Lucene search
K
UbuntuMost viewed

10876 matches found

Ubuntu
Ubuntu
added 2016/12/09 1:38 p.m.116 views

USN-3153-1: Oxide vulnerabilities

Multiple vulnerabilities were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to conduct cross-site scripting XSS attacks, read uninitialized memory, obtain sensitive information, spoof the webview URL, bypass...

10CVSS7.2AI score0.11182EPSS
Exploits5
Ubuntu
Ubuntu
added 2012/02/16 7:30 p.m.116 views

USN-1368-1: Apache HTTP Server vulnerabilities

It was discovered that the Apache HTTP Server incorrectly handled the SetEnvIf .htaccess file directive. An attacker having write access to a .htaccess file may exploit this to possibly execute arbitrary code. CVE-2011-3607 Prutha Parikh discovered that the modproxy module did not properly intera...

4.6CVSS8.1AI score0.82756EPSS
Exploits12
Ubuntu
Ubuntu
added 2009/11/11 4:49 p.m.116 views

USN-853-2: Firefox and Xulrunner regression

USN-853-1 fixed vulnerabilities in Firefox and Xulrunner. The upstream changes introduced regressions that could lead to crashes when processing certain malformed GIF images, fonts and web pages. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Alin Ra...

8.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2022/05/05 6:27 p.m.115 views

USN-5404-1: Rsyslog vulnerability

Pieter Agten discovered that Rsyslog incorrectly handled certain requests. An attacker could possibly use this issue to cause a crash...

8.1CVSS6.7AI score0.03821EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/05/02 5:1 p.m.115 views

USN-5399-1: libvirt vulnerabilities

It was discovered that libvirt incorrectly handled certain locking operations. A local attacker could possibly use this issue to cause libvirt to stop accepting connections, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. CVE-2021-3667 It was discovered that libvirt...

7.2CVSS6.5AI score0.01366EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/02/17 1:54 p.m.115 views

USN-5291-1: libarchive vulnerabilities

It was discovered that libarchive incorrectly handled symlinks. If a user or automated system were tricked into processing a specially crafted archive, an attacker could possibly use this issue to change modes, times, ACLs, and flags on arbitrary files. CVE-2021-23177, CVE-2021-31566 It was...

7.8CVSS7.3AI score0.02845EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/09/10 11:57 a.m.115 views

USN-5075-1: Ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service...

9.9CVSS8.6AI score0.83913EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/06/07 1:50 p.m.115 views

USN-4975-2: Django vulnerability

USN-4975-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Rasmus Lerchedahl Petersen and Rasmus Wriedt Larsen discovered that Django incorrectly handled path sanitation in admindocs. A remote attacker could possibly...

4.9CVSS6.8AI score0.02737EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/04/14 4:42 p.m.115 views

USN-4914-1: NetworkManager vulnerability

It was discovered that NetworkManager incorrectly handled certain profiles. A local attacker could possibly use this issue to cause NetworkManager to crash, resulting in a denial of service...

5.5CVSS6.5AI score0.00254EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/17 12:59 p.m.115 views

USN-4881-1: containerd vulnerability

It was discovered that containerd incorrectly handled certain environment variables. Contrary to expectations, a container could receive environment variables defined for a different container, possibly containing sensitive information...

6.3CVSS6.5AI score0.02044EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/02/08 12:43 p.m.115 views

USN-4723-1: PEAR vulnerability

It was discovered that PEAR incorrectly handled symbolic links in archives. A remote attacker could possibly use this issue to execute arbitrary code...

7.5CVSS7.9AI score0.70595EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/01/20 1:43 p.m.115 views

USN-4697-2: Pillow vulnerabilities

USN-4697-1 fixed several vulnerabilities in Pillow. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that Pillow incorrectly handled certain PCX image files. If a user or automated system were tricked into opening a specially-crafted...

7.1CVSS7.1AI score0.01498EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/06/10 1:36 p.m.115 views

USN-4394-1: SQLite vulnerabilities

It was discovered that SQLite incorrectly handled certain corruped schemas. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2018-8740 It was discovered that SQLite incorrectly handled certain SELECT statements. An attacker cou...

7.5CVSS7AI score0.0825EPSS
Exploits3
Ubuntu
Ubuntu
added 2020/05/28 10:46 p.m.115 views

USN-4367-2: Linux kernel regression

USN-4367-1 fixed vulnerabilities in the 5.4 Linux kernel. Unfortunately, that update introduced a regression in overlayfs. This update corrects the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the btrfs implementation in the Linux kernel did not...

6.7AI score0.034EPSS
Exploits1References1
Ubuntu
Ubuntu
added 2020/04/07 9:0 p.m.115 views

USN-4324-1: Linux kernel vulnerabilities

Al Viro discovered that the vfs layer in the Linux kernel contained a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly expose sensitive information kernel memory. CVE-2020-8428 Shijie Luo discovered that the ext4 file system...

7.1CVSS6.7AI score0.00655EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/12/04 5:28 p.m.115 views

USN-4213-1: Squid vulnerabilities

Jeriko One and Kristoffer Danielsson discovered that Squid incorrectly handled certain URN requests. A remote attacker could possibly use this issue to bypass access checks and access restricted servers. This issue was only addressed in Ubuntu 19.04 and Ubuntu 19.10. CVE-2019-12523 Jeriko One...

9.8CVSS6.8AI score0.40982EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/09/16 4:42 a.m.115 views

USN-4133-1: Wireshark vulnerabilities

It was discovered that Wireshark improperly handled certain input. A remote or local attacker could cause Wireshark to crash by injecting malformed packets onto the wire or convincing someone to read a malformed packet trace file...

7.5CVSS6.8AI score0.06079EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/09/11 5:11 p.m.115 views

USN-4131-1: VLC vulnerabilities

It was discovered that VLC incorrectly handled certain media files. If a user were tricked into opening a specially-crafted file, a remote attacker could use this issue to cause VLC to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.2AI score0.036EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/08/07 2:17 p.m.115 views

USN-4088-1: PHP vulnerability

It was discovered that PHP incorrectly handled certain regular expressions. An attacker could possibly use this issue to expose sensitive information, cause a denial of service or execute arbitrary code...

9.8CVSS7.9AI score0.04047EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/05/06 5:24 p.m.115 views

USN-3967-1: FFmpeg vulnerabilities

It was discovered that FFmpeg contained multiple security issues when handling certain multimedia files. If a user were tricked into opening a crafted multimedia file, an attacker could cause a denial of service via application crash...

8.8CVSS6.7AI score0.03266EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/02/26 2:26 p.m.115 views

USN-3895-1: LDB vulnerability

It was discovered that LDB incorrectly handled certain search expressions. A remote attacker could possibly use this issue to cause the Samba LDAP process to crash, resulting in a denial of service...

6.5CVSS6.9AI score0.02821EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/05/11 1:44 a.m.115 views

USN-3644-1: OpenJDK 8 vulnerabilities

It was discovered that the Security component of OpenJDK did not correctly perform merging of multiple sections for the same file listed in JAR archive file manifests. An attacker could possibly use this to modify attributes in a manifest without invalidating the signature. CVE-2018-2790 Francesc...

8.3CVSS5.9AI score0.15141EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/07/05 7:42 p.m.115 views

USN-3321-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information or execute arbitrary...

9.8CVSS7.4AI score0.05216EPSS
Exploits11
Ubuntu
Ubuntu
added 2017/01/31 6:3 p.m.115 views

USN-3181-1: OpenSSL vulnerabilities

Guido Vranken discovered that OpenSSL used undefined behaviour when performing pointer arithmetic. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS as other releases were...

9.8CVSS7.5AI score0.57595EPSS
Exploits2
Ubuntu
Ubuntu
added 2016/09/12 7:46 p.m.115 views

USN-3077-1: OpenJDK 6 vulnerabilities

A vulnerability was discovered in the OpenJDK JRE related to data integrity. An attacker could exploit this to expose sensitive data over the network or possibly execute arbitrary code. CVE-2016-3458 Multiple vulnerabilities were discovered in the OpenJDK JRE related to availability. An attacker...

9.6CVSS7.5AI score0.04797EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/04/29 5:21 p.m.115 views

USN-2956-1: ubuntu-core-launcher vulnerability

Zygmunt Krynicki discovered that ubuntu-core-launcher did not properly sanitize its input and contained a logic error when determining the mountpoint of bind mounts when using snaps on Ubuntu classic systems eg, traditional desktop and server. If a user were tricked into installing a malicious sn...

10CVSS8.5AI score0.03485EPSS
Exploits0
Ubuntu
Ubuntu
added 2014/09/26 2:13 a.m.115 views

USN-2363-2: Bash vulnerability

USN-2363-1 fixed a vulnerability in Bash. Due to a build issue, the patch for CVE-2014-7169 didn't get properly applied in the Ubuntu 14.04 LTS package. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Tavis Ormandy discovered that the security fix for...

10CVSS8.5AI score0.9994EPSS
Exploits17
Ubuntu
Ubuntu
added 2013/01/22 5:19 p.m.115 views

USN-1681-3: Firefox regression

USN-1681-1 fixed vulnerabilities in Firefox. Due to an upstream regression, some translations became unusable after upgrading. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Christoph Diehl, Christian Holler, Mats Palmgren, Chiaki Ishikawa, Bill...

9.3AI score0.73364EPSS
Exploits30References1
Ubuntu
Ubuntu
added 2011/08/09 2:28 a.m.115 views

USN-1186-1: Linux kernel vulnerabilities

Dan Rosenberg discovered that IPC structures were not correctly initialized on 64bit systems. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. CVE-2010-4073 Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker cou...

7.8CVSS6.6AI score0.02608EPSS
Exploits29
Ubuntu
Ubuntu
added 2011/03/25 7:57 p.m.115 views

USN-1093-1: Linux Kernel vulnerabilities (Marvell Dove)

Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. CVE-2010-3904 Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service...

8.3CVSS7.1AI score0.17009EPSS
Exploits85References1
Ubuntu
Ubuntu
added 2009/01/27 10:18 p.m.115 views

USN-713-1: openjdk-6 vulnerabilities

It was discovered that Java did not correctly handle untrusted applets. If a user were tricked into running a malicious applet, a remote attacker could gain user privileges, or list directory contents. CVE-2008-5347, CVE-2008-5350 It was discovered that Kerberos authentication and RSA public key...

10CVSS8.1AI score0.84807EPSS
Exploits23
Ubuntu
Ubuntu
added 2024/06/07 6:18 p.m.114 views

USN-6816-1: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...

9.1CVSS7.5AI score0.01635EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/03/22 3:2 p.m.114 views

USN-5968-1: GitPython vulnerability

It was discovered that GitPython did not properly sanitize user inputs for remote URLs in the clone command. By injecting a maliciously crafted remote URL, an attacker could possibly use this issue to execute arbitrary commands on the host...

9.8CVSS8.2AI score0.05378EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/03/03 12:59 a.m.114 views

USN-5916-1: Linux kernel vulnerability

Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

5.5CVSS7.1AI score0.00971EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/03/01 7:0 a.m.114 views

USN-5880-2: Firefox regressions

USN-5880-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Christian Holler discovered that Firefox did not properly manage memory when using PKCS 12 Safe Bag attribute...

7.8AI score
Exploits0References1
Ubuntu
Ubuntu
added 2023/01/06 9:37 p.m.114 views

USN-5791-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20421 David Leadbeater...

7.8CVSS7.2AI score0.01364EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/07/13 7:3 p.m.114 views

USN-5514-1: Linux kernel vulnerabilities

It was discovered that the implementation of the 6pack and mkiss protocols in the Linux kernel did not handle detach events properly in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2022-1195...

7.5CVSS6.9AI score0.0155EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/07/07 7:59 a.m.114 views

USN-5505-1: Linux kernel vulnerabilities

Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. CVE-2021-3609 Likang Luo discovered that a race condition existed in the Bluetoo...

7.9CVSS6.9AI score0.06451EPSS
Exploits9
Ubuntu
Ubuntu
added 2022/06/08 4:55 a.m.114 views

USN-5469-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

7.8CVSS7AI score0.0155EPSS
Exploits12
Ubuntu
Ubuntu
added 2022/04/13 4:3 p.m.114 views

USN-5378-4: Gzip vulnerability

USN-5378-1 fixed a vulnerability in Gzip. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Original advisory details: Cleemy Desu Wayo discovered that Gzip incorrectly handled certain filenames. If a user or automated system were tricked into performing zgrep...

8.8CVSS7.2AI score0.04271EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/02/03 3:35 p.m.114 views

USN-5270-2: MySQL vulnerabilities

USN-5270-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to...

5.5CVSS6.3AI score0.01856EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/01/17 1:14 p.m.114 views

USN-5227-2: Pillow vulnerabilities

USN-5227-1 fixed several vulnerabilities in Pillow. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a...

9.8CVSS7.4AI score0.03399EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/11/11 1:2 p.m.114 views

USN-5142-1: Samba vulnerabilities

Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client connections. A remote attacker could possibly use this issue to downgrade connections to plaintext authentication. CVE-2016-2124 Andrew Bartlett discovered that Samba incorrectly mapping domain users to local users. An...

9CVSS6.9AI score0.02025EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/11/11 6:21 a.m.114 views

USN-5137-2: Linux kernel vulnerabilities

It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.2AI score0.02014EPSS
Exploits6
Ubuntu
Ubuntu
added 2021/10/20 6:42 p.m.114 views

USN-5116-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information WiFi network traffic. CVE-2020-3702 Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not...

7.8CVSS6.7AI score0.01476EPSS
Exploits4
Ubuntu
Ubuntu
added 2021/10/04 5:25 p.m.114 views

USN-5102-1: Mercurial vulnerabilities

It was discovered that Mercurial mishandled symlinks in subrepositories. An attacker could use this issue to write arbitrary files to the target’s filesystem. CVE-2019-3902 It was discovered that Mercurial incorrectly handled certain manifest files. An attacker could use this issue to cause a...

9.1CVSS6.9AI score0.02033EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/06/30 2:27 p.m.114 views

USN-4905-2: X.Org X Server vulnerability

USN-4905-1 fixed a vulnerability in X.Org. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain lengths of XInput extension ChangeFeedbackControl requests. An attacker could us...

7.8CVSS7.8AI score0.0105EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/05/17 11:57 a.m.114 views

USN-4955-1: Please vulnerabilities

Matthias Gerstner discovered that Please contained multiple security issues. A local attacker could use these issues to cause Please to crash, resulting in a denial of service, or possibly escalate privileges...

7.8CVSS6.4AI score0.00468EPSS
Exploits3
Ubuntu
Ubuntu
added 2021/05/03 10:20 p.m.114 views

USN-4918-3: ClamAV regression

USN-4918-1 fixed vulnerabilities in ClamAV. The updated package could fail to properly scan in some situations. This update fixes the problem. Original advisory details: It was discovered that ClamAV incorrectly handled parsing Excel documents. A remote attacker could possibly use this issue to...

7.4AI score
Exploits0References1
Ubuntu
Ubuntu
added 2019/08/28 2:11 p.m.114 views

USN-4110-2: Dovecot vulnerability

USN-4110-1 fixed a vulnerability in Dovecot. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Nick Roessler and Rafi Rubin discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to caus...

9.8CVSS8.5AI score0.62579EPSS
Exploits1
Total number of security vulnerabilities5000