Lucene search
K
UbuntuMost viewed

10890 matches found

Ubuntu
Ubuntu
•added 2022/03/28 11:13 p.m.•120 views

USN-5353-1: Linux kernel (OEM) vulnerability

It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.2AI score0.05524EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/02/11 7:28 a.m.•120 views

USN-5267-2: Linux kernel regression

USN-5267-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused the kernel to freeze when accessing CIFS shares in some situations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered...

6.9AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2022/02/03 5:40 a.m.•120 views

USN-5265-1: Linux kernel vulnerabilities

Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service system crash. CVE-2020-27820 It was discovered that the Bluetooth subsystem in the Linux...

8.8CVSS7.3AI score0.01736EPSS
Exploits5
Ubuntu
Ubuntu
•added 2022/02/03 4:13 a.m.•120 views

USN-5266-1: Linux kernel (GKE) vulnerabilities

It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-22600 Luo Likang discovered that the FireDTV Firewire...

7.2CVSS7.4AI score0.05918EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/09/22 4:32 p.m.•120 views

USN-5087-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS7.5AI score0.13486EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/08/30 1:52 p.m.•120 views

USN-5056-1: APR vulnerability

It was discovered that APR incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information...

7.1CVSS6.5AI score0.01185EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/08/19 7:14 p.m.•120 views

USN-5048-1: Inetutils vulnerability

It was discovered that Inetutils telnet server allows remote attackers to execute arbitrary code via short writes or urgent data. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code...

10CVSS8.2AI score0.74513EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/07/29 12:44 p.m.•120 views

USN-5025-2: libsndfile vulnerability

USN-5025-1 fixed a vulnerability in libsndfile. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that libsndfile incorrectly handled certain malformed files. A remote attacker could use this issue to cause...

8.8CVSS8.2AI score0.03292EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/03/25 3:32 p.m.•120 views

USN-4888-2: ldb vulnerabilities

USN-4888-1 fixed several vulnerabilities in ldb. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Douglas Bagnall discovered that ldb, when used with Samba, incorrectly handled certain LDAP attributes. A remote attacker could possibly use this issue t...

7.5CVSS7.5AI score0.04328EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/03/22 1:26 p.m.•120 views

USN-4885-1: Pygments vulnerability

It was discovered that Pygments incorrectly handled parsing SML files. If a user or automated system were tricked into parsing a specially crafted SML file, a remote attacker could cause Pygments to hang, resulting in a denial of service...

7.5CVSS7.6AI score0.02707EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/01/26 8:25 a.m.•120 views

LSN-0074-1: Kernel Live Patch Security Notice

Elena Petrova discovered that the pin controller device tree implementation in the Linux kernel did not properly handle string references. A local attacker could use this to expose sensitive information kernel memory. CVE-2020-0427 Andy Nguyen discovered that the Bluetooth A2MP implementation in...

8.1CVSS7.1AI score0.06563EPSS
Exploits5
Ubuntu
Ubuntu
•added 2021/01/06 1:24 p.m.•120 views

USN-4682-1: WavPack vulnerability

It was discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to execute arbitrary code or cause a crash...

6.1CVSS7.2AI score0.01196EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/12 1:14 a.m.•120 views

USN-4628-2: Intel Microcode regression

USN-4628-1 provided updated Intel Processor Microcode. Unfortunately, that update prevented certain processors in the Intel Tiger Lake family from booting successfully. This update reverts the microcode update for the Tiger Lake processor family. Please note that the 'disucodeldr' kernel command...

7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/10/14 2:24 a.m.•120 views

USN-4580-1: Linux kernel vulnerability

Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.1AI score0.00418EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/06/04 11:58 a.m.•120 views

USN-4382-1: FreeRDP vulnerabilities

It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.3CVSS6.5AI score0.02653EPSS
Exploits9
Ubuntu
Ubuntu
•added 2020/05/27 3:19 p.m.•120 views

USN-4374-1: Unbound vulnerabilities

Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Unbound incorrectly handled certain queries. A remote attacker could use this issue to perform an amplification attack directed at a target. CVE-2020-12662 It was discovered that Unbound incorrectly handled certain malformed answers....

7.5CVSS6.8AI score0.03588EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/10/07 11:22 a.m.•120 views

USN-4148-1: OpenEXR vulnerabilities

It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. CVE-2017-12596...

8.8CVSS7AI score0.0331EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/08/13 4:24 p.m.•120 views

USN-4096-1: Linux kernel (AWS) vulnerability

Andrei Vlad Lutas and Dan Lutas discovered that some x86 processors incorrectly handle SWAPGS instructions during speculative execution. A local attacker could use this to expose sensitive information kernel memory...

5.6CVSS6.9AI score0.04521EPSS
Exploits4
Ubuntu
Ubuntu
•added 2019/07/22 4:55 p.m.•120 views

USN-4067-1: Evince vulnerability

It was discovered that Evince incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service or to execute arbitrary code...

7.8CVSS7.1AI score0.02092EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/05/15 6:18 p.m.•120 views

USN-3985-1: libvirt update

Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...

5.9CVSS6.5AI score0.01553EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2019/05/14 2:7 p.m.•120 views

USN-3976-2: Samba vulnerability

USN-3976-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Isaac Boukris and Andrew Bartlett discovered that Samba incorrectly checked S4U2Self packets. In certain environments, a remote attacker...

7.5CVSS7.4AI score0.02486EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/03/14 5:53 p.m.•120 views

USN-3909-1: libvirt vulnerability

It was discovered that libvirt incorrectly handled waiting for certain agent events. An attacker inside a guest could possibly use this issue to cause libvirtd to stop responding, resulting in a denial of service...

6.3CVSS6.8AI score0.0151EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/07/11 2:14 p.m.•120 views

USN-3712-1: libpng vulnerabilities

Patrick Keshishian discovered that libpng incorrectly handled certain PNG files. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-10087 Thuan Pham discovered that libpng incorrectly handled certain PNG files...

7.5CVSS6.5AI score0.05517EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/10/25 7:25 p.m.•120 views

USN-3463-1: Werkzeug vulnerability

It was discovered that Werkzeug did not properly handle certain web scripts. A remote attacker could use this to inject arbitrary code via a field that contains an exception message...

6.1CVSS6.8AI score0.01985EPSS
Exploits0
Ubuntu
Ubuntu
•added 2011/05/05 2:34 a.m.•120 views

USN-1126-2: PHP Regressions

USN 1126-1 fixed several vulnerabilities in PHP. The fix for CVE-2010-4697 introduced an incorrect reference counting regression in the Zend engine that caused the PHP interpreter to segfault. This regression affects Ubuntu 6.06 LTS and Ubuntu 8.04 LTS. The fixes for CVE-2011-1072 and CVE-2011-11...

8.4AI score
Exploits0References2
Ubuntu
Ubuntu
•added 2024/04/19 1:51 p.m.•119 views

USN-6742-1: Linux kernel vulnerabilities

Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth devices could use this to...

7.8CVSS7.2AI score0.02224EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/08/31 10:7 p.m.•119 views

USN-6329-1: Linux kernel vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

7.8CVSS7.9AI score0.05794EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/03/31 12:44 a.m.•119 views

USN-5990-1: musl vulnerabilities

It was discovered that musl did not handle certain i386 math functions properly. An attacker could use this vulnerability to cause a denial of service crash or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 LTS. CVE-2019-14697 It was...

9.8CVSS7.8AI score0.02726EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/03/03 12:49 a.m.•119 views

USN-5914-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

8.8CVSS7.7AI score0.21314EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/03/02 12:20 p.m.•119 views

USN-5905-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain gzip files. An attacker could possibly use this issue to cause a denial of service. CVE-2022-31628 It was discovered that PHP incorrectly handled certain cookies. An attacker could possibly use this issue to compromise data integrity...

9.1CVSS7.3AI score0.49336EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/08/04 4:7 p.m.•119 views

USN-5550-1: GnuTLS vulnerabilities

It was discovered that GnuTLS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. CVE-2021-4209 It was discovered that GnuTLS...

7.5CVSS7AI score0.01484EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/03/31 12:44 p.m.•119 views

USN-5359-1: rsync vulnerability

Danilo Ramos discovered that rsync incorrectly handled memory when performing certain zlib deflating operations. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.5AI score0.51733EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/03/31 2:36 a.m.•119 views

USN-5358-1: Linux kernel vulnerabilities

It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-1055 It was discovered that the IPsec implementati...

8.6CVSS7.4AI score0.05524EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/03/03 2:55 p.m.•119 views

USN-5311-1: containerd vulnerability

It was discovered that containerd allows attackers to gain access to read- only copies of arbitrary files and directories on the host via a specially- crafted image configuration. An attacker could possibly use this issue to obtain sensitive information...

7.5CVSS7.5AI score0.27392EPSS
Exploits4
Ubuntu
Ubuntu
•added 2022/01/19 6:6 p.m.•119 views

USN-5241-1: QtSvg vulnerabilities

It was discovered that QtSvg incorrectly handled certain malformed SVG images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause QtSvg to crash, resulting in a denial of service, or possibly execute arbitrary co...

7.1CVSS6.8AI score0.02178EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/10/26 2:24 p.m.•119 views

USN-5009-2: libslirp vulnerabilities

USN-5009-1 fixed vulnerabilities in libslirp. This update provides the corresponding updates for Ubuntu 21.10. Original advisory details: Qiuhao Li discovered that libslirp incorrectly handled certain header data lengths. An attacker inside a guest could possibly use this issue to leak sensitive...

3.8CVSS6.6AI score0.00326EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/08/19 2:53 p.m.•119 views

USN-5047-1: Firefox vulnerability

It was discovered that Firefox could be made to incorrectly accept newlines in HTTP/3 response headers. If a user were tricked into opening a specially crafted website, an attacker could exploit this to conduct header splitting attacks...

8.1CVSS8.3AI score0.00885EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/06/02 7:35 p.m.•119 views

USN-4978-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, re-enable camera devices without an additional permission prompt, spoof the browser UI, or execute...

8.8CVSS7.7AI score0.01368EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/25 2:27 p.m.•119 views

USN-4964-1: Exiv2 vulnerabilities

It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04. CVE-2021-29463 It was discovered that Exiv2 incorrectly handled certain files. An...

7.8CVSS6.8AI score0.01677EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/19 10:41 a.m.•119 views

USN-4960-1: runC vulnerability

Etienne Champetier discovered that runC incorrectly checked mount targets. An attacker with a malicious container image could possibly mount the host filesystem into the container and escalate privileges...

8.5CVSS7.5AI score0.06604EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/17 1:32 p.m.•119 views

USN-4956-1: Eventlet vulnerability

It was discovered that Eventlet incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service...

5.3CVSS6.7AI score0.01807EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/10 9:10 p.m.•119 views

USN-4942-1: Firefox vulnerability

A race condition was discovered in Web Render Components. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit this to execute arbitrary code...

7.5CVSS8.5AI score0.0073EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/04/01 5:33 p.m.•119 views

USN-4900-1: OpenEXR vulnerabilities

It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...

5.5CVSS6.4AI score0.01848EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/03/30 4:24 p.m.•119 views

USN-4896-1: lxml vulnerability

It was discovered that lxml incorrectly handled certain HTML attributes. A remote attacker could possibly use this issue to perform cross-site scripting XSS attacks...

6.1CVSS7.3AI score0.04002EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/03/08 7:10 p.m.•119 views

USN-4758-1: Go vulnerability

It was discovered that Go applications incorrectly handled uploaded content. If a user were tricked into visiting a malicious page, a remote attacker could exploit this with a crafted file to conduct cross-site scripting XSS attacks...

6.1CVSS6.7AI score0.03646EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/02/22 2:15 p.m.•119 views

USN-4743-1: GDK-PixBuf vulnerability

It was discovered that the GDK-PixBuf library did not properly handle certain GIF images. If an user or automated system were tricked into opening a specially crafted GIF file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service...

8.8CVSS7.9AI score0.02346EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/02/18 8:35 p.m.•119 views

USN-4740-1: Apache Shiro vulnerabilities

It was discovered that Apache Shiro mishandled specially crafted requests. An attacker could use this vulnerability to bypass authentication mechanisms...

9.8CVSS8.2AI score0.24436EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/02/02 1:27 p.m.•119 views

USN-4467-2: QEMU vulnerabilities

USN-4467-1 fixed several vulnerabilities in QEMU. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that the QEMU SD memory card implementation incorrectly handled certain memory operations. An attacker inside a guest could possibly u...

6.7CVSS7.1AI score0.05447EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/18 1:4 p.m.•119 views

USN-4637-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across origins, bypass security restrictions, conduct phishing attacks,...

9.3CVSS7.2AI score0.0247EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/04/10 6:10 p.m.•119 views

USN-4319-1: Linux kernel vulnerabilities

It was discovered that the IPMI message handler implementation in the Linux kernel did not properly deallocate memory in certain situations. A local attacker could use this to cause a denial of service kernel memory exhaustion. CVE-2019-19046 Al Viro discovered that the vfs layer in the Linux...

7.1CVSS6.8AI score0.02745EPSS
Exploits0
Total number of security vulnerabilities5000