Lucene search
K
UbuntuMost viewed

10904 matches found

Ubuntu
Ubuntu
added 2020/03/10 1:4 p.m.101 views

USN-4298-1: SQLite vulnerabilities

It was discovered that SQLite incorrectly handled certain shadow tables. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2019-13734, CVE-2019-13750, CVE-2019-13753 It was discovered that SQLite incorrectly handle...

8.8CVSS7.8AI score0.07856EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/01/15 4:4 p.m.101 views

USN-4221-2: libpcap vulnerability

USN-4221-1 fixed a vulnerability in libpcap. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that libpcap did not properly validate PHB headers in some situations. An attacker could use this to cause a denial of service memory...

5.3CVSS6.6AI score0.02834EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/12/11 12:17 a.m.101 views

USN-4221-1: libpcap vulnerability

It was discovered that libpcap did not properly validate PHB headers in some situations. An attacker could use this to cause a denial of service memory exhaustion...

5.3CVSS6.6AI score0.02834EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/11/13 2:35 p.m.101 views

USN-4190-1: libjpeg-turbo vulnerabilities

It was discovered that libjpeg-turbo incorrectly handled certain BMP images. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2018-14498 It was discovered that libjpeg-turbo incorrectly handled certain...

9.3CVSS6.9AI score0.03104EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/11/04 12:30 p.m.101 views

USN-4171-2: Apport vulnerabilities

USN-4171-1 fixed several vulnerabilities in apport. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly...

7.8CVSS5.7AI score0.00484EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/10/22 5:14 p.m.101 views

USN-4164-1: Libxslt vulnerabilities

It was discovered that Libxslt incorrectly handled certain documents. An attacker could possibly use this issue to access sensitive information. This issue not affected Ubuntu 19.10. CVE-2019-13117, CVE-2019-13118 It was discovered that Libxslt incorrectly handled certain documents. An attacker...

7.5CVSS7.5AI score0.06457EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/09/30 12:31 p.m.101 views

USN-4142-1: e2fsprogs vulnerability

It was discovered that e2fsprogs incorrectly handled certain ext4 partitions. An attacker could possibly use this issue to execute arbitrary code...

7.5CVSS7.4AI score0.01105EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/05/08 12:28 p.m.101 views

USN-3970-1: Ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service...

7.8CVSS7.8AI score0.01756EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/04/15 7:3 p.m.101 views

USN-3947-2: Libxslt vulnerability

USN-3947-1 fixed a vulnerability in Libxslt. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Libxslt incorrectly handled certain documents. An attacker could possibly use this issue to access sensitive information...

9.8CVSS7.3AI score0.05089EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/03/25 2:32 p.m.101 views

USN-3919-1: Firefox vulnerabilities

Two security issues were discovered in the JavaScript engine in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could exploit this by causing a denial of service, or executing arbitrary code...

8.8CVSS8.3AI score0.29514EPSS
Exploits13
Ubuntu
Ubuntu
added 2019/03/21 8:46 p.m.101 views

USN-3917-1: snapd vulnerability

The snapd default seccomp filter for strict mode snaps blocks the use of the ioctl system call when used with TIOCSTI as the second argument to the system call. Jann Horn discovered that this restriction could be circumvented on 64 bit architectures. A malicious snap could exploit this to bypass...

7.5CVSS6.4AI score0.037EPSS
Exploits3References1
Ubuntu
Ubuntu
added 2019/01/16 6:28 p.m.101 views

USN-3861-2: PolicyKit vulnerability

USN-3861-1 fixed a vulnerability in PolicyKit. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that PolicyKit incorrectly handled certain large user UIDs. A local attacker with a large UID could possibly use this issue to perform...

9CVSS7.4AI score0.11483EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/08/24 12:33 a.m.101 views

USN-3752-1: Linux kernel vulnerabilities

It was discovered that, when attempting to handle an out-of-memory situation, a null pointer dereference could be triggered in the Linux kernel in some circumstances. A local attacker could use this to cause a denial of service system crash. CVE-2018-1000200 Wen Xu discovered that the XFS...

7.8CVSS7.5AI score0.16352EPSS
Exploits18
Ubuntu
Ubuntu
added 2018/08/17 11:11 p.m.101 views

USN-3741-3: Linux kernel regressions

USN-3741-1 introduced mitigations in the Linux kernel for Ubuntu 14.04 LTS to address L1 Terminal Fault L1TF vulnerabilities CVE-2018-3620, CVE-2018-3646. Unfortunately, the update introduced regressions that caused kernel panics when booting in some environments as well as preventing Java...

6.9AI score
Exploits0References2
Ubuntu
Ubuntu
added 2018/06/26 12:8 p.m.101 views

USN-3692-1: OpenSSL vulnerabilities

Keegan Ryan discovered that OpenSSL incorrectly handled ECDSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. CVE-2018-0495 Guido Vranken discovered that OpenSSL incorrectly handled very large prime values during a key...

7.5CVSS6.5AI score0.49268EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/06/12 1:55 a.m.101 views

USN-3678-2: Linux kernel (Azure) vulnerabilities

Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service system crash when mounted. CVE-2018-1092 It was discovere...

7.1CVSS6.4AI score0.01999EPSS
Exploits2
Ubuntu
Ubuntu
added 2018/05/08 10:24 p.m.101 views

USN-3641-1: Linux kernel vulnerabilities

Nick Peterson discovered that the Linux kernel did not properly handle debug exceptions following a MOV/POP to SS instruction. A local attacker could use this to cause a denial of service system crash. This issue only affected the amd64 architecture. CVE-2018-8897 Andy Lutomirski discovered that...

8CVSS7.1AI score0.18404EPSS
Exploits9
Ubuntu
Ubuntu
added 2018/01/10 1:19 p.m.101 views

USN-3523-2: Linux kernel (HWE) vulnerabilities

USN-3523-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch...

7.8CVSS7.3AI score0.84172EPSS
Exploits19
Ubuntu
Ubuntu
added 2017/01/23 6:24 p.m.101 views

USN-3177-1: Tomcat vulnerabilities

It was discovered that the Tomcat realm implementations incorrectly handled passwords when a username didn't exist. A remote attacker could possibly use this issue to enumerate usernames. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-0762 Alvaro Muno...

9.8CVSS7.1AI score0.90338EPSS
Exploits12
Ubuntu
Ubuntu
added 2016/10/20 2:20 a.m.101 views

USN-3107-1: Linux kernel vulnerability

It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges...

7.2CVSS7.6AI score0.83524EPSS
Exploits81
Ubuntu
Ubuntu
added 2015/06/11 6:7 p.m.101 views

USN-2639-1: OpenSSL vulnerabilities

Praveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered that OpenSSL incorrectly handled memory when buffering DTLS data. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2014-8176 Joseph...

7.5CVSS7.1AI score0.74483EPSS
Exploits1
Ubuntu
Ubuntu
added 2015/02/09 5:32 p.m.101 views

USN-2497-1: NTP vulnerabilities

Stephen Roettger, Sebastian Krahmer, and Harlan Stenn discovered that NTP incorrectly handled the length value in extension fields. A remote attacker could use this issue to possibly obtain leaked information, or cause the NTP daemon to crash, resulting in a denial of service. CVE-2014-9297 Steph...

7AI score
Exploits0
Ubuntu
Ubuntu
added 2014/09/24 3:40 p.m.101 views

USN-2362-1: Bash vulnerability

Stephane Chazelas discovered that Bash incorrectly handled trailing code in function definitions. An attacker could use this issue to bypass environment restrictions, such as SSH forced command environments...

10CVSS8.4AI score0.99999EPSS
Exploits131
Ubuntu
Ubuntu
added 2013/09/06 10:18 a.m.101 views

USN-1941-1: Linux kernel vulnerabilities

Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2013-1059 Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local user could...

7.8CVSS6.8AI score0.04546EPSS
Exploits4
Ubuntu
Ubuntu
added 2012/10/17 1:9 p.m.101 views

USN-1613-1: Python 2.5 vulnerabilities

It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. CVE-2008-5983 It was discovered that the audioop module did not correctly perform...

6.9CVSS6.8AI score0.14643EPSS
Exploits7
Ubuntu
Ubuntu
added 2012/07/13 12:5 a.m.101 views

USN-1505-1: OpenJDK 6 vulnerabilities

It was discovered that multiple flaws existed in the CORBA Common Object Request Broker Architecture implementation in OpenJDK. An attacker could create a Java application or applet that used these flaws to bypass Java sandbox restrictions or modify immutable object data. CVE-2012-1711,...

10CVSS8.1AI score0.93688EPSS
Exploits9
Ubuntu
Ubuntu
added 2011/10/25 1:10 p.m.101 views

USN-1246-1: Linux kernel vulnerabilities

Dan Rosenberg discovered that the IPv4 diagnostic routines did not correctly validate certain requests. A local attacker could exploit this to consume CPU resources, leading to a denial of service. CVE-2011-2213 Dan Rosenberg discovered that the Bluetooth stack incorrectly handled certain L2CAP...

9.1CVSS8.2AI score0.05689EPSS
Exploits5
Ubuntu
Ubuntu
added 2011/04/05 6:47 p.m.101 views

USN-1105-1: Linux kernel vulnerabilities

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4075 Dan Rosenberg discovered that the socket filters did not correctly...

7.8CVSS5.8AI score0.04308EPSS
Exploits10
Ubuntu
Ubuntu
added 2010/07/23 8:48 a.m.101 views

USN-957-1: Firefox and Xulrunner vulnerabilities

Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. CVE-2010-1208, CVE-2010-1209, CVE-2010-1211, CVE-2010-1212 A...

9.8CVSS7.9AI score0.43382EPSS
Exploits27
Ubuntu
Ubuntu
added 2010/06/03 6:23 a.m.101 views

USN-947-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not correctly handle memory protection of the Virtual Dynamic Shared Object page when running a 32-bit application on a 64-bit kernel. A local attacker could exploit this to cause a denial of service. Only affected Ubuntu 6.06 LTS. CVE-2009-4271 It was...

7.8CVSS6.5AI score0.12426EPSS
Exploits19
Ubuntu
Ubuntu
added 2008/03/26 5:34 p.m.101 views

USN-593-1: Dovecot vulnerabilities

It was discovered that the default configuration of dovecot could allow access to any email files with group "mail" without verifying that a user had valid rights. An attacker able to create symlinks in their mail directory could exploit this to read or delete another user's email. CVE-2008-1199 ...

6.8CVSS5.4AI score0.07342EPSS
Exploits6
Ubuntu
Ubuntu
added 2025/03/27 12:0 p.m.100 views

USN-7378-1: Ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly serialized DollarBlend in certain fonts. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2025-27830 It was discovered that Ghostscript incorrectly handled the...

9.8CVSS7.2AI score0.00806EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/08/12 6:5 p.m.100 views

USN-6955-1: Linux kernel (OEM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - M68K architecture; - OpenRISC architecture; - PowerPC architecture; -...

9.8CVSS7.1AI score0.01483EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/02/23 8:20 p.m.100 views

USN-6652-1: Linux kernel (Azure) vulnerabilities

Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service paravirtualized device unavailability. CVE-2023-34324 Zheng Wang discovered...

7.8CVSS7.2AI score0.12836EPSS
Exploits9
Ubuntu
Ubuntu
added 2023/01/13 2:50 a.m.100 views

USN-5804-1: Linux kernel vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/08/09 11:29 a.m.100 views

USN-5169-1: oddjob vulnerability

Matthias Gerstner discovered that there was a race condition in the mkhomedir tool shipped with the oddjob package. An authenticated attacker could use this to setup a symlink attack and change permissions on files on the host filesystem...

6.3CVSS6.4AI score0.00293EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/06/08 5:3 a.m.100 views

USN-5471-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

8.2CVSS6.9AI score0.02972EPSS
Exploits9
Ubuntu
Ubuntu
added 2022/06/01 4:18 a.m.100 views

USN-5442-2: Linux kernel vulnerabilities

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.2AI score0.01027EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/04/28 12:40 p.m.100 views

USN-5394-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS7.1AI score0.03668EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/18 11:37 a.m.100 views

USN-5379-1: klibc vulnerabilities

It was discovered that klibc did not properly perform some mathematical operations, leading to an integer overflow. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2021-31870 It was discovered that klibc did not...

9.8CVSS8.4AI score0.02147EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/03/23 12:40 p.m.100 views

USN-5336-1: libjpeg9 vulnerabilities

Aladdin Mubaied discovered that the cjpeg utility in libjpeg9 did not properly validate the input image's size. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2016-3616 It was discovered that the cjpeg utility in libjpeg9 incorrectly handled...

8.8CVSS7AI score0.05074EPSS
Exploits4
Ubuntu
Ubuntu
added 2022/02/03 7:55 p.m.100 views

USN-5264-1: Graphviz vulnerabilities

It was discovered that graphviz contains null pointer dereference vulnerabilities. Exploitation via a specially crafted input file can cause a denial of service. CVE-2018-10196, CVE-2019-11023 It was discovered that graphviz contains a buffer overflow vulnerability. Exploitation via a specially...

8.8CVSS7.5AI score0.05037EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/01/26 2:6 p.m.101 views

USN-5193-2: X.Org X Server vulnerabilities

USN-5193-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain inputs. An attacker could use this issue to cause t...

7.8CVSS7.5AI score0.00571EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/11/30 11:8 p.m.100 views

USN-5164-1: Linux kernel vulnerabilities

It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-37159 It was discovered that th...

6.4CVSS7.1AI score0.00533EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/11/29 11:50 p.m.100 views

USN-5158-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain values when processing visual effects based image files. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. CVE-2021-20244 It was discovered that...

7.8CVSS6.9AI score0.0238EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/11/03 10:44 p.m.100 views

USN-5132-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, spoof another origin, or execute arbitrary code...

9.8CVSS8.1AI score0.01923EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/09/14 11:54 a.m.100 views

USN-5077-1: Apport vulnerabilities

Maik Münch and Stephen Röttger discovered that Apport incorrectly handled certain information gathering operations. A local attacker could use this issue to gain read access to arbitrary files, possibly containing sensitive information...

6.5CVSS6AI score0.00448EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/06/07 2:12 p.m.100 views

USN-4969-3: DHCP regression

USN-4969-1 fixed a vulnerability in DHCP. The package for Ubuntu 21.04 introduced a regression causing it to reject certain valid configuration files. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jon Franklin and Pawel Wieczorkiewicz discovered tha...

5.6AI score
Exploits0References1
Ubuntu
Ubuntu
added 2021/01/12 12:44 p.m.100 views

USN-4649-2: xdg-utils regression

USN-4649-1 fixed vulnerabilities in xdg-utils. That update caused a regression by removing the --attach functionality in thunderbird and others applications. This update fix the problem by reverting these changes. Original advisory details: Jens Mueller discovered that xdg-utils incorrectly handl...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2020/11/25 6:3 p.m.100 views

USN-4646-1: poppler vulnerabilities

It was discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service...

8.8CVSS6.6AI score0.02486EPSS
Exploits3
Total number of security vulnerabilities5000