Lucene search
K
UbuntuMost viewed

10890 matches found

Ubuntu
Ubuntu
added 2008/02/14 4:20 a.m.108 views

USN-578-1: Linux kernel vulnerabilities

The minix filesystem did not properly validate certain filesystem values. If a local attacker could trick the system into attempting to mount a corrupted minix filesystem, the kernel could be made to hang for long periods of time, resulting in a denial of service. CVE-2006-6058 Alexander Schulze...

7.8CVSS7.4AI score0.0324EPSS
Exploits6
Ubuntu
Ubuntu
added 2006/09/20 12:48 a.m.108 views

USN-349-1: gzip vulnerabilities

Tavis Ormandy discovered that gzip did not sufficiently verify the validity of gzip or compress archives while unpacking. By tricking an user or automated system into unpacking a specially crafted compressed file, this could be exploited to execute arbitrary code with the user's privileges...

7.5CVSS6AI score0.05641EPSS
Exploits1
Ubuntu
Ubuntu
added 2005/02/15 6:21 p.m.108 views

USN-82-1: Linux kernel vulnerabilities

CAN-2004-0176: Michael Kerrisk noticed an insufficient permission checking in the shmctl function. Any process was permitted to lock/unlock any System V shared memory segment that fell within the the RLIMITMEMLOCK limit that is the maximum size of shared memory that unprivileged users can acquire...

7.8CVSS6.1AI score0.0242EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2025/02/26 12:57 p.m.107 views

USN-7293-1: Linux kernel vulnerabilities

Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code...

9.1CVSS8AI score0.03301EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/12/13 2:9 p.m.107 views

USN-6548-3: Linux kernel (Oracle) vulnerabilities

It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. CVE-2023-3006 It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors i...

8.8CVSS7.2AI score0.09141EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/12/05 9:13 p.m.107 views

USN-6532-1: Linux kernel vulnerabilities

Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. CVE-2023-20593 Yu Hao discovered that the UBI driver in the Linux kernel did not properly check...

7.8CVSS7.9AI score0.05794EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/11/22 2:45 p.m.107 views

USN-6505-1: nghttp2 vulnerability

It was discovered that nghttp2 incorrectly handled request cancellation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service...

7.5CVSS7.2AI score0.99999EPSS
Exploits19
Ubuntu
Ubuntu
added 2023/11/21 2:55 p.m.107 views

USN-6494-1: Linux kernel vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Lucas Leong discovered that the netfilter subsystem in the...

7.8CVSS7.3AI score0.00856EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/10/04 11:0 a.m.107 views

USN-6401-1: FreeRDP vulnerabilities

It was discovered that FreeRDP did not properly manage certain inputs. A malicious server could use this issue to cause FreeRDP clients to crash, resulting in a denial of service, or possibly obtain sensitive information. CVE-2023-39350, CVE-2023-39351, CVE-2023-39353, CVE-2023-39354,...

9.8CVSS6.9AI score0.01432EPSS
Exploits10
Ubuntu
Ubuntu
added 2023/07/25 1:33 p.m.107 views

USN-6244-1: AMD Microcode vulnerability

Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information...

5.5CVSS7.3AI score0.05794EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/07/28 7:47 p.m.107 views

USN-5537-2: MySQL vulnerability

USN-5537-1 fixed a vulnerability in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.7.39 in...

4.9CVSS6.3AI score0.01418EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/05/12 1:12 a.m.107 views

USN-5416-1: Linux kernel (OEM) vulnerabilities

Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. CVE-2022-1158 It was discovered that the implementation ...

7.8CVSS6.7AI score0.00395EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/04/11 7:44 a.m.107 views

USN-5331-2: tcpdump vulnerabilities

USN-5331-1 fixed several vulnerabilities in tcpdump. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that tcpdump incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial o...

7.8CVSS7.2AI score0.03071EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/03/15 1:16 p.m.107 views

USN-5327-1: rsh vulnerability

Hiroyuki Yamamori discovered that rsh incorrectly handled certain filenames. If a user or automated system were tricked into connecting to a malicious rsh server, a remote attacker could possibly use this issue to modify directory permissions...

5.9CVSS6.4AI score0.02067EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/01/27 2:29 p.m.107 views

USN-5254-1: shadow vulnerabilities

It was discovered that shadow incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or expose sensitive information. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. CVE-2017-12424 It was discovered that shadow incorrectly handled certain...

9.8CVSS6AI score0.02659EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/09/08 11:21 a.m.107 views

USN-5065-1: Open vSwitch vulnerability

It was discovered that Open vSwitch incorrectly handled decoding RAWENCAP actions. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code...

5.5CVSS6.6AI score0.0118EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/15 9:24 p.m.107 views

USN-4800-1: Lynx vulnerabilities

It was discovered that Lynx incorrectly handled certain URLs. A remote attacker could possibly use this issue to obtain sensitive information or other unspecified impact. This issue only affected Ubuntu 16.04 ESM. CVE-2016-9179 It was discovered that Lynx incorrectly handled certain HTML files. A...

7.5CVSS6.6AI score0.04455EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/02/10 6:56 p.m.107 views

USN-4731-1: JUnit 4 vulnerability

It was discovered that JUnit 4 contains a local information disclosure vulnerability. An attacker could possibly use this issue to obtain sensitive information...

5.5CVSS6.5AI score0.01674EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/01/19 2:29 p.m.107 views

USN-4700-1: PyXDG vulnerability

Alexandre D'Hondt discovered that PyXDG did not properly sanitize input. An attacker could exploit this with a crafted .menu file to execute arbitrary code...

7.5CVSS7.4AI score0.02105EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/10/27 2:2 p.m.107 views

USN-4602-2: Perl vulnerabilities

USN-4602-1 fixed several vulnerabilities in Perl. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: ManhND discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions ar...

8.6CVSS7.5AI score0.11334EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/09/17 11:10 a.m.107 views

USN-4511-1: QEMU vulnerability

Ziming Zhang, Xiao Wei, Gonglei Arei, and Yanyu Zhang discovered that QEMU incorrectly handled certain USB packets. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default...

5CVSS7.5AI score0.05447EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/07/14 2:8 p.m.107 views

USN-4422-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

10CVSS7.1AI score0.77246EPSS
Exploits5
Ubuntu
Ubuntu
added 2020/04/07 5:34 p.m.107 views

USN-4323-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. CVE-2020-6821, CVE-2020-6822, CVE-2020-6824,...

9.8CVSS7.7AI score0.01905EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/11/20 6:35 p.m.107 views

USN-4195-2: MariaDB vulnerabilities

USN-4195-1 fixed multiple vulnerabilities in MySQL. This update provides the corresponding fixes for CVE-2019-2974 in MariaDB 10.1 and CVE-2019-2938, CVE-2019-2974 for MariaDB 10.3. Ubuntu 18.04 LTS has been updated to MariaDB 10.1.43. Ubuntu 19.04 and 19.10 has been updated to MariaDB 10.3.20. I...

6.5CVSS6.4AI score0.03726EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/01/30 12:33 p.m.107 views

USN-3873-1: Open vSwitch vulnerabilities

It was discovered that Open vSwitch incorrectly decoded certain packets. A remote attacker could possibly use this issue to cause Open vSwitch to crash, resulting in a denial of service. CVE-2018-17204 It was discovered that Open vSwitch incorrectly handled processing certain flows. A remote...

7.5CVSS6.3AI score0.02531EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/05/22 3:33 a.m.107 views

USN-3654-1: Linux kernel vulnerabilities

Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memor...

7.8CVSS7.8AI score0.60631EPSS
Exploits3References1
Ubuntu
Ubuntu
added 2016/09/23 2:29 p.m.107 views

USN-3087-2: OpenSSL regression

USN-3087-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2016-2182 was incomplete and caused a regression when parsing certificates. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Shi Lei discovered that OpenSSL incorrectly handled the OCSP Statu...

7.4AI score
Exploits0References1
Ubuntu
Ubuntu
added 2016/04/27 4:39 p.m.107 views

USN-2952-2: PHP regression

USN-2952-1 fixed vulnerabilities in PHP. One of the backported patches caused a regression in the PHP Soap client. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the PHP Zip extension incorrectly handled directories when...

7.7AI score
Exploits0References1
Ubuntu
Ubuntu
added 2015/09/30 8:10 p.m.107 views

USN-2758-1: PHP vulnerabilities

It was discovered that the PHP phar extension incorrectly handled certain files. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. CVE-2015-5589 It was discovered that the PHP phar extension incorrectly handled certain filepaths. A remote attacker cou...

10CVSS8.7AI score0.46801EPSS
Exploits8
Ubuntu
Ubuntu
added 2014/01/03 10:13 a.m.107 views

USN-2064-1: Linux kernel vulnerabilities

Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. CVE-2013-4345 A flaw was discovered in the Linux kernel's IP Virtual Server IPVS support. A local user with the CAPNETADMI...

7CVSS6.7AI score0.03181EPSS
Exploits1
Ubuntu
Ubuntu
added 2005/04/14 6:33 p.m.107 views

USN-112-1: PHP4 vulnerabilities

An integer overflow was discovered in the exifprocessIFDTAG function in PHP4's EXIF module. EXIF tags with a specially crafted "Image File Directory" IFD tag caused a buffer overflow which could have been exploited to execute arbitrary code with the privileges of the PHP4 server. CAN-2005-1042 Th...

7.5CVSS6.2AI score0.04016EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/29 2:24 p.m.106 views

USN-6653-3: Linux kernel (Low Latency) vulnerabilities

It was discovered that a race condition existed in the ATM Asynchronous Transfer Mode subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51780 It was...

7.8CVSS7AI score0.01982EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/08/29 8:50 p.m.106 views

USN-6316-1: Linux kernel (OEM) vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

7.8CVSS7.6AI score0.05794EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/08/15 3:17 p.m.106 views

USN-6289-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS7.3AI score0.01346EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/04/19 2:15 p.m.106 views

USN-6030-1: Linux kernel (Qualcomm Snapdragon) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 It was discovered that the System V IPC...

7.9CVSS7.6AI score0.03702EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/06/27 2:14 p.m.106 views

USN-5495-1: curl vulnerabilities

Harry Sintonen discovered that curl incorrectly handled certain cookies. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 21.10, and Ubuntu 22.04 LTS. CVE-2022-32205 Harry Sintonen discovered that curl incorrectly handled certain HTTP...

9.8CVSS7AI score0.3197EPSS
Exploits4
Ubuntu
Ubuntu
added 2022/05/12 12:3 a.m.106 views

USN-5413-1: Linux kernel vulnerabilities

Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service system crash. CVE-2020-27820 It was discovered that a race condition existed in the network...

8.8CVSS6.8AI score0.021EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/01/20 7:51 p.m.106 views

USN-5244-1: DBus vulnerability

Daniel Onaca discovered that DBus contained a use-after-free vulnerability, caused by the incorrect handling of usernames sharing the same UID. An attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service...

7.8CVSS7.4AI score0.00331EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/10/05 2:5 p.m.106 views

USN-5104-1: Squid vulnerability

Lyu discovered that Squid incorrectly handled WCCP protocol data. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly obtain sensitive information...

5.3CVSS5.9AI score0.13005EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/04/20 3:41 p.m.106 views

USN-4921-1: libcaca vulnerability

It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code...

7.8CVSS7.2AI score0.00561EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/03/03 11:45 a.m.106 views

USN-4757-1: wpa_supplicant and hostapd vulnerability

It was discovered that wpasupplicant did not properly handle P2P Wi-Fi Direct provision discovery requests in some situations. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code...

7.5CVSS7.7AI score0.01228EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/01/11 6:14 p.m.106 views

USN-4668-4: python-apt vulnerability

USN-4668-1 fixed a vulnerability in python-apt. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Kevin Backhouse discovered that python-apt incorrectly handled resources. A local attacker could possibly use this issue to cause python-apt to consume...

2.8CVSS4.9AI score0.0039EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/11/25 9:51 p.m.106 views

USN-4647-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across origins, bypass security restrictions,...

9.8CVSS7.4AI score0.42327EPSS
Exploits5
Ubuntu
Ubuntu
added 2020/09/30 12:55 p.m.106 views

USN-4557-1: Tomcat vulnerabilities

It was discovered that the Tomcat realm implementations incorrectly handled passwords when a username didn't exist. A remote attacker could possibly use this issue to enumerate usernames. CVE-2016-0762 Alvaro Munoz and Alexander Mirosh discovered that Tomcat incorrectly limited use of a certain...

9.8CVSS7.1AI score0.90338EPSS
Exploits12
Ubuntu
Ubuntu
added 2020/09/28 9:19 a.m.106 views

USN-4546-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting XSS attacks, spoof the site displayed in the download dialog, or execute...

8.8CVSS8.1AI score0.01961EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/07/06 8:28 p.m.106 views

USN-4414-1: Linux kernel vulnerabilities

It was discovered that the network block device nbd implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service system crash. CVE-2019-16089 It was discovered that the btrfs file system...

9.3CVSS6.6AI score0.04505EPSS
Exploits6
Ubuntu
Ubuntu
added 2020/05/07 1:24 p.m.106 views

USN-4353-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, spoof the URL bar, or execute arbitrary code. CVE-2020-6831, CVE-2020-1238...

10CVSS7.7AI score0.05803EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/05/06 12:5 p.m.106 views

USN-4330-2: PHP vulnerabilities

USN-4330-1 fixed vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled certain EXIF files. An attacker could possibly use this issue to access sensitive information or cause a crash...

8.8CVSS7.3AI score0.04764EPSS
Exploits3
Ubuntu
Ubuntu
added 2020/02/05 1:48 p.m.106 views

USN-4268-1: OpenSMTPD vulnerability

It was discovered that OpenSMTPD incorrectly verified the sender's or receiver's e-mail addresses under certain conditions. An attacker could use this vulnerability to execute arbitrary commands as root...

10CVSS9AI score0.98946EPSS
Exploits27
Ubuntu
Ubuntu
added 2019/12/05 2:15 p.m.106 views

USN-4214-1: RabbitMQ vulnerability

It was discovered that RabbitMQ incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code...

9.8CVSS8.6AI score0.03317EPSS
Exploits0
Total number of security vulnerabilities5000