Lucene search
K
UbuntuMost viewed

10876 matches found

Ubuntu
Ubuntu
added 2019/06/24 8:6 p.m.114 views

USN-4033-1: libmysofa vulnerability

It was discovered that a libmysofa component does not properly validate multiplications and additions, and may crash with some specific input...

9.8CVSS8.2AI score0.02368EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/05/07 2:9 p.m.114 views

USN-3969-1: wpa_supplicant and hostapd vulnerability

It was discovered that wpasupplicant and hostapd incorrectly handled unexpected fragments when using EAP-pwd. A remote attacker could possibly use this issue to cause a denial of service...

5.9CVSS6.5AI score0.03252EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/02/05 3:30 p.m.114 views

USN-3881-2: Dovecot vulnerability

USN-3881-1 fixed a vulnerability in Dovecot. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Dovecot incorrectly handled client certificates. A remote attacker in possession of a valid certificate with an empty username field...

7.7CVSS6.8AI score0.02462EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/12/20 11:36 p.m.114 views

USN-3849-1: Linux kernel vulnerabilities

It was discovered that a NULL pointer dereference existed in the keyring subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2017-2647 It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to ...

7.8CVSS6.7AI score0.00683EPSS
Exploits2
Ubuntu
Ubuntu
added 2018/12/03 6:53 p.m.114 views

USN-3834-2: Perl vulnerabilities

USN-3834-1 fixed a vulnerability in perl. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Jayakrishna Menon discovered that Perl incorrectly handled Perlmysetenv. An attacker could use this issue to cause Perl to crash, resulting in a denial of...

9.8CVSS7.5AI score0.11676EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/08/14 9:49 p.m.114 views

USN-3741-1: Linux kernel vulnerabilities

It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault L1TF. A local attacker in a guest virtual machine could use this to expose sensitive...

7.8CVSS6.8AI score0.7354EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2018/02/12 3:29 p.m.114 views

USN-3566-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled the PHAR 404 error page. A remote attacker could possibly use this issue to conduct cross-site scripting XSS attacks. CVE-2018-5712 It was discovered that PHP incorrectly handled memory when unserializing certain data. A remote attacker could use thi...

9.8CVSS7.2AI score0.79949EPSS
Exploits2
Ubuntu
Ubuntu
added 2017/06/19 8:57 p.m.114 views

USN-3311-2: libnl vulnerability

USN-3311-1 fixed a vulnerability in libnl. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that libnl incorrectly handled memory when performing certain operations. A local attacker could possibly use this issue to cause libnl to...

7.6CVSS7.2AI score0.01959EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/01/25 9:5 p.m.114 views

USN-3179-1: OpenJDK 8 vulnerabilities

Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update moves those algorithms to the legacy algorithm set and causes...

9.6CVSS7.4AI score0.95707EPSS
Exploits13
Ubuntu
Ubuntu
added 2017/01/11 6:8 a.m.114 views

USN-3167-1: Linux kernel vulnerabilities

Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment CS in certain error cases. A local attacker could use this to expose sensitive information kernel memory. Baozeng Ding discovered a race condition that could lead to a use-after-...

7.8CVSS6.7AI score0.00443EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/11/11 8:48 a.m.114 views

USN-3128-3: Linux kernel (Qualcomm Snapdragon) vulnerability

Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service system crash...

6.2CVSS7.1AI score0.00395EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/03/29 5:10 p.m.114 views

USN-2943-1: PCRE vulnerabilities

It was discovered that PCRE incorrectly handled certain regular expressions. A remote attacker could use this issue to cause applications using PCRE to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.1AI score0.09157EPSS
Exploits11
Ubuntu
Ubuntu
added 2014/07/23 8:4 p.m.114 views

USN-2299-1: Apache HTTP Server vulnerabilities

Marek Kroemeke discovered that the modproxy module incorrectly handled certain requests. A remote attacker could use this issue to cause the server to stop responding, leading to a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2014-0117 Giancarlo Pellegrino and Davide Balzarot...

6.8CVSS7.2AI score0.85744EPSS
Exploits7
Ubuntu
Ubuntu
added 2012/11/08 10:22 p.m.114 views

USN-1627-1: Apache HTTP Server vulnerabilities

It was discovered that the modnegotiation module incorrectly handled certain filenames, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output durin...

2.6CVSS7AI score0.22515EPSS
Exploits4
Ubuntu
Ubuntu
added 2011/04/29 7:28 p.m.114 views

USN-1126-1: PHP vulnerabilities

Stephane Chazelas discovered that the /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/. CVE-2011-0441 Raphael Geisert and Dan Rosenberg discovered that the PEAR installer allows local users to overwrite...

7.5CVSS8.5AI score0.17881EPSS
Exploits36
Ubuntu
Ubuntu
added 2024/06/11 8:53 p.m.113 views

USN-6821-3: Linux kernel (AWS) vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

9.1CVSS7.5AI score0.01635EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/01/25 10:6 p.m.113 views

USN-6605-1: Linux kernel vulnerabilities

Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6040 It was discovered that the CIFS...

7.8CVSS7.1AI score0.00715EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/11/23 10:32 a.m.113 views

USN-6510-1: Apache HTTP Server vulnerability

David Shoon discovered that the Apache HTTP Server modmacro module incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service...

7.5CVSS7.5AI score0.02978EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/06/20 4:21 a.m.113 views

USN-5486-1: Intel Microcode vulnerabilities

It was discovered that some Intel processors did not implement sufficient control flow management. A local attacker could use this to cause a denial of service. CVE-2021-0127 Joseph Nuzman discovered that some Intel processors did not properly initialise shared resources. A local attacker could u...

6.8CVSS6.2AI score0.06283EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/06/08 4:15 a.m.113 views

USN-5467-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

7.8CVSS7AI score0.01245EPSS
Exploits8
Ubuntu
Ubuntu
added 2022/06/07 2:15 p.m.113 views

USN-5463-1: NTFS-3G vulnerabilities

It was discovered that NTFS-3G incorrectly handled the ntfsck tool. If a user or automated system were tricked into using ntfsck on a specially crafted disk image, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2021-46790 Roman Fiedler discovered that NTFS-3G...

7.8CVSS7.5AI score0.00504EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/05/03 9:4 p.m.113 views

USN-5390-2: Linux kernel (Raspberry Pi) vulnerabilities

David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-1015 David Bouman discovered that the netfilter subsystem in t...

7.8CVSS7.1AI score0.01467EPSS
Exploits11
Ubuntu
Ubuntu
added 2021/10/27 9:50 p.m.113 views

USN-5125-1: PHP vulnerability

It was discovered that PHP-FPM in PHP incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

7.8CVSS7.5AI score0.01337EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/08/09 3:30 p.m.113 views

USN-5033-1: Perl vulnerability

It was discovered that the Perl Encode library incorrectly handled paths. A local attacker could possibly use this issue to trick the library into executing arbitrary code from the current working directory...

7.8CVSS7.8AI score0.01397EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/04/13 2:51 p.m.113 views

USN-4905-1: X.Org X Server vulnerability

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain lengths of XInput extension ChangeFeedbackControl requests. An attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS7.8AI score0.0105EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/01/11 5:42 p.m.113 views

USN-4667-2: APT vulnerability

USN-4667-1 fixed a vulnerability in APT. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Kevin Backhouse discovered that APT incorrectly handled certain packages. A local attacker could possibly use this issue to cause APT to crash or stop responding...

5.7CVSS6.5AI score0.00377EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/04/22 3:32 p.m.113 views

USN-4337-1: OpenJDK vulnerabilities

It was discovered that OpenJDK incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service while processing a specially crafted regular expression. CVE-2020-2754, CVE-2020-2755 It was discovered that OpenJDK incorrectly handled class...

8.3CVSS6.8AI score0.0623EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/04/21 11:31 a.m.113 views

USN-4334-1: Git vulnerability

Carlo Arenas discovered that Git incorrectly handled certain URLs containing newlines, empty hosts, or lacking a scheme. A remote attacker could possibly use this issue to trick Git into returning credential information for a wrong host...

7.5CVSS7.3AI score0.03899EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/11/13 1:44 a.m.113 views

USN-4187-1: Linux kernel vulnerability

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...

6.5CVSS7.3AI score0.03133EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2019/10/30 5:45 a.m.113 views

USN-4171-1: Apport vulnerabilities

Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly crash Apport or have other unspecified consequences. CVE-2019-11481 Sander Bos discovered a race-condition in Apport during core dump creation. This...

7.8CVSS5.6AI score0.00484EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/04/24 12:39 p.m.113 views

USN-3954-1: FreeRADIUS vulnerabilities

It was discovered that FreeRADIUS incorrectly handled certain inputs. An attacker could possibly use this issue to bypass authentication. CVE-2019-11234, CVE-2019-11235...

9.8CVSS7.6AI score0.07624EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/11/11 9:2 a.m.113 views

USN-3129-1: Linux kernel vulnerability

Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service system crash...

6.2CVSS7.1AI score0.00395EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/06/27 11:48 p.m.113 views

USN-3021-1: Linux kernel vulnerabilities

Andrey Konovalov discovered that the CDC Network Control Model USB driver in the Linux kernel did not cancel work events queued if a later error occurred, resulting in a use-after-free. An attacker with physical access could use this to cause a denial of service system crash. CVE-2016-3951 Kangji...

7.8CVSS6.3AI score0.04178EPSS
Exploits5
Ubuntu
Ubuntu
added 2014/07/17 1:0 a.m.113 views

USN-2288-1: Linux kernel (Trusty HWE) vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Salva Peiró discovered an information leak in the Linux kernel's media- device...

6.9CVSS7.1AI score0.08103EPSS
Exploits11
Ubuntu
Ubuntu
added 2011/10/25 12:50 p.m.113 views

USN-1239-1: Linux kernel (EC2) vulnerabilities

Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. CVE-2011-1576 Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not correctly...

9.1CVSS7.9AI score0.05689EPSS
Exploits8
Ubuntu
Ubuntu
added 2011/02/22 7:45 p.m.113 views

USN-1069-1: Mailman vulnerabilities

It was discovered that Mailman did not properly sanitize certain fields, resulting in cross-site scripting XSS vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to...

4.3CVSS6.1AI score0.04248EPSS
Exploits0
Ubuntu
Ubuntu
added 2009/10/31 1:40 a.m.113 views

USN-853-1: Firefox and Xulrunner vulnerabilities

Alin Rad Pop discovered a heap-based buffer overflow in Firefox when it converted strings to floating point numbers. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoki...

10CVSS8.5AI score0.15519EPSS
Exploits32
Ubuntu
Ubuntu
added 2025/03/27 9:47 p.m.112 views

USN-7387-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

8.1CVSS7.5AI score0.03558EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/04/11 4:19 p.m.112 views

USN-6729-1: Apache HTTP Server vulnerabilities

Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. CVE-2023-38709 Keran Mu and Jianjun Chen discovered that the Apache HTTP Server incorrectly handled validatin...

7.5CVSS7.4AI score0.91327EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/01/16 8:28 a.m.112 views

USN-5805-1: Apache Maven vulnerability

It was discovered that Apache Maven followed repositories that are defined in a dependency’s Project Object Model pom even if the repositories weren't encryptedh http protocol. An attacker could use this vulnerability to take over a repository, execute arbitrary code or cause a denial of service...

9.1CVSS7.8AI score0.08691EPSS
Exploits2References1
Ubuntu
Ubuntu
added 2022/05/04 12:45 p.m.112 views

USN-5400-2: MySQL vulnerabilities

USN-5400-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated in...

6.5CVSS6.4AI score0.01939EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/03/28 6:59 p.m.112 views

USN-5352-1: Libtasn1 vulnerability

It was discovered that Libtasn1 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service...

7.1CVSS6.3AI score0.02008EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/11/11 7:14 a.m.112 views

LSN-0082-1: Kernel Live Patch Security Notice

Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly expose sensitive information kernel...

7.8CVSS7AI score0.01129EPSS
Exploits5
Ubuntu
Ubuntu
added 2021/11/01 10:40 p.m.112 views

USN-5128-1: Ceph vulnerabilities

Goutham Pacha Ravi, Jahson Babel, and John Garbutt discovered that user credentials in Ceph could be manipulated in certain environments. An attacker could use this to gain unintended access to resources. This issue only affected Ubuntu 18.04 LTS. CVE-2020-27781 It was discovered that Ceph...

7.2CVSS7AI score0.02425EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/09/13 2:49 p.m.112 views

USN-5076-1: Git vulnerability

It was discovered that Git allowed newline characters in certain repository paths. An attacker could potentially use this issue to perform cross-protocol requests...

7.5CVSS8AI score0.03199EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/09/08 11:6 a.m.112 views

USN-5063-1: HAProxy vulnerabilities

Ori Hollander discovered that HAProxy incorrectly handled HTTP header name length encoding. A remote attacker could possibly use this issue to inject a duplicate content-length header and perform request smuggling attacks...

7.5CVSS7.8AI score0.56083EPSS
Exploits5
Ubuntu
Ubuntu
added 2021/08/04 1:9 p.m.112 views

USN-5027-2: PEAR vulnerability

USN-5027-1 fixed a vulnerability in PEAR. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that PEAR incorrectly handled symbolic links in archives. A remote attacker could possibly use this issue to execute arbitrary code...

7.1CVSS7.8AI score0.73377EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/07/29 4:28 p.m.112 views

USN-5026-1: QPDF vulnerabilities

It was discovered that QPDF incorrectly handled certain malformed PDF files. A remote attacker could use this issue to cause QPDF to consume resources, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2018-18020 It was discovered that QPDF incorrectly handled certa...

5.5CVSS5.4AI score0.01281EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/02/04 7:45 p.m.112 views

USN-4721-1: Flatpak vulnerability

Simon McVittie discovered that flatpak-portal service allowed sandboxed applications to execute arbitrary code on the host system a sandbox escape. A malicious user could create a Flatpak application that set environment variables, trusted by the Flatpak "run" command, and use it to execute...

8.8CVSS8.5AI score0.0057EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/01/13 8:43 p.m.112 views

USN-4653-2: containerd vulnerability

USN-4653-1 fixed a vulnerability in containerd. Unfortunately, those containerd packages introduced a regression in docker.io and the update was reverted. This update addresses the docker.io issue and reintroduces the fixes from USN-4653-1. We apologize for the inconvenience...

5.2CVSS6.5AI score0.03236EPSS
Exploits4References1
Total number of security vulnerabilities5000