Lucene search
K
UbuntuMost viewed

10890 matches found

Ubuntu
Ubuntu
added 2020/04/10 6:10 p.m.119 views

USN-4319-1: Linux kernel vulnerabilities

It was discovered that the IPMI message handler implementation in the Linux kernel did not properly deallocate memory in certain situations. A local attacker could use this to cause a denial of service kernel memory exhaustion. CVE-2019-19046 Al Viro discovered that the vfs layer in the Linux...

7.1CVSS6.8AI score0.02745EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/08/13 12:7 p.m.119 views

USN-4070-3: MariaDB vulnerabilities

USN-4070-1 fixed multiple vulnerabilities in MySQL. This update provides the corresponding fixes for CVE-2019-2737, CVE-2019-2739, CVE-2019-2740, CVE-2019-2758, CVE-2019-2805, CVE-2019-2628, CVE-2019-2627, CVE-2019-2614 in MariaDB 10.3. Ubuntu 19.04 has been updated to MariaDB 10.3.17. In additio...

6.5CVSS6.5AI score0.03972EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/07/31 4:44 p.m.119 views

USN-4082-1: Subversion vulnerabilities

Ace Olszowka discovered that Subversion incorrectly handled certain svnserve requests. A remote attacker could possibly use this issue to cause svnserver to crash, resulting in a denial of service. CVE-2018-11782 Tomas Bortoli discovered that Subversion incorrectly handled certain svnserve...

7.5CVSS7AI score0.0344EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/04/29 12:1 p.m.119 views

USN-3957-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04 have been updated to MySQL 5.7.26. In addition to security fixes, the updated packages contain bug fixes,...

7.5CVSS6.5AI score0.03694EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/04/25 11:50 a.m.119 views

USN-3922-3: PHP vulnerabilities

USN-3922-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. CVE-2019-9022 It was discovered that PHP...

9.8CVSS7.1AI score0.09395EPSS
Exploits6
Ubuntu
Ubuntu
added 2019/04/15 6:3 p.m.119 views

USN-3947-1: Libxslt vulnerability

It was discovered that Libxslt incorrectly handled certain documents. An attacker could possibly use this issue to access sensitive information...

9.8CVSS7.3AI score0.0523EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/03/06 7:14 p.m.119 views

USN-3903-1: Linux kernel vulnerabilities

Jason Wang discovered that the vhost net driver in the Linux kernel contained an out of bounds write vulnerability. An attacker in a guest virtual machine could use this to cause a denial of service host system crash or possibly execute arbitrary code in the host kernel. CVE-2018-16880 Jann Horn...

7CVSS7.3AI score0.00561EPSS
Exploits5
Ubuntu
Ubuntu
added 2018/08/14 10:11 p.m.119 views

USN-3742-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3742-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 for Ubuntu 12.04 ESM. It was discovered that memory present in the L1 data cache of an Intel CPU core may be...

7.8CVSS6.9AI score0.7354EPSS
Exploits8References1
Ubuntu
Ubuntu
added 2018/06/12 12:36 a.m.119 views

USN-3678-1: Linux kernel vulnerabilities

Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 filesystem that caused a denial of service system crash when mounted. CVE-2018-1092 It was discovered...

7.1CVSS6.4AI score0.01999EPSS
Exploits2
Ubuntu
Ubuntu
added 2018/06/11 7:20 p.m.119 views

USN-3674-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3674-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that the netfilter subsystem of the Linux kernel did not properly...

7.8CVSS6.8AI score0.01489EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/05/14 1:56 p.m.119 views

USN-3646-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled opcache access controls when configured to use PHP-FPM. A local user could possibly use this issue to obtain sensitive information from another user's PHP applications. CVE-2018-10545 It was discovered that the PHP iconv stream filter incorrect handl...

8.8CVSS6.5AI score0.10564EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/01/23 1:2 a.m.119 views

USN-3542-1: Linux kernel vulnerabilities

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provide...

5.6CVSS7.3AI score0.93838EPSS
Exploits11References1
Ubuntu
Ubuntu
added 2017/05/24 11:18 a.m.119 views

USN-3296-1: Samba vulnerability

It was discovered that Samba incorrectly handled shared libraries. A remote attacker could use this flaw to upload a shared library to a writable share and execute arbitrary code...

10CVSS8.3AI score0.99448EPSS
Exploits24
Ubuntu
Ubuntu
added 2016/12/01 12:56 a.m.119 views

USN-3141-1: Thunderbird vulnerabilities

Christian Holler, Jon Coppeard, Olli Pettay, Ehsan Akhgari, Gary Kwong, Tooru Fujisawa, and Randell Jesup discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of...

9.8CVSS8.4AI score0.87598EPSS
Exploits17
Ubuntu
Ubuntu
added 2024/06/07 8:33 p.m.118 views

USN-6819-1: Linux kernel vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 Chenyuan...

7.8CVSS6.9AI score0.78388EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/03/03 4:39 p.m.118 views

USN-5920-1: Linux kernel vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

8.8CVSS7.7AI score0.01067EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/03/02 12:38 p.m.118 views

USN-5906-1: PostgreSQL vulnerability

Jacob Champion discovered that the PostgreSQL client incorrectly handled Kerberos authentication. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to obtain sensitive information...

3.7CVSS6.5AI score0.00616EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/07 9:5 p.m.118 views

USN-5370-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, execute script unexpectedly, obtain sensitive information, conduct spoofing attacks, or execute arbitrary...

8.8CVSS7.9AI score0.1446EPSS
Exploits8
Ubuntu
Ubuntu
added 2022/02/28 12:33 p.m.118 views

USN-5306-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS7AI score0.01973EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/02/28 12:28 p.m.118 views

USN-5305-1: MariaDB vulnerabilities

Several security issues were discovered in MariaDB and this update includes new upstream MariaDB versions to fix these issues. MariaDB has been updated to 10.3.34 in Ubuntu 20.04 LTS and to 10.5.15 in Ubuntu 21.10. In addition to security fixes, the updated packages contain bug fixes, new feature...

7.8CVSS6.7AI score0.00645EPSS
Exploits6
Ubuntu
Ubuntu
added 2022/02/11 2:43 p.m.118 views

USN-5283-1: Tar for Node.js vulnerability

It was discovered that Tar for Node.js did not properly sanitize path inputs. An attacker could possibly use this issue to read arbitrary files, resulting in a directory traversal attack...

8.2CVSS7.2AI score0.07795EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/10/08 1:44 p.m.118 views

USN-5108-1: libntlm vulnerability

It was discovered that Libntlm incorrectly handled specially crafted NTML requests. An attacker could possibly use this issue to cause a denial of service or another unspecified impact...

9.8CVSS8.2AI score0.03107EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/09/08 1:8 p.m.118 views

USN-5068-1: GD library vulnerabilities

It was discovered that GD Graphics Library incorrectly handled certain GD and GD2 files. An attacker could possibly use this issue to cause a crash or expose sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 ESM, and Ubuntu 14.04 ESM. CVE-2017-6363 I...

8.1CVSS6.4AI score0.02051EPSS
Exploits3
Ubuntu
Ubuntu
added 2021/07/26 3:5 p.m.118 views

USN-5023-1: Aspell vulnerability

It was discovered that Aspell incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a crash...

7.8CVSS7.8AI score0.00549EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/05/06 11:15 a.m.118 views

USN-4937-1: GNOME Autoar vulnerability

Ondrej Holy discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution...

5.5CVSS7.1AI score0.00528EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/04/26 1:9 p.m.118 views

USN-4927-1: File Roller vulnerability

It was discovered that File Roller incorrectly handled symlinks. An attacker could possibly use this issue to expose sensitive information...

3.9CVSS5AI score0.00611EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/03/24 6:8 p.m.118 views

USN-4888-1: ldb vulnerabilities

Douglas Bagnall discovered that ldb, when used with Samba, incorrectly handled certain LDAP attributes. A remote attacker could possibly use this issue to cause the LDAP server to crash, resulting in a denial of service. CVE-2021-20277 Douglas Bagnall discovered that ldb, when used with Samba,...

7.5CVSS7.4AI score0.04328EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/08 6:15 p.m.118 views

USN-4759-1: GLib vulnerabilities

Krzesimir Nowak discovered that GLib incorrectly handled certain large buffers. A remote attacker could use this issue to cause applications linked to GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2021-27218 Kevin Backhouse discovered that GLib incorrect...

7.5CVSS7.1AI score0.04193EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/01/05 1:26 p.m.118 views

USN-4676-1: OpenEXR vulnerabilities

It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...

5.5CVSS7AI score0.01239EPSS
Exploits3
Ubuntu
Ubuntu
added 2020/09/30 7:8 p.m.118 views

USN-4561-1: Rack vulnerabilities

It was discovered that Rack incorrectly handled certain paths. An attacker could possibly use this issue to obtain sensitive information. CVE-2020-8161 It was discovered that Rack incorrectly validated cookies. An attacker could possibly use this issue to forge a secure cookie. CVE-2020-8184...

8.6CVSS7AI score0.03593EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/09/17 11:31 a.m.118 views

USN-4512-1: util-linux vulnerability

It was discovered that the umount bash completion script shipped in util-linux incorrectly handled certain mountpoints. If a local attacker were able to create arbitrary mountpoints, another user could be tricked into executing arbitrary code when attempting to run the umount command with bash...

7.8CVSS7.7AI score0.00457EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/06/10 5:26 p.m.118 views

USN-4389-1: Linux kernel vulnerabilities

It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2020-0067 It was discovered that memory contents...

7.2CVSS7.2AI score0.00802EPSS
Exploits2References1
Ubuntu
Ubuntu
added 2020/04/20 12:5 p.m.118 views

USN-4331-1: WebKitGTK+ vulnerability

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS6.9AI score0.02827EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/04/02 12:55 a.m.118 views

USN-4315-1: Apport vulnerabilities

Maximilien Bourgeteau discovered that the Apport lock file was created with insecure permissions. This could allow a local attacker to escalate their privileges via a symlink attack. CVE-2020-8831 Maximilien Bourgeteau discovered a race condition in Apport when setting crash report permissions...

6.5CVSS5.4AI score0.00656EPSS
Exploits2
Ubuntu
Ubuntu
added 2020/02/05 1:10 p.m.118 views

USN-4263-2: Sudo vulnerability

USN-4263-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Joe Vennix discovered that Sudo incorrectly handled memory operations when the pwfeedback option is enabled. A local attacker could possibl...

7.8CVSS7.4AI score0.19426EPSS
Exploits13
Ubuntu
Ubuntu
added 2019/12/10 7:0 p.m.118 views

USN-4220-1: Git vulnerabilities

Joern Schneeweisz and Nicolas Joly discovered that Git contained various security flaws. An attacker could possibly use these issues to overwrite arbitrary paths, execute arbitrary code, and overwrite files in the .git directory...

9.8CVSS7.5AI score0.34007EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/09/23 4:48 p.m.118 views

USN-4137-1: Mosquitto vulnerability

It was discovered that Mosquitto incorrectly handled certain specially crafted input and network packets. A remote attacker could use this to cause a denial of service...

6.5CVSS7AI score0.02742EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/09/16 1:3 p.m.118 views

USN-4124-2: Exim vulnerability

USN-4124-1 fixed a vulnerability in Exim. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that Exim incorrectly handled certain decoding operations. A remote attacker could possibly use this issue to execute arbitrary commands...

10CVSS8.7AI score0.35736EPSS
Exploits3
Ubuntu
Ubuntu
added 2019/06/20 1:33 p.m.118 views

USN-4027-1: PostgreSQL vulnerability

Alexander Lakhin discovered that PostgreSQL incorrectly handled authentication. An authenticated attacker or a rogue server could use this issue to cause PostgreSQL to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases...

9CVSS7.7AI score0.03711EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/03/25 2:13 p.m.118 views

USN-3918-2: Firefox vulnerabilities

USN-3918-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Ubuntu 14.04 LTS. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit...

9.8CVSS7.8AI score0.19762EPSS
Exploits13
Ubuntu
Ubuntu
added 2018/07/02 5:55 p.m.118 views

USN-3695-1: Linux kernel vulnerabilities

Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly initialize the crc32c checksum driver. A local attacker could use this to cause a denial of service system crash. CVE-2018-1094 It was discovered that the cdrom driver in the Linux kernel contained an...

7.1CVSS6.3AI score0.02128EPSS
Exploits6
Ubuntu
Ubuntu
added 2017/07/28 5:35 p.m.118 views

USN-3371-1: Linux kernel (HWE) kernel vulnerabilities

It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information kernel memory. CVE-2014-9900 Alexander Potapenko discovered a race condition in the Advanced Linux Sound Architecture ALSA subsystem i...

5.5CVSS6.3AI score0.00721EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/02/27 6:4 p.m.118 views

USN-3212-1: LibTIFF vulnerabilities

It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges...

9.8CVSS7.7AI score0.13722EPSS
Exploits16
Ubuntu
Ubuntu
added 2015/07/20 10:4 p.m.118 views

USN-2673-1: Thunderbird vulnerabilities

Karthikeyan Bhargavan discovered that NSS incorrectly handled state transitions for the TLS state machine. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to skip the ServerKeyExchange message and remove the forward-secrecy property...

10CVSS7.9AI score0.9986EPSS
Exploits2
Ubuntu
Ubuntu
added 2011/01/10 10:38 p.m.118 views

USN-1041-1: Linux kernel vulnerabilities

Louis Rilling and Matthieu Fertré reported a use after free error in the Linux kernel's futexwait function. A local user could exploit this flaw to cause a denial of service system crash or possibly gain privileges via a specially crafted application. CVE-2014-0205 Ben Hawkes discovered that the...

8.1CVSS6.2AI score0.17009EPSS
Exploits12
Ubuntu
Ubuntu
added 2006/07/19 10:58 p.m.118 views

USN-320-1: PHP vulnerabilities

The phpinfo PHP function did not properly sanitize long strings. A remote attacker could use this to perform cross-site scripting attacks against sites that have publicly-available PHP scripts that call phpinfo. Please note that it is not recommended to publicly expose phpinfo. CVE-2006-0996 An...

9.3CVSS8AI score0.20514EPSS
Exploits10
Ubuntu
Ubuntu
added 2024/08/09 12:6 a.m.117 views

USN-6952-1: Linux kernel vulnerabilities

Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...

9.8CVSS7.8AI score0.01483EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/06/26 1:1 p.m.117 views

USN-6819-4: Linux kernel (Oracle) vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 Chenyuan...

7.8CVSS6.9AI score0.78388EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/01/17 5:43 p.m.117 views

USN-6588-1: PAM vulnerability

Matthias Gerstner discovered that the PAM pamnamespace module incorrectly handled special files when performing directory checks. A local attacker could possibly use this issue to cause PAM to stop responding, resulting in a denial of service...

5.5CVSS6.3AI score0.00455EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/02/09 2:24 p.m.117 views

USN-5850-1: Linux kernel vulnerabilities

It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly deallocate memory in some situations. An attacker could possibly use this cause a denial of service memory exhaustion. CVE-2022-3619 It was discovered that the Broadcom FullMAC USB WiFi driver in the Linu...

8.8CVSS6.9AI score0.01067EPSS
Exploits3
Total number of security vulnerabilities5000