Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2023/02/09 2:24 p.m.•117 views

USN-5850-1: Linux kernel vulnerabilities

It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly deallocate memory in some situations. An attacker could possibly use this cause a denial of service memory exhaustion. CVE-2022-3619 It was discovered that the Broadcom FullMAC USB WiFi driver in the Linu...

8.8CVSS6.9AI score0.01067EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/02/07 5:24 p.m.•117 views

USN-5845-1: OpenSSL vulnerabilities

David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this issue to read arbitrary memory contents or cause OpenSSL to crash, resulting in a denial of service. CVE-2023-0286 Octavio Galland and Marcel Böhme discovered that OpenSS...

7.5CVSS7.9AI score0.59501EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/12 7:45 a.m.•117 views

USN-5232-1: Fail2ban vulnerability

Jakub Żoczek discovered that certain Fail2ban actions handled whois responses in an insecure way. If Fail2ban was configured to use certain mail actions like 'mail-whois' on a target system, a remote attacker who was able to control whois responses to this target system could possibly execute...

8.1CVSS8AI score0.03621EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/07/14 1:5 a.m.•117 views

USN-5518-1: Linux kernel vulnerabilities

It was discovered that the eBPF implementation in the Linux kernel did not properly prevent writes to kernel objects in BPFBTFLOAD commands. A privileged local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-0500 It was discovered tha...

7.8CVSS7.2AI score0.00545EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/07/05 1:3 p.m.•118 views

USN-5502-1: OpenSSL vulnerability

Alex Chernyakhovsky discovered that OpenSSL incorrectly handled AES OCB mode when using the AES-NI assembly optimized implementation on 32-bit x86 platforms. A remote attacker could possibly use this issue to obtain sensitive information...

5.3CVSS7.1AI score0.04425EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/24 7:31 p.m.•117 views

USN-5443-1: Linux kernel vulnerabilities

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS6.6AI score0.01027EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/03/24 12:13 p.m.•117 views

USN-5347-1: OpenVPN vulnerability

It was discovered that OpenVPN incorrectly handled certain configurations with multiple authentication plugins. A remote attacker could possibly use this issue to bypass authentication using incomplete credentials...

9.8CVSS7.4AI score0.03519EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/03/17 1:49 p.m.•117 views

USN-5332-2: Bind vulnerability

USN-5332-1 fixed a vulnerability in Bind. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Xiang Li, Baojun Liu, Chaoyi Lu, and Changgen Zou discovered that Bind incorrectly handled certain bogus NS records when using forwarders. ...

6.8CVSS7AI score0.0325EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/03/15 5:52 p.m.•117 views

USN-5329-1: tar vulnerability

It was discovered that tar incorrectly handled certain files. An attacker could possibly use this issue to cause tar to crash, resulting in a denial of service...

4.3CVSS6.5AI score0.01092EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/03/06 9:11 p.m.•117 views

USN-5314-1: Firefox vulnerabilities

A use-after-free was discovered when removing an XSLT parameter in some circumstances. If a user were tricked into opening a specially crafted website, an attacker could exploit this to cause a denial of service, or execute arbitrary code. CVE-2022-26485 A use-after-free was discovered in the...

9.6CVSS8.1AI score0.14261EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/01/27 5:34 p.m.•117 views

USN-5255-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

9.3CVSS7.4AI score0.07617EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/01/12 12:46 p.m.•117 views

USN-5225-1: lxml vulnerability

It was discovered that lxml incorrectly handled certain XML and HTML files. An attacker could possibly use this issue to execute arbitrary code...

8.2CVSS7.7AI score0.02456EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/01/05 5:31 p.m.•117 views

USN-5206-1: Linux kernel (OEM) vulnerability

Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages...

4.4CVSS6.6AI score0.00515EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/11/30 10:22 p.m.•117 views

USN-5162-1: Linux kernel vulnerabilities

Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information kernel memory. CVE-2021-3655 It was discovered that the AMD...

7.8CVSS7AI score0.00533EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/08/17 5:31 p.m.•117 views

USN-5043-1: Exiv2 vulnerabilities

It was discovered that Exiv2 incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service. CVE-2021-32815, CVE-2021-34334, CVE-2021-37620, CVE-2021-37622 It was discovered that Exiv2 incorrectly handled certain image files. An attacker could...

5.5CVSS6.3AI score0.01109EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/04/29 4:48 p.m.•117 views

USN-4930-1: Samba vulnerability

Peter Eriksson discovered that Samba incorrectly handled certain negative idmap cache entries. This issue could result in certain users gaining unauthorized access to files, contrary to expected behaviour...

6.8CVSS7AI score0.01616EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/04/08 12:46 p.m.•117 views

USN-4896-2: lxml vulnerability

USN-4896-1 fixed a vulnerability in lxml. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that lxml incorrectly handled certain HTML attributes. A remote attacker could possibly use this issue to perform cross-site scripting XSS...

6.1CVSS7.3AI score0.04002EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/03/15 9:18 p.m.•117 views

USN-4796-1: Node.js vulnerabilities

Alexander Minozhenko and James Bunton discovered that Node.js did not properly handle wildcards in name fields of X.509 TLS certificates. An attacker could use this vulnerability to execute a machine-in-the-middle- attack. This issue only affected Ubuntu 14.04 ESM and 16.04 ESM. CVE-2016-7099 It...

8.8CVSS7.6AI score0.41288EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/12/13 11:27 p.m.•117 views

USN-4660-2: Linux kernel regression

USN-4660-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression in the software raid10 driver when used with fstrim that could lead to data corruption. This update fixes the problem. Original advisory details: It was discovered that a race condition existe...

6.9AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/10/22 2:48 p.m.•117 views

USN-4593-2: FreeType vulnerability

USN-4593-1 fixed a vulnerability in FreeType. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Sergei Glazunov discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font...

9.6CVSS8.7AI score0.5063EPSS
Exploits2
Ubuntu
Ubuntu
•added 2020/06/10 12:44 a.m.•117 views

USN-4393-1: Linux kernel vulnerabilities

It was discovered that the Marvell WiFi-Ex Driver in the Linux kernel did not properly validate status lengths in messages received from an access point, leading to a buffer overflow. A physically proximate attacker controlling an access point could use this to construct messages that could...

7.1CVSS7.6AI score0.01218EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2020/02/18 8:58 p.m.•117 views

USN-4286-2: Linux kernel (Xenial HWE) vulnerabilities

USN-4286-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. It was discovered that the Linux kernel did not properly clear data structures on...

7.4CVSS6.5AI score0.10114EPSS
Exploits5
Ubuntu
Ubuntu
•added 2020/01/27 3:12 p.m.•117 views

USN-4252-1: tcpdump vulnerabilities

Multiple security issues were discovered in tcpdump. A remote attacker could use these issues to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS6.6AI score0.06816EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/11/13 12:11 a.m.•117 views

USN-4183-1: Linux kernel vulnerabilities

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...

9.8CVSS8AI score0.12651EPSS
Exploits2References1
Ubuntu
Ubuntu
•added 2019/10/15 6:27 p.m.•117 views

USN-4156-1: SDL vulnerabilities

It was discovered that SDL incorrectly handled certain images. If a user were tricked into opening a crafted image file, a remote attacker could use this issue to cause SDL to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.8CVSS7.1AI score0.03299EPSS
Exploits12
Ubuntu
Ubuntu
•added 2019/09/16 4:42 a.m.•117 views

USN-4133-1: Wireshark vulnerabilities

It was discovered that Wireshark improperly handled certain input. A remote or local attacker could cause Wireshark to crash by injecting malformed packets onto the wire or convincing someone to read a malformed packet trace file...

7.5CVSS6.8AI score0.06079EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/04/02 9:36 p.m.•117 views

USN-3933-1: Linux kernel vulnerabilities

It was discovered that an information leak vulnerability existed in the Bluetooth implementation of the Linux kernel. An attacker within Bluetooth range could possibly expose sensitive information kernel memory. CVE-2017-1000410 It was discovered that the USB serial device driver in the Linux...

8.1CVSS6.2AI score0.16523EPSS
Exploits11
Ubuntu
Ubuntu
•added 2018/12/03 7:15 p.m.•117 views

USN-3835-1: Linux kernel vulnerabilities

Jann Horn discovered that the procfs file system implementation in the Linux kernel did not properly restrict the ability to inspect the kernel stack of an arbitrary task. A local attacker could use this to expose sensitive information. CVE-2018-17972 Jann Horn discovered that the mremap system...

7.8CVSS6.9AI score0.07611EPSS
Exploits28
Ubuntu
Ubuntu
•added 2017/02/02 2:2 p.m.•117 views

USN-3177-2: Tomcat regression

USN-3177-1 fixed vulnerabilities in Tomcat. The update introduced a regression in environments where Tomcat is started with a security manager. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the Tomcat realm implementations...

7.2AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2016/11/01 7:40 p.m.•117 views

USN-3119-1: Bind vulnerability

Tony Finch and Marco Davids discovered that Bind incorrectly handled certain responses containing a DNAME answer. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service...

7.5CVSS7.4AI score0.38733EPSS
Exploits0
Ubuntu
Ubuntu
•added 2014/10/09 12:48 p.m.•117 views

USN-2380-1: Bash vulnerabilities

Michal Zalewski discovered that Bash incorrectly handled parsing certain function definitions. If an attacker were able to create an environment variable containing a function definition with a very specific name, these issues could possibly be used to bypass certain environment restrictions and...

10CVSS7.9AI score0.99621EPSS
Exploits36
Ubuntu
Ubuntu
•added 2012/03/12 2:37 p.m.•117 views

USN-1397-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.61 in Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. Ubuntu 8.04 LTS has been updated to MySQL 5.0.95. In addition to security...

8.5CVSS6.9AI score0.69552EPSS
Exploits23
Ubuntu
Ubuntu
•added 2009/11/11 4:49 p.m.•117 views

USN-853-2: Firefox and Xulrunner regression

USN-853-1 fixed vulnerabilities in Firefox and Xulrunner. The upstream changes introduced regressions that could lead to crashes when processing certain malformed GIF images, fonts and web pages. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Alin Ra...

8.5AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/07/19 12:11 p.m.•116 views

USN-6237-1: curl vulnerabilities

Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts. CVE-2023-28321 Hiroki Kurosawa discovered that curl incorrectly handled callbacks when certain...

5.9CVSS6.5AI score0.02211EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/02/28 3:11 a.m.•116 views

USN-5898-1: OpenJDK vulnerabilities

It was discovered that the Serialization component of OpenJDK did not properly handle the deserialization of some CORBA objects. An attacker could possibly use this to bypass Java sandbox restrictions. CVE-2023-21830 Markus Loewe discovered that the Java Sound subsystem in OpenJDK did not properl...

5.3CVSS6.7AI score0.01357EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/12/13 11:33 a.m.•116 views

USN-5253-1: Rack vulnerabilities

It was discovered that Rack insecurely handled session ids. An unauthenticated remote attacker could possibly use this issue to perform a timing attack and hijack sessions. CVE-2019-16782 It was discovered that Rack was incorrectly handling cookies during parsing, not validating them or performin...

10CVSS7.7AI score0.03687EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/08/10 4:59 p.m.•116 views

USN-5564-1: Linux kernel (Intel IoTG) vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.7AI score0.12746EPSS
Exploits26
Ubuntu
Ubuntu
•added 2022/05/10 5:44 p.m.•116 views

USN-5408-1: Dnsmasq vulnerability

Petr Menšík and Richard Johnson discovered that Dnsmasq incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or expose sensitive information...

7.5CVSS7.8AI score0.01487EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/04/21 6:25 a.m.•116 views

USN-5385-1: Linux kernel vulnerabilities

Brendan Dolan-Gavitt discovered that the aQuantia AQtion Ethernet device driver in the Linux kernel did not properly validate meta-data coming from the device. A local attacker who can control an emulated device can use this to cause a denial of service system crash or possibly execute arbitrary...

6.7CVSS6.6AI score0.00513EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/03/30 3:47 p.m.•116 views

USN-5356-1: DOSBox vulnerabilities

Alexandre Bartel discovered that DOSBox incorrectly handled long lines in certain files. An attacker could possibly use this issue to execute arbitrary code. CVE-2019-7165 Alexandre Bartel discovered that DOSBox incorrectly performed access control over certain directories. An attacker could...

9.8CVSS8.7AI score0.06685EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/02/17 1:54 p.m.•116 views

USN-5291-1: libarchive vulnerabilities

It was discovered that libarchive incorrectly handled symlinks. If a user or automated system were tricked into processing a specially crafted archive, an attacker could possibly use this issue to change modes, times, ACLs, and flags on arbitrary files. CVE-2021-23177, CVE-2021-31566 It was...

7.8CVSS7.3AI score0.02845EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/12/17 12:46 p.m.•116 views

USN-5192-2: Apache Log4j 2 vulnerability

USN-5192-1 fixed a vulnerability in Apache Log4j 2. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Chen Zhaojun discovered that Apache Log4j 2 allows remote attackers to run programs via a special crafted input. An attacker could use this...

10CVSS7.9AI score0.99999EPSS
Exploits351
Ubuntu
Ubuntu
•added 2021/08/26 3:37 p.m.•116 views

USN-5053-1: libssh vulnerability

It was discovered that libssh incorrectly handled rekeying. A remote attacker could use this issue to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code...

6.5CVSS6.8AI score0.04683EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/07/07 7:17 p.m.•116 views

USN-5008-2: Avahi vulnerability

USN-5008-1 fixed a vulnerability in avahi. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Thomas Kremer discovered that Avahi incorrectly handled termination signals on the Unix socket. A local attacker could possibly use this...

5.5CVSS7.3AI score0.0045EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/06/01 11:20 a.m.•116 views

USN-4970-1: GUPnP vulnerability

It was discovered that GUPnP incorrectly filtered local requests. If a user were tricked into visiting a malicious website, a remote attacker could possibly use this issue to perform actions against local UPnP services such as obtaining or altering sensitive information...

8.1CVSS7.6AI score0.01084EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/04/14 4:42 p.m.•116 views

USN-4914-1: NetworkManager vulnerability

It was discovered that NetworkManager incorrectly handled certain profiles. A local attacker could possibly use this issue to cause NetworkManager to crash, resulting in a denial of service...

5.5CVSS6.5AI score0.00254EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/02/08 12:43 p.m.•116 views

USN-4723-1: PEAR vulnerability

It was discovered that PEAR incorrectly handled symbolic links in archives. A remote attacker could possibly use this issue to execute arbitrary code...

7.5CVSS7.9AI score0.70595EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/01/25 3:8 p.m.•116 views

USN-4703-1: Mutt vulnerability

It was discovered that Mutt incorrectly handled certain email messages. An attacker could possibly use this issue to cause a denial of service...

6.5CVSS6.3AI score0.02796EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/06/10 1:36 p.m.•116 views

USN-4394-1: SQLite vulnerabilities

It was discovered that SQLite incorrectly handled certain corruped schemas. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2018-8740 It was discovered that SQLite incorrectly handled certain SELECT statements. An attacker cou...

7.5CVSS7AI score0.0825EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/04/07 12:10 p.m.•116 views

USN-4321-1: HAProxy vulnerability

Felix Wilhelm discovered that HAProxy incorrectly handled certain HTTP/2 requests. An attacker could possibly use this to execute arbitrary code...

8.8CVSS7.6AI score0.60727EPSS
Exploits0
Total number of security vulnerabilities5000