Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
added 2022/07/07 7:59 a.m.114 views

USN-5505-1: Linux kernel vulnerabilities

Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. CVE-2021-3609 Likang Luo discovered that a race condition existed in the Bluetoo...

7.9CVSS6.9AI score0.06451EPSS
Exploits9
Ubuntu
Ubuntu
added 2022/06/08 4:55 a.m.114 views

USN-5469-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

7.8CVSS7AI score0.0155EPSS
Exploits12
Ubuntu
Ubuntu
added 2022/05/04 12:45 p.m.114 views

USN-5400-2: MySQL vulnerabilities

USN-5400-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated in...

6.5CVSS6.4AI score0.01939EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/13 4:3 p.m.114 views

USN-5378-4: Gzip vulnerability

USN-5378-1 fixed a vulnerability in Gzip. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Original advisory details: Cleemy Desu Wayo discovered that Gzip incorrectly handled certain filenames. If a user or automated system were tricked into performing zgrep...

8.8CVSS7.2AI score0.04271EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/11/11 6:21 a.m.114 views

USN-5137-2: Linux kernel vulnerabilities

It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.2AI score0.02014EPSS
Exploits6
Ubuntu
Ubuntu
added 2021/10/20 6:42 p.m.114 views

USN-5116-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information WiFi network traffic. CVE-2020-3702 Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not...

7.8CVSS6.7AI score0.01476EPSS
Exploits4
Ubuntu
Ubuntu
added 2021/10/04 5:25 p.m.114 views

USN-5102-1: Mercurial vulnerabilities

It was discovered that Mercurial mishandled symlinks in subrepositories. An attacker could use this issue to write arbitrary files to the target’s filesystem. CVE-2019-3902 It was discovered that Mercurial incorrectly handled certain manifest files. An attacker could use this issue to cause a...

9.1CVSS6.9AI score0.02033EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/08/09 3:30 p.m.114 views

USN-5033-1: Perl vulnerability

It was discovered that the Perl Encode library incorrectly handled paths. A local attacker could possibly use this issue to trick the library into executing arbitrary code from the current working directory...

7.8CVSS7.8AI score0.01397EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/05/17 11:57 a.m.114 views

USN-4955-1: Please vulnerabilities

Matthias Gerstner discovered that Please contained multiple security issues. A local attacker could use these issues to cause Please to crash, resulting in a denial of service, or possibly escalate privileges...

7.8CVSS6.4AI score0.00468EPSS
Exploits3
Ubuntu
Ubuntu
added 2021/05/03 10:20 p.m.114 views

USN-4918-3: ClamAV regression

USN-4918-1 fixed vulnerabilities in ClamAV. The updated package could fail to properly scan in some situations. This update fixes the problem. Original advisory details: It was discovered that ClamAV incorrectly handled parsing Excel documents. A remote attacker could possibly use this issue to...

7.4AI score
Exploits0References1
Ubuntu
Ubuntu
added 2021/04/13 2:51 p.m.114 views

USN-4905-1: X.Org X Server vulnerability

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain lengths of XInput extension ChangeFeedbackControl requests. An attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS7.8AI score0.0105EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/12/16 5:27 p.m.114 views

USN-4672-1: unzip vulnerabilities

Rene Freingruber discovered that unzip incorrectly handled certain specially crafted password protected ZIP archives. If a user or automated system using unzip were tricked into opening a specially crafted zip file, an attacker could exploit this to cause a crash, resulting in a denial of service...

7.8CVSS6AI score0.30469EPSS
Exploits3
Ubuntu
Ubuntu
added 2020/10/05 5:4 p.m.114 views

USN-4570-1: urllib3 vulnerability

It was discovered that urllib3 incorrectly handled certain character sequences. A remote attacker could possibly use this issue to perform CRLF injection...

6.5CVSS7.6AI score0.02269EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/08/28 2:11 p.m.114 views

USN-4110-2: Dovecot vulnerability

USN-4110-1 fixed a vulnerability in Dovecot. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Nick Roessler and Rafi Rubin discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to caus...

9.8CVSS8.5AI score0.62579EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/06/24 8:6 p.m.114 views

USN-4033-1: libmysofa vulnerability

It was discovered that a libmysofa component does not properly validate multiplications and additions, and may crash with some specific input...

9.8CVSS8.2AI score0.02368EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/05/07 2:9 p.m.114 views

USN-3969-1: wpa_supplicant and hostapd vulnerability

It was discovered that wpasupplicant and hostapd incorrectly handled unexpected fragments when using EAP-pwd. A remote attacker could possibly use this issue to cause a denial of service...

5.9CVSS6.5AI score0.03252EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/02/05 3:30 p.m.114 views

USN-3881-2: Dovecot vulnerability

USN-3881-1 fixed a vulnerability in Dovecot. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Dovecot incorrectly handled client certificates. A remote attacker in possession of a valid certificate with an empty username field...

7.7CVSS6.8AI score0.02462EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/12/20 11:36 p.m.114 views

USN-3849-1: Linux kernel vulnerabilities

It was discovered that a NULL pointer dereference existed in the keyring subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2017-2647 It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to ...

7.8CVSS6.7AI score0.00683EPSS
Exploits2
Ubuntu
Ubuntu
added 2018/12/03 6:53 p.m.114 views

USN-3834-2: Perl vulnerabilities

USN-3834-1 fixed a vulnerability in perl. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Jayakrishna Menon discovered that Perl incorrectly handled Perlmysetenv. An attacker could use this issue to cause Perl to crash, resulting in a denial of...

9.8CVSS7.5AI score0.11676EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/02/12 3:29 p.m.114 views

USN-3566-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled the PHAR 404 error page. A remote attacker could possibly use this issue to conduct cross-site scripting XSS attacks. CVE-2018-5712 It was discovered that PHP incorrectly handled memory when unserializing certain data. A remote attacker could use thi...

9.8CVSS7.2AI score0.79949EPSS
Exploits2
Ubuntu
Ubuntu
added 2017/01/25 9:5 p.m.114 views

USN-3179-1: OpenJDK 8 vulnerabilities

Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update moves those algorithms to the legacy algorithm set and causes...

9.6CVSS7.4AI score0.95707EPSS
Exploits13
Ubuntu
Ubuntu
added 2016/11/11 8:48 a.m.114 views

USN-3128-3: Linux kernel (Qualcomm Snapdragon) vulnerability

Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service system crash...

6.2CVSS7.1AI score0.00395EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/03/29 5:10 p.m.114 views

USN-2943-1: PCRE vulnerabilities

It was discovered that PCRE incorrectly handled certain regular expressions. A remote attacker could use this issue to cause applications using PCRE to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.1AI score0.09157EPSS
Exploits11
Ubuntu
Ubuntu
added 2014/07/17 1:0 a.m.114 views

USN-2288-1: Linux kernel (Trusty HWE) vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Salva Peiró discovered an information leak in the Linux kernel's media- device...

6.9CVSS7.1AI score0.08103EPSS
Exploits11
Ubuntu
Ubuntu
added 2011/04/29 7:28 p.m.114 views

USN-1126-1: PHP vulnerabilities

Stephane Chazelas discovered that the /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/. CVE-2011-0441 Raphael Geisert and Dan Rosenberg discovered that the PEAR installer allows local users to overwrite...

7.5CVSS8.5AI score0.17881EPSS
Exploits36
Ubuntu
Ubuntu
added 2009/10/31 1:40 a.m.114 views

USN-853-1: Firefox and Xulrunner vulnerabilities

Alin Rad Pop discovered a heap-based buffer overflow in Firefox when it converted strings to floating point numbers. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoki...

10CVSS8.5AI score0.15519EPSS
Exploits32
Ubuntu
Ubuntu
added 2024/06/11 8:53 p.m.113 views

USN-6821-3: Linux kernel (AWS) vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

9.1CVSS7.5AI score0.01635EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/04/11 4:19 p.m.113 views

USN-6729-1: Apache HTTP Server vulnerabilities

Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. CVE-2023-38709 Keran Mu and Jianjun Chen discovered that the Apache HTTP Server incorrectly handled validatin...

7.5CVSS7.4AI score0.91327EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/01/25 10:6 p.m.113 views

USN-6605-1: Linux kernel vulnerabilities

Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6040 It was discovered that the CIFS...

7.8CVSS7.1AI score0.00715EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/06/20 4:21 a.m.113 views

USN-5486-1: Intel Microcode vulnerabilities

It was discovered that some Intel processors did not implement sufficient control flow management. A local attacker could use this to cause a denial of service. CVE-2021-0127 Joseph Nuzman discovered that some Intel processors did not properly initialise shared resources. A local attacker could u...

6.8CVSS6.2AI score0.06283EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/06/08 4:15 a.m.113 views

USN-5467-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

7.8CVSS7AI score0.0124EPSS
Exploits8
Ubuntu
Ubuntu
added 2022/06/07 2:15 p.m.113 views

USN-5463-1: NTFS-3G vulnerabilities

It was discovered that NTFS-3G incorrectly handled the ntfsck tool. If a user or automated system were tricked into using ntfsck on a specially crafted disk image, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2021-46790 Roman Fiedler discovered that NTFS-3G...

7.8CVSS7.5AI score0.00504EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/05/03 9:4 p.m.113 views

USN-5390-2: Linux kernel (Raspberry Pi) vulnerabilities

David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-1015 David Bouman discovered that the netfilter subsystem in t...

7.8CVSS7.1AI score0.01467EPSS
Exploits11
Ubuntu
Ubuntu
added 2021/10/27 9:50 p.m.113 views

USN-5125-1: PHP vulnerability

It was discovered that PHP-FPM in PHP incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

7.8CVSS7.5AI score0.01337EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/09/08 11:6 a.m.113 views

USN-5063-1: HAProxy vulnerabilities

Ori Hollander discovered that HAProxy incorrectly handled HTTP header name length encoding. A remote attacker could possibly use this issue to inject a duplicate content-length header and perform request smuggling attacks...

7.5CVSS7.8AI score0.57934EPSS
Exploits5
Ubuntu
Ubuntu
added 2021/01/13 5:15 p.m.113 views

USN-4691-1: Open vSwitch vulnerabilities

Jonas Rudloff discovered that Open vSwitch incorrectly handled certain malformed LLDP packets. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.5AI score0.05493EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/01/11 5:42 p.m.113 views

USN-4667-2: APT vulnerability

USN-4667-1 fixed a vulnerability in APT. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Kevin Backhouse discovered that APT incorrectly handled certain packages. A local attacker could possibly use this issue to cause APT to crash or stop responding...

5.7CVSS6.5AI score0.00377EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/10/14 4:22 p.m.113 views

USN-4582-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled permissions on the .swp file. A local attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS. CVE-2017-17087 It was discovered that Vim incorrectly handled restricted mode. A local attacker...

5.5CVSS6.6AI score0.00488EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/04/22 3:32 p.m.113 views

USN-4337-1: OpenJDK vulnerabilities

It was discovered that OpenJDK incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service while processing a specially crafted regular expression. CVE-2020-2754, CVE-2020-2755 It was discovered that OpenJDK incorrectly handled class...

8.3CVSS6.8AI score0.0623EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/04/21 11:31 a.m.113 views

USN-4334-1: Git vulnerability

Carlo Arenas discovered that Git incorrectly handled certain URLs containing newlines, empty hosts, or lacking a scheme. A remote attacker could possibly use this issue to trick Git into returning credential information for a wrong host...

7.5CVSS7.3AI score0.03899EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/11/13 1:44 a.m.113 views

USN-4187-1: Linux kernel vulnerability

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...

6.5CVSS7.3AI score0.03133EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2019/10/30 5:45 a.m.113 views

USN-4171-1: Apport vulnerabilities

Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly crash Apport or have other unspecified consequences. CVE-2019-11481 Sander Bos discovered a race-condition in Apport during core dump creation. This...

7.8CVSS5.6AI score0.00484EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/09/12 8:10 p.m.113 views

USN-4129-2: curl vulnerability

USN-4129-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Original advisory details: Thomas Vegas discovered that curl incorrectly handled memory during TFTP transfers. A remote attacker could use this issue to crash curl, resultin...

9.8CVSS6.8AI score0.17939EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/04/24 12:39 p.m.113 views

USN-3954-1: FreeRADIUS vulnerabilities

It was discovered that FreeRADIUS incorrectly handled certain inputs. An attacker could possibly use this issue to bypass authentication. CVE-2019-11234, CVE-2019-11235...

9.8CVSS7.6AI score0.07624EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/04/23 11:54 a.m.113 views

USN-3952-1: Pacemaker vulnerabilities

Jan Pokorný discovered that Pacemaker incorrectly handled client-server authentication. A local attacker could possibly use this issue to escalate privileges. CVE-2018-16877 Jan Pokorný discovered that Pacemaker incorrectly handled certain verifications. A local attacker could possibly use this...

8.8CVSS6.7AI score0.01962EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/11/27 6:59 p.m.113 views

USN-3829-1: Git vulnerabilities

It was discovered that Git incorrectly handled layers of tree objects. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2017-15298 It was discovered that Git incorrectly handled certain inputs. An attacker...

9.8CVSS7.4AI score0.0412EPSS
Exploits1
Ubuntu
Ubuntu
added 2017/01/27 9:57 p.m.113 views

USN-3175-1: Firefox vulnerabilities

Multiple memory safety issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. CVE-2017-5373, CVE-2017-5374 JIT code allocation c...

9.8CVSS7.5AI score0.33434EPSS
Exploits22
Ubuntu
Ubuntu
added 2016/11/11 9:2 a.m.113 views

USN-3129-1: Linux kernel vulnerability

Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service system crash...

6.2CVSS7.1AI score0.00395EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/06/27 11:48 p.m.113 views

USN-3021-1: Linux kernel vulnerabilities

Andrey Konovalov discovered that the CDC Network Control Model USB driver in the Linux kernel did not cancel work events queued if a later error occurred, resulting in a use-after-free. An attacker with physical access could use this to cause a denial of service system crash. CVE-2016-3951 Kangji...

7.8CVSS6.3AI score0.04178EPSS
Exploits5
Ubuntu
Ubuntu
added 2011/02/22 7:45 p.m.113 views

USN-1069-1: Mailman vulnerabilities

It was discovered that Mailman did not properly sanitize certain fields, resulting in cross-site scripting XSS vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to...

4.3CVSS6.1AI score0.04248EPSS
Exploits0
Total number of security vulnerabilities5000