Lucene search
K
UbuntuMost viewed

10869 matches found

Ubuntu
Ubuntu
added 2023/05/08 8:40 a.m.389 views

USN-6059-1: Erlang vulnerability

It was discovered that Erlang did not properly implement TLS client certificate validation during the TLS handshake. A remote attacker could use this issue to bypass client authentication...

9.8CVSS8.3AI score0.01136EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/27 3:23 p.m.387 views

USN-6719-1: util-linux vulnerability

Skyler Ferrante discovered that the util-linux wall command did not filter escape sequences from command line arguments. A local attacker could possibly use this issue to obtain sensitive information...

3.3CVSS6.8AI score0.02242EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/02/19 8:7 p.m.387 views

USN-6644-1: LibTIFF vulnerabilities

It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause the application to crash, resulting in a denial of service. CVE-2023-52356 It was discovered that LibTIFF incorrectly...

7.5CVSS6.7AI score0.02187EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/12/07 4:24 p.m.387 views

USN-6541-1: GNU C Library vulnerabilities

It was discovered that the GNU C Library was not properly handling certain memory operations. An attacker could possibly use this issue to cause a denial of service application crash. CVE-2023-4806, CVE-2023-4813 It was discovered that the GNU C library was not properly implementing a fix for...

7.5CVSS6.5AI score0.01669EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/06/06 3:50 p.m.387 views

USN-5460-1: Vim vulnerabilities

It was discovered that Vim was incorrectly processing Vim buffers. An attacker could possibly use this issue to perform illegal memory access and expose sensitive information. CVE-2022-0554 It was discovered that Vim was not properly performing bounds checks for column numbers when replacing tabs...

8.8CVSS7.7AI score0.26583EPSS
Exploits10
Ubuntu
Ubuntu
added 2018/11/13 2:37 a.m.387 views

USN-3814-2: ClamAV vulnerabilities

Updated: 2018-11-21: The embedded version of libmspack in ClamAV was found to not be affected by the listed vulnerabilities, therefore the following is not applicable. USN-3814-1 fixed several vulnerabilities in libmspack. In Ubuntu 14.04 libmspack is included into ClamAV. This update provides th...

6.5CVSS6.8AI score0.03086EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/23 2:19 p.m.386 views

USN-6909-1: Bind vulnerabilities

It was discovered that Bind incorrectly handled a flood of DNS messages over TCP. A remote attacker could possibly use this issue to cause Bind to become unstable, resulting in a denial of service. CVE-2024-0760 Toshifumi Sakaguchi discovered that Bind incorrectly handled having a very large numb...

7.5CVSS7.5AI score0.0468EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/27 11:43 a.m.386 views

USN-6718-1: curl vulnerabilities

Dan Fandrich discovered that curl would incorrectly use the default set of protocols when a parameter option disabled all protocols without adding any, contrary to expectations. This issue only affected Ubuntu 23.10. CVE-2024-2004 It was discovered that curl incorrectly handled memory when limiti...

8.6CVSS6.8AI score0.36081EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/01/16 3:20 p.m.386 views

USN-6587-1: X.Org X Server vulnerabilities

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. CVE-2023-6816 Jan-Nikl...

9.8CVSS7.1AI score0.02106EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/09/13 12:47 p.m.386 views

USN-6364-1: Ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. CVE-2020-21710 It was discovered that Ghostscript incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of...

7.8CVSS6.8AI score0.00707EPSS
Exploits2
Ubuntu
Ubuntu
added 2018/11/13 11:29 a.m.386 views

USN-3814-3: ClamAV vulnerabilities

Updated: 2018-11-21: The embedded version of libmspack in ClamAV was found to not be affected by the listed vulnerabilities, therefore the following is not applicable. USN-3814-2 fixed several vulnerabilities in clamav. This update provides the corresponding update for Ubuntu 12.04 ESM. Original...

6.5CVSS6.8AI score0.03086EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/04/24 7:55 p.m.385 views

USN-6657-2: Dnsmasq vulnerabilities

USN-6657-1 fixed several vulnerabilities in Dnsmasq. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Dnsmasq icorrectly handled validating DNSSEC...

7.5CVSS7AI score0.99995EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/04/10 12:24 p.m.385 views

USN-6719-2: util-linux vulnerability

USN-6719-1 fixed a vulnerability in util-linux. Unfortunately, it was discovered that the fix did not fully address the issue. This update removes the setgid permission bit from the wall and write utilities. Original advisory details: Skyler Ferrante discovered that the util-linux wall command di...

3.3CVSS6.8AI score0.02242EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/02/27 6:31 p.m.385 views

USN-6644-2: LibTIFF vulnerabilities

USN-6644-1 fixed vulnerabilities in LibTIFF. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly u...

7.5CVSS6.7AI score0.02187EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/01/30 3:17 p.m.385 views

USN-6618-1: Pillow vulnerabilities

It was discovered that Pillow incorrectly handled certain long text arguments. An attacker could possibly use this issue to cause Pillow to consume resources, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. CVE-2023-44271 Duarte Santos discovered...

8.1CVSS7.2AI score0.01703EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/10/19 11:46 a.m.385 views

USN-6165-2: GLib vulnerabilities

USN-6165-1 fixed vulnerabilities in GLib. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that GLib incorrectly handled non-normal GVariants. An attacker could use this issue to cause GLib to...

7.8CVSS6.7AI score0.00774EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/10/16 3:52 p.m.383 views

USN-6431-3: iperf3 vulnerability

USN-6431-1 fixed a vulnerability in iperf3. This update provides the corresponding update for Ubuntu 22.04 LTS. Original advisory details: Jorge Sancho Larraz discovered that iperf3 did not properly manage certain inputs, which could cause the server process to stop responding, waiting for input ...

5.6AI score
Exploits0References1
Ubuntu
Ubuntu
added 2023/10/24 7:21 p.m.382 views

USN-6451-1: ncurses vulnerability

It was discovered that ncurses could be made to read out of bounds. An attacker could possibly use this issue to cause a denial of service...

6.5CVSS5.7AI score0.01895EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/05/28 11:34 a.m.381 views

USN-6791-1: Unbound vulnerability

It was discovered that Unbound could take part in a denial of service amplification attack known as DNSBomb. This update introduces certain resource limits to make the impact from Unbound significantly lower...

7.5CVSS6.8AI score0.01729EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/10/23 5:39 p.m.381 views

USN-6408-2: libXpm vulnerabilities

USN-6408-1 fixed several vulnerabilities in libXpm. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Yair Mizrahi discovered that libXpm incorrectly handled certain malformed XPM image files. If a user were trick...

7.8CVSS6.8AI score0.00461EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/11/14 6:56 p.m.381 views

USN-3818-1: PostgreSQL vulnerability

It was discovered that PostgreSQL incorrectly handled certain trigger definitions when running pgupgrade or pgdump. A remote attacker could possibly use this issue to execute arbitrary SQL statements with superuser privileges...

9.8CVSS8.2AI score0.0515EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/11/12 12:14 p.m.381 views

USN-3815-1: gettext vulnerability

It was discovered that gettext incorrectly handled certain messages. An attacker could possibly use this issue to execute arbitrary code...

9.8CVSS7.5AI score0.04293EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/11/12 10:44 a.m.381 views

USN-3814-1: libmspack vulnerabilities

It was discovered libmspack incorrectly handled certain malformed CAB files. A remote attacker could use this issue to cause libmspack to crash, resulting in a denial of service. CVE-2018-18584, CVE-2018-18585...

6.5CVSS6.7AI score0.03086EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/08/21 8:37 p.m.380 views

USN-6974-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SuperH RISC architecture; - User-Mode Linux UML; - MMC subsystem; - Network drivers; - GFS2 file system; - IPv4...

8.4CVSS6.9AI score0.0038EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/08/06 4:18 p.m.380 views

USN-6945-1: wpa_supplicant and hostapd vulnerability

Rory McNamara discovered that wpasupplicant could be made to load arbitrary shared objects by unprivileged users that have access to the control interface. An attacker could use this to escalate privileges to root...

8.8CVSS7.3AI score0.00658EPSS
Exploits1References1
Ubuntu
Ubuntu
added 2023/06/15 9:48 a.m.380 views

USN-6155-2: Requests vulnerability

USN-6155-1 fixed a vulnerability in Requests. This update provides the corresponding update for Ubuntu 16.04 ESM and 18.04 ESM. Original advisory details: Dennis Brinkrolf and Tobias Funke discovered that Requests incorrectly leaked Proxy-Authorization headers. A remote attacker could possibly us...

6.1CVSS7.4AI score0.02782EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/05/18 3:27 p.m.380 views

USN-5430-1: GNOME Settings vulnerability

It was discovered that GNOME Settings incorrectly handled the remote desktop sharing configuration. When turning off desktop sharing, it may be turned on again after rebooting, contrary to expectations...

9.8CVSS8.3AI score0.00725EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/09/11 3:51 p.m.379 views

USN-6164-2: c-ares vulnerabilities

USN-6164-1 fixed several vulnerabilities in c-ares. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Hannes Moesl discovered that c-ares incorrectly handled certain ipv6 addresses. An attacker could use this issue to cause c-ares ...

7.5CVSS7.1AI score0.01577EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/06/26 7:45 p.m.378 views

USN-6566-2: SQLite vulnerability

USN-6566-1 fixed several vulnerabilities in SQLite. This update provides the corresponding fix for CVE-2023-7104 for Ubuntu 18.04 LTS. Original advisory details: It was discovered that SQLite incorrectly handled certain memory operations in the sessions extension. A remote attacker could possibly...

7.3CVSS6.4AI score0.01249EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/01/30 12:42 p.m.378 views

USN-6616-1: OpenLDAP vulnerability

It was discovered that OpenLDAP was not properly performing bounds checks when executing functions related to LDAP URLs. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7AI score0.01947EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/09/25 10:52 a.m.378 views

USN-6190-2: AccountsService vulnerability

USN-6190-1 fixed a vulnerability in AccountsService. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Kevin Backhouse discovered that AccountsService incorrectly handled certain D-Bus messages. A local attacker...

8.1CVSS7.7AI score0.0033EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/05/29 1:21 p.m.377 views

USN-6796-1: TPM2 Software Stack vulnerabilities

Fergus Dall discovered that TPM2 Software Stack did not properly handle layer arrays. An attacker could possibly use this issue to cause TPM2 Software Stack to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2023-22745 Jurgen Repp and Andreas Fuchs discovered that...

6.4CVSS6.9AI score0.00519EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/11/14 9:44 a.m.377 views

USN-6477-1: procps-ng vulnerability

It was discovered that the procps-ng ps tool incorrectly handled memory. An attacker could possibly use this issue to cause procps-ng to crash, resulting in a denial of service...

3.3CVSS6.5AI score0.00239EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/09/27 12:49 p.m.377 views

USN-6400-1: Python vulnerability

It was discovered that Python did not properly provide constant-time processing for a crypto operation. An attacker could possibly use this issue to perform a timing attack and recover sensitive information...

5.9CVSS7.1AI score0.01148EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/02/07 5:6 p.m.377 views

USN-5274-1: Simple DirectMedia Layer vulnerabilities

It was discovered that Simple DirectMedia Layer library incorrectly handled memory when parsing certain specially crafted .BMP files. An attacker could possibly use these issues to crash the application or execute arbitrary code...

7.8CVSS7.2AI score0.01666EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/10/12 12:41 a.m.377 views

USN-3791-1: Git vulnerability

It was discovered that git did not properly validate git submodule urls or paths. A remote attacker could possibly use this to craft a git repository that causes arbitrary code execution when recursive operations are used...

9.8CVSS7.9AI score0.97356EPSS
Exploits12
Ubuntu
Ubuntu
added 2024/08/13 6:44 a.m.376 views

USN-6954-1: QEMU vulnerabilities

Markus Frank and Fiona Ebner discovered that QEMU did not properly handle certain memory operations, leading to a NULL pointer dereference. An authenticated user could potentially use this issue to cause a denial of service. CVE-2023-6683 Xiao Lei discovered that QEMU did not properly handle...

8.8CVSS7AI score0.01397EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/02/05 1:2 p.m.376 views

USN-6592-2: libssh vulnerabilities

USN-6592-1 fixed vulnerabilities in libssh. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that libssh incorrectly handled the ProxyCommand and the ProxyJump features. A remote attacker could possibly use this...

5.3CVSS7AI score0.01421EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/02 8:36 p.m.376 views

USN-6471-1: libsndfile vulnerability

It was discovered that libsndfile contained multiple arithmetic overflows. If a user or automated system were tricked into processing a specially crafted audio file, an attacker could possibly use this issue to cause a denial of service...

7.8CVSS7.4AI score0.00351EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/10/23 3:46 p.m.376 views

USN-6403-2: libvpx vulnerabilities

USN-6403-1 fixed several vulnerabilities in libvpx. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: It was discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a specially crafted file, a...

8.8CVSS8.3AI score0.34401EPSS
Exploits3
Ubuntu
Ubuntu
added 2018/08/14 9:47 p.m.375 views

USN-3740-1: Linux kernel vulnerabilities

It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault L1TF. A local attacker in a guest virtual machine could use this to expose sensitive...

7.8CVSS6.9AI score0.24575EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2024/06/24 10:11 a.m.374 views

USN-6844-1: CUPS vulnerability

Rory McNamara discovered that when starting the cupsd server with a Listen configuration item, the cupsd process fails to validate if bind call passed. An attacker could possibly trick cupsd to perform an arbitrary chmod of the provided argument, providing world-writable access to the target...

6.7CVSS6AI score0.02421EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/06/04 1:29 p.m.373 views

USN-6805-1: libarchive vulnerability

It was discovered that libarchive incorrectly handled certain RAR archive files. An attacker could possibly use this issue to execute arbitrary code or cause a crash...

7.8CVSS6.9AI score0.87784EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/01/08 11:39 a.m.373 views

USN-6499-2: GnuTLS vulnerability

USN-6499-1 fixed vulnerabilities in GnuTLS. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: It was discovered that GnuTLS had a timing side-channel when handling certain RSA-PSK key exchanges. A remote attacker could possibly use this issue to recove...

5.9CVSS6.8AI score0.01257EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/07/23 3:20 a.m.373 views

USN-4068-1: Linux kernel vulnerabilities

Adam Zabrocki discovered that the Intel i915 kernel mode graphics driver in the Linux kernel did not properly restrict mmap ranges in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2019-11085 It was discovered tha...

9.3CVSS6.9AI score0.04458EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/16 1:3 p.m.372 views

USN-6899-1: GTK vulnerability

It was discovered that GTK would attempt to load modules from the current directory, contrary to expectations. If users started GTK applications from shared directories, a local attacker could use this issue to execute arbitrary code, and possibly escalate privileges...

7CVSS7AI score0.00464EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/05/09 1:13 p.m.372 views

USN-6768-1: GLib vulnerability

Alicia Boya García discovered that GLib incorrectly handled signal subscriptions. A local attacker could use this issue to spoof D-Bus signals resulting in a variety of impacts including possible privilege escalation...

5.2CVSS6.5AI score0.00756EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/04/22 9:25 a.m.372 views

USN-6744-1: Pillow vulnerability

Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which could lead to a buffer overflow. If a user or automated system were tricked into processing a specially crafted ICC file, an attacker could possibly use this issue to cause a deni...

6.7CVSS6.7AI score0.00989EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/09/05 1:54 a.m.371 views

USN-6993-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled memory when closing a window, leading to a double-free vulnerability. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user...

5.3CVSS5.7AI score0.00363EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/08/05 11:21 a.m.371 views

USN-6944-1: curl vulnerability

Dov Murik discovered that curl incorrectly handled parsing ASN.1 Generalized Time fields. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive memory contents...

6.5CVSS7AI score0.16212EPSS
Exploits1
Total number of security vulnerabilities5000