Lucene search
K
UbuntuMost viewed

10869 matches found

Ubuntu
Ubuntu
added 2023/08/01 7:53 a.m.413 views

USN-6263-1: OpenJDK vulnerabilities

Motoyasu Saburi discovered that OpenJDK incorrectly handled special characters in file name parameters. An attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 11 and OpenJDK 17. CVE-2023-22006 Eirik Bjørsnøs discovered that...

7.5CVSS6.1AI score0.01812EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/31 3:41 a.m.412 views

USN-6929-1: OpenJDK 8 vulnerabilities

It was discovered that the Hotspot component of OpenJDK 8 was not properly bounding certain UTF-8 strings, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2024-21131 It was discovered that the Hotspot...

7.4CVSS7.5AI score0.01257EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/14 10:19 a.m.412 views

USN-6694-1: Expat vulnerabilities

It was discovered that Expat could be made to consume large amounts of resources. If a user or automated system were tricked into processing specially crafted input, an attacker could possibly use this issue to cause a denial of service. CVE-2023-52425, CVE-2024-28757...

7.5CVSS6.7AI score0.02006EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/06/14 1:40 p.m.412 views

USN-6166-1: libcap2 vulnerabilities

David Gstir discovered that libcap2 incorrectly handled certain return codes. An attacker could possibly use this issue to cause libcap2 to consume memory, leading to a denial of service. CVE-2023-2602 Richard Weinberger discovered that libcap2 incorrectly handled certain long input strings. An...

7.8CVSS6.9AI score0.00574EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/02/18 3:19 p.m.412 views

USN-3891-1: systemd vulnerability

It was discovered that systemd incorrectly handled certain D-Bus messages. A local unprivileged attacker could exploit this in order to crash the init process, resulting in a system denial-of-service kernel panic...

5.5CVSS6.4AI score0.02035EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/10/09 4:10 a.m.410 views

USN-6420-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. CVE-2022-3235, CVE-2022-3278,...

9.8CVSS7AI score0.01196EPSS
Exploits11
Ubuntu
Ubuntu
added 2022/07/11 2:9 p.m.410 views

USN-5508-1: Python LDAP vulnerability

It was discovered that Python LDAP incorrectly handled certain regular expressions. An remote attacker could possibly use this issue to cause a denial of service...

6.5CVSS6.4AI score0.01701EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/11/06 4:12 p.m.410 views

USN-3810-1: ppp vulnerability

Ivan Gotovchits discovered that ppp incorrectly handled the EAP-TLS protocol. A remote attacker could use this issue to cause ppp to crash, resulting in a denial of service, or possibly bypass authentication...

9.8CVSS8.1AI score0.01899EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/09/03 2:33 p.m.410 views

USN-6986-1: OpenSSL vulnerability

David Benjamin discovered that OpenSSL incorrectly handled certain X.509 certificates. An attacker could possible use this issue to cause a denial of service or expose sensitive information...

7.5CVSS6.9AI score0.66594EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/11/15 5:25 a.m.409 views

USN-5722-1: nginx vulnerabilities

It was discovered that nginx incorrectly handled certain memory operations in the ngxhttpmp4module module. A local attacker could possibly use this issue with a specially crafted mp4 file to cause nginx to crash, stop responding, or access arbitrary memory. CVE-2022-41741, CVE-2022-41742...

7.8CVSS7.4AI score0.01069EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/08/30 7:55 p.m.409 views

USN-5054-1: uWSGI vulnerability

Felix Wilhelm discovered a buffer overflow flaw in the modproxyuwsgi module. An attacker could use this vulnerability to provoke an information disclosure or potentially remote code execution...

9.8CVSS7.4AI score0.90039EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/06/04 10:52 p.m.409 views

USN-4008-1: Linux kernel vulnerabilities

Robert Święcki discovered that the Linux kernel did not properly apply Address Space Layout Randomization ASLR in some situations for setuid elf binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid elf binary. CVE-2019-11190 It was...

9.3CVSS6.9AI score0.05789EPSS
Exploits3
Ubuntu
Ubuntu
added 2005/10/14 5:3 p.m.409 views

USN-204-1: SSL library vulnerability

Yutaka Oiwa discovered a possible cryptographic weakness in OpenSSL applications. Applications using the OpenSSL library can use the SSLOPMSIESSLV2RSAPADDING option or SSLOPALL, which implies the former to maintain compatibility with third party products, which is achieved by working around known...

5CVSS6.5AI score0.04866EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/12/08 7:5 p.m.408 views

USN-5184-1: libmysofa vulnerability

It was discovered that libmysofa mishandled certain input. An attacker could use this vulnerability to cause a denial of service crash...

9.8CVSS6.8AI score0.01035EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/05/10 2:19 p.m.406 views

USN-4940-1: PyYAML vulnerability

It was discovered that PyYAML incorrectly handled untrusted YAML files with the FullLoader loader. A remote attacker could possibly use this issue to execute arbitrary code...

10CVSS7.7AI score0.05984EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/23 2:47 a.m.405 views

USN-6508-1: poppler vulnerabilities

It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked into opening a specially crafted PDF file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu...

7.5CVSS7AI score0.00959EPSS
Exploits5
Ubuntu
Ubuntu
added 2018/11/14 9:33 p.m.405 views

USN-3820-1: Linux kernel vulnerabilities

Felix Wilhelm discovered that the Xen netback driver in the Linux kernel did not properly perform input validation in some situations. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2018-15471 It was discovered that the generic SCSI...

8.4CVSS7.1AI score0.00552EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/08/08 10:45 p.m.404 views

USN-6951-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - User-Mode Linux UML; - x86 architecture; - Accessibility subsystem; -...

9.8CVSS7.3AI score0.02701EPSS
Exploits4
Ubuntu
Ubuntu
added 2022/11/24 11:23 a.m.403 views

USN-5736-2: ImageMagick vulnerabilities

USN-5736-1 fixed vulnerabilities in ImageMagick. This update provides the corresponding updates for Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. One of the issues, CVE-2021-20224, only affected Ubuntu 20.04 ESM, while CVE-2021-20245, CVE-2021-3574, CVE-2021-4219 and CVE-2022-1114 only affected Ubuntu...

7.8CVSS6.7AI score0.0238EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/07/08 5:56 p.m.402 views

USN-6885-1: Apache HTTP Server vulnerabilities

Marc Stern discovered that the Apache HTTP Server incorrectly handled serving WebSocket protocol upgrades over HTTP/2 connections. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. CVE-2024-36387 Orange Tsai discovered that the Apache...

9.8CVSS7.6AI score0.99957EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/01/25 4:6 p.m.402 views

USN-6599-1: Jinja2 vulnerabilities

Yeting Li discovered that Jinja incorrectly handled certain regex. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. CVE-2020-28493 It was discovered that Jinja incorrectly handled certain HTM...

6.1CVSS7.5AI score0.03546EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/02/25 6:31 a.m.402 views

USN-4750-1: Linux kernel vulnerabilities

Bodong Zhao discovered a use-after-free in the Sun keyboard driver implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2020-25669 It was discovered that the jfs file system implementation in the Linux kernel...

8.8CVSS6.8AI score0.01129EPSS
Exploits6
Ubuntu
Ubuntu
added 2023/07/18 1:31 p.m.401 views

USN-6233-1: YAJL vulnerabilities

It was discovered that YAJL was not properly performing bounds checks when decoding a string with escape sequences. If a user or automated system using YAJL were tricked into processing specially crafted input, an attacker could possibly use this issue to cause a denial of service application...

7.5CVSS6.7AI score0.03735EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/07/24 4:36 a.m.399 views

USN-6906-1: python-zipp vulnerability

It was discovered that python-zipp did not properly handle the zip files with malformed names. An attacker could possibly use this issue to cause a denial of service...

6.2CVSS6.8AI score0.00236EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/02/07 6:50 p.m.399 views

USN-3885-1: OpenSSH vulnerabilities

Harry Sintonen discovered multiple issues in the OpenSSH scp utility. If a user or automated system were tricked into connecting to an untrusted server, a remote attacker could possibly use these issues to write to arbitrary files, change directory permissions, and spoof client output...

6.8CVSS7AI score0.58204EPSS
Exploits9
Ubuntu
Ubuntu
added 2024/05/21 1:56 p.m.398 views

USN-6780-1: idna vulnerability

Guido Vranken discovered that idna did not properly manage certain inputs, which could lead to significant resource consumption. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS6.8AI score0.01386EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/03/21 4:53 p.m.397 views

USN-6709-1: OpenSSL vulnerabilities

It was discovered that checking excessively long DH keys or parameters may be very slow. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. CVE-2023-3446 After the fix for CVE-2023-3446 Bernd Edlinger discovered that a large q...

5.5CVSS6.6AI score0.05533EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/08/30 4:29 p.m.397 views

USN-6322-1: elfutils vulnerabilities

It was discovered that elfutils incorrectly handled certain malformed files. If a user or automated system were tricked into processing a specially crafted file, elfutils could be made to crash or consume resources, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS...

6.5CVSS6.3AI score0.02791EPSS
Exploits8
Ubuntu
Ubuntu
added 2024/08/08 10:9 p.m.396 views

USN-6950-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - Block layer subsystem; - Bluetooth drivers; - Clock framework and...

9.8CVSS6.9AI score0.01305EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/11/07 2:20 p.m.396 views

USN-6473-1: urllib3 vulnerabilities

It was discovered that urllib3 didn't strip HTTP Authorization header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2018-25091 It was discovered that urllib3 didn't...

8.1CVSS7.2AI score0.01207EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/05/31 1:34 p.m.395 views

USN-6804-1: GNU C Library vulnerabilities

It was discovered that GNU C Library nscd daemon contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash. CVE-2024-33599 It was discovered that GNU C Library nscd daemon did not properly check the cache content, leading to a null pointer...

8.1CVSS6.5AI score0.0131EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/26 10:13 a.m.395 views

USN-6655-1: GNU binutils vulnerabilities

It was discovered that GNU binutils was not properly handling the logic behind certain memory management related operations, which could lead to an invalid memory access. An attacker could possibly use this issue to cause a denial of service. CVE-2022-47695 It was discovered that GNU binutils was...

7.8CVSS5.9AI score0.00654EPSS
Exploits3
Ubuntu
Ubuntu
added 2018/11/08 1:28 p.m.395 views

USN-3813-1: pyOpenSSL vulnerabilities

It was discovered that pyOpenSSL incorrectly handled memory when handling X509 objects. A remote attacker could use this issue to cause pyOpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2018-1000807 It was discovered that pyOpenSSL incorrectly handled...

8.1CVSS6.3AI score0.04075EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/04/15 4:37 p.m.393 views

USN-6733-1: GnuTLS vulnerabilities

It was discovered that GnuTLS had a timing side-channel when performing certain ECDSA operations. A remote attacker could possibly use this issue to recover sensitive information. CVE-2024-28834 It was discovered that GnuTLS incorrectly handled verifying certain PEM bundles. A remote attacker cou...

5.3CVSS6.5AI score0.00718EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/15 2:51 p.m.393 views

USN-6480-1: .NET vulnerabilities

Barry Dorrans discovered that .NET did not properly implement certain security features for Blazor server forms. An attacker could possibly use this issue to bypass validation, which could trigger unintended actions. CVE-2023-36558 Piotr Bazydlo discovered that .NET did not properly handle...

9.8CVSS7.5AI score0.12512EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/15 6:5 p.m.392 views

USN-6640-1: shadow vulnerability

It was discovered that shadow was not properly sanitizing memory when running the password utility. An attacker could possibly use this issue to retrieve a password from memory, exposing sensitive information...

5.5CVSS6.6AI score0.00257EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/08/01 5:54 a.m.392 views

USN-5237-1: MediaInfoLib vulnerabilities

It was discovered that MediaInfoLib incorrectly handled certain specially crafted files. An attacker could possibly use this issue to cause a denial of service. CVE-2020-26797 It was discovered that MediaInfoLib incorrectly handled certain specially crafted MpegPs files. An attacker could possibl...

7.8CVSS6.7AI score0.04238EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/03/18 4:48 p.m.391 views

USN-6698-1: Vim vulnerability

Zhen Zhou discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a denial of service...

7.8CVSS7.3AI score0.00563EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/09/22 12:31 a.m.391 views

USN-6360-2: FLAC vulnerability

USN-6360-1 fixed a vulnerability in FLAC. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Original advisory details: It was discovered that FLAC incorrectly handled encoding certain files. A remote attacker could use this issue to cause...

7.8CVSS7.8AI score0.00749EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/09/07 4:0 p.m.391 views

USN-6354-1: Python vulnerability

It was discovered that Python did not properly handle XML entity declarations in plist files. An attacker could possibly use this vulnerability to perform an XML External Entity XXE injection, resulting in a denial of service or information disclosure...

9.8CVSS7.5AI score0.04268EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/08/08 2:20 a.m.390 views

USN-6947-1: Kerberos vulnerabilities

It was discovered that Kerberos incorrectly handled GSS message tokens where an unwrapped token could appear to be truncated. An attacker could possibly use this issue to cause a denial of service. CVE-2024-37370 It was discovered that Kerberos incorrectly handled GSS message tokens when sent a...

9.1CVSS7.2AI score0.01863EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/29 4:21 p.m.390 views

USN-6926-1: Linux kernel vulnerabilities

黄思聪 discovered that the NFC Controller Interface NCI implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash...

8.8CVSS7.5AI score0.00829EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/05/28 1:28 p.m.390 views

USN-6787-1: Jinja2 vulnerability

It was discovered that Jinja2 incorrectly handled certain HTML attributes that were accepted by the xmlattr filter. An attacker could use this issue to inject arbitrary HTML attribute keys and values to potentially execute a cross-site scripting XSS attack...

5.4CVSS6.4AI score0.00979EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/06 9:38 a.m.390 views

USN-6676-1: c-ares vulnerability

Vojtěch Vobr discovered that c-ares incorrectly handled user input from local configuration files. An attacker could possibly use this issue to cause a denial of service via application crash...

5.5CVSS6.6AI score0.00349EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/20 3:29 p.m.390 views

USN-6487-1: Avahi vulnerabilities

Evgeny Vereshchagin discovered that Avahi contained several reachable assertions, which could lead to intentional assertion failures when specially crafted user input was given. An attacker could possibly use this issue to cause a denial of service. CVE-2023-38469, CVE-2023-38470, CVE-2023-38471,...

6.2CVSS6.6AI score0.00314EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/10/10 2:35 p.m.390 views

USN-6407-2: libx11 vulnerabilities

USN-6407-1 fixed several vulnerabilities in libx11. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Gregory James Duck discovered that libx11 incorrectly handled certain keyboard symbols. If a user were tricked...

7.8CVSS7.2AI score0.00633EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/06/05 3:31 p.m.390 views

USN-4010-1: Exim vulnerability

It was discovered that Exim incorrectly handled certain decoding operations. A remote attacker could possibly use this issue to execute arbitrary commands...

10CVSS8.5AI score0.99961EPSS
Exploits27
Ubuntu
Ubuntu
added 2018/11/13 1:59 p.m.390 views

USN-3811-2: SpamAssassin vulnerability

USN-3811-1 fixed a vulnerability in SpamAssassin. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that SpamAssassin incorrectly handled certain unclosed tags in emails. A remote attacker could possibly use this issue to cause a deni...

5.3CVSS7.3AI score0.07879EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/05/07 2:58 p.m.389 views

USN-6764-1: libde265 vulnerability

It was discovered that libde265 could be made to allocate memory that exceeds the maximum supported size. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service...

3.3CVSS4.9AI score0.00232EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/09/28 3:20 a.m.389 views

USN-6369-2: libwebp vulnerability

USN-6369-1 fixed a vulnerability in libwebp. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: It was discovered that libwebp incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted imag...

8.8CVSS8.1AI score0.99739EPSS
Exploits9
Total number of security vulnerabilities5000