Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
added 2021/11/11 7:14 a.m.112 views

LSN-0082-1: Kernel Live Patch Security Notice

Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly expose sensitive information kernel...

7.8CVSS7AI score0.01129EPSS
Exploits5
Ubuntu
Ubuntu
added 2021/11/01 10:40 p.m.112 views

USN-5128-1: Ceph vulnerabilities

Goutham Pacha Ravi, Jahson Babel, and John Garbutt discovered that user credentials in Ceph could be manipulated in certain environments. An attacker could use this to gain unintended access to resources. This issue only affected Ubuntu 18.04 LTS. CVE-2020-27781 It was discovered that Ceph...

7.2CVSS7AI score0.02425EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/09/13 2:49 p.m.112 views

USN-5076-1: Git vulnerability

It was discovered that Git allowed newline characters in certain repository paths. An attacker could potentially use this issue to perform cross-protocol requests...

7.5CVSS8AI score0.03074EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/08/04 1:9 p.m.112 views

USN-5027-2: PEAR vulnerability

USN-5027-1 fixed a vulnerability in PEAR. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that PEAR incorrectly handled symbolic links in archives. A remote attacker could possibly use this issue to execute arbitrary code...

7.1CVSS7.8AI score0.73377EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/07/29 4:28 p.m.112 views

USN-5026-1: QPDF vulnerabilities

It was discovered that QPDF incorrectly handled certain malformed PDF files. A remote attacker could use this issue to cause QPDF to consume resources, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2018-18020 It was discovered that QPDF incorrectly handled certa...

5.5CVSS5.4AI score0.01281EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/02/04 7:45 p.m.112 views

USN-4721-1: Flatpak vulnerability

Simon McVittie discovered that flatpak-portal service allowed sandboxed applications to execute arbitrary code on the host system a sandbox escape. A malicious user could create a Flatpak application that set environment variables, trusted by the Flatpak "run" command, and use it to execute...

8.8CVSS8.5AI score0.0057EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/01/13 8:43 p.m.112 views

USN-4653-2: containerd vulnerability

USN-4653-1 fixed a vulnerability in containerd. Unfortunately, those containerd packages introduced a regression in docker.io and the update was reverted. This update addresses the docker.io issue and reintroduces the fixes from USN-4653-1. We apologize for the inconvenience...

5.2CVSS6.5AI score0.03236EPSS
Exploits4References1
Ubuntu
Ubuntu
added 2021/01/13 5:15 p.m.112 views

USN-4691-1: Open vSwitch vulnerabilities

Jonas Rudloff discovered that Open vSwitch incorrectly handled certain malformed LLDP packets. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.5AI score0.05493EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/01/11 9:19 p.m.113 views

USN-4690-1: coTURN vulnerability

It was discovered that coTURN allowed peers to connect and relay packets to loopback addresses in the range of 127.x.x.x. A malicious user could use this vulnerability to insert packages into the loopback interface...

7.2CVSS7.2AI score0.01282EPSS
Exploits3
Ubuntu
Ubuntu
added 2020/10/14 4:22 p.m.112 views

USN-4582-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled permissions on the .swp file. A local attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS. CVE-2017-17087 It was discovered that Vim incorrectly handled restricted mode. A local attacker...

5.5CVSS6.6AI score0.00488EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/10/05 5:4 p.m.112 views

USN-4570-1: urllib3 vulnerability

It was discovered that urllib3 incorrectly handled certain character sequences. A remote attacker could possibly use this issue to perform CRLF injection...

6.5CVSS7.6AI score0.02269EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/05/06 3:18 p.m.112 views

USN-4351-1: Linux firmware vulnerability

Eli Biham and Lior Neumann discovered that certain Bluetooth devices incorrectly validated key exchange parameters. An attacker could possibly use this issue to obtain sensitive information...

8CVSS7.4AI score0.00802EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/03/18 2:33 a.m.112 views

USN-4171-5: Apport regression

USN-4171-1 fixed vulnerabilities in Apport. This caused a regression in autopkgtest and python2 compatibility. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings file as the root...

5.7AI score
Exploits0References2
Ubuntu
Ubuntu
added 2019/10/30 1:49 p.m.112 views

USN-4172-1: file vulnerability

It was discovered that file incorrectly handled certain malformed files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code...

7.8CVSS8AI score0.0185EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/10/23 9:40 p.m.112 views

USN-4165-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, bypass same-origin restrictions, conduct cross-site scripting XSS attacks,...

8.8CVSS7.7AI score0.06643EPSS
Exploits3
Ubuntu
Ubuntu
added 2019/05/14 8:50 p.m.112 views

USN-3982-1: Linux kernel vulnerabilities

Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...

6.5CVSS6.7AI score0.01771EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2019/04/23 11:54 a.m.112 views

USN-3952-1: Pacemaker vulnerabilities

Jan Pokorný discovered that Pacemaker incorrectly handled client-server authentication. A local attacker could possibly use this issue to escalate privileges. CVE-2018-16877 Jan Pokorný discovered that Pacemaker incorrectly handled certain verifications. A local attacker could possibly use this...

8.8CVSS6.7AI score0.01962EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/04/08 11:52 p.m.112 views

USN-3943-1: Wget vulnerabilities

It was discovered that Wget incorrectly handled certain inputs. An attacker could possibly use this issue to access sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. CVE-2018-20483 Kusano Kazuhiko discovered that Wget incorrectly handled certain inputs. An attacke...

9.8CVSS7.7AI score0.05751EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/04/02 9:18 p.m.112 views

USN-3932-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3932-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a race condition existed in the f2fs file system implementation...

8.1CVSS7AI score0.16523EPSS
Exploits19
Ubuntu
Ubuntu
added 2019/02/27 6:30 p.m.112 views

USN-3898-2: NSS vulnerability

USN-3898-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Hanno Böck and Damian Poddebniak discovered that NSS incorrectly handled certain CMS functions. A remote attacker could possibly use this issue to cause NSS to...

6.5CVSS6.8AI score0.01956EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/01/10 3:40 p.m.112 views

USN-3852-1: Exiv2 vulnerabilities

It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. CVE-2017-9239 only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2017-11591, CVE-2017-11683, CVE-2017-14859, CVE-2017-14862, CVE-2017-14864, CVE-2017-17669...

7.5CVSS6.3AI score0.03098EPSS
Exploits6
Ubuntu
Ubuntu
added 2018/08/06 9:32 p.m.112 views

USN-3732-2: Linux kernel (HWE) vulnerability

USN-3732-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Juha-Matti Tilli discovered that the TCP implementation in the Linux kernel performed...

7.8CVSS6.7AI score0.7354EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/01/27 9:57 p.m.112 views

USN-3175-1: Firefox vulnerabilities

Multiple memory safety issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. CVE-2017-5373, CVE-2017-5374 JIT code allocation c...

9.8CVSS7.5AI score0.33434EPSS
Exploits22
Ubuntu
Ubuntu
added 2016/05/24 5:31 p.m.112 views

USN-2984-1: PHP vulnerabilities

It was discovered that the PHP Fileinfo component incorrectly handled certain magic files. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. CVE-2015-8865 Hans Jerry Illikainen...

9.8CVSS8.5AI score0.5851EPSS
Exploits22
Ubuntu
Ubuntu
added 2014/10/30 11:56 a.m.112 views

USN-2391-1: php5 vulnerabilities

Symeon Paraschoudis discovered that PHP incorrectly handled the mkgmtime function. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. CVE-2014-3668 Symeon Paraschoudis discovered that PHP incorrectly handled unserializing objects. A remote...

7.5CVSS8.4AI score0.28862EPSS
Exploits3
Ubuntu
Ubuntu
added 2012/11/08 10:40 p.m.112 views

USN-1628-1: Qt vulnerability

Juliano Rizzo and Thai Duong discovered a flaw in the Transport Layer Security TLS protocol when it is used with data compression. If an attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to view sensitive information. This update disables TLS data...

2.6CVSS7AI score0.04266EPSS
Exploits2
Ubuntu
Ubuntu
added 2010/12/11 12:24 a.m.112 views

USN-1032-1: Exim vulnerability

Sergey Kononenko and Eugene Bujak discovered that Exim did not correctly truncate string expansions. A remote attacker could send specially crafted email traffic to run arbitrary code as the Exim user, which could also lead to root privileges...

9.8CVSS8.5AI score0.71794EPSS
Exploits6
Ubuntu
Ubuntu
added 2009/08/04 9:57 p.m.112 views

USN-810-2: NSPR update

USN-810-1 fixed vulnerabilities in NSS. This update provides the NSPR needed to use the new NSS. Original advisory details: Moxie Marlinspike discovered that NSS did not properly handle regular expressions in certificate names. A remote attacker could create a specially crafted certificate to cau...

7.6AI score0.05741EPSS
Exploits5References1
Ubuntu
Ubuntu
added 2025/03/05 11:41 a.m.111 views

USN-7324-1: Linux kernel vulnerability

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; CVE-2024-53104...

7.8CVSS7.5AI score0.03301EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/06/12 6:10 p.m.111 views

USN-6819-3: Linux kernel (OEM) vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 Chenyuan...

7.8CVSS6.9AI score0.78388EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/07/19 2:45 p.m.111 views

USN-6238-1: Samba vulnerabilities

It was discovered that Samba incorrectly handled Winbind NTLM authentication responses. An attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. CVE-2022-2127 Andreas Schneider discovered that Samba incorrectly enforced SMB2 packet signing. A remote...

7.5CVSS6.7AI score0.62606EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/03/28 6:48 p.m.111 views

USN-5980-1: Linux kernel vulnerabilities

It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2021-3669 It was discovered that the KVM VMX implementation in the Linux kernel did no...

8.8CVSS7.2AI score0.0048EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/01/09 4:16 p.m.111 views

USN-5797-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS7.1AI score0.34574EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/12/17 2:59 p.m.111 views

USN-5200-1: Python vulnerabilities

It was discovered that the urllib.request.AbstractBasicAuthHandler class in Python contains regex allowing for catastrophic backtracking. Specially crafted traffic from a malicious HTTP server could cause a regular expression denial of service ReDoS condition for a client. CVE-2020-8492 It was...

7.5CVSS7AI score0.11586EPSS
Exploits3
Ubuntu
Ubuntu
added 2021/02/22 4:4 p.m.111 views

USN-4467-3: QEMU regression

USN-4467-1 fixed vulnerabilities in QEMU. The fix for CVE-2020-13754 introduced a regression in certain environments. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Ren Ding, Hanqing Zhao, Alexander Bulekov, and Anatoly Trosinenko discovered that the...

7AI score
Exploits0References1
Ubuntu
Ubuntu
added 2020/10/26 11:11 a.m.111 views

USN-4602-1: Perl vulnerabilities

ManhND discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.6CVSS7.5AI score0.11334EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/07/06 6:10 p.m.111 views

USN-4416-1: GNU C Library vulnerabilities

Florian Weimer discovered that the GNU C Library incorrectly handled certain memory operations. A remote attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. CVE-2017-121...

9.8CVSS7.6AI score0.074EPSS
Exploits6
Ubuntu
Ubuntu
added 2020/02/03 1:19 p.m.111 views

USN-4263-1: Sudo vulnerability

Joe Vennix discovered that Sudo incorrectly handled memory operations when the pwfeedback option is enabled. A local attacker could possibly use this issue to obtain unintended access to the administrator account...

7.8CVSS7.4AI score0.19426EPSS
Exploits13
Ubuntu
Ubuntu
added 2019/11/13 6:53 p.m.111 views

USN-4184-2: Linux kernel vulnerability and regression

USN-4184-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 i915 missing Blitter Command Streamer check was incomplete on 64-bit Intel x86 systems. Also, the update introduced a regression that broke KVM guests where extended page tables EPT are...

7.8CVSS7.8AI score0.00668EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2019/09/11 5:2 p.m.111 views

USN-4130-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

9.3CVSS6.7AI score0.12852EPSS
Exploits6
Ubuntu
Ubuntu
added 2019/06/20 11:22 a.m.111 views

USN-4026-1: Bind vulnerability

It was discovered that Bind incorrectly handled certain malformed packets. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service...

5.9CVSS6.6AI score0.03271EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/03/12 5:46 p.m.111 views

USN-3907-1: WALinuxAgent vulnerability

It was discovered that WALinuxAgent created swap files with incorrect permissions. A local attacker could possibly use this issue to obtain sensitive information from the swap file...

6.5CVSS6.1AI score0.05255EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/02/07 10:4 p.m.111 views

USN-3878-2: Linux kernel (Azure) vulnerabilities

It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information host machine kernel memory. CVE-2018-14625 Cfir...

8.8CVSS6.2AI score0.00477EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/07/09 4:55 p.m.111 views

USN-3708-1: OpenSLP vulnerabilities

It was discovered that OpenSLP incorrectly handled certain memory operations. A remote attacker could use this issue to cause OpenSLP to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.9AI score0.0389EPSS
Exploits3
Ubuntu
Ubuntu
added 2018/07/02 7:42 p.m.111 views

USN-3696-1: Linux kernel vulnerabilities

It was discovered that an integer overflow existed in the perf subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2017-18255 Wei Fang discovered an integer overflow in the F2FS filesystem implementation in the Linux kernel. A local attack...

7.8CVSS7AI score0.01912EPSS
Exploits4
Ubuntu
Ubuntu
added 2018/01/23 12:42 a.m.111 views

USN-3540-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3540-1 addressed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn discovered that microprocessors utilizing speculative execution and bran...

5.6CVSS7.4AI score0.93838EPSS
Exploits13References1
Ubuntu
Ubuntu
added 2018/01/09 2:52 p.m.111 views

USN-3521-1: NVIDIA graphics drivers vulnerability

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provide...

5.6CVSS7.1AI score0.93838EPSS
Exploits9
Ubuntu
Ubuntu
added 2017/10/10 6:0 p.m.111 views

USN-3443-2: Linux kernel (HWE) vulnerabilities

USN-3443-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. It was discovered that on the PowerPC architecture, the kernel did not properly sanitize the...

6.6CVSS7AI score0.00445EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/09/18 8:29 p.m.111 views

USN-3422-1: Linux kernel vulnerabilities

It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2017-1000251 It was discovered that the asynchronous I/O aio...

8CVSS7.9AI score0.16181EPSS
Exploits17
Ubuntu
Ubuntu
added 2017/06/22 6:2 p.m.111 views

USN-3339-1: OpenVPN vulnerabilities

Karthikeyan Bhargavan and Gaëtan Leurent discovered that 64-bit block ciphers are vulnerable to a birthday attack. A remote attacker could possibly use this issue to recover cleartext data. Fixing this issue requires a configuration change to switch to a different cipher. This update adds a warni...

7.5CVSS7.2AI score0.0594EPSS
Exploits0
Total number of security vulnerabilities5000