Lucene search
K
UbuntuMost viewed

10905 matches found

Ubuntu
Ubuntu
added 2022/04/28 12:40 p.m.101 views

USN-5394-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS7.1AI score0.03668EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/01/26 2:6 p.m.102 views

USN-5193-2: X.Org X Server vulnerabilities

USN-5193-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain inputs. An attacker could use this issue to cause t...

7.8CVSS7.5AI score0.00571EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/01/18 12:24 p.m.101 views

USN-5233-1: ClamAV vulnerability

It was discovered that ClamAV incorrectly handled memory when the CLSCANGENERALCOLLECTMETADATA scan option was enabled. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service...

7.5CVSS7.2AI score0.03061EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/11/03 10:44 p.m.101 views

USN-5132-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, spoof another origin, or execute arbitrary code...

9.8CVSS8.1AI score0.01923EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/11/01 11:49 a.m.101 views

USN-5121-2: Mailman vulnerabilities

USN-5009-1 fixed vulnerabilities in Mailman. This update provides the corresponding updates for Ubuntu 20.04 LTS. In addition, the following CVEs were fixed: It was discovered that Mailman allows arbitrary content injection. An attacker could use this to inject malicious content. CVE-2020-12108,...

8.5CVSS6.6AI score0.02698EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/08/02 2:15 p.m.101 views

USN-5026-2: QPDF vulnerabilities

USN-5026-1 fixed several vulnerabilities in QPDF. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that QPDF incorrectly handled certain malformed PDF files. A remote attacker could use this issue to cause QPDF to consume resources,...

5.5CVSS5.4AI score0.01281EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/06/07 2:12 p.m.101 views

USN-4969-3: DHCP regression

USN-4969-1 fixed a vulnerability in DHCP. The package for Ubuntu 21.04 introduced a regression causing it to reject certain valid configuration files. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jon Franklin and Pawel Wieczorkiewicz discovered tha...

5.6AI score
Exploits0References1
Ubuntu
Ubuntu
added 2020/10/23 10:29 a.m.101 views

USN-4599-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the prompt for opening an external application, obtain sensitive information, or execute arbitrary...

9.8CVSS7.5AI score0.02743EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/08/26 6:29 p.m.101 views

USN-4474-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, trick the user in to installing a malicious extension, spoof the URL bar, leak sensitive information...

8.8CVSS7.8AI score0.01449EPSS
Exploits2
Ubuntu
Ubuntu
added 2020/04/27 12:16 p.m.101 views

USN-4339-1: OpenEXR vulnerabilities

Brandon Perry discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 20.04 LTS...

8.8CVSS7AI score0.0331EPSS
Exploits9
Ubuntu
Ubuntu
added 2020/04/07 1:35 p.m.101 views

USN-4322-1: GnuTLS vulnerability

It was discovered that GnuTLS incorrectly handled randomness when performing DTLS negotiation. A remote attacker could possibly use this issue to obtain sensitive information, contrary to expectations...

7.4CVSS7AI score0.03388EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/03/17 12:54 p.m.101 views

USN-4305-1: ICU vulnerability

André Bargull discovered that ICU incorrectly handled certain strings. An attacker could possibly use this issue to execute arbitrary code...

8.8CVSS8AI score0.02669EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/03/10 1:4 p.m.101 views

USN-4298-1: SQLite vulnerabilities

It was discovered that SQLite incorrectly handled certain shadow tables. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2019-13734, CVE-2019-13750, CVE-2019-13753 It was discovered that SQLite incorrectly handle...

8.8CVSS7.8AI score0.07856EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/01/15 4:4 p.m.101 views

USN-4221-2: libpcap vulnerability

USN-4221-1 fixed a vulnerability in libpcap. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that libpcap did not properly validate PHB headers in some situations. An attacker could use this to cause a denial of service memory...

5.3CVSS6.6AI score0.02834EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/12/11 12:17 a.m.101 views

USN-4221-1: libpcap vulnerability

It was discovered that libpcap did not properly validate PHB headers in some situations. An attacker could use this to cause a denial of service memory exhaustion...

5.3CVSS6.6AI score0.02834EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/11/13 2:35 p.m.101 views

USN-4190-1: libjpeg-turbo vulnerabilities

It was discovered that libjpeg-turbo incorrectly handled certain BMP images. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2018-14498 It was discovered that libjpeg-turbo incorrectly handled certain...

9.3CVSS6.9AI score0.03104EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/11/04 12:30 p.m.101 views

USN-4171-2: Apport vulnerabilities

USN-4171-1 fixed several vulnerabilities in apport. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly...

7.8CVSS5.7AI score0.00523EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/10/22 5:14 p.m.101 views

USN-4164-1: Libxslt vulnerabilities

It was discovered that Libxslt incorrectly handled certain documents. An attacker could possibly use this issue to access sensitive information. This issue not affected Ubuntu 19.10. CVE-2019-13117, CVE-2019-13118 It was discovered that Libxslt incorrectly handled certain documents. An attacker...

7.5CVSS7.5AI score0.06457EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/09/30 12:31 p.m.101 views

USN-4142-1: e2fsprogs vulnerability

It was discovered that e2fsprogs incorrectly handled certain ext4 partitions. An attacker could possibly use this issue to execute arbitrary code...

7.5CVSS7.4AI score0.01105EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/04/15 7:3 p.m.101 views

USN-3947-2: Libxslt vulnerability

USN-3947-1 fixed a vulnerability in Libxslt. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Libxslt incorrectly handled certain documents. An attacker could possibly use this issue to access sensitive information...

9.8CVSS7.3AI score0.05089EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/03/25 2:32 p.m.101 views

USN-3919-1: Firefox vulnerabilities

Two security issues were discovered in the JavaScript engine in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could exploit this by causing a denial of service, or executing arbitrary code...

8.8CVSS8.3AI score0.29514EPSS
Exploits13
Ubuntu
Ubuntu
added 2019/03/21 8:46 p.m.101 views

USN-3917-1: snapd vulnerability

The snapd default seccomp filter for strict mode snaps blocks the use of the ioctl system call when used with TIOCSTI as the second argument to the system call. Jann Horn discovered that this restriction could be circumvented on 64 bit architectures. A malicious snap could exploit this to bypass...

7.5CVSS6.4AI score0.037EPSS
Exploits3References1
Ubuntu
Ubuntu
added 2018/08/24 12:33 a.m.101 views

USN-3752-1: Linux kernel vulnerabilities

It was discovered that, when attempting to handle an out-of-memory situation, a null pointer dereference could be triggered in the Linux kernel in some circumstances. A local attacker could use this to cause a denial of service system crash. CVE-2018-1000200 Wen Xu discovered that the XFS...

7.8CVSS7.5AI score0.16352EPSS
Exploits18
Ubuntu
Ubuntu
added 2018/08/17 11:11 p.m.101 views

USN-3741-3: Linux kernel regressions

USN-3741-1 introduced mitigations in the Linux kernel for Ubuntu 14.04 LTS to address L1 Terminal Fault L1TF vulnerabilities CVE-2018-3620, CVE-2018-3646. Unfortunately, the update introduced regressions that caused kernel panics when booting in some environments as well as preventing Java...

6.9AI score
Exploits0References2
Ubuntu
Ubuntu
added 2018/06/12 1:55 a.m.101 views

USN-3678-2: Linux kernel (Azure) vulnerabilities

Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service system crash when mounted. CVE-2018-1092 It was discovere...

7.1CVSS6.4AI score0.01999EPSS
Exploits2
Ubuntu
Ubuntu
added 2018/05/08 10:24 p.m.101 views

USN-3641-1: Linux kernel vulnerabilities

Nick Peterson discovered that the Linux kernel did not properly handle debug exceptions following a MOV/POP to SS instruction. A local attacker could use this to cause a denial of service system crash. This issue only affected the amd64 architecture. CVE-2018-8897 Andy Lutomirski discovered that...

8CVSS7.1AI score0.18404EPSS
Exploits9
Ubuntu
Ubuntu
added 2016/10/20 2:20 a.m.101 views

USN-3107-1: Linux kernel vulnerability

It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges...

7.2CVSS7.6AI score0.83524EPSS
Exploits81
Ubuntu
Ubuntu
added 2015/06/11 6:7 p.m.101 views

USN-2639-1: OpenSSL vulnerabilities

Praveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered that OpenSSL incorrectly handled memory when buffering DTLS data. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2014-8176 Joseph...

7.5CVSS7.1AI score0.74483EPSS
Exploits1
Ubuntu
Ubuntu
added 2015/02/09 5:32 p.m.101 views

USN-2497-1: NTP vulnerabilities

Stephen Roettger, Sebastian Krahmer, and Harlan Stenn discovered that NTP incorrectly handled the length value in extension fields. A remote attacker could use this issue to possibly obtain leaked information, or cause the NTP daemon to crash, resulting in a denial of service. CVE-2014-9297 Steph...

7AI score
Exploits0
Ubuntu
Ubuntu
added 2014/09/24 3:40 p.m.101 views

USN-2362-1: Bash vulnerability

Stephane Chazelas discovered that Bash incorrectly handled trailing code in function definitions. An attacker could use this issue to bypass environment restrictions, such as SSH forced command environments...

10CVSS8.4AI score0.99999EPSS
Exploits131
Ubuntu
Ubuntu
added 2013/09/06 10:18 a.m.101 views

USN-1941-1: Linux kernel vulnerabilities

Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2013-1059 Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local user could...

7.8CVSS6.8AI score0.04546EPSS
Exploits4
Ubuntu
Ubuntu
added 2012/07/13 12:5 a.m.101 views

USN-1505-1: OpenJDK 6 vulnerabilities

It was discovered that multiple flaws existed in the CORBA Common Object Request Broker Architecture implementation in OpenJDK. An attacker could create a Java application or applet that used these flaws to bypass Java sandbox restrictions or modify immutable object data. CVE-2012-1711,...

10CVSS8.1AI score0.93688EPSS
Exploits9
Ubuntu
Ubuntu
added 2011/10/25 1:10 p.m.101 views

USN-1246-1: Linux kernel vulnerabilities

Dan Rosenberg discovered that the IPv4 diagnostic routines did not correctly validate certain requests. A local attacker could exploit this to consume CPU resources, leading to a denial of service. CVE-2011-2213 Dan Rosenberg discovered that the Bluetooth stack incorrectly handled certain L2CAP...

9.1CVSS8.2AI score0.05689EPSS
Exploits5
Ubuntu
Ubuntu
added 2011/04/05 6:47 p.m.101 views

USN-1105-1: Linux kernel vulnerabilities

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4075 Dan Rosenberg discovered that the socket filters did not correctly...

7.8CVSS5.8AI score0.04308EPSS
Exploits10
Ubuntu
Ubuntu
added 2010/07/23 8:48 a.m.101 views

USN-957-1: Firefox and Xulrunner vulnerabilities

Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. CVE-2010-1208, CVE-2010-1209, CVE-2010-1211, CVE-2010-1212 A...

9.8CVSS7.9AI score0.43382EPSS
Exploits27
Ubuntu
Ubuntu
added 2010/06/03 6:23 a.m.101 views

USN-947-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not correctly handle memory protection of the Virtual Dynamic Shared Object page when running a 32-bit application on a 64-bit kernel. A local attacker could exploit this to cause a denial of service. Only affected Ubuntu 6.06 LTS. CVE-2009-4271 It was...

7.8CVSS6.5AI score0.12426EPSS
Exploits19
Ubuntu
Ubuntu
added 2025/03/27 12:0 p.m.100 views

USN-7378-1: Ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly serialized DollarBlend in certain fonts. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2025-27830 It was discovered that Ghostscript incorrectly handled the...

9.8CVSS7.2AI score0.00806EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/08/12 6:5 p.m.100 views

USN-6955-1: Linux kernel (OEM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - M68K architecture; - OpenRISC architecture; - PowerPC architecture; -...

9.8CVSS7.1AI score0.01483EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/07/19 9:39 a.m.100 views

USN-6898-3: Linux kernel kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Gui-Dong Han discovered that the...

9.1CVSS7.1AI score0.01401EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/02/23 8:20 p.m.100 views

USN-6652-1: Linux kernel (Azure) vulnerabilities

Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service paravirtualized device unavailability. CVE-2023-34324 Zheng Wang discovered...

7.8CVSS7.2AI score0.12836EPSS
Exploits9
Ubuntu
Ubuntu
added 2023/01/13 2:50 a.m.100 views

USN-5804-1: Linux kernel vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/08/09 11:29 a.m.100 views

USN-5169-1: oddjob vulnerability

Matthias Gerstner discovered that there was a race condition in the mkhomedir tool shipped with the oddjob package. An authenticated attacker could use this to setup a symlink attack and change permissions on files on the host filesystem...

6.3CVSS6.4AI score0.00293EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/06/08 5:3 a.m.100 views

USN-5471-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

8.2CVSS6.9AI score0.02972EPSS
Exploits9
Ubuntu
Ubuntu
added 2022/06/01 4:18 a.m.100 views

USN-5442-2: Linux kernel vulnerabilities

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.2AI score0.01027EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/04/18 11:37 a.m.100 views

USN-5379-1: klibc vulnerabilities

It was discovered that klibc did not properly perform some mathematical operations, leading to an integer overflow. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2021-31870 It was discovered that klibc did not...

9.8CVSS8.4AI score0.02147EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/03/23 12:40 p.m.100 views

USN-5336-1: libjpeg9 vulnerabilities

Aladdin Mubaied discovered that the cjpeg utility in libjpeg9 did not properly validate the input image's size. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2016-3616 It was discovered that the cjpeg utility in libjpeg9 incorrectly handled...

8.8CVSS7AI score0.05074EPSS
Exploits4
Ubuntu
Ubuntu
added 2022/02/03 7:55 p.m.100 views

USN-5264-1: Graphviz vulnerabilities

It was discovered that graphviz contains null pointer dereference vulnerabilities. Exploitation via a specially crafted input file can cause a denial of service. CVE-2018-10196, CVE-2019-11023 It was discovered that graphviz contains a buffer overflow vulnerability. Exploitation via a specially...

8.8CVSS7.5AI score0.05037EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/11/30 11:8 p.m.100 views

USN-5164-1: Linux kernel vulnerabilities

It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-37159 It was discovered that th...

6.4CVSS7.1AI score0.00533EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/11/29 11:50 p.m.100 views

USN-5158-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain values when processing visual effects based image files. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. CVE-2021-20244 It was discovered that...

7.8CVSS6.9AI score0.0238EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/09/14 11:54 a.m.100 views

USN-5077-1: Apport vulnerabilities

Maik Münch and Stephen Röttger discovered that Apport incorrectly handled certain information gathering operations. A local attacker could use this issue to gain read access to arbitrary files, possibly containing sensitive information...

6.5CVSS6AI score0.00448EPSS
Exploits2
Total number of security vulnerabilities5000