Lucene search
K
UbuntuMost viewed

10888 matches found

Ubuntu
Ubuntu
•added 2022/01/24 5:29 p.m.•110 views

USN-5250-1: strongSwan vulnerability

Zhuowei Zhang discovered that stringSwan incorrectly handled EAP authentication. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly bypass client and server authentication...

9.1CVSS7.3AI score0.02761EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/01/06 2:54 p.m.•110 views

USN-5213-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

6.5CVSS6.9AI score0.01604EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/01/06 9:48 a.m.•110 views

LSN-0083-1: Kernel Live Patch Security Notice

The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c.CVE-2018-25020...

8.8CVSS7.6AI score0.78684EPSS
Exploits29
Ubuntu
Ubuntu
•added 2021/09/09 6:42 p.m.•110 views

USN-5074-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass mixed content blocking, or execute arbitrary code...

8.8CVSS8.1AI score0.01205EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/08/17 5:1 p.m.•110 views

USN-5042-1: HAProxy vulnerabilities

It was discovered that HAProxy incorrectly handled the HTTP/2 protocol. A remote attacker could possibly use this issue to bypass restrictions...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2021/03/04 5:54 p.m.•110 views

USN-4757-2: wpa_supplicant and hostapd vulnerability

USN-4757-1 fixed a vulnerability in wpasupplicant and hostapd. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that wpasupplicant did not properly handle P2P Wi-Fi Direct provision discovery requests in some situations. A physically...

7.5CVSS7.8AI score0.01228EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/09/22 1:57 p.m.•110 views

USN-4531-1: BusyBox vulnerability

It was discovered that the BusyBox wget applet incorrectly validated SSL certificates. A remote attacker could possibly use this issue to intercept secure communications...

8.1CVSS6.8AI score0.02462EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/09/15 6:30 p.m.•110 views

USN-4497-1: OpenJPEG vulnerabilities

It was discovered that OpenJPEG incorrectly handled certain image files. A remote attacker could possibly use this issue to cause a denial of service. CVE-2016-9112 It was discovered that OpenJPEG did not properly handle certain input. If OpenJPEG were supplied with specially crafted input, it...

8.8CVSS7AI score0.04932EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/09/03 4:51 p.m.•110 views

USN-4485-1: Linux kernel vulnerabilities

Timothy Michaud discovered that the i915 graphics driver in the Linux kernel did not properly validate user memory locations for the i915gemexecbuffer2ioctl. A local attacker could possibly use this to cause a denial of service or execute arbitrary code. CVE-2018-20669 It was discovered that the...

7.8CVSS7.1AI score0.00617EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/01/28 8:3 p.m.•110 views

USN-4257-1: OpenJDK vulnerabilities

It was discovered that OpenJDK incorrectly handled exceptions during deserialization in BeanContextSupport. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. CVE-2020-2583 It was discovered that OpenJDK incorrectly validated properties of SASL...

8.1CVSS6.7AI score0.04903EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/11/13 7:15 p.m.•110 views

USN-4186-3: Linux kernel vulnerability

USN-4186-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 i915 missing Blitter Command Streamer check was incomplete on 64-bit Intel x86 systems. This update addresses the issue. We apologize for the inconvenience. Original advisory details:...

7.8CVSS7.8AI score0.00668EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2019/11/13 12:45 a.m.•110 views

USN-4184-1: Linux kernel vulnerabilities

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...

8.8CVSS7.8AI score0.03133EPSS
Exploits2References1
Ubuntu
Ubuntu
•added 2019/05/14 8:50 p.m.•110 views

USN-3982-1: Linux kernel vulnerabilities

Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...

6.5CVSS6.7AI score0.01771EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2019/04/08 7:26 p.m.•110 views

USN-3938-1: systemd vulnerability

Jann Horn discovered that pamsystemd created logind sessions using some parameters from the environment. A local attacker could exploit this in order to spoof the active session and gain additional PolicyKit privileges...

7CVSS5.7AI score0.01217EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/04/02 9:55 p.m.•110 views

USN-3933-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3933-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that an information leak vulnerability existed in the Bluetooth...

8.1CVSS6.3AI score0.16523EPSS
Exploits11
Ubuntu
Ubuntu
•added 2019/03/07 4:41 p.m.•110 views

USN-3904-1: NVIDIA graphics drivers vulnerability

It was discovered that the NVIDIA graphics drivers incorrectly handled the GPU performance counters. A local attacker could possibly use this issue to access the application data processed on the GPU...

5.5CVSS6.2AI score0.00393EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/01/23 4:6 p.m.•110 views

USN-3867-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10 have been updated to MySQL 5.7.25. In addition to security fixes, the updated packages contain bug fixes, new features,...

7.1CVSS6.5AI score0.04457EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/07/09 4:55 p.m.•110 views

USN-3708-1: OpenSLP vulnerabilities

It was discovered that OpenSLP incorrectly handled certain memory operations. A remote attacker could use this issue to cause OpenSLP to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.9AI score0.0389EPSS
Exploits3
Ubuntu
Ubuntu
•added 2018/04/04 6:17 p.m.•110 views

USN-3617-3: Linux kernel (Raspberry Pi 2) vulnerabilities

It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-0861 It was discovered that a...

7.8CVSS6.9AI score0.07679EPSS
Exploits10
Ubuntu
Ubuntu
•added 2017/10/10 6:0 p.m.•110 views

USN-3443-2: Linux kernel (HWE) vulnerabilities

USN-3443-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. It was discovered that on the PowerPC architecture, the kernel did not properly sanitize the...

6.6CVSS7AI score0.00445EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/09/18 10:38 p.m.•110 views

USN-3419-2: Linux kernel (HWE) vulnerabilities

USN-3419-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel wh...

8CVSS7.5AI score0.16181EPSS
Exploits12
Ubuntu
Ubuntu
•added 2015/01/13 12:7 p.m.•110 views

USN-2466-1: Linux kernel vulnerabilities

A null pointer dereference flaw was discovered in the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service system crash via a malformed INIT chunk. CVE-2014-7841 A race condition with MMIO and PIO transactions in the KV...

6.1CVSS6.8AI score0.0523EPSS
Exploits1
Ubuntu
Ubuntu
•added 2011/09/13 8:4 p.m.•110 views

USN-1202-1: Linux kernel (OMAP4) vulnerabilities

Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. CVE-2010-3296, CVE-2010-3297 Brad Spengler discovered that stack memory for new a process was not correctly...

9.8CVSS7AI score0.08793EPSS
Exploits58
Ubuntu
Ubuntu
•added 2011/08/19 4:45 p.m.•110 views

USN-1193-1: Linux kernel vulnerabilities

Timo Warns discovered that the GUID partition parsing routines did not correctly validate certain structures. A local attacker with physical access could plug in a specially crafted block device to crash the system, leading to a denial of service. CVE-2011-1577 Phil Oester discovered that the...

9CVSS6.9AI score0.03377EPSS
Exploits6
Ubuntu
Ubuntu
•added 2024/05/28 7:6 p.m.•109 views

USN-6795-1: Linux kernel (Intel IoTG) vulnerabilities

Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service system crash. CVE-2023-47233 It was...

7.8CVSS7.3AI score0.78388EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/06/30 2:54 p.m.•109 views

USN-5498-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code...

8.4CVSS7.4AI score0.01842EPSS
Exploits8
Ubuntu
Ubuntu
•added 2022/06/07 6:36 p.m.•109 views

USN-5464-1: e2fsprogs vulnerability

Nils Bars discovered that e2fsprogs incorrectly handled certain file systems. A local attacker could use this issue with a crafted file system image to possibly execute arbitrary code...

7.8CVSS7.1AI score0.01382EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/04/07 5:12 a.m.•109 views

USN-5366-1: FriBidi vulnerabilities

It was discovered that FriBidi incorrectly handled processing of input strings resulting in memory corruption. An attacker could use this issue to cause FriBidi to crash, resulting in a denial of service, or potentially execute arbitrary code. CVE-2022-25308 It was discovered that FriBidi...

7.8CVSS6.9AI score0.00508EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/02/08 9:56 a.m.•109 views

USN-5275-1: BlueZ vulnerability

Ziming Zhang discovered that BlueZ incorrectly handled memory write operations in its gatt server. A remote attacker could possibly use this to cause BlueZ to crash leading to a denial of service, or potentially remotely execute code. CVE-2022-0204...

8.8CVSS6.8AI score0.01808EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/11/11 5:40 a.m.•109 views

USN-5140-1: Linux kernel (OEM 5.14) vulnerabilities

It was discovered that the AMD Cryptographic Coprocessor CCP driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2021-3744, CVE-2021-3764 It was discovered that an integer...

7.8CVSS7.1AI score0.00537EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/11/09 3:46 a.m.•109 views

USN-5136-1: Linux kernel vulnerabilities

It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.3AI score0.02014EPSS
Exploits3
Ubuntu
Ubuntu
•added 2021/11/09 3:20 a.m.•109 views

USN-5130-1: Linux kernel vulnerabilities

Jann Horn discovered a race condition in the tty subsystem of the Linux kernel in the locking for the TIOCSPGRP ioctl, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-29661 Jann Horn...

7.8CVSS7AI score0.01129EPSS
Exploits3
Ubuntu
Ubuntu
•added 2021/05/25 6:20 p.m.•109 views

USN-4965-2: Apport vulnerabilities

USN-4965-1 fixed several vulnerabilities in Apport. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Maik Münch discovered that Apport incorrectly handled certain information gathering operations. A local attacker could use these...

7.3CVSS6.4AI score0.0039EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/03/15 8:17 p.m.•109 views

USN-4773-1: Drupal vulnerabilities

It was discovered that Drupal did not properly process certain input. An attacker could use this vulnerability to execute arbitrary code or completely compromise a Drupal site. CVE-2018-7600, CVE-2018-7602 It was discovered that password reset URLs in Drupal could be forged. An attacker could use...

9.8CVSS7.8AI score0.99993EPSS
Exploits58
Ubuntu
Ubuntu
•added 2020/05/28 11:33 a.m.•109 views

USN-4360-4: json-c vulnerability

USN-4360-1 fixed a vulnerability in json-c. The security fix introduced a memory leak that was reverted in USN-4360-2 and USN-4360-3. This update provides the correct fix update for CVE-2020-12762. Original advisory details: It was discovered that json-c incorrectly handled certain JSON files. An...

7.8CVSS7.2AI score0.01888EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/03/17 1:48 a.m.•109 views

USN-4303-1: Linux kernel vulnerability

Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested level 2 guest access the resources of a parent level 1 guest in certain situations. An attacker could use this to expose sensitive information...

6.8CVSS6.7AI score0.00927EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/03/09 3:21 p.m.•109 views

USN-4297-1: runC vulnerabilities

It was discovered that runC incorrectly checked mount targets. An attacker with a malicious container image could possibly mount over the /proc directory and escalate privileges. This issue only affected Ubuntu 18.04 LTS. CVE-2019-16884 It was discovered that runC incorrectly performed access...

7.5CVSS6.8AI score0.04409EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/02/17 6:13 p.m.•109 views

USN-4279-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. CVE-2015-9253 It was discovered that PHP incorrectly handled certain inputs. An...

9.1CVSS7.6AI score0.08888EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/01/15 10:37 a.m.•109 views

USN-4237-2: SpamAssassin vulnerabilities

USN-4237-1 fixed several vulnerabilities in SpamAssassin. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Original advisory details: It was discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a...

7.5CVSS7AI score0.07234EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/11/05 11:33 a.m.•109 views

USN-4171-3: Apport regression

USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression in the Python Apport library. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user...

5.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2019/09/30 3:5 p.m.•109 views

USN-4143-1: SDL 2.0 vulnerabilities

It was discovered that SDL 2.0 mishandled crafted image files resulting in an integer overflow. If a user were tricked into opening a malicious file, SDL 2.0 could be caused to crash or potentially run arbitrary code. CVE-2017-2888 It was discovered that SDL 2.0 mishandled crafted image files. If...

8.8CVSS7AI score0.03299EPSS
Exploits6
Ubuntu
Ubuntu
•added 2019/06/19 5:19 p.m.•109 views

USN-4020-1: Firefox vulnerability

A type confusion bug was discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could exploit this by causing a denial of service, or executing arbitrary code...

8.8CVSS8.1AI score0.37951EPSS
Exploits7
Ubuntu
Ubuntu
•added 2019/06/04 10:55 p.m.•109 views

USN-4007-2: Linux kernel (HWE) vulnerability

USN-4007-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Federico Manuel Bento discovered that the Linux kernel did not properly apply Address...

2.5CVSS6.6AI score0.00495EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/04/11 12:59 p.m.•109 views

USN-3945-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled certain RubyGems. An attacker could possibly use this issue to execute arbitrary commands. CVE-2019-8320 It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code...

8.8CVSS7.2AI score0.04212EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/01/22 1:12 p.m.•109 views

USN-3863-2: APT vulnerability

USN-3863-1 fixed a vulnerability in APT. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Max Justicz discovered that APT incorrectly handled certain parameters during redirects. If a remote attacker were able to perform a machine-in-the-middle attack...

9.3CVSS6.9AI score0.14555EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/05/22 3:36 a.m.•109 views

USN-3655-1: Linux kernel vulnerabilities

Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memor...

8.8CVSS7.8AI score0.60631EPSS
Exploits2References1
Ubuntu
Ubuntu
•added 2017/07/31 1:47 p.m.•109 views

USN-3372-1: NSS vulnerability

It was discovered that NSS incorrectly handled certain empty SSLv2 messages. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service. CVE-2017-7502 Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable t...

9.8CVSS7.8AI score0.95707EPSS
Exploits7
Ubuntu
Ubuntu
•added 2016/12/08 12:30 a.m.•109 views

USN-3154-1: OpenJDK 6 vulnerabilities

It was discovered that OpenJDK did not restrict the set of algorithms used for Jar integrity verification. An attacker could use this to modify without detection the content of a JAR file, affecting system integrity. CVE-2016-5542 It was discovered that the JMX component of OpenJDK did not...

9.6CVSS7.2AI score0.05437EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/10/26 2:38 p.m.•109 views

USN-2781-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.46 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 15.04 and Ubuntu 15.10 have been updated to MySQL 5.6.27. In addition to security fixes, th...

7.2CVSS7.4AI score0.30146EPSS
Exploits6
Ubuntu
Ubuntu
•added 2015/06/10 9:47 p.m.•109 views

USN-2634-1: Linux kernel vulnerabilities

Wen Xu discovered a use-after-free flaw in the Linux kernel's ipv4 ping support. A local user could exploit this flaw to cause a denial of service system crash or gain administrative privileges on the system. CVE-2015-3636 A memory corruption flaw was discovered in the Linux kernel's scsi...

7.2CVSS7AI score0.02472EPSS
Exploits7
Total number of security vulnerabilities5000