Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2020/07/06 8:28 p.m.•106 views

USN-4414-1: Linux kernel vulnerabilities

It was discovered that the network block device nbd implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service system crash. CVE-2019-16089 It was discovered that the btrfs file system...

9.3CVSS6.6AI score0.04505EPSS
Exploits6
Ubuntu
Ubuntu
•added 2020/05/07 1:24 p.m.•106 views

USN-4353-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, spoof the URL bar, or execute arbitrary code. CVE-2020-6831, CVE-2020-1238...

10CVSS7.7AI score0.05803EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/05/06 12:5 p.m.•106 views

USN-4330-2: PHP vulnerabilities

USN-4330-1 fixed vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled certain EXIF files. An attacker could possibly use this issue to access sensitive information or cause a crash...

8.8CVSS7.3AI score0.04764EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/11/13 1:2 a.m.•106 views

USN-4185-1: Linux kernel vulnerabilities

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...

8.8CVSS7.7AI score0.03133EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2019/09/23 1:33 p.m.•106 views

USN-4134-2: IBus regression

USN-4134-1 fixed a vulnerability in IBus. The security fix introduced a regression when being used with Qt applications. This update reverts the security fix pending further investigation. Original advisory details: Simon McVittie discovered that IBus did not enforce appropriate access controls o...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2019/07/31 6:19 p.m.•106 views

USN-4082-2: Subversion vulnerabilities

USN-4082-1 fixed several vulnerabilities in Subversion. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Ace Olszowka discovered that Subversion incorrectly handled certain svnserve requests. A remote attacker could possibly use this issue to cause...

7.5CVSS7.1AI score0.0344EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/06/20 2:47 p.m.•106 views

USN-4028-1: Thunderbird vulnerabilities

Multiple memory safety issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code...

9.8CVSS7.3AI score0.10527EPSS
Exploits14
Ubuntu
Ubuntu
•added 2019/05/14 10:45 p.m.•106 views

USN-3980-2: Linux kernel (HWE) vulnerabilities

USN-3980-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andre...

8.3CVSS7.8AI score0.03844EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2019/05/14 7:30 p.m.•106 views

USN-3979-1: Linux kernel vulnerabilities

Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...

10CVSS7.8AI score0.07074EPSS
Exploits3References1
Ubuntu
Ubuntu
•added 2019/05/13 5:54 p.m.•106 views

USN-3974-1: VCFtools vulnerabilities

It was discovered that VCFtools improperly handled certain input. If a user was tricked into opening a crafted input file, VCFtools could be made to crash. CVE-2018-11099, CVE-2018-11129, CVE-2018-11130...

7.8CVSS6.5AI score0.22369EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/04/03 7:40 p.m.•106 views

USN-3617-2: Linux (HWE) vulnerabilities

USN-3617-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. It was discovered that a race condition leading to a use-after-free vulnerability existed in t...

7.8CVSS6.9AI score0.07679EPSS
Exploits10
Ubuntu
Ubuntu
•added 2018/01/05 9:18 p.m.•106 views

USN-3516-1: Firefox vulnerabilities

It was discovered that speculative execution performed by modern CPUs could leak information through a timing side-channel attack, and that this could be exploited in web browser JavaScript engines. If a user were tricked in to opening a specially crafted website, an attacker could potentially...

5.6CVSS7.4AI score0.93838EPSS
Exploits13
Ubuntu
Ubuntu
•added 2017/07/25 11:9 p.m.•106 views

USN-3364-3: Linux kernel (AWS, GKE) vulnerabilities

It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information kernel memory. CVE-2014-9900 It was discovered that the Linux kernel did not properly restrict access to /proc/iomem. A local attacker...

5.5CVSS6.3AI score0.01261EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/05/16 10:31 p.m.•106 views

USN-3278-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash, or execute arbitrary code. CVE-2017-5429,...

9.8CVSS7.4AI score0.18756EPSS
Exploits24
Ubuntu
Ubuntu
•added 2016/10/20 1:46 a.m.•106 views

USN-3104-1: Linux kernel vulnerability

It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges...

7.2CVSS7.6AI score0.83524EPSS
Exploits81
Ubuntu
Ubuntu
•added 2012/05/04 8:9 p.m.•106 views

USN-1437-1: PHP vulnerability

It was discovered that PHP, when used as a stand alone CGI processor for the Apache Web Server, did not properly parse and filter query strings. This could allow a remote attacker to execute arbitrary code running with the privilege of the web server. Configurations using modphp5 and FastCGI were...

9.8CVSS9AI score0.99998EPSS
Exploits42
Ubuntu
Ubuntu
•added 2011/10/25 12:54 p.m.•106 views

USN-1240-1: Linux kernel (Marvell DOVE) vulnerabilities

Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. CVE-2011-1576 Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not correctly...

9.1CVSS7.9AI score0.05689EPSS
Exploits8
Ubuntu
Ubuntu
•added 2007/11/29 10:38 p.m.•106 views

USN-549-1: PHP vulnerabilities

It was discovered that the wordwrap function did not correctly check lengths. Remote attackers could exploit this to cause a crash or monopolize CPU resources, resulting in a denial of service. CVE-2007-3998 Integer overflows were discovered in the strspn and strcspn functions. Attackers could...

7.5CVSS8AI score0.18162EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/05/15 3:15 p.m.•105 views

USN-6766-2: Linux kernel vulnerabilities

It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations under certain conditions. A local attacker could use this to cause a denial of service system crash. CVE-2024-1151 Sander Wiebing, Alvise de Faveri Tron, Herbert...

7.8CVSS7.3AI score0.78388EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/05/07 7:22 p.m.•105 views

USN-6766-1: Linux kernel vulnerabilities

It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations under certain conditions. A local attacker could use this to cause a denial of service system crash. CVE-2024-1151 Sander Wiebing, Alvise de Faveri Tron, Herbert...

7.8CVSS7.3AI score0.78388EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/09/08 12:0 a.m.•105 views

USN-6355-1: GRUB2 vulnerabilities

Daniel Axtens discovered that specially crafted images could cause a heap-based out-of-bonds write. A local attacker could possibly use this to circumvent secure boot protections. CVE-2021-3695 Daniel Axtens discovered that specially crafted images could cause out-of-bonds read and write. A local...

8.1CVSS6.8AI score0.01284EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2023/03/28 7:44 p.m.•105 views

USN-5981-1: Linux kernel vulnerabilities

It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2021-3669 It was discovered that a use-after-free vulnerability existed in the SGI GRU...

7.9CVSS7.5AI score0.03702EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/02/06 3:58 a.m.•105 views

USN-5824-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

9.8CVSS8.2AI score0.01061EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/10/10 5:50 p.m.•105 views

USN-5666-1: OpenSSH vulnerability

It was discovered that OpenSSH incorrectly handled certain helper programs. An attacker could possibly use this issue to arbitrary code execution...

7CVSS7.6AI score0.02367EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/08/18 4:19 p.m.•105 views

USN-5571-1: PostgreSQL vulnerability

Sven Klemm discovered that PostgreSQL incorrectly handled extensions. An attacker could possibly use this issue to execute arbitrary code when extensions are created or updated...

8CVSS7.6AI score0.0152EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/07/01 2:4 a.m.•105 views

USN-5499-1: curl vulnerabilities

Florian Kohnhuser discovered that curl incorrectly handled returning a TLS server’s certificate chain details. A remote attacker could possibly use this issue to cause curl to stop responding, resulting in a denial of service. CVE-2022-27781 Harry Sintonen discovered that curl incorrectly handled...

7.5CVSS6.9AI score0.06762EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/05/24 11:46 a.m.•105 views

USN-5440-1: PostgreSQL vulnerability

Alexander Lakhin discovered that PostgreSQL incorrectly handled the security restricted operation sandbox when a privileged user is maintaining another user's objects. An attacker having permission to create non-temp objects can use this issue to execute arbitrary commands as the superuser...

8.8CVSS7.7AI score0.12403EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/04/11 11:36 a.m.•105 views

USN-5373-1: Django vulnerabilities

It was discovered that Django incorrectly handled certain certain column aliases in the QuerySet.annotate, aggregate, and extra methods. A remote attacker could possibly use this issue to perform an SQL injection attack. CVE-2022-28346 It was discovered that Django incorrectly handled certain...

9.8CVSS7.3AI score0.18516EPSS
Exploits3
Ubuntu
Ubuntu
•added 2021/12/19 5:39 p.m.•105 views

USN-5203-1: Apache Log4j 2 vulnerability

Hideki Okamoto and Guy Lederfein discovered that Apache Log4j 2 did not protect against infinite recursion in lookup evaluation. A remote attacker could possibly use this issue to cause Apache Log4j 2 to crash, leading to a denial of service. Please see the following link for more information:...

5.9CVSS7.4AI score0.99999EPSS
Exploits20
Ubuntu
Ubuntu
•added 2021/10/21 2:5 p.m.•105 views

USN-5119-1: libcaca vulnerabilities

It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to cause a crash. CVE-2021-30498, CVE-2021-30499...

7.8CVSS7AI score0.01353EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/10/06 4:54 p.m.•105 views

USN-5105-1: Bottle vulnerability

It was discovered that Bottle incorrectly handled certain inputs. An attacker could possibly use this issue to cache malicious requests...

6.8CVSS6.5AI score0.01837EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/08/10 5:15 p.m.•105 views

USN-5034-2: c-ares vulnerability

USN-5034-1 fixed a vulnerability in c-ares. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Philipp Jeitner and Haya Shulman discovered that c-ares incorrectly validated certain hostnames returned by DNS servers. A remote attacker could possibly use...

6.8CVSS7.1AI score0.02617EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/03/15 8:50 p.m.•105 views

USN-4775-1: Lighttpd vulnerabilities

It was discovered that Lighttpd did not properly sanitized the string used in basic HTTP authentication method. A remote attacker could use this to inject arbitrary log entries and maybe obtain sensitive information. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. CVE-2015-3200 It...

7.5CVSS6.9AI score0.1408EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/02/03 1:20 p.m.•105 views

USN-4720-2: Apport vulnerabilities

USN-4720-1 fixed several vulnerabilities in Apport. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Itai Greenhut discovered that Apport incorrectly parsed certain files in the /proc filesystem. A local attacker could use this issue to escalate...

8.8CVSS7.6AI score0.00525EPSS
Exploits3
Ubuntu
Ubuntu
•added 2021/02/02 5:58 p.m.•105 views

USN-4719-1: ca-certificates update

The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.46 version of the Mozilla certificate authority bundle...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/08/04 4:56 p.m.•105 views

USN-4448-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly validated the payload length in a WebSocket frame. A remote attacker could possibly use this issue to cause Tomcat to hang, resulting in a denial of service. CVE-2020-13935 It was discovered that Tomcat incorrectly handled HTTP header parsing. In certain...

7.5CVSS7.9AI score0.87553EPSS
Exploits16
Ubuntu
Ubuntu
•added 2020/07/09 5:41 p.m.•105 views

USN-4376-2: OpenSSL vulnerabilities

USN-4376-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Cesar Pereida García, Sohaib ul Hassan, Nicola Tuveri, Iaroslav Gridin, Alejandro Cabrera Aldaya, and Billy Brumley discovered...

5.9CVSS6.7AI score0.17139EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/05/28 12:7 p.m.•105 views

USN-4376-1: OpenSSL vulnerabilities

Cesar Pereida García, Sohaib ul Hassan, Nicola Tuveri, Iaroslav Gridin, Alejandro Cabrera Aldaya, and Billy Brumley discovered that OpenSSL incorrectly handled ECDSA signatures. An attacker could possibly use this issue to perform a timing side-channel attack and recover private ECDSA keys...

5.3CVSS6.6AI score0.14298EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/05/21 5:8 p.m.•105 views

USN-4372-1: QEMU vulnerabilities

It was discovered that QEMU incorrectly handled bochs-display devices. A local attacker in a guest could use this to cause a denial of service or possibly execute arbitrary code in the host. This issue only affected Ubuntu 19.10. CVE-2019-15034 It was discovered that QEMU incorrectly handled memo...

7.5CVSS7.2AI score0.02293EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/04/28 11:46 p.m.•105 views

USN-4344-1: Linux kernel vulnerabilities

It was discovered that the Intel Wi-Fi driver in the Linux kernel did not properly check for errors in some situations. A local attacker could possibly use this to cause a denial of service system crash. CVE-2019-16234 It was discovered that the Intel WiMAX 2400 driver in the Linux kernel did not...

7.5CVSS7AI score0.0415EPSS
Exploits2
Ubuntu
Ubuntu
•added 2020/01/28 3:3 a.m.•105 views

USN-4253-1: Linux kernel vulnerability

It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information...

5.5CVSS6.8AI score0.01447EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/27 6:9 p.m.•105 views

USN-4252-2: tcpdump vulnerabilities

USN-4252-1 fixed several vulnerabilities in tcpdump. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Multiple security issues were discovered in tcpdump. A remote attacker could use these issues to cause tcpdump to crash, resulti...

9.8CVSS6.7AI score0.06816EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/01/08 5:46 p.m.•105 views

USN-4231-1: NSS vulnerability

It was discovered that NSS incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code...

10CVSS7.2AI score0.03552EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/05/14 9:3 p.m.•105 views

USN-3983-1: Linux kernel vulnerabilities

Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...

5.9CVSS6.5AI score0.01553EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2019/04/08 12:57 p.m.•105 views

USN-3940-1: ClamAV vulnerabilities

It was discovered that ClamAV incorrectly handled scanning certain PDF documents. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. CVE-2019-1787 It was discovered that ClamAV incorrectly handled scanning certain OLE2 files. A remote...

7.5CVSS7.2AI score0.01839EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/03/29 1:50 p.m.•105 views

USN-3926-1: GPAC vulnerabilities

It was discovered that the GPAC MP4Box utility incorrectly handled certain memory operations. If an user or automated system were tricked into opening a specially crafted MP4 file, a remote attacker could use this issue to cause MP4Box to crash, resulting in a denial of service, or possibly execu...

9.8CVSS7.5AI score0.02521EPSS
Exploits5
Ubuntu
Ubuntu
•added 2019/03/26 12:29 p.m.•105 views

USN-3921-1: XMLTooling vulnerability

It was discovered that XMLTooling incorrectly handled certain XML files with invalid data. An attacker could use this issue to cause XMLTooling to crash, resulting in a denial of service...

7.5CVSS6.5AI score0.02052EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/03/21 8:55 p.m.•105 views

USN-3918-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, denial of service via successive FTP authorization prompts or modal alerts, trick...

9.8CVSS7.8AI score0.19762EPSS
Exploits13
Ubuntu
Ubuntu
•added 2019/03/21 5:9 p.m.•105 views

USN-3913-1: P7ZIP vulnerabilities

It was discovered that p7zip did not correctly handle certain malformed archives. If a user or automated system were tricked into processing a specially crafted archive with p7zip, then p7zip could be made to crash, possibly leading to abitrary code execution...

8.8CVSS7.5AI score0.09795EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/03/12 6:31 p.m.•105 views

USN-3902-2: PHP vulnerabilities

USN-3902-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that the PHP XML-RPC module incorrectly handled decoding XML data. A remote attacker could possibly use this issue to cause PHP to crash,...

9.8CVSS7.1AI score0.10059EPSS
Exploits4
Total number of security vulnerabilities5000