Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2019/01/22 1:12 p.m.•109 views

USN-3863-2: APT vulnerability

USN-3863-1 fixed a vulnerability in APT. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Max Justicz discovered that APT incorrectly handled certain parameters during redirects. If a remote attacker were able to perform a machine-in-the-middle attack...

9.3CVSS6.9AI score0.14555EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/05/22 3:36 a.m.•109 views

USN-3655-1: Linux kernel vulnerabilities

Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memor...

8.8CVSS7.8AI score0.60631EPSS
Exploits2References1
Ubuntu
Ubuntu
•added 2016/12/08 12:30 a.m.•109 views

USN-3154-1: OpenJDK 6 vulnerabilities

It was discovered that OpenJDK did not restrict the set of algorithms used for Jar integrity verification. An attacker could use this to modify without detection the content of a JAR file, affecting system integrity. CVE-2016-5542 It was discovered that the JMX component of OpenJDK did not...

9.6CVSS7.2AI score0.05437EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/10/26 2:38 p.m.•109 views

USN-2781-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.46 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 15.04 and Ubuntu 15.10 have been updated to MySQL 5.6.27. In addition to security fixes, th...

7.2CVSS7.4AI score0.30146EPSS
Exploits6
Ubuntu
Ubuntu
•added 2015/06/10 9:47 p.m.•109 views

USN-2634-1: Linux kernel vulnerabilities

Wen Xu discovered a use-after-free flaw in the Linux kernel's ipv4 ping support. A local user could exploit this flaw to cause a denial of service system crash or gain administrative privileges on the system. CVE-2015-3636 A memory corruption flaw was discovered in the Linux kernel's scsi...

7.2CVSS7AI score0.02472EPSS
Exploits7
Ubuntu
Ubuntu
•added 2015/04/20 3:58 p.m.•109 views

USN-2572-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled cleanup when used with Apache 2.4. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2015-3330 It was discovered that PHP incorrectly handled opening tar, zip or ph...

7.5CVSS7.6AI score0.38434EPSS
Exploits11
Ubuntu
Ubuntu
•added 2012/11/12 3:41 p.m.•109 views

USN-1629-1: libproxy vulnerabilities

Tomas Mraz discovered that libproxy incorrectly handled certain PAC files. A remote attacker could use this issue to cause libproxy to crash, or to possibly execute arbitrary code. CVE-2012-4504, CVE-2012-4505...

10CVSS5.7AI score0.03476EPSS
Exploits0
Ubuntu
Ubuntu
•added 2012/09/07 12:22 a.m.•109 views

USN-1558-1: Linux kernel (OMAP4) vulnerability

A flaw was found in the Linux kernel's Reliable Datagram Sockets RDS protocol implementation. A local, unprivileged user could use this flaw to cause a denial of service. CVE-2012-2372 Mathias Krause discovered an information leak in the Linux kernel's TUN/TAP device driver. A local user could...

6.6CVSS6.1AI score0.00399EPSS
Exploits0
Ubuntu
Ubuntu
•added 2006/09/20 12:48 a.m.•109 views

USN-349-1: gzip vulnerabilities

Tavis Ormandy discovered that gzip did not sufficiently verify the validity of gzip or compress archives while unpacking. By tricking an user or automated system into unpacking a specially crafted compressed file, this could be exploited to execute arbitrary code with the user's privileges...

7.5CVSS6AI score0.05641EPSS
Exploits1
Ubuntu
Ubuntu
•added 2006/07/19 9:17 p.m.•109 views

USN-319-2: Linux kernel vulnerability

USN-319-1 fixed a Linux kernel vulnerability in Ubuntu 6.06 LTS. This followup advisory provides the corresponding updates for Ubuntu 5.04 and 5.10. For reference, these are the details of the original USN: A race condition has been discovered in the file permission handling of the /proc file...

6.2CVSS5.7AI score0.02203EPSS
Exploits1
Ubuntu
Ubuntu
•added 2006/02/22 12:30 a.m.•109 views

USN-255-1: openssh vulnerability

Tomas Mraz discovered a shell code injection flaw in scp. When doing local-to-local or remote-to-remote copying, scp expanded shell escape characters. By tricking an user into using scp on a specially crafted file name which could also be caught by using an innocuous wild card like '', an attacke...

4.6CVSS7.2AI score0.00474EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/03/21 1:1 p.m.•108 views

USN-6704-2: Linux kernel (Raspberry Pi) vulnerabilities

It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service system crash. CVE-2023-23000 Quentin Minster discovered that the KSMBD...

7.8CVSS7.6AI score0.28058EPSS
Exploits16
Ubuntu
Ubuntu
•added 2023/08/29 9:12 p.m.•108 views

USN-6317-1: Linux kernel vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

7.8CVSS7.9AI score0.05794EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/05/31 10:15 p.m.•108 views

USN-6127-1: Linux kernel vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS7.4AI score0.16642EPSS
Exploits7
Ubuntu
Ubuntu
•added 2022/06/08 1:25 a.m.•108 views

USN-5465-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

7.8CVSS7AI score0.00789EPSS
Exploits6
Ubuntu
Ubuntu
•added 2022/05/12 12:49 a.m.•108 views

USN-5415-1: Linux kernel vulnerabilities

Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service system crash. CVE-2020-27820 Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor...

8.8CVSS7.2AI score0.021EPSS
Exploits12
Ubuntu
Ubuntu
•added 2022/03/23 10:44 p.m.•108 views

USN-5345-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, obtain sensitive information, cause undefined...

9.6CVSS7.8AI score0.00931EPSS
Exploits5
Ubuntu
Ubuntu
•added 2022/03/15 1:16 p.m.•108 views

USN-5327-1: rsh vulnerability

Hiroyuki Yamamori discovered that rsh incorrectly handled certain filenames. If a user or automated system were tricked into connecting to a malicious rsh server, a remote attacker could possibly use this issue to modify directory permissions...

5.9CVSS6.4AI score0.02067EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/02/28 12:18 p.m.•108 views

USN-5304-1: PolicyKit vulnerability

Kevin Backhouse discovered that PolicyKit incorrectly handled file descriptors. A local attacker could possibly use this issue to cause PolicyKit to crash, resulting in a denial of service...

5.5CVSS6.7AI score0.0053EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/02/18 2:21 a.m.•108 views

USN-5292-3: snapd vulnerabilities

USN-5292-1 fixed several vulnerabilities in snapd. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: James Troup discovered that snap did not properly manage the permissions for the snap directories. A local attacker could possibly...

8.8CVSS7.5AI score0.00966EPSS
Exploits5
Ubuntu
Ubuntu
•added 2022/02/03 4:42 a.m.•108 views

USN-5267-1: Linux kernel vulnerabilities

It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-3640 Likang Luo discovered that a race condition existed in the...

7.9CVSS6.9AI score0.01736EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/01/12 12:15 p.m.•108 views

USN-5224-1: Ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execut...

5.5CVSS6.5AI score0.01401EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/10/28 6:25 p.m.•108 views

USN-5126-2: Bind vulnerability

USN-5126-1 fixed a vulnerability in Bind. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Kishore Kumar Kothapalli discovered that Bind incorrectly handled the lame cache when processing responses. A remote attacker could possibl...

5.3CVSS6.4AI score0.08001EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/10/22 5:47 a.m.•108 views

USN-5121-1: Mailman vulnerabilities

Andre Protas, Richard Cloke, and Andy Nuttall discovered that Mailman did not properly associate cross-site request forgery CSRF tokens to specific accounts. A remote attacker could use this to perform a CSRF attack to gain access to another account. CVE-2021-42097 Andre Protas, Richard Cloke, an...

8.5CVSS6.6AI score0.01289EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/09/22 1:29 p.m.•108 views

USN-5085-1: SQL parse vulnerability

It was discovered that SQL parse incorrectly handled certain regular expression. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.4AI score0.02134EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/11/26 6:47 p.m.•108 views

USN-4382-2: FreeRDP vulnerabilities

It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.3CVSS6.5AI score0.02653EPSS
Exploits8
Ubuntu
Ubuntu
•added 2020/10/27 4:57 p.m.•108 views

USN-4603-1: MariaDB vulnerabilities

It was discovered that MariaDB didn't properly validate the content of a packet received from a server. A remote attacker could use this vulnerability to sent a specialy crafted file to cause a denial of service. CVE-2020-13249 It was discovered that MariaDB has other security issues. An attacker...

9CVSS6.6AI score0.05539EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/10/27 12:16 p.m.•108 views

USN-4583-2: PHP vulnerabilities

USN-4583-1 fixed vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 20.10. Original advisory details: It was discovered that PHP incorrectly handled certain encrypt ciphers. An attacker could possibly use this issue to decrease security or cause incorrect encryption...

6.5CVSS7.2AI score0.05029EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/09/17 4:40 p.m.•108 views

USN-4515-1: Pure-FTPd vulnerability

Antonio Norales discovered that Pure-FTPd incorrectly handled directory aliases. An attacker could possibly use this issue to access sensitive information. CVE-2020-9274...

7.5CVSS7.3AI score0.05813EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/09/17 11:10 a.m.•108 views

USN-4511-1: QEMU vulnerability

Ziming Zhang, Xiao Wei, Gonglei Arei, and Yanyu Zhang discovered that QEMU incorrectly handled certain USB packets. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default...

5CVSS7.5AI score0.05447EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/08/05 5:58 p.m.•108 views

USN-4453-1: OpenJDK 8 vulnerabilities

Johannes Kuhn discovered that OpenJDK 8 incorrectly handled access control contexts. An attacker could possibly use this issue to execute arbitrary code. CVE-2020-14556 Philippe Arteau discovered that OpenJDK 8 incorrectly verified names in TLS server's X.509 certificates. An attacker could...

8.3CVSS6.5AI score0.04315EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/07/23 6:7 p.m.•108 views

USN-4433-1: OpenJDK vulnerabilities

Johannes Kuhn discovered that OpenJDK incorrectly handled access control contexts. An attacker could possibly use this issue to execute arbitrary code. CVE-2020-14556 It was discovered that OpenJDK incorrectly handled memory allocation when reading TIFF image files. An attacker could possibly use...

8.3CVSS6.6AI score0.05166EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/07/14 2:8 p.m.•108 views

USN-4422-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

10CVSS7.1AI score0.77246EPSS
Exploits5
Ubuntu
Ubuntu
•added 2019/12/17 11:14 p.m.•108 views

USN-4223-1: OpenJDK vulnerabilities

Jan Jancar, Petr Svenda, and Vladimir Sedlacek discovered that a side- channel vulnerability existed in the ECDSA implementation in OpenJDK. An Attacker could use this to expose sensitive information. CVE-2019-2894 It was discovered that the Socket implementation in OpenJDK did not properly...

6.8CVSS7AI score0.03749EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/12/05 2:15 p.m.•108 views

USN-4214-1: RabbitMQ vulnerability

It was discovered that RabbitMQ incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code...

9.8CVSS8.6AI score0.03317EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/10/29 11:39 a.m.•108 views

USN-4166-2: PHP vulnerability

USN-4166-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that PHP incorrectly handled certain paths when being used in FastCGI configurations. A remote attacker could possibly use...

9.8CVSS8AI score0.9947EPSS
Exploits54
Ubuntu
Ubuntu
•added 2019/10/10 1:1 p.m.•108 views

USN-4151-2: Python vulnerabilities

USN-4151-1 fixed several vulnerabilities in Python. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that Python incorrectly parsed certain email addresses. A remote attacker could possibly use this issue to tric...

7.5CVSS7.3AI score0.05366EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/09/12 6:5 p.m.•108 views

USN-4132-1: Expat vulnerability

It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information...

7.5CVSS7.3AI score0.06643EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/07/15 1:25 p.m.•108 views

USN-4056-1: Exiv2 vulnerabilities

It was discovered that Exiv2 incorrectly handled certain PSD files. An attacker could possibly use this issue to cause a denial of service. CVE-2018-19107, CVE-2018-19108 It was discovered that Exiv2 incorrectly handled certain PNG files. An attacker could possibly use this issue to cause a denia...

6.5CVSS6.7AI score0.02127EPSS
Exploits5
Ubuntu
Ubuntu
•added 2019/06/29 4:59 a.m.•108 views

USN-4041-2: Linux kernel (HWE) update

USN-4041-1 provided updates for the Linux kernel in Ubuntu. This update provides the corresponding updates for the Linux kernel for Ubuntu 16.04 ESM. USN-4017-2 fixed vulnerabilities in the Linux kernel. Unfortunately, the update introduced a regression that interfered with networking application...

7.5CVSS6.8AI score0.9166EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2019/04/23 11:45 a.m.•108 views

USN-3951-1: Dovecot vulnerability

It was discovered that the Dovecot JSON encoder incorrectly handled certain invalid UTF-8 characters. A remote attacker could possibly use this issue to cause Dovecot to repeatedly crash, resulting in a denial of service...

7.5CVSS8AI score0.028EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/04/16 5:57 p.m.•108 views

USN-3949-1: OpenJDK 11 vulnerability

It was discovered that a memory disclosure issue existed in the OpenJDK Library subsystem. An attacker could use this to expose sensitive information and possibly bypass Java sandbox restrictions. CVE-2019-2422 Please note that with this update, the OpenJDK package in Ubuntu 18.04 LTS has...

3.1CVSS6.7AI score0.03374EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/01/30 12:33 p.m.•108 views

USN-3873-1: Open vSwitch vulnerabilities

It was discovered that Open vSwitch incorrectly decoded certain packets. A remote attacker could possibly use this issue to cause Open vSwitch to crash, resulting in a denial of service. CVE-2018-17204 It was discovered that Open vSwitch incorrectly handled processing certain flows. A remote...

7.5CVSS6.3AI score0.02531EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/09/20 12:12 p.m.•108 views

USN-3770-2: Little CMS vulnerabilities

USN-3770-1 fixed a vulnerability in Little CMS. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Pedro Ribeiro discoreved that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service...

7.1CVSS6.6AI score0.03502EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/08/14 9:46 p.m.•108 views

USN-3740-2: Linux kernel (HWE) vulnerabilities

USN-3740-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that memory present in the L1 data cache of an Intel CPU core may be...

7.8CVSS6.9AI score0.24575EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2018/02/22 9:11 a.m.•108 views

USN-3582-1: Linux kernel vulnerabilities

Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contained a race condition leading to uninitialized pointer usage. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2017-17712 Laurent Guerby discovered that...

7.8CVSS7.4AI score0.74041EPSS
Exploits13
Ubuntu
Ubuntu
•added 2018/01/09 2:52 p.m.•108 views

USN-3521-1: NVIDIA graphics drivers vulnerability

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provide...

5.6CVSS7.1AI score0.93838EPSS
Exploits9
Ubuntu
Ubuntu
•added 2017/10/31 9:20 a.m.•108 views

USN-3468-3: Linux kernel (GCP) vulnerabilities

It was discovered that the KVM subsystem in the Linux kernel did not properly bound guest IRQs. A local attacker in a guest VM could use this to cause a denial of service host system crash. CVE-2017-1000252 It was discovered that the Flash-Friendly File System f2fs implementation in the Linux...

7.8CVSS6.9AI score0.03631EPSS
Exploits8
Ubuntu
Ubuntu
•added 2016/11/11 6:50 a.m.•108 views

USN-3127-1: Linux kernel vulnerabilities

It was discovered that the compression handling code in the Advanced Linux Sound Architecture ALSA subsystem in the Linux kernel did not properly check for an integer overflow. A local attacker could use this to cause a denial of service system crash. CVE-2014-9904 Kirill A. Shutemov discovered...

7.8CVSS7.3AI score0.0051EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/06/06 4:43 p.m.•108 views

USN-2994-1: libxml2 vulnerabilities

It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. CVE-2015-8806, CVE-2016-2073, CVE-2016-3627,...

9.3CVSS7AI score0.1398EPSS
Exploits12
Total number of security vulnerabilities5000