.4AI score0.02837EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/13 12:31 p.m.•121 views

USN-4932-2: Django vulnerability

USN-4932-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that Django incorrectly handled certain filenames. A remote attacker could possibly use this issue to create or overwri...

7.5CVSS7.5AI score0.05291EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/04/19 7:28 p.m.•121 views

USN-4919-1: OpenSLP vulnerability

It was discovered that OpenSLP did not properly validate URLs. A remote attacker could use this issue to cause OpenSLP to crash or possibly execute arbitrary code...

9.8CVSS8.2AI score0.96823EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/03/22 4:55 p.m.•121 views

USN-4886-1: Privoxy vulnerabilities

It was discovered that Privoxy incorrectly handled CGI requests. An attacker could possibly use this issue to cause a denial of service or obtain sensitive information. CVE-2020-35502, CVE-2021-20209, CVE-2021-20210, CVE-2021-20213, CVE-2021-20215, CVE-2021-20216, CVE-2021-20217, CVE-2021-20272,...

7.8CVSS7.2AI score0.02355EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/03/22 1:26 p.m.•121 views

USN-4885-1: Pygments vulnerability

It was discovered that Pygments incorrectly handled parsing SML files. If a user or automated system were tricked into parsing a specially crafted SML file, a remote attacker could cause Pygments to hang, resulting in a denial of service...

7.5CVSS7.6AI score0.02707EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/02/24 7:56 p.m.•121 views

USN-4747-2: GNU Screen vulnerability

USN-4747-1 fixed a vulnerability in screen. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Felix Weinmann discovered that GNU Screen incorrectly handled certain character sequences. A remote attacker could use this issue to cause GNU Screen to crash...

9.8CVSS7.6AI score0.09147EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/26 1:7 p.m.•121 views

USN-4648-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

10CVSS7.1AI score0.02917EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/11/12 1:14 a.m.•121 views

USN-4628-2: Intel Microcode regression

USN-4628-1 provided updated Intel Processor Microcode. Unfortunately, that update prevented certain processors in the Intel Tiger Lake family from booting successfully. This update reverts the microcode update for the Tiger Lake processor family. Please note that the 'disucodeldr' kernel command...

7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/10/14 2:12 a.m.•121 views

USN-4579-1: Linux kernel vulnerabilities

Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-16119 Wen Xu discover...

7.8CVSS6.9AI score0.00509EPSS
Exploits2
Ubuntu
Ubuntu
•added 2020/05/14 6:6 p.m.•121 views

USN-4360-1: json-c vulnerability

It was discovered that json-c incorrectly handled certain JSON files. An attacker could possibly use this issue to execute arbitrary code...

7.8CVSS7.2AI score0.01888EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/03/17 1:41 a.m.•121 views

USN-4303-2: Linux kernel (HWE) vulnerability

USN-4303-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel...

6.8CVSS6.7AI score0.00927EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/01/15 1:21 p.m.•121 views

USN-4239-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, 16.04 LTS, 18.04 LTS, 19.04 and 19.10. CVE-2019-11045 It was discovered that PHP incorrectly handled certain inputs. An...

6.5CVSS7AI score0.08818EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/08/13 4:24 p.m.•121 views

USN-4096-1: Linux kernel (AWS) vulnerability

Andrei Vlad Lutas and Dan Lutas discovered that some x86 processors incorrectly handle SWAPGS instructions during speculative execution. A local attacker could use this to expose sensitive information kernel memory...

5.6CVSS6.9AI score0.04521EPSS
Exploits4
Ubuntu
Ubuntu
•added 2019/03/27 12:10 p.m.•121 views

USN-3923-1: QEMU vulnerabilities

Michael Hanselmann discovered that QEMU incorrectly handled the Media Transfer Protocol MTP. An attacker inside the guest could use this issue to read or write arbitrary files and cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.10. CVE-2018-16867...

7.8CVSS7AI score0.03879EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/01/15 6:0 p.m.•121 views

USN-3860-2: libcaca vulnerabilities

USN-3860-1 fixed a vulnerability in libcaca. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service. CVE-2018-20544 It...

8.8CVSS6.8AI score0.02389EPSS
Exploits6
Ubuntu
Ubuntu
•added 2018/06/12 12:36 a.m.•121 views

USN-3678-1: Linux kernel vulnerabilities

Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 filesystem that caused a denial of service system crash when mounted. CVE-2018-1092 It was discovered...

7.1CVSS6.4AI score0.01999EPSS
Exploits2
Ubuntu
Ubuntu
•added 2017/11/21 6:44 p.m.•121 views

USN-3485-3: Linux kernel (AWS) vulnerabilities

It was discovered that a race condition existed in the ALSA subsystem of the Linux kernel when creating and deleting a port via ioctl. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-15265 Eric Biggers discovered that the key...

7.8CVSS7.3AI score0.0097EPSS
Exploits4
Ubuntu
Ubuntu
•added 2017/10/25 7:25 p.m.•121 views

USN-3463-1: Werkzeug vulnerability

It was discovered that Werkzeug did not properly handle certain web scripts. A remote attacker could use this to inject arbitrary code via a field that contains an exception message...

6.1CVSS6.8AI score0.01985EPSS
Exploits0
Total number of security vulnerabilities5000