Lucene search
K
UbuntuMost viewed

10888 matches found

Ubuntu
Ubuntu
•added 2018/02/07 4:29 p.m.•102 views

USN-3560-1: QEMU update

It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This...

5.6CVSS7.2AI score0.74041EPSS
Exploits8
Ubuntu
Ubuntu
•added 2018/01/23 12:26 a.m.•102 views

USN-3540-1: Linux kernel vulnerabilities

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provide...

5.6CVSS7.5AI score0.93838EPSS
Exploits12References1
Ubuntu
Ubuntu
•added 2017/05/11 7:27 p.m.•102 views

USN-3260-2: Firefox regression

USN-3260-1 fixed vulnerabilities in Firefox. The update caused the date picker panel and form validation errors to close immediately on opening. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a...

7.2AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2016/05/06 8:37 p.m.•102 views

USN-2965-4: Linux kernel (Qualcomm Snapdragon) vulnerability

Jann Horn discovered that the extended Berkeley Packet Filter eBPF implementation in the Linux kernel did not properly reference count file descriptors, leading to a use-after-free. A local unprivileged attacker could use this to gain administrative privileges. Ralf Spenneberg discovered that the...

10CVSS6.8AI score0.2593EPSS
Exploits32
Ubuntu
Ubuntu
•added 2016/01/05 6:45 p.m.•102 views

USN-2856-1: ldb vulnerabilities

Thilo Uttendorfer discovered that the ldb incorrectly handled certain zero values. A remote attacker could use this issue to cause applications using ldb, such as Samba, to stop responding, resulting in a denial of service. CVE-2015-3223 Douglas Bagnall discovered that ldb incorrectly handled...

7.5CVSS6.8AI score0.06884EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/03/24 9:22 a.m.•102 views

USN-2544-1: Linux kernel vulnerabilities

Eric Windisch discovered flaw in how the Linux kernel's XFS file system replaces remote attributes. A local access with access to an XFS file system could exploit this flaw to escalate their privileges. CVE-2015-0274 A flaw was discovered in the automatic loading of modules in the crypto subsyste...

7.2CVSS6.4AI score0.01176EPSS
Exploits3
Ubuntu
Ubuntu
•added 2014/11/25 4:8 a.m.•102 views

USN-2420-1: Linux kernel vulnerabilities

A flaw was discovered in how the Linux kernel's KVM Kernel Virtual Machine subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service kill arbitrary processes, or system disruption by leveraging /dev/kvm access...

7.5CVSS6.9AI score0.05421EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/03/07 11:58 a.m.•102 views

USN-2139-1: Linux kernel (OMAP4) vulnerabilities

Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported a flaw in the Linux Kernel's kvmvmioctlcreatevcpu function ...

7.2CVSS7AI score0.10209EPSS
Exploits7
Ubuntu
Ubuntu
•added 2013/10/22 12:15 a.m.•102 views

USN-1993-1: Linux kernel (OMAP4) vulnerability

An information leak was discovered in the Linux kernel when reading broadcast messages from the notifypolicy interface of the IPSec keysocket. A local user could exploit this flaw to examine potentially sensitive information in kernel memory...

2.1CVSS7.7AI score0.00557EPSS
Exploits1
Ubuntu
Ubuntu
•added 2013/10/01 2:56 p.m.•102 views

USN-1982-1: Python 2.6 vulnerability

Ryan Sleevi discovered that Python did not properly handle certificates with NULL characters in the Subject Alternative Name field. An attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...

4.3CVSS7.4AI score0.05347EPSS
Exploits1
Ubuntu
Ubuntu
•added 2013/03/18 9:52 p.m.•102 views

USN-1768-1: Linux kernel (Quantal HWE) vulnerabilities

Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously. CVE-2013-0190 A failure to validate input was discovered in the Linux kernel's Xen netback network backend driver. ...

6.5CVSS7AI score0.01557EPSS
Exploits4
Ubuntu
Ubuntu
•added 2012/04/24 10:21 a.m.•102 views

USN-1425-1: Linux kernel vulnerabilities

Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. CVE-2011-4347 Stephan Bärwolf discovered a flaw in the KVM kernel-based virtual machin...

7.8CVSS6.5AI score0.01014EPSS
Exploits4
Ubuntu
Ubuntu
•added 2012/02/10 4:55 a.m.•102 views

USN-1358-1: PHP vulnerabilities

It was discovered that PHP computed hash values for form parameters without restricting the ability to trigger hash collisions predictably. This could allow a remote attacker to cause a denial of service by sending many crafted parameters. CVE-2011-4885 ATTENTION: this update changes previous PHP...

7.5CVSS8.6AI score0.83911EPSS
Exploits30
Ubuntu
Ubuntu
•added 2012/02/08 3:42 p.m.•102 views

USN-1353-1: Xulrunnner vulnerabilities

Jesse Ruderman and Bob Clary discovered memory safety issues affecting the Gecko Browser engine. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of t...

10CVSS8.6AI score0.36511EPSS
Exploits11
Ubuntu
Ubuntu
•added 2011/11/09 6:32 p.m.•102 views

USN-1256-1: Linux kernel (Natty backport) vulnerabilities

It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities...

9.8CVSS7.1AI score0.08793EPSS
Exploits37
Ubuntu
Ubuntu
•added 2011/05/11 8:36 a.m.•102 views

USN-1131-1: Postfix vulnerability

Thomas Jarosch discovered that Postfix incorrectly handled authentication mechanisms other than PLAIN and LOGIN when the Cyrus SASL library is used. A remote attacker could use this to cause Postfix to crash, leading to a denial of service, or possibly execute arbitrary code as the postfix user...

6.8CVSS9.1AI score0.21646EPSS
Exploits1
Ubuntu
Ubuntu
•added 2011/02/25 11:15 p.m.•102 views

USN-1073-1: Linux kernel vulnerabilities

Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this to crash the host system, leading to a denial of service. CVE-2010-0435 Dan Jacobson discovered that ThinkPad video output was not correctly...

7.2CVSS6.2AI score0.03739EPSS
Exploits35
Ubuntu
Ubuntu
•added 2005/07/28 7:16 p.m.•102 views

USN-149-3: Ubuntu 4.10 update for Firefox vulnerabilities

USN-149-1 fixed some vulnerabilities in the Ubuntu 5.04 Hoary Hedgehog version of Firefox. The version shipped with Ubuntu 4.10 Warty Warthog is also vulnerable to these flaws, so it needs to be upgraded as well. Please see http://www.ubuntulinux.org/support/documentation/usn/usn-149-1 for the...

7.5CVSS6.2AI score0.68097EPSS
Exploits24
Ubuntu
Ubuntu
•added 2025/03/27 6:40 p.m.•101 views

USN-7383-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Drivers core; - Ublk userspace block driver; -...

7.8CVSS7.2AI score0.00875EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/11/08 1:47 p.m.•101 views

USN-6474-1: xrdp vulnerabilities

It was discovered that xrdp incorrectly handled validation of client-supplied data, which could lead to out-of-bounds reads. An attacker could possibly use this issue to crash the program or extract sensitive information. CVE-2022-23479, CVE-2022-23481, CVE-2022-23483, CVE-2023-42822 It was...

9.8CVSS7.1AI score0.00892EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/30 10:6 a.m.•101 views

USN-6457-1: Node.js vulnerabilities

Tavis Ormandy discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. CVE-2022-0778 Elison Niven discovered that Node.js...

10CVSS7AI score0.95764EPSS
Exploits8
Ubuntu
Ubuntu
•added 2023/03/08 1:2 p.m.•101 views

USN-5936-1: Samba vulnerabilities

Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. CVE-2022-3437 Tom Tervoort discovered that Samba incorrectly used weak rc4-hmac Kerber...

9.8CVSS7.6AI score0.06419EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/02/27 3:35 p.m.•101 views

USN-5895-1: MPlayer vulnerabilities

It was discovered that MPlayer could be made to divide by zero when processing certain malformed media files. If a user were tricked into opening a specially crafted media file, an attacker could possibly use this issue to cause MPlayer to crash, resulting in a denial of service. CVE-2022-38850,...

5.5CVSS6AI score0.00344EPSS
Exploits9
Ubuntu
Ubuntu
•added 2022/05/12 1:48 a.m.•101 views

USN-5418-1: Linux kernel vulnerabilities

Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive...

8.8CVSS7.2AI score0.021EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/12 1:17 a.m.•101 views

USN-5417-1: Linux kernel vulnerabilities

Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive...

8.8CVSS7.1AI score0.021EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/11 1:14 p.m.•101 views

USN-5412-1: curl vulnerabilities

Axel Chong discovered that curl incorrectly handled percent-encoded URL separators. A remote attacker could possibly use this issue to trick curl into using the wrong URL and bypass certain checks or filters. This issue only affected Ubuntu 22.04 LTS. CVE-2022-27780 Florian Kohnhuser discovered...

7.5CVSS6.7AI score0.02596EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/01/20 2:48 p.m.•101 views

USN-5243-1: AIDE vulnerability

David Bouman discovered that AIDE incorrectly handled base64 operations. A local attacker could use this issue to cause AIDE to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS7.8AI score0.00493EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/01/18 12:24 p.m.•101 views

USN-5233-1: ClamAV vulnerability

It was discovered that ClamAV incorrectly handled memory when the CLSCANGENERALCOLLECTMETADATA scan option was enabled. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service...

7.5CVSS7.2AI score0.03061EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/11/11 6:26 p.m.•101 views

USN-5145-1: PostgreSQL vulnerabilities

Jacob Champion discovered that PostgreSQL incorrectly handled SSL certificate verification and encryption. A remote attacker could possibly use this issue to inject arbitrary SQL queries when a connection is first established...

8.1CVSS7.3AI score0.01901EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/08/02 2:15 p.m.•101 views

USN-5026-2: QPDF vulnerabilities

USN-5026-1 fixed several vulnerabilities in QPDF. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that QPDF incorrectly handled certain malformed PDF files. A remote attacker could use this issue to cause QPDF to consume resources,...

5.5CVSS5.4AI score0.01281EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/05/18 3:22 p.m.•101 views

USN-4959-1: GStreamer Base Plugins vulnerability

It was discovered that GStreamer Base Plugins incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information...

5.5CVSS7AI score0.05372EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/02/02 2:9 p.m.•101 views

USN-4718-1: fastd vulnerability

It was discovered that fastd incorrectly handled certain packets. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.2AI score0.02334EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/10/23 10:29 a.m.•101 views

USN-4599-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the prompt for opening an external application, obtain sensitive information, or execute arbitrary...

9.8CVSS7.5AI score0.02743EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/08/18 4:39 a.m.•101 views

USN-4463-1: Linux kernel vulnerabilities

It was discovered that the bcache subsystem in the Linux kernel did not properly release a lock in some error conditions. A local attacker could possibly use this to cause a denial of service. CVE-2020-12771 Kyungtae Kim discovered that the USB testing driver in the Linux kernel did not properly...

5.5CVSS6.8AI score0.00519EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/04/27 12:16 p.m.•101 views

USN-4339-1: OpenEXR vulnerabilities

Brandon Perry discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 20.04 LTS...

8.8CVSS7AI score0.0331EPSS
Exploits9
Ubuntu
Ubuntu
•added 2020/03/30 2:35 p.m.•101 views

USN-4312-1: Timeshift vulnerability

Matthias Gerstner discovered that Timeshift did not securely create temporary files. An attacker could exploit a race condition in Timeshift and potentially execute arbitrary commands as root...

7CVSS7.2AI score0.0028EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/12/11 12:17 a.m.•101 views

USN-4221-1: libpcap vulnerability

It was discovered that libpcap did not properly validate PHB headers in some situations. An attacker could use this to cause a denial of service memory exhaustion...

5.3CVSS6.6AI score0.02834EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/11/13 2:35 p.m.•101 views

USN-4190-1: libjpeg-turbo vulnerabilities

It was discovered that libjpeg-turbo incorrectly handled certain BMP images. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2018-14498 It was discovered that libjpeg-turbo incorrectly handled certain...

9.3CVSS6.9AI score0.03104EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/11/04 12:30 p.m.•101 views

USN-4171-2: Apport vulnerabilities

USN-4171-1 fixed several vulnerabilities in apport. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly...

7.8CVSS5.7AI score0.00484EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/10/22 5:14 p.m.•101 views

USN-4164-1: Libxslt vulnerabilities

It was discovered that Libxslt incorrectly handled certain documents. An attacker could possibly use this issue to access sensitive information. This issue not affected Ubuntu 19.10. CVE-2019-13117, CVE-2019-13118 It was discovered that Libxslt incorrectly handled certain documents. An attacker...

7.5CVSS7.5AI score0.06457EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/09/30 12:31 p.m.•101 views

USN-4142-1: e2fsprogs vulnerability

It was discovered that e2fsprogs incorrectly handled certain ext4 partitions. An attacker could possibly use this issue to execute arbitrary code...

7.5CVSS7.4AI score0.01105EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/06/04 10:54 p.m.•101 views

USN-4006-2: Linux kernel (HWE) vulnerability

USN-4006-1 fixed a vulnerability in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS. Federico Manuel Bento discovered that the Linux kernel did not properly apply Address Space...

2.5CVSS6.6AI score0.00495EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/05/08 12:28 p.m.•101 views

USN-3970-1: Ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service...

7.8CVSS7.8AI score0.01756EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/04/15 7:3 p.m.•101 views

USN-3947-2: Libxslt vulnerability

USN-3947-1 fixed a vulnerability in Libxslt. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Libxslt incorrectly handled certain documents. An attacker could possibly use this issue to access sensitive information...

9.8CVSS7.3AI score0.0523EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/03/25 2:32 p.m.•101 views

USN-3919-1: Firefox vulnerabilities

Two security issues were discovered in the JavaScript engine in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could exploit this by causing a denial of service, or executing arbitrary code...

8.8CVSS8.3AI score0.29514EPSS
Exploits13
Ubuntu
Ubuntu
•added 2019/01/16 6:28 p.m.•101 views

USN-3861-2: PolicyKit vulnerability

USN-3861-1 fixed a vulnerability in PolicyKit. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that PolicyKit incorrectly handled certain large user UIDs. A local attacker with a large UID could possibly use this issue to perform...

9CVSS7.4AI score0.11483EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/08/17 11:11 p.m.•101 views

USN-3741-3: Linux kernel regressions

USN-3741-1 introduced mitigations in the Linux kernel for Ubuntu 14.04 LTS to address L1 Terminal Fault L1TF vulnerabilities CVE-2018-3620, CVE-2018-3646. Unfortunately, the update introduced regressions that caused kernel panics when booting in some environments as well as preventing Java...

6.9AI score0.7354EPSS
Exploits0References2
Ubuntu
Ubuntu
•added 2018/06/26 12:8 p.m.•101 views

USN-3692-1: OpenSSL vulnerabilities

Keegan Ryan discovered that OpenSSL incorrectly handled ECDSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. CVE-2018-0495 Guido Vranken discovered that OpenSSL incorrectly handled very large prime values during a key...

7.5CVSS6.5AI score0.49268EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/06/12 1:55 a.m.•101 views

USN-3678-2: Linux kernel (Azure) vulnerabilities

Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service system crash when mounted. CVE-2018-1092 It was discovere...

7.1CVSS6.4AI score0.01999EPSS
Exploits2
Ubuntu
Ubuntu
•added 2018/01/10 1:19 p.m.•101 views

USN-3523-2: Linux kernel (HWE) vulnerabilities

USN-3523-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch...

7.8CVSS7.3AI score0.84172EPSS
Exploits19
Total number of security vulnerabilities5000