Lucene search
K
UbuntuMost viewed

10890 matches found

Ubuntu
Ubuntu
•added 2021/04/06 11:13 a.m.•122 views

USN-4561-2: Rack vulnerabilities

USN-4561-1 fixed vulnerabilities in Rack. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 20.04 LTS and Ubuntu 20.10. Original advisory details: It was discovered that Rack incorrectly handled certain paths. An attacker could possibly use this issue to obtain sensitive...

8.6CVSS7.1AI score0.03593EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/03/15 8:16 p.m.•122 views

USN-4772-1: VNC4 vulnerabilities

USN-2500-1 addressed CVE-2015-0255 for xorg-server. This update provides the corresponding fix for VNC4 on Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. CVE-2015-0255 USN-2726-1 addressed CVE-2015-1283 for Expat. This update provides the corresponding fix for VNC4 on Ubuntu 14.04 ESM and Ubuntu 16.04 ES...

6.8CVSS7.5AI score0.19069EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/02/16 4:59 p.m.•122 views

USN-4736-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. CVE-2020-26976,...

8.8CVSS7.7AI score0.01556EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/02/11 12:46 p.m.•122 views

USN-4733-1: GNOME Autoar vulnerability

Yiğit Can Yılmaz discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution...

5.5CVSS7.1AI score0.00639EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/10/14 1:18 a.m.•122 views

USN-4576-1: Linux kernel vulnerabilities

Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-16119 Jay Shin...

7.8CVSS7.1AI score0.00418EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/07/27 10:38 p.m.•122 views

USN-4439-1: Linux kernel vulnerabilities

It was discovered that the network block device nbd implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service system crash. CVE-2019-16089 It was discovered that the btrfs file system...

7.8CVSS7.2AI score0.01841EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/05/20 8:16 a.m.•122 views

LSN-0067-1: Kernel Live Patch Security Notice

It was discovered that the Serial CAN interface driver in the Linux kernel did not properly initialize data. A local attacker could use this to expose sensitive information kernel memory. CVE-2020-11494...

4.4CVSS6.6AI score0.00722EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/05/19 11:43 a.m.•122 views

USN-4365-1: Bind vulnerabilities

Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Bind incorrectly limited certain fetches. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service, or possibly use Bind to perform a reflection attack. CVE-2020-8616 Tobias...

8.6CVSS6.8AI score0.93422EPSS
Exploits6
Ubuntu
Ubuntu
•added 2020/02/04 2:44 a.m.•122 views

USN-4264-1: Django vulnerability

Simon Charette discovered that Django incorrectly handled input in the PostgreSQL module. A remote attacker could possibly use this to perform SQL injection attacks...

9.8CVSS7.1AI score0.65336EPSS
Exploits9
Ubuntu
Ubuntu
•added 2019/11/25 1:25 p.m.•122 views

USN-4199-1: libvpx vulnerabilities

It was discovered that libvpx did not properly handle certain malformed WebM media files. If an application using libvpx opened a specially crafted WebM file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...

9.3CVSS6.9AI score0.05392EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/11/13 1:58 a.m.•122 views

USN-4185-2: Linux kernel (Azure) vulnerabilities

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...

6.5CVSS7AI score0.03133EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2019/09/11 8:37 a.m.•122 views

USN-4129-1: curl vulnerabilities

Thomas Vegas discovered that curl incorrectly handled memory when using Kerberos over FTP. A remote attacker could use this issue to crash curl, resulting in a denial of service. CVE-2019-5481 Thomas Vegas discovered that curl incorrectly handled memory during TFTP transfers. A remote attacker...

9.8CVSS6.9AI score0.17939EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/04/23 12:5 p.m.•122 views

USN-3953-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain exif tags in JPEG images. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.1CVSS7.1AI score0.04409EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/04/02 8:50 p.m.•122 views

USN-3931-2: Linux kernel (HWE) vulnerabilities

USN-3931-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS and for the Linux Azure kernel for Ubuntu 14.04 LTS. M. Vefa Bicakci and Andy Lutomirsk...

8.1CVSS6.9AI score0.16523EPSS
Exploits12
Ubuntu
Ubuntu
•added 2018/07/02 8:1 p.m.•122 views

USN-3697-1: Linux kernel vulnerabilities

It was discovered that a null pointer dereference vulnerability existed in the DCCP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2018-1130 Jann Horn discovered that the 32 bit adjtimex syscall implementation for 64 bit...

7.8CVSS6.4AI score0.0172EPSS
Exploits5
Ubuntu
Ubuntu
•added 2018/05/08 10:30 p.m.•122 views

USN-3641-2: Linux kernel vulnerabilities

USN-3641-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 17.10. This update provides the corresponding updates for Ubuntu 12.04 ESM. Nick Peterson discovered that the Linux kernel did not properly handle debug exceptions following a MOV/POP to SS...

8CVSS6.7AI score0.18404EPSS
Exploits9
Ubuntu
Ubuntu
•added 2017/04/10 5:32 p.m.•122 views

USN-3257-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS7.2AI score0.09283EPSS
Exploits57
Ubuntu
Ubuntu
•added 2011/09/01 8:43 p.m.•122 views

USN-1199-1: Apache vulnerability

A flaw was discovered in the byterange filter in Apache. A remote attacker could exploit this to cause a denial of service via resource exhaustion...

7.8CVSS7.5AI score0.98945EPSS
Exploits17
Ubuntu
Ubuntu
•added 2023/12/14 3:56 p.m.•121 views

USN-6556-1: Budgie Extras vulnerabilities

It was discovered that Budgie Extras incorrectly handled certain temporary file paths. An attacker could possibly use this issue to inject false information or deny access to the application. CVE-2023-49342, CVE-2023-49343, CVE-2023-49347 Matthias Gerstner discovered that Budgie Extras incorrectl...

7.8CVSS7.4AI score0.00303EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/01/13 1:26 p.m.•121 views

USN-5227-1: Pillow vulnerabilities

It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to hang, resulting in a denial of service. CVE-2021-23437 It was discovered that Pillow incorrectly handled...

9.8CVSS7.4AI score0.03399EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/01/12 9:6 p.m.•121 views

USN-5210-2: Linux kernel regression

USN-5210-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused failures to boot in environments with AMD Secure Encrypted Virtualization SEV enabled. This update fixes the problem. We apologize for the inconvenience. Original advisory details:...

7.4AI score0.00669EPSS
Exploits3References1
Ubuntu
Ubuntu
•added 2022/01/11 5:22 a.m.•121 views

USN-5219-1: Linux kernel vulnerability

It was discovered that the eBPF implementation in the Linux kernel did not properly validate the memory size of certain ring buffer operation arguments. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.1CVSS7.5AI score0.01095EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2021/08/10 11:53 a.m.•121 views

USN-5034-1: c-ares vulnerability

Philipp Jeitner and Haya Shulman discovered that c-ares incorrectly validated certain hostnames returned by DNS servers. A remote attacker could possibly use this issue to perform Domain Hijacking attacks...

6.8CVSS7.1AI score0.02617EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/07/07 12:12 p.m.•121 views

USN-5007-1: libuv vulnerability

Eric Sesterhenn discovered that libuv incorrectly handled certain strings. An attacker could possibly use this issue to access sensitive information or cause a crash...

5.3CVSS7.3AI score0.23132EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/05/13 12:31 p.m.•121 views

USN-4932-2: Django vulnerability

USN-4932-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that Django incorrectly handled certain filenames. A remote attacker could possibly use this issue to create or overwri...

7.5CVSS7.5AI score0.05291EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/04/19 7:28 p.m.•121 views

USN-4919-1: OpenSLP vulnerability

It was discovered that OpenSLP did not properly validate URLs. A remote attacker could use this issue to cause OpenSLP to crash or possibly execute arbitrary code...

9.8CVSS8.2AI score0.96823EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/03/30 4:33 p.m.•121 views

USN-4897-1: Pygments vulnerability

Ben Caller discovered that Pygments incorrectly handled parsing certain files. If a user or automated system were tricked into parsing a specially crafted file, a remote attacker could cause Pygments to hang or consume resources, resulting in a denial of service...

7.5CVSS7.5AI score0.03832EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/03/22 4:55 p.m.•121 views

USN-4886-1: Privoxy vulnerabilities

It was discovered that Privoxy incorrectly handled CGI requests. An attacker could possibly use this issue to cause a denial of service or obtain sensitive information. CVE-2020-35502, CVE-2021-20209, CVE-2021-20210, CVE-2021-20213, CVE-2021-20215, CVE-2021-20216, CVE-2021-20217, CVE-2021-20272,...

7.8CVSS7.2AI score0.02355EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/02/24 7:56 p.m.•121 views

USN-4747-2: GNU Screen vulnerability

USN-4747-1 fixed a vulnerability in screen. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Felix Weinmann discovered that GNU Screen incorrectly handled certain character sequences. A remote attacker could use this issue to cause GNU Screen to crash...

9.8CVSS7.6AI score0.09147EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/26 1:7 p.m.•121 views

USN-4648-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

10CVSS7.1AI score0.02917EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/11/11 6:56 a.m.•121 views

USN-4628-1: Intel Microcode vulnerabilities

Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit RAPL feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker coul...

5.5CVSS6.9AI score0.0051EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/10/14 2:12 a.m.•121 views

USN-4579-1: Linux kernel vulnerabilities

Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-16119 Wen Xu discover...

7.8CVSS6.9AI score0.00509EPSS
Exploits2
Ubuntu
Ubuntu
•added 2020/10/13 11:28 p.m.•121 views

USN-4575-1: dom4j vulnerability

It was discovered that dom4j incorrectly handled reading XML data. A remote attacker could exploit this with a crafted XML file to expose sensitive data or possibly execute arbitrary code. CVE-2020-10683...

9.8CVSS7.4AI score0.07269EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/07/27 8:24 a.m.•121 views

LSN-0069-1: Kernel Live Patch Security Notice

Relayopen in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service such as relay blockage by triggering a NULL allocpercpu result. CVE-2019-19462 Fan Yang discovered that the mremap implementation in the Linux kernel did not properly handle DAX Huge Page...

9CVSS6.6AI score0.19039EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/05/14 6:6 p.m.•121 views

USN-4360-1: json-c vulnerability

It was discovered that json-c incorrectly handled certain JSON files. An attacker could possibly use this issue to execute arbitrary code...

7.8CVSS7.2AI score0.01888EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/03/17 1:41 a.m.•121 views

USN-4303-2: Linux kernel (HWE) vulnerability

USN-4303-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel...

6.8CVSS6.7AI score0.00927EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/01/15 1:21 p.m.•121 views

USN-4239-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, 16.04 LTS, 18.04 LTS, 19.04 and 19.10. CVE-2019-11045 It was discovered that PHP incorrectly handled certain inputs. An...

6.5CVSS7AI score0.08818EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/03/27 12:10 p.m.•121 views

USN-3923-1: QEMU vulnerabilities

Michael Hanselmann discovered that QEMU incorrectly handled the Media Transfer Protocol MTP. An attacker inside the guest could use this issue to read or write arbitrary files and cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.10. CVE-2018-16867...

7.8CVSS7AI score0.03879EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/01/15 6:0 p.m.•121 views

USN-3860-2: libcaca vulnerabilities

USN-3860-1 fixed a vulnerability in libcaca. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service. CVE-2018-20544 It...

8.8CVSS6.8AI score0.02389EPSS
Exploits7
Ubuntu
Ubuntu
•added 2017/11/21 6:44 p.m.•121 views

USN-3485-3: Linux kernel (AWS) vulnerabilities

It was discovered that a race condition existed in the ALSA subsystem of the Linux kernel when creating and deleting a port via ioctl. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-15265 Eric Biggers discovered that the key...

7.8CVSS7.3AI score0.0097EPSS
Exploits4
Ubuntu
Ubuntu
•added 2015/12/07 12:35 p.m.•121 views

USN-2830-1: OpenSSL vulnerabilities

Guy Leaver discovered that OpenSSL incorrectly handled a ServerKeyExchange for an anonymous DH ciphersuite with the value of p set to 0. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only applied to Ubuntu 15.10...

7.5CVSS7.1AI score0.44016EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/06/25 11:58 a.m.•121 views

USN-2653-1: Python vulnerabilities

It was discovered that multiple Python protocol libraries incorrectly limited certain data when connecting to servers. A malicious ftp, http, imap, nntp, pop or smtp server could use this issue to cause a denial of service. CVE-2013-1752 It was discovered that the Python xmlrpc library did not...

9.8CVSS7.9AI score0.24148EPSS
Exploits8
Ubuntu
Ubuntu
•added 2014/09/02 6:0 p.m.•121 views

USN-2337-1: Linux kernel vulnerabilities

A flaw was discovered in the Linux kernel virtual machine's kvm validation of interrupt requests irq. A guest OS user could exploit this flaw to cause a denial of service host OS crash. CVE-2014-0155 Andy Lutomirski discovered a flaw in the authorization of netlink socket operations when a socket...

6.2CVSS6.7AI score0.05926EPSS
Exploits8
Ubuntu
Ubuntu
•added 2011/09/13 8:11 p.m.•121 views

USN-1204-1: Linux kernel (i.MX51) vulnerabilities

Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. CVE-2010-3859 Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local...

9.8CVSS6.9AI score0.08793EPSS
Exploits32
Ubuntu
Ubuntu
•added 2024/06/07 8:18 p.m.•120 views

USN-6818-1: Linux kernel vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 It was...

7.8CVSS6.9AI score0.78388EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/08/25 3:58 a.m.•120 views

USN-5582-1: Linux kernel (Azure CVM) vulnerabilities

Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations. CVE-2022-34918 Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux...

7.8CVSS7.6AI score0.12746EPSS
Exploits25
Ubuntu
Ubuntu
•added 2022/05/03 11:13 a.m.•120 views

USN-5400-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.29 in Ubuntu 20.04 LTS, Ubuntu 21.10, and Ubuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.38. In addition to security fixes, t...

6.5CVSS6.4AI score0.02023EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/03/31 6:51 p.m.•120 views

USN-5360-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly performed input verification. A remote attacker could possibly use this issue to intercept sensitive information. CVE-2020-13943, CVE-2020-17527, CVE-2021-25122, CVE-2021-30640 It was discovered that Tomcat did not properly deserialize untrusted data. An...

7.5CVSS7.5AI score0.75353EPSS
Exploits16References1
Ubuntu
Ubuntu
•added 2022/03/28 11:13 p.m.•120 views

USN-5353-1: Linux kernel (OEM) vulnerability

It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.2AI score0.05524EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/02/11 7:28 a.m.•120 views

USN-5267-2: Linux kernel regression

USN-5267-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused the kernel to freeze when accessing CIFS shares in some situations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered...

6.9AI score
Exploits0References1
Total number of security vulnerabilities5000