Lucene search
K
UbuntuMost viewed

10904 matches found

Ubuntu
Ubuntu
•added 2015/12/07 12:35 p.m.•121 views

USN-2830-1: OpenSSL vulnerabilities

Guy Leaver discovered that OpenSSL incorrectly handled a ServerKeyExchange for an anonymous DH ciphersuite with the value of p set to 0. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only applied to Ubuntu 15.10...

7.5CVSS7.1AI score0.44016EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/09/02 6:0 p.m.•121 views

USN-2337-1: Linux kernel vulnerabilities

A flaw was discovered in the Linux kernel virtual machine's kvm validation of interrupt requests irq. A guest OS user could exploit this flaw to cause a denial of service host OS crash. CVE-2014-0155 Andy Lutomirski discovered a flaw in the authorization of netlink socket operations when a socket...

6.2CVSS6.7AI score0.05926EPSS
Exploits8
Ubuntu
Ubuntu
•added 2011/09/13 8:11 p.m.•121 views

USN-1204-1: Linux kernel (i.MX51) vulnerabilities

Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. CVE-2010-3859 Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local...

9.8CVSS6.9AI score0.08793EPSS
Exploits32
Ubuntu
Ubuntu
•added 2024/06/07 8:33 p.m.•120 views

USN-6819-1: Linux kernel vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 Chenyuan...

7.8CVSS6.9AI score0.78388EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/06/07 8:18 p.m.•120 views

USN-6818-1: Linux kernel vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 It was...

7.8CVSS6.9AI score0.78388EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/04/19 1:51 p.m.•120 views

USN-6742-1: Linux kernel vulnerabilities

Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth devices could use this to...

7.8CVSS7.2AI score0.02224EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/03/31 12:44 a.m.•120 views

USN-5990-1: musl vulnerabilities

It was discovered that musl did not handle certain i386 math functions properly. An attacker could use this vulnerability to cause a denial of service crash or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 LTS. CVE-2019-14697 It was...

9.8CVSS7.8AI score0.02726EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/02/27 8:32 a.m.•120 views

USN-5887-1: ClamAV vulnerabilities

Simon Scannell discovered that ClamAV incorrectly handled parsing HFS+ files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or execute arbitrary code. CVE-2023-20032 Simon Scannell discovered that ClamAV incorrectly handled parsing DMG...

9.8CVSS8.1AI score0.29314EPSS
Exploits5
Ubuntu
Ubuntu
•added 2022/08/25 3:58 a.m.•120 views

USN-5582-1: Linux kernel (Azure CVM) vulnerabilities

Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations. CVE-2022-34918 Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux...

7.8CVSS7.6AI score0.12746EPSS
Exploits25
Ubuntu
Ubuntu
•added 2022/08/04 4:7 p.m.•120 views

USN-5550-1: GnuTLS vulnerabilities

It was discovered that GnuTLS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. CVE-2021-4209 It was discovered that GnuTLS...

7.5CVSS7AI score0.01484EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/03 11:13 a.m.•120 views

USN-5400-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.29 in Ubuntu 20.04 LTS, Ubuntu 21.10, and Ubuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.38. In addition to security fixes, t...

6.5CVSS6.4AI score0.02092EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/03/31 6:51 p.m.•120 views

USN-5360-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly performed input verification. A remote attacker could possibly use this issue to intercept sensitive information. CVE-2020-13943, CVE-2020-17527, CVE-2021-25122, CVE-2021-30640 It was discovered that Tomcat did not properly deserialize untrusted data. An...

7.5CVSS7.5AI score0.75353EPSS
Exploits16References1
Ubuntu
Ubuntu
•added 2022/03/28 11:13 p.m.•120 views

USN-5353-1: Linux kernel (OEM) vulnerability

It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.2AI score0.05524EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/02/11 7:28 a.m.•120 views

USN-5267-2: Linux kernel regression

USN-5267-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused the kernel to freeze when accessing CIFS shares in some situations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered...

6.9AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2022/02/03 5:40 a.m.•120 views

USN-5265-1: Linux kernel vulnerabilities

Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service system crash. CVE-2020-27820 It was discovered that the Bluetooth subsystem in the Linux...

8.8CVSS7.3AI score0.01736EPSS
Exploits5
Ubuntu
Ubuntu
•added 2022/02/03 4:13 a.m.•120 views

USN-5266-1: Linux kernel (GKE) vulnerabilities

It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-22600 Luo Likang discovered that the FireDTV Firewire...

7.2CVSS7.4AI score0.05918EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/10/26 2:24 p.m.•120 views

USN-5009-2: libslirp vulnerabilities

USN-5009-1 fixed vulnerabilities in libslirp. This update provides the corresponding updates for Ubuntu 21.10. Original advisory details: Qiuhao Li discovered that libslirp incorrectly handled certain header data lengths. An attacker inside a guest could possibly use this issue to leak sensitive...

3.8CVSS6.6AI score0.00326EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/08/19 7:14 p.m.•120 views

USN-5048-1: Inetutils vulnerability

It was discovered that Inetutils telnet server allows remote attackers to execute arbitrary code via short writes or urgent data. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code...

10CVSS8.2AI score0.74513EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/07/29 12:44 p.m.•120 views

USN-5025-2: libsndfile vulnerability

USN-5025-1 fixed a vulnerability in libsndfile. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that libsndfile incorrectly handled certain malformed files. A remote attacker could use this issue to cause...

8.8CVSS8.2AI score0.03292EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/05/19 10:41 a.m.•120 views

USN-4960-1: runC vulnerability

Etienne Champetier discovered that runC incorrectly checked mount targets. An attacker with a malicious container image could possibly mount the host filesystem into the container and escalate privileges...

8.5CVSS7.5AI score0.06604EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/03/30 4:24 p.m.•120 views

USN-4896-1: lxml vulnerability

It was discovered that lxml incorrectly handled certain HTML attributes. A remote attacker could possibly use this issue to perform cross-site scripting XSS attacks...

6.1CVSS7.3AI score0.04002EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/03/25 3:32 p.m.•120 views

USN-4888-2: ldb vulnerabilities

USN-4888-1 fixed several vulnerabilities in ldb. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Douglas Bagnall discovered that ldb, when used with Samba, incorrectly handled certain LDAP attributes. A remote attacker could possibly use this issue t...

7.5CVSS7.5AI score0.04328EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/01/26 8:25 a.m.•120 views

LSN-0074-1: Kernel Live Patch Security Notice

Elena Petrova discovered that the pin controller device tree implementation in the Linux kernel did not properly handle string references. A local attacker could use this to expose sensitive information kernel memory. CVE-2020-0427 Andy Nguyen discovered that the Bluetooth A2MP implementation in...

8.1CVSS7.1AI score0.06563EPSS
Exploits5
Ubuntu
Ubuntu
•added 2021/01/06 1:24 p.m.•120 views

USN-4682-1: WavPack vulnerability

It was discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to execute arbitrary code or cause a crash...

6.1CVSS7.2AI score0.01196EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/10/14 2:24 a.m.•120 views

USN-4580-1: Linux kernel vulnerability

Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.1AI score0.00422EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/06/04 11:58 a.m.•120 views

USN-4382-1: FreeRDP vulnerabilities

It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.3CVSS6.5AI score0.02653EPSS
Exploits9
Ubuntu
Ubuntu
•added 2020/05/27 3:19 p.m.•120 views

USN-4374-1: Unbound vulnerabilities

Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Unbound incorrectly handled certain queries. A remote attacker could use this issue to perform an amplification attack directed at a target. CVE-2020-12662 It was discovered that Unbound incorrectly handled certain malformed answers....

7.5CVSS6.8AI score0.03588EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/10/07 11:22 a.m.•120 views

USN-4148-1: OpenEXR vulnerabilities

It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. CVE-2017-12596...

8.8CVSS7AI score0.0331EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/07/22 4:55 p.m.•120 views

USN-4067-1: Evince vulnerability

It was discovered that Evince incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service or to execute arbitrary code...

7.8CVSS7.1AI score0.02092EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/05/14 2:7 p.m.•120 views

USN-3976-2: Samba vulnerability

USN-3976-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Isaac Boukris and Andrew Bartlett discovered that Samba incorrectly checked S4U2Self packets. In certain environments, a remote attacker...

7.5CVSS7.4AI score0.02486EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/03/14 5:53 p.m.•120 views

USN-3909-1: libvirt vulnerability

It was discovered that libvirt incorrectly handled waiting for certain agent events. An attacker inside a guest could possibly use this issue to cause libvirtd to stop responding, resulting in a denial of service...

6.3CVSS6.8AI score0.0151EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/08/14 10:11 p.m.•120 views

USN-3742-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3742-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 for Ubuntu 12.04 ESM. It was discovered that memory present in the L1 data cache of an Intel CPU core may be...

7.8CVSS6.9AI score0.7354EPSS
Exploits8References1
Ubuntu
Ubuntu
•added 2018/07/11 2:14 p.m.•120 views

USN-3712-1: libpng vulnerabilities

Patrick Keshishian discovered that libpng incorrectly handled certain PNG files. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-10087 Thuan Pham discovered that libpng incorrectly handled certain PNG files...

7.5CVSS6.5AI score0.05517EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/05/24 11:18 a.m.•120 views

USN-3296-1: Samba vulnerability

It was discovered that Samba incorrectly handled shared libraries. A remote attacker could use this flaw to upload a shared library to a writable share and execute arbitrary code...

10CVSS8.3AI score0.99448EPSS
Exploits24
Ubuntu
Ubuntu
•added 2011/05/05 2:34 a.m.•120 views

USN-1126-2: PHP Regressions

USN 1126-1 fixed several vulnerabilities in PHP. The fix for CVE-2010-4697 introduced an incorrect reference counting regression in the Zend engine that caused the PHP interpreter to segfault. This regression affects Ubuntu 6.06 LTS and Ubuntu 8.04 LTS. The fixes for CVE-2011-1072 and CVE-2011-11...

8.4AI score
Exploits0References2
Ubuntu
Ubuntu
•added 2023/08/31 10:7 p.m.•119 views

USN-6329-1: Linux kernel vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

7.8CVSS7.9AI score0.05794EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/03/03 12:49 a.m.•119 views

USN-5914-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

8.8CVSS7.7AI score0.21314EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/03/02 12:20 p.m.•119 views

USN-5905-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain gzip files. An attacker could possibly use this issue to cause a denial of service. CVE-2022-31628 It was discovered that PHP incorrectly handled certain cookies. An attacker could possibly use this issue to compromise data integrity...

9.1CVSS7.3AI score0.49336EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/03/31 12:44 p.m.•119 views

USN-5359-1: rsync vulnerability

Danilo Ramos discovered that rsync incorrectly handled memory when performing certain zlib deflating operations. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.5AI score0.51733EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/03/31 2:36 a.m.•119 views

USN-5358-1: Linux kernel vulnerabilities

It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-1055 It was discovered that the IPsec implementati...

8.6CVSS7.4AI score0.05524EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/03/31 2:5 a.m.•119 views

USN-5357-1: Linux kernel vulnerability

It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.2AI score0.05524EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/03/03 2:55 p.m.•119 views

USN-5311-1: containerd vulnerability

It was discovered that containerd allows attackers to gain access to read- only copies of arbitrary files and directories on the host via a specially- crafted image configuration. An attacker could possibly use this issue to obtain sensitive information...

7.5CVSS7.5AI score0.27392EPSS
Exploits4
Ubuntu
Ubuntu
•added 2022/02/11 2:43 p.m.•119 views

USN-5283-1: Tar for Node.js vulnerability

It was discovered that Tar for Node.js did not properly sanitize path inputs. An attacker could possibly use this issue to read arbitrary files, resulting in a directory traversal attack...

8.2CVSS7.2AI score0.07795EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/01/19 6:6 p.m.•119 views

USN-5241-1: QtSvg vulnerabilities

It was discovered that QtSvg incorrectly handled certain malformed SVG images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause QtSvg to crash, resulting in a denial of service, or possibly execute arbitrary co...

7.1CVSS6.8AI score0.02178EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/10/08 1:44 p.m.•119 views

USN-5108-1: libntlm vulnerability

It was discovered that Libntlm incorrectly handled specially crafted NTML requests. An attacker could possibly use this issue to cause a denial of service or another unspecified impact...

9.8CVSS8.2AI score0.03107EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/08/19 2:53 p.m.•119 views

USN-5047-1: Firefox vulnerability

It was discovered that Firefox could be made to incorrectly accept newlines in HTTP/3 response headers. If a user were tricked into opening a specially crafted website, an attacker could exploit this to conduct header splitting attacks...

8.1CVSS8.3AI score0.00885EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/06/02 7:35 p.m.•119 views

USN-4978-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, re-enable camera devices without an additional permission prompt, spoof the browser UI, or execute...

8.8CVSS7.7AI score0.01368EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/25 2:27 p.m.•119 views

USN-4964-1: Exiv2 vulnerabilities

It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04. CVE-2021-29463 It was discovered that Exiv2 incorrectly handled certain files. An...

7.8CVSS6.8AI score0.01677EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/17 1:32 p.m.•119 views

USN-4956-1: Eventlet vulnerability

It was discovered that Eventlet incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service...

5.3CVSS6.7AI score0.01807EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/10 9:10 p.m.•119 views

USN-4942-1: Firefox vulnerability

A race condition was discovered in Web Render Components. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit this to execute arbitrary code...

7.5CVSS8.5AI score0.0073EPSS
Exploits0
Total number of security vulnerabilities5000