Lucene search
K
UbuntuMost viewed

10904 matches found

Ubuntu
Ubuntu
•added 2018/08/14 9:46 p.m.•108 views

USN-3740-2: Linux kernel (HWE) vulnerabilities

USN-3740-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that memory present in the L1 data cache of an Intel CPU core may be...

7.8CVSS6.9AI score0.24575EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2018/02/22 9:11 a.m.•108 views

USN-3582-1: Linux kernel vulnerabilities

Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contained a race condition leading to uninitialized pointer usage. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2017-17712 Laurent Guerby discovered that...

7.8CVSS7.4AI score0.74041EPSS
Exploits14
Ubuntu
Ubuntu
•added 2016/11/11 6:50 a.m.•108 views

USN-3127-1: Linux kernel vulnerabilities

It was discovered that the compression handling code in the Advanced Linux Sound Architecture ALSA subsystem in the Linux kernel did not properly check for an integer overflow. A local attacker could use this to cause a denial of service system crash. CVE-2014-9904 Kirill A. Shutemov discovered...

7.8CVSS7.3AI score0.0051EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/06/06 4:43 p.m.•108 views

USN-2994-1: libxml2 vulnerabilities

It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. CVE-2015-8806, CVE-2016-2073, CVE-2016-3627,...

9.3CVSS7AI score0.1398EPSS
Exploits12
Ubuntu
Ubuntu
•added 2014/12/19 12:49 p.m.•108 views

USN-2447-2: Linux kernel (Utopic HWE) regression

USN-2447-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression TCP Throughput drops to zero for several drivers after upgrading. This update fixes the problem. We apologize for the inconvenience. Original advisory details: An information leak in the Linux kernel was discover...

6.8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2014/07/17 1:3 a.m.•108 views

USN-2289-1: Linux kernel vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Michael S. Tsirkin discovered an information leak in the Linux kernel's...

7.5CVSS7AI score0.08103EPSS
Exploits12
Ubuntu
Ubuntu
•added 2013/12/12 4:19 p.m.•108 views

USN-2055-1: PHP vulnerabilities

Stefan Esser discovered that PHP incorrectly parsed certificates. An attacker could use a malformed certificate to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2013-6420 It was discovered that PHP incorrectly handled DateInterval objects. An attack...

7.5CVSS7.6AI score0.35635EPSS
Exploits8
Ubuntu
Ubuntu
•added 2011/10/25 1:8 p.m.•108 views

USN-1245-1: Linux kernel (Marvell DOVE) vulnerabilities

Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. CVE-2011-1576 Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not correctly...

9.1CVSS7.9AI score0.05689EPSS
Exploits8
Ubuntu
Ubuntu
•added 2011/03/02 11:7 p.m.•108 views

USN-1080-2: Linux kernel vulnerabilities

Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. CVE-2010-3865 Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not...

7.2CVSS6.2AI score0.02523EPSS
Exploits6
Ubuntu
Ubuntu
•added 2009/12/05 1:52 a.m.•108 views

USN-864-1: Linux kernel vulnerabilities

It was discovered that the AX.25 network subsystem did not correctly check integer signedness in certain setsockopt calls. A local attacker could exploit this to crash the system, leading to a denial of service. Ubuntu 9.10 was not affected. CVE-2009-2909 Jan Beulich discovered that the kernel...

7.8CVSS6.8AI score0.12461EPSS
Exploits24
Ubuntu
Ubuntu
•added 2008/02/14 4:20 a.m.•108 views

USN-578-1: Linux kernel vulnerabilities

The minix filesystem did not properly validate certain filesystem values. If a local attacker could trick the system into attempting to mount a corrupted minix filesystem, the kernel could be made to hang for long periods of time, resulting in a denial of service. CVE-2006-6058 Alexander Schulze...

7.8CVSS7.4AI score0.0324EPSS
Exploits6
Ubuntu
Ubuntu
•added 2005/02/15 6:21 p.m.•108 views

USN-82-1: Linux kernel vulnerabilities

CAN-2004-0176: Michael Kerrisk noticed an insufficient permission checking in the shmctl function. Any process was permitted to lock/unlock any System V shared memory segment that fell within the the RLIMITMEMLOCK limit that is the maximum size of shared memory that unprivileged users can acquire...

7.8CVSS6.1AI score0.0242EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2025/02/26 12:57 p.m.•107 views

USN-7293-1: Linux kernel vulnerabilities

Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code...

9.1CVSS8AI score0.03301EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/12/13 2:9 p.m.•107 views

USN-6548-3: Linux kernel (Oracle) vulnerabilities

It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. CVE-2023-3006 It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors i...

8.8CVSS7.2AI score0.09141EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/12/05 9:13 p.m.•107 views

USN-6532-1: Linux kernel vulnerabilities

Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. CVE-2023-20593 Yu Hao discovered that the UBI driver in the Linux kernel did not properly check...

7.8CVSS7.9AI score0.05794EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/11/21 2:55 p.m.•107 views

USN-6494-1: Linux kernel vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Lucas Leong discovered that the netfilter subsystem in the...

7.8CVSS7.3AI score0.00856EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/10/04 11:0 a.m.•107 views

USN-6401-1: FreeRDP vulnerabilities

It was discovered that FreeRDP did not properly manage certain inputs. A malicious server could use this issue to cause FreeRDP clients to crash, resulting in a denial of service, or possibly obtain sensitive information. CVE-2023-39350, CVE-2023-39351, CVE-2023-39353, CVE-2023-39354,...

9.8CVSS6.9AI score0.01432EPSS
Exploits10
Ubuntu
Ubuntu
•added 2023/08/15 3:17 p.m.•107 views

USN-6289-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS7.3AI score0.01346EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/07/25 1:33 p.m.•107 views

USN-6244-1: AMD Microcode vulnerability

Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information...

5.5CVSS7.3AI score0.05794EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/07/28 7:47 p.m.•107 views

USN-5537-2: MySQL vulnerability

USN-5537-1 fixed a vulnerability in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.7.39 in...

4.9CVSS6.3AI score0.01418EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/12 1:12 a.m.•107 views

USN-5416-1: Linux kernel (OEM) vulnerabilities

Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. CVE-2022-1158 It was discovered that the implementation ...

7.8CVSS6.7AI score0.00395EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/04/11 7:44 a.m.•107 views

USN-5331-2: tcpdump vulnerabilities

USN-5331-1 fixed several vulnerabilities in tcpdump. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that tcpdump incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial o...

7.8CVSS7.2AI score0.03071EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/01/27 2:29 p.m.•107 views

USN-5254-1: shadow vulnerabilities

It was discovered that shadow incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or expose sensitive information. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. CVE-2017-12424 It was discovered that shadow incorrectly handled certain...

9.8CVSS6AI score0.02659EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/04/20 3:41 p.m.•107 views

USN-4921-1: libcaca vulnerability

It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code...

7.8CVSS7.2AI score0.00565EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/02/10 6:56 p.m.•107 views

USN-4731-1: JUnit 4 vulnerability

It was discovered that JUnit 4 contains a local information disclosure vulnerability. An attacker could possibly use this issue to obtain sensitive information...

5.5CVSS6.5AI score0.01674EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/01/19 2:29 p.m.•107 views

USN-4700-1: PyXDG vulnerability

Alexandre D'Hondt discovered that PyXDG did not properly sanitize input. An attacker could exploit this with a crafted .menu file to execute arbitrary code...

7.5CVSS7.4AI score0.02105EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/01/11 6:14 p.m.•107 views

USN-4668-4: python-apt vulnerability

USN-4668-1 fixed a vulnerability in python-apt. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Kevin Backhouse discovered that python-apt incorrectly handled resources. A local attacker could possibly use this issue to cause python-apt to consume...

2.8CVSS4.9AI score0.0039EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/10/27 2:2 p.m.•107 views

USN-4602-2: Perl vulnerabilities

USN-4602-1 fixed several vulnerabilities in Perl. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: ManhND discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions ar...

8.6CVSS7.5AI score0.11334EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/05/06 12:5 p.m.•107 views

USN-4330-2: PHP vulnerabilities

USN-4330-1 fixed vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled certain EXIF files. An attacker could possibly use this issue to access sensitive information or cause a crash...

8.8CVSS7.3AI score0.04764EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/04/07 5:34 p.m.•107 views

USN-4323-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. CVE-2020-6821, CVE-2020-6822, CVE-2020-6824,...

9.8CVSS7.7AI score0.01905EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/02/05 1:48 p.m.•107 views

USN-4268-1: OpenSMTPD vulnerability

It was discovered that OpenSMTPD incorrectly verified the sender's or receiver's e-mail addresses under certain conditions. An attacker could use this vulnerability to execute arbitrary commands as root...

10CVSS9AI score0.98946EPSS
Exploits27
Ubuntu
Ubuntu
•added 2019/11/20 6:35 p.m.•107 views

USN-4195-2: MariaDB vulnerabilities

USN-4195-1 fixed multiple vulnerabilities in MySQL. This update provides the corresponding fixes for CVE-2019-2974 in MariaDB 10.1 and CVE-2019-2938, CVE-2019-2974 for MariaDB 10.3. Ubuntu 18.04 LTS has been updated to MariaDB 10.1.43. Ubuntu 19.04 and 19.10 has been updated to MariaDB 10.3.20. I...

6.5CVSS6.4AI score0.03726EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/05/13 5:54 p.m.•107 views

USN-3974-1: VCFtools vulnerabilities

It was discovered that VCFtools improperly handled certain input. If a user was tricked into opening a crafted input file, VCFtools could be made to crash. CVE-2018-11099, CVE-2018-11129, CVE-2018-11130...

7.8CVSS6.5AI score0.22369EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/05/22 3:33 a.m.•107 views

USN-3654-1: Linux kernel vulnerabilities

Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memor...

7.8CVSS7.8AI score0.60631EPSS
Exploits3References1
Ubuntu
Ubuntu
•added 2016/09/23 2:29 p.m.•107 views

USN-3087-2: OpenSSL regression

USN-3087-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2016-2182 was incomplete and caused a regression when parsing certificates. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Shi Lei discovered that OpenSSL incorrectly handled the OCSP Statu...

7.4AI score0.95707EPSS
Exploits8References1
Ubuntu
Ubuntu
•added 2016/04/27 4:39 p.m.•107 views

USN-2952-2: PHP regression

USN-2952-1 fixed vulnerabilities in PHP. One of the backported patches caused a regression in the PHP Soap client. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the PHP Zip extension incorrectly handled directories when...

7.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2015/09/30 8:10 p.m.•107 views

USN-2758-1: PHP vulnerabilities

It was discovered that the PHP phar extension incorrectly handled certain files. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. CVE-2015-5589 It was discovered that the PHP phar extension incorrectly handled certain filepaths. A remote attacker cou...

10CVSS8.7AI score0.46801EPSS
Exploits8
Ubuntu
Ubuntu
•added 2014/01/03 10:13 a.m.•107 views

USN-2064-1: Linux kernel vulnerabilities

Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. CVE-2013-4345 A flaw was discovered in the Linux kernel's IP Virtual Server IPVS support. A local user with the CAPNETADMI...

7CVSS6.7AI score0.03181EPSS
Exploits1
Ubuntu
Ubuntu
•added 2011/06/29 12:2 p.m.•107 views

USN-1162-1: Linux kernel vulnerabilities (Marvell Dove)

Brad Spengler discovered that the kernel did not correctly account for userspace memory allocations during exec calls. A local attacker could exploit this to consume all system memory, leading to a denial of service. CVE-2010-4243 Alexander Duyck discovered that the Intel Gigabit Ethernet driver...

9.8CVSS7.1AI score0.04364EPSS
Exploits30
Ubuntu
Ubuntu
•added 2005/04/14 6:33 p.m.•107 views

USN-112-1: PHP4 vulnerabilities

An integer overflow was discovered in the exifprocessIFDTAG function in PHP4's EXIF module. EXIF tags with a specially crafted "Image File Directory" IFD tag caused a buffer overflow which could have been exploited to execute arbitrary code with the privileges of the PHP4 server. CAN-2005-1042 Th...

7.5CVSS6.2AI score0.04016EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/07 8:46 a.m.•106 views

USN-6885-4: Apache HTTP Server regression

USN-6885-1 fixed a vulnerability in Apache. The patch for CVE-2024-38474 was incomplete and caused regressions. This update provides the fix for that issue. Original advisory details: Orange Tsai discovered that the Apache HTTP Server modrewrite module incorrectly handled certain substitutions. A...

7.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2024/02/29 2:24 p.m.•106 views

USN-6653-3: Linux kernel (Low Latency) vulnerabilities

It was discovered that a race condition existed in the ATM Asynchronous Transfer Mode subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51780 It was...

7.8CVSS7AI score0.01999EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/08/29 8:50 p.m.•106 views

USN-6316-1: Linux kernel (OEM) vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

7.8CVSS7.6AI score0.05794EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/04/19 2:15 p.m.•106 views

USN-6030-1: Linux kernel (Qualcomm Snapdragon) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 It was discovered that the System V IPC...

7.9CVSS7.6AI score0.03702EPSS
Exploits5
Ubuntu
Ubuntu
•added 2022/09/15 11:4 a.m.•106 views

USN-5613-1: Vim vulnerabilities

It was discovered that Vim was not properly performing bounds checks when executing spell suggestion commands. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2022-0943 It was discovered that Vim was using freed memory when dealing with regula...

8.4CVSS7.4AI score0.02645EPSS
Exploits7
Ubuntu
Ubuntu
•added 2022/06/27 2:14 p.m.•106 views

USN-5495-1: curl vulnerabilities

Harry Sintonen discovered that curl incorrectly handled certain cookies. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 21.10, and Ubuntu 22.04 LTS. CVE-2022-32205 Harry Sintonen discovered that curl incorrectly handled certain HTTP...

9.8CVSS7AI score0.3197EPSS
Exploits4
Ubuntu
Ubuntu
•added 2022/05/12 12:3 a.m.•106 views

USN-5413-1: Linux kernel vulnerabilities

Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service system crash. CVE-2020-27820 It was discovered that a race condition existed in the network...

8.8CVSS6.8AI score0.021EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/01/20 7:51 p.m.•106 views

USN-5244-1: DBus vulnerability

Daniel Onaca discovered that DBus contained a use-after-free vulnerability, caused by the incorrect handling of usernames sharing the same UID. An attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service...

7.8CVSS7.4AI score0.00331EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/10/05 2:5 p.m.•106 views

USN-5104-1: Squid vulnerability

Lyu discovered that Squid incorrectly handled WCCP protocol data. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly obtain sensitive information...

5.3CVSS5.9AI score0.13005EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/08/10 5:15 p.m.•106 views

USN-5034-2: c-ares vulnerability

USN-5034-1 fixed a vulnerability in c-ares. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Philipp Jeitner and Haya Shulman discovered that c-ares incorrectly validated certain hostnames returned by DNS servers. A remote attacker could possibly use...

6.8CVSS7.1AI score0.02617EPSS
Exploits1
Total number of security vulnerabilities5000