Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2021/09/22 2:9 p.m.•102 views

USN-5086-1: Linux kernel vulnerability

Johan Almbladh discovered that the eBPF JIT implementation for IBM s390x systems in the Linux kernel miscompiled operations in some situations, allowing circumvention of the BPF verifier. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

5.8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2021/09/08 11:46 a.m.•102 views

USN-5069-1: mod-auth-mellon vulnerability

It was discovered that mod-auth-mellon incorrectly filtered certain URLs. A remote attacker could possibly use this issue to perform an open redirect attack...

6.1CVSS6.2AI score0.00752EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/08/31 4:32 p.m.•102 views

USN-5060-1: NTFS-3G vulnerabilities

It was discovered that NTFS-3G incorrectly handled certain image file. An attacker could possibly use this issue to execute arbitrary code...

5.8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2021/05/18 3:22 p.m.•102 views

USN-4959-1: GStreamer Base Plugins vulnerability

It was discovered that GStreamer Base Plugins incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information...

5.5CVSS7AI score0.05372EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/03/15 9:31 p.m.•102 views

USN-4804-1: Puppet vulnerabilities

It was discovered that Puppet installed modules with world writable permissions. An attacker could use this vulnerability to execute arbitrary code or cause a denial of service. CVE-2017-10689 It was discovered that Puppet could be used to force YAML deserialization in an unsafe manner. A remote...

8.2CVSS7.1AI score0.02375EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/02/02 2:9 p.m.•102 views

USN-4718-1: fastd vulnerability

It was discovered that fastd incorrectly handled certain packets. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.2AI score0.02334EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/08/18 4:39 a.m.•102 views

USN-4463-1: Linux kernel vulnerabilities

It was discovered that the bcache subsystem in the Linux kernel did not properly release a lock in some error conditions. A local attacker could possibly use this to cause a denial of service. CVE-2020-12771 Kyungtae Kim discovered that the USB testing driver in the Linux kernel did not properly...

5.5CVSS6.8AI score0.00519EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/03/30 2:35 p.m.•102 views

USN-4312-1: Timeshift vulnerability

Matthias Gerstner discovered that Timeshift did not securely create temporary files. An attacker could exploit a race condition in Timeshift and potentially execute arbitrary commands as root...

7CVSS7.2AI score0.0028EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/08/13 7:25 p.m.•102 views

USN-4097-2: PHP vulnerabilities

USN-4097-1 fixed several vulnerabilities in php5. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that PHP incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of servi...

7.1CVSS7.1AI score0.0442EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/08/12 8:9 p.m.•102 views

USN-4070-2: MariaDB vulnerabilities

USN-4070-1 fixed multiple vulnerabilities in MySQL. This update provides the corresponding fixes for CVE-2019-2737, CVE-2019-2739, CVE-2019-2740, CVE-2019-2805 in MariaDB 10.1. Ubuntu 18.04 LTS has been updated to MariaDB 10.1.41. In addition to security fixes, the updated package contain bug...

6.5CVSS6.5AI score0.03972EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/01 9:3 p.m.•102 views

USN-4045-1: Thunderbird vulnerabilities

A type confusion bug was discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could exploit this by causing a denial of service, or executing arbirary code. CVE-2019-11707 It was discovered that a sandboxed child process...

10CVSS8.4AI score0.55874EPSS
Exploits14
Ubuntu
Ubuntu
•added 2019/06/04 10:54 p.m.•102 views

USN-4006-2: Linux kernel (HWE) vulnerability

USN-4006-1 fixed a vulnerability in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS. Federico Manuel Bento discovered that the Linux kernel did not properly apply Address Space...

2.5CVSS6.6AI score0.00495EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/01/30 10:43 p.m.•102 views

USN-3874-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, gain additional privileges by escaping the sandbox, or execute arbitrary code. CVE-2018-18500,...

10CVSS8AI score0.12658EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/04/30 4:30 p.m.•102 views

USN-3629-3: MySQL vulnerabilities

USN-3629-1 fixed vulnerabilities in MySQL. This update provides the corresponding updates for Ubuntu 18.04 LTS. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.60 i...

7.7CVSS6.4AI score0.0401EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/02/07 4:29 p.m.•102 views

USN-3560-1: QEMU update

It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This...

5.6CVSS7.2AI score0.74041EPSS
Exploits9
Ubuntu
Ubuntu
•added 2018/01/23 12:26 a.m.•102 views

USN-3540-1: Linux kernel vulnerabilities

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provide...

5.6CVSS7.5AI score0.93838EPSS
Exploits13References1
Ubuntu
Ubuntu
•added 2017/05/11 7:27 p.m.•102 views

USN-3260-2: Firefox regression

USN-3260-1 fixed vulnerabilities in Firefox. The update caused the date picker panel and form validation errors to close immediately on opening. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a...

7.2AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2016/05/06 8:37 p.m.•102 views

USN-2965-4: Linux kernel (Qualcomm Snapdragon) vulnerability

Jann Horn discovered that the extended Berkeley Packet Filter eBPF implementation in the Linux kernel did not properly reference count file descriptors, leading to a use-after-free. A local unprivileged attacker could use this to gain administrative privileges. Ralf Spenneberg discovered that the...

10CVSS6.8AI score0.2593EPSS
Exploits32
Ubuntu
Ubuntu
•added 2016/01/05 6:45 p.m.•102 views

USN-2856-1: ldb vulnerabilities

Thilo Uttendorfer discovered that the ldb incorrectly handled certain zero values. A remote attacker could use this issue to cause applications using ldb, such as Samba, to stop responding, resulting in a denial of service. CVE-2015-3223 Douglas Bagnall discovered that ldb incorrectly handled...

7.5CVSS6.8AI score0.06884EPSS
Exploits0
Ubuntu
Ubuntu
•added 2014/04/07 9:52 p.m.•102 views

USN-2165-1: OpenSSL vulnerabilities

Neel Mehta discovered that OpenSSL incorrectly handled memory in the TLS heartbeat extension. An attacker could use this issue to obtain up to 64k of memory contents from the client or server, possibly leading to the disclosure of private keys and other sensitive information. CVE-2014-0160 Yuval...

7.5CVSS7.7AI score0.99999EPSS
Exploits88
Ubuntu
Ubuntu
•added 2014/03/07 11:58 a.m.•102 views

USN-2139-1: Linux kernel (OMAP4) vulnerabilities

Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported a flaw in the Linux Kernel's kvmvmioctlcreatevcpu function ...

7.2CVSS7AI score0.10209EPSS
Exploits7
Ubuntu
Ubuntu
•added 2013/10/22 12:15 a.m.•102 views

USN-1993-1: Linux kernel (OMAP4) vulnerability

An information leak was discovered in the Linux kernel when reading broadcast messages from the notifypolicy interface of the IPSec keysocket. A local user could exploit this flaw to examine potentially sensitive information in kernel memory...

2.1CVSS7.7AI score0.00557EPSS
Exploits1
Ubuntu
Ubuntu
•added 2013/10/01 2:56 p.m.•102 views

USN-1982-1: Python 2.6 vulnerability

Ryan Sleevi discovered that Python did not properly handle certificates with NULL characters in the Subject Alternative Name field. An attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...

4.3CVSS7.4AI score0.05347EPSS
Exploits1
Ubuntu
Ubuntu
•added 2013/03/18 9:52 p.m.•102 views

USN-1768-1: Linux kernel (Quantal HWE) vulnerabilities

Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously. CVE-2013-0190 A failure to validate input was discovered in the Linux kernel's Xen netback network backend driver. ...

6.5CVSS7AI score0.01557EPSS
Exploits4
Ubuntu
Ubuntu
•added 2012/04/24 10:21 a.m.•102 views

USN-1425-1: Linux kernel vulnerabilities

Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. CVE-2011-4347 Stephan Bärwolf discovered a flaw in the KVM kernel-based virtual machin...

7.8CVSS6.5AI score0.01014EPSS
Exploits4
Ubuntu
Ubuntu
•added 2012/02/10 4:55 a.m.•102 views

USN-1358-1: PHP vulnerabilities

It was discovered that PHP computed hash values for form parameters without restricting the ability to trigger hash collisions predictably. This could allow a remote attacker to cause a denial of service by sending many crafted parameters. CVE-2011-4885 ATTENTION: this update changes previous PHP...

7.5CVSS8.6AI score0.83911EPSS
Exploits30
Ubuntu
Ubuntu
•added 2011/11/09 6:32 p.m.•102 views

USN-1256-1: Linux kernel (Natty backport) vulnerabilities

It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities...

9.8CVSS7.1AI score0.08793EPSS
Exploits37
Ubuntu
Ubuntu
•added 2011/10/18 6:22 a.m.•102 views

USN-1231-1: PHP Vulnerabilities

Mateusz Kocielski, Marek Kroemeke and Filip Palian discovered that a stack-based buffer overflow existed in the socketconnect function's handling of long pathnames for AFUNIX sockets. A remote attacker might be able to exploit this to execute arbitrary code; however, the default compiler options...

7.5CVSS8.6AI score0.22724EPSS
Exploits17
Ubuntu
Ubuntu
•added 2011/05/11 8:36 a.m.•102 views

USN-1131-1: Postfix vulnerability

Thomas Jarosch discovered that Postfix incorrectly handled authentication mechanisms other than PLAIN and LOGIN when the Cyrus SASL library is used. A remote attacker could use this to cause Postfix to crash, leading to a denial of service, or possibly execute arbitrary code as the postfix user...

6.8CVSS9.1AI score0.21646EPSS
Exploits1
Ubuntu
Ubuntu
•added 2011/02/25 11:15 p.m.•102 views

USN-1073-1: Linux kernel vulnerabilities

Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this to crash the host system, leading to a denial of service. CVE-2010-0435 Dan Jacobson discovered that ThinkPad video output was not correctly...

7.2CVSS6.2AI score0.03739EPSS
Exploits35
Ubuntu
Ubuntu
•added 2005/07/28 7:16 p.m.•102 views

USN-149-3: Ubuntu 4.10 update for Firefox vulnerabilities

USN-149-1 fixed some vulnerabilities in the Ubuntu 5.04 Hoary Hedgehog version of Firefox. The version shipped with Ubuntu 4.10 Warty Warthog is also vulnerable to these flaws, so it needs to be upgraded as well. Please see http://www.ubuntulinux.org/support/documentation/usn/usn-149-1 for the...

7.5CVSS6.2AI score0.68097EPSS
Exploits24
Ubuntu
Ubuntu
•added 2024/04/16 8:56 p.m.•101 views

USN-6725-2: Linux kernel (AWS) vulnerabilities

Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate certain data structure fields when parsing lease contexts, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service system crash or possibly...

9.8CVSS7.4AI score0.17442EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/08 1:47 p.m.•101 views

USN-6474-1: xrdp vulnerabilities

It was discovered that xrdp incorrectly handled validation of client-supplied data, which could lead to out-of-bounds reads. An attacker could possibly use this issue to crash the program or extract sensitive information. CVE-2022-23479, CVE-2022-23481, CVE-2022-23483, CVE-2023-42822 It was...

9.8CVSS7.1AI score0.00892EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/03/21 1:41 a.m.•101 views

USN-5965-1: TigerVNC vulnerability

It was discovered that TigerVNC mishandled TLS certificate exceptions. An attacker could use this vulnerability to impersonate any server after a client had added an exception and obtain sensitive information...

8.1CVSS7.6AI score0.0306EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/03/15 7:58 p.m.•101 views

USN-5956-2: PHPMailer vulnerability

USN-5956-1 fixed vulnerabilities in PHPMailer. It was discovered that the fix for CVE-2017-11503 was incomplete. This update fixes the problem. Original advisory details: Dawid Golunski discovered that PHPMailer was not properly escaping user input data used as arguments to functions executed by...

6.1CVSS7.3AI score0.024EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/03/08 1:2 p.m.•101 views

USN-5936-1: Samba vulnerabilities

Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. CVE-2022-3437 Tom Tervoort discovered that Samba incorrectly used weak rc4-hmac Kerber...

9.8CVSS7.6AI score0.06419EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/02/28 2:5 p.m.•101 views

USN-5901-1: GnuTLS vulnerability

Hubert Kario discovered that GnuTLS had a timing side-channel when handling certain RSA messages. A remote attacker could possibly use this issue to recover sensitive information...

7.4CVSS7AI score0.01403EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/02/27 5:12 a.m.•101 views

USN-5886-1: Intel Microcode vulnerabilities

Erik C. Bjorge discovered that some IntelR Atom and Intel Xeon Scalable Processors did not properly implement access controls for out-of-band management. This may allow a privileged network-adjacent user to potentially escalate privileges. CVE-2022-21216 Cfir Cohen, Erdem Aktas, Felix Wilhelm,...

7.5CVSS6.3AI score0.00539EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/12 1:48 a.m.•101 views

USN-5418-1: Linux kernel vulnerabilities

Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive...

8.8CVSS7.2AI score0.021EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/12 1:17 a.m.•101 views

USN-5417-1: Linux kernel vulnerabilities

Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive...

8.8CVSS7.1AI score0.021EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/11 1:14 p.m.•101 views

USN-5412-1: curl vulnerabilities

Axel Chong discovered that curl incorrectly handled percent-encoded URL separators. A remote attacker could possibly use this issue to trick curl into using the wrong URL and bypass certain checks or filters. This issue only affected Ubuntu 22.04 LTS. CVE-2022-27780 Florian Kohnhuser discovered...

7.5CVSS6.7AI score0.02596EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/01/18 12:24 p.m.•101 views

USN-5233-1: ClamAV vulnerability

It was discovered that ClamAV incorrectly handled memory when the CLSCANGENERALCOLLECTMETADATA scan option was enabled. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service...

7.5CVSS7.2AI score0.03061EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/11/11 6:26 p.m.•101 views

USN-5145-1: PostgreSQL vulnerabilities

Jacob Champion discovered that PostgreSQL incorrectly handled SSL certificate verification and encryption. A remote attacker could possibly use this issue to inject arbitrary SQL queries when a connection is first established...

8.1CVSS7.3AI score0.01901EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/11/01 11:49 a.m.•101 views

USN-5121-2: Mailman vulnerabilities

USN-5009-1 fixed vulnerabilities in Mailman. This update provides the corresponding updates for Ubuntu 20.04 LTS. In addition, the following CVEs were fixed: It was discovered that Mailman allows arbitrary content injection. An attacker could use this to inject malicious content. CVE-2020-12108,...

8.5CVSS6.6AI score0.02698EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/08/02 2:15 p.m.•101 views

USN-5026-2: QPDF vulnerabilities

USN-5026-1 fixed several vulnerabilities in QPDF. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that QPDF incorrectly handled certain malformed PDF files. A remote attacker could use this issue to cause QPDF to consume resources,...

5.5CVSS5.4AI score0.01281EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/10/23 10:29 a.m.•101 views

USN-4599-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the prompt for opening an external application, obtain sensitive information, or execute arbitrary...

9.8CVSS7.5AI score0.02743EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/04/27 12:16 p.m.•101 views

USN-4339-1: OpenEXR vulnerabilities

Brandon Perry discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 20.04 LTS...

8.8CVSS7AI score0.0331EPSS
Exploits9
Ubuntu
Ubuntu
•added 2020/03/10 1:4 p.m.•101 views

USN-4298-1: SQLite vulnerabilities

It was discovered that SQLite incorrectly handled certain shadow tables. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2019-13734, CVE-2019-13750, CVE-2019-13753 It was discovered that SQLite incorrectly handle...

8.8CVSS7.8AI score0.07856EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/15 4:4 p.m.•101 views

USN-4221-2: libpcap vulnerability

USN-4221-1 fixed a vulnerability in libpcap. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that libpcap did not properly validate PHB headers in some situations. An attacker could use this to cause a denial of service memory...

5.3CVSS6.6AI score0.02834EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/12/11 12:17 a.m.•101 views

USN-4221-1: libpcap vulnerability

It was discovered that libpcap did not properly validate PHB headers in some situations. An attacker could use this to cause a denial of service memory exhaustion...

5.3CVSS6.6AI score0.02834EPSS
Exploits0
Total number of security vulnerabilities5000