Lucene search
K
UbuntuMost viewed

10904 matches found

Ubuntu
Ubuntu
•added 2021/05/06 11:15 a.m.•119 views

USN-4937-1: GNOME Autoar vulnerability

Ondrej Holy discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution...

5.5CVSS7.1AI score0.00528EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/04/01 5:33 p.m.•119 views

USN-4900-1: OpenEXR vulnerabilities

It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...

5.5CVSS6.4AI score0.01848EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/03/08 7:10 p.m.•119 views

USN-4758-1: Go vulnerability

It was discovered that Go applications incorrectly handled uploaded content. If a user were tricked into visiting a malicious page, a remote attacker could exploit this with a crafted file to conduct cross-site scripting XSS attacks...

6.1CVSS6.7AI score0.03646EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/02/22 2:15 p.m.•119 views

USN-4743-1: GDK-PixBuf vulnerability

It was discovered that the GDK-PixBuf library did not properly handle certain GIF images. If an user or automated system were tricked into opening a specially crafted GIF file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service...

8.8CVSS7.9AI score0.02346EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/02/18 8:35 p.m.•119 views

USN-4740-1: Apache Shiro vulnerabilities

It was discovered that Apache Shiro mishandled specially crafted requests. An attacker could use this vulnerability to bypass authentication mechanisms...

9.8CVSS8.2AI score0.24436EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/02/02 1:27 p.m.•119 views

USN-4467-2: QEMU vulnerabilities

USN-4467-1 fixed several vulnerabilities in QEMU. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that the QEMU SD memory card implementation incorrectly handled certain memory operations. An attacker inside a guest could possibly u...

6.7CVSS7.1AI score0.05447EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/18 1:4 p.m.•119 views

USN-4637-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across origins, bypass security restrictions, conduct phishing attacks,...

9.3CVSS7.2AI score0.0245EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/06/10 5:26 p.m.•119 views

USN-4389-1: Linux kernel vulnerabilities

It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2020-0067 It was discovered that memory contents...

7.2CVSS7.2AI score0.00802EPSS
Exploits2References1
Ubuntu
Ubuntu
•added 2020/04/10 6:10 p.m.•119 views

USN-4319-1: Linux kernel vulnerabilities

It was discovered that the IPMI message handler implementation in the Linux kernel did not properly deallocate memory in certain situations. A local attacker could use this to cause a denial of service kernel memory exhaustion. CVE-2019-19046 Al Viro discovered that the vfs layer in the Linux...

7.1CVSS6.8AI score0.02745EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/02/18 8:58 p.m.•119 views

USN-4286-2: Linux kernel (Xenial HWE) vulnerabilities

USN-4286-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. It was discovered that the Linux kernel did not properly clear data structures on...

7.4CVSS6.5AI score0.10114EPSS
Exploits5
Ubuntu
Ubuntu
•added 2020/01/28 8:3 p.m.•119 views

USN-4257-1: OpenJDK vulnerabilities

It was discovered that OpenJDK incorrectly handled exceptions during deserialization in BeanContextSupport. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. CVE-2020-2583 It was discovered that OpenJDK incorrectly validated properties of SASL...

8.1CVSS6.7AI score0.04903EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/12/10 7:0 p.m.•119 views

USN-4220-1: Git vulnerabilities

Joern Schneeweisz and Nicolas Joly discovered that Git contained various security flaws. An attacker could possibly use these issues to overwrite arbitrary paths, execute arbitrary code, and overwrite files in the .git directory...

9.8CVSS7.5AI score0.34007EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/08/13 12:7 p.m.•119 views

USN-4070-3: MariaDB vulnerabilities

USN-4070-1 fixed multiple vulnerabilities in MySQL. This update provides the corresponding fixes for CVE-2019-2737, CVE-2019-2739, CVE-2019-2740, CVE-2019-2758, CVE-2019-2805, CVE-2019-2628, CVE-2019-2627, CVE-2019-2614 in MariaDB 10.3. Ubuntu 19.04 has been updated to MariaDB 10.3.17. In additio...

6.5CVSS6.5AI score0.03972EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/31 4:44 p.m.•119 views

USN-4082-1: Subversion vulnerabilities

Ace Olszowka discovered that Subversion incorrectly handled certain svnserve requests. A remote attacker could possibly use this issue to cause svnserver to crash, resulting in a denial of service. CVE-2018-11782 Tomas Bortoli discovered that Subversion incorrectly handled certain svnserve...

7.5CVSS7AI score0.0344EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/04/29 12:1 p.m.•119 views

USN-3957-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04 have been updated to MySQL 5.7.26. In addition to security fixes, the updated packages contain bug fixes,...

7.5CVSS6.5AI score0.03694EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/04/25 11:50 a.m.•119 views

USN-3922-3: PHP vulnerabilities

USN-3922-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. CVE-2019-9022 It was discovered that PHP...

9.8CVSS7.1AI score0.09395EPSS
Exploits6
Ubuntu
Ubuntu
•added 2019/04/15 6:3 p.m.•119 views

USN-3947-1: Libxslt vulnerability

It was discovered that Libxslt incorrectly handled certain documents. An attacker could possibly use this issue to access sensitive information...

9.8CVSS7.3AI score0.05089EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/03/06 7:14 p.m.•119 views

USN-3903-1: Linux kernel vulnerabilities

Jason Wang discovered that the vhost net driver in the Linux kernel contained an out of bounds write vulnerability. An attacker in a guest virtual machine could use this to cause a denial of service host system crash or possibly execute arbitrary code in the host kernel. CVE-2018-16880 Jann Horn...

7CVSS7.3AI score0.00561EPSS
Exploits5
Ubuntu
Ubuntu
•added 2018/06/11 7:20 p.m.•119 views

USN-3674-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3674-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that the netfilter subsystem of the Linux kernel did not properly...

7.8CVSS6.8AI score0.01489EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/05/14 1:56 p.m.•119 views

USN-3646-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled opcache access controls when configured to use PHP-FPM. A local user could possibly use this issue to obtain sensitive information from another user's PHP applications. CVE-2018-10545 It was discovered that the PHP iconv stream filter incorrect handl...

8.8CVSS6.5AI score0.10433EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/01/23 1:2 a.m.•119 views

USN-3542-1: Linux kernel vulnerabilities

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provide...

5.6CVSS7.3AI score0.93838EPSS
Exploits12References1
Ubuntu
Ubuntu
•added 2017/07/28 5:35 p.m.•119 views

USN-3371-1: Linux kernel (HWE) kernel vulnerabilities

It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information kernel memory. CVE-2014-9900 Alexander Potapenko discovered a race condition in the Advanced Linux Sound Architecture ALSA subsystem i...

5.5CVSS6.3AI score0.00721EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/12/01 12:56 a.m.•119 views

USN-3141-1: Thunderbird vulnerabilities

Christian Holler, Jon Coppeard, Olli Pettay, Ehsan Akhgari, Gary Kwong, Tooru Fujisawa, and Randell Jesup discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of...

9.8CVSS8.4AI score0.87598EPSS
Exploits17
Ubuntu
Ubuntu
•added 2011/01/10 10:38 p.m.•119 views

USN-1041-1: Linux kernel vulnerabilities

Louis Rilling and Matthieu Fertré reported a use after free error in the Linux kernel's futexwait function. A local user could exploit this flaw to cause a denial of service system crash or possibly gain privileges via a specially crafted application. CVE-2014-0205 Ben Hawkes discovered that the...

8.1CVSS6.2AI score0.17009EPSS
Exploits12
Ubuntu
Ubuntu
•added 2023/03/03 4:39 p.m.•118 views

USN-5920-1: Linux kernel vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

8.8CVSS7.7AI score0.01067EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/03/02 12:38 p.m.•118 views

USN-5906-1: PostgreSQL vulnerability

Jacob Champion discovered that the PostgreSQL client incorrectly handled Kerberos authentication. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to obtain sensitive information...

3.7CVSS6.5AI score0.00616EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/24 7:31 p.m.•118 views

USN-5443-1: Linux kernel vulnerabilities

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS6.6AI score0.01027EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/04/07 9:5 p.m.•118 views

USN-5370-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, execute script unexpectedly, obtain sensitive information, conduct spoofing attacks, or execute arbitrary...

8.8CVSS7.9AI score0.1446EPSS
Exploits8
Ubuntu
Ubuntu
•added 2022/03/06 9:11 p.m.•118 views

USN-5314-1: Firefox vulnerabilities

A use-after-free was discovered when removing an XSLT parameter in some circumstances. If a user were tricked into opening a specially crafted website, an attacker could exploit this to cause a denial of service, or execute arbitrary code. CVE-2022-26485 A use-after-free was discovered in the...

9.6CVSS8.1AI score0.14261EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/02/28 12:33 p.m.•118 views

USN-5306-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS7AI score0.01973EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/02/28 12:28 p.m.•118 views

USN-5305-1: MariaDB vulnerabilities

Several security issues were discovered in MariaDB and this update includes new upstream MariaDB versions to fix these issues. MariaDB has been updated to 10.3.34 in Ubuntu 20.04 LTS and to 10.5.15 in Ubuntu 21.10. In addition to security fixes, the updated packages contain bug fixes, new feature...

7.8CVSS6.7AI score0.00645EPSS
Exploits6
Ubuntu
Ubuntu
•added 2021/09/08 1:8 p.m.•118 views

USN-5068-1: GD library vulnerabilities

It was discovered that GD Graphics Library incorrectly handled certain GD and GD2 files. An attacker could possibly use this issue to cause a crash or expose sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 ESM, and Ubuntu 14.04 ESM. CVE-2017-6363 I...

8.1CVSS6.4AI score0.02051EPSS
Exploits3
Ubuntu
Ubuntu
•added 2021/07/26 3:5 p.m.•118 views

USN-5023-1: Aspell vulnerability

It was discovered that Aspell incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a crash...

7.8CVSS7.8AI score0.00549EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/04/26 1:9 p.m.•118 views

USN-4927-1: File Roller vulnerability

It was discovered that File Roller incorrectly handled symlinks. An attacker could possibly use this issue to expose sensitive information...

3.9CVSS5AI score0.00611EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/04/08 12:46 p.m.•118 views

USN-4896-2: lxml vulnerability

USN-4896-1 fixed a vulnerability in lxml. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that lxml incorrectly handled certain HTML attributes. A remote attacker could possibly use this issue to perform cross-site scripting XSS...

6.1CVSS7.3AI score0.04002EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/03/24 6:8 p.m.•118 views

USN-4888-1: ldb vulnerabilities

Douglas Bagnall discovered that ldb, when used with Samba, incorrectly handled certain LDAP attributes. A remote attacker could possibly use this issue to cause the LDAP server to crash, resulting in a denial of service. CVE-2021-20277 Douglas Bagnall discovered that ldb, when used with Samba,...

7.5CVSS7.4AI score0.04328EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/03/08 6:15 p.m.•118 views

USN-4759-1: GLib vulnerabilities

Krzesimir Nowak discovered that GLib incorrectly handled certain large buffers. A remote attacker could use this issue to cause applications linked to GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2021-27218 Kevin Backhouse discovered that GLib incorrect...

7.5CVSS7.1AI score0.0408EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/01/05 1:26 p.m.•118 views

USN-4676-1: OpenEXR vulnerabilities

It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...

5.5CVSS7AI score0.01239EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/09/30 7:8 p.m.•118 views

USN-4561-1: Rack vulnerabilities

It was discovered that Rack incorrectly handled certain paths. An attacker could possibly use this issue to obtain sensitive information. CVE-2020-8161 It was discovered that Rack incorrectly validated cookies. An attacker could possibly use this issue to forge a secure cookie. CVE-2020-8184...

8.6CVSS7AI score0.03593EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/09/17 11:31 a.m.•118 views

USN-4512-1: util-linux vulnerability

It was discovered that the umount bash completion script shipped in util-linux incorrectly handled certain mountpoints. If a local attacker were able to create arbitrary mountpoints, another user could be tricked into executing arbitrary code when attempting to run the umount command with bash...

7.8CVSS7.7AI score0.00457EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/04/20 12:5 p.m.•118 views

USN-4331-1: WebKitGTK+ vulnerability

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS6.9AI score0.02827EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/04/02 12:55 a.m.•118 views

USN-4315-1: Apport vulnerabilities

Maximilien Bourgeteau discovered that the Apport lock file was created with insecure permissions. This could allow a local attacker to escalate their privileges via a symlink attack. CVE-2020-8831 Maximilien Bourgeteau discovered a race condition in Apport when setting crash report permissions...

6.5CVSS5.4AI score0.00656EPSS
Exploits2
Ubuntu
Ubuntu
•added 2020/02/05 1:10 p.m.•118 views

USN-4263-2: Sudo vulnerability

USN-4263-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Joe Vennix discovered that Sudo incorrectly handled memory operations when the pwfeedback option is enabled. A local attacker could possibl...

7.8CVSS7.4AI score0.19426EPSS
Exploits13
Ubuntu
Ubuntu
•added 2019/10/15 6:27 p.m.•118 views

USN-4156-1: SDL vulnerabilities

It was discovered that SDL incorrectly handled certain images. If a user were tricked into opening a crafted image file, a remote attacker could use this issue to cause SDL to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.8CVSS7.1AI score0.03299EPSS
Exploits12
Ubuntu
Ubuntu
•added 2019/09/23 4:48 p.m.•118 views

USN-4137-1: Mosquitto vulnerability

It was discovered that Mosquitto incorrectly handled certain specially crafted input and network packets. A remote attacker could use this to cause a denial of service...

6.5CVSS7AI score0.02742EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/09/16 1:3 p.m.•118 views

USN-4124-2: Exim vulnerability

USN-4124-1 fixed a vulnerability in Exim. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that Exim incorrectly handled certain decoding operations. A remote attacker could possibly use this issue to execute arbitrary commands...

10CVSS8.7AI score0.35736EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/06/20 1:33 p.m.•118 views

USN-4027-1: PostgreSQL vulnerability

Alexander Lakhin discovered that PostgreSQL incorrectly handled authentication. An authenticated attacker or a rogue server could use this issue to cause PostgreSQL to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases...

9CVSS7.7AI score0.03711EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/03/25 2:13 p.m.•118 views

USN-3918-2: Firefox vulnerabilities

USN-3918-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Ubuntu 14.04 LTS. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit...

9.8CVSS7.8AI score0.19762EPSS
Exploits13
Ubuntu
Ubuntu
•added 2018/07/02 5:55 p.m.•118 views

USN-3695-1: Linux kernel vulnerabilities

Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly initialize the crc32c checksum driver. A local attacker could use this to cause a denial of service system crash. CVE-2018-1094 It was discovered that the cdrom driver in the Linux kernel contained an...

7.1CVSS6.3AI score0.02128EPSS
Exploits6
Ubuntu
Ubuntu
•added 2017/02/27 6:4 p.m.•118 views

USN-3212-1: LibTIFF vulnerabilities

It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges...

9.8CVSS7.7AI score0.13722EPSS
Exploits16
Total number of security vulnerabilities5000