Lucene search
K
UbuntuMost viewed

10904 matches found

Ubuntu
Ubuntu
added 2020/10/22 6:26 p.m.100 views

USN-4600-1: Netty vulnerabilities

It was discovered that Netty had HTTP request smuggling vulnerabilities. A remote attacker could used it to extract sensitive information. CVE-2019-16869, CVE-2019-20444, CVE-2019-20445, CVE-2020-7238...

9.1CVSS7AI score0.13474EPSS
Exploits4
Ubuntu
Ubuntu
added 2020/09/03 6:34 p.m.100 views

USN-4474-2: Firefox regressions

USN-4474-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted...

7.8AI score
Exploits0References1
Ubuntu
Ubuntu
added 2020/08/26 6:29 p.m.100 views

USN-4474-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, trick the user in to installing a malicious extension, spoof the URL bar, leak sensitive information...

8.8CVSS7.8AI score0.01449EPSS
Exploits2
Ubuntu
Ubuntu
added 2020/05/14 1:16 a.m.100 views

USN-4359-1: APT vulnerability

It was discovered that APT incorrectly handled certain filenames during package installation. If an attacker could provide a specially crafted package to be installed by the system administrator, this could cause APT to crash...

5.5CVSS6.3AI score0.01305EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/10/21 12:33 p.m.100 views

USN-4155-2: Aspell vulnerability

USN-4155-1 fixed a vulnerability in Aspell. This update provides the corresponding update for Ubuntu 19.10. Original advisory details: It was discovered that Aspell incorrectly handled certain inputs. An attacker could potentially access sensitive information...

9.1CVSS7AI score0.03259EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/10/10 12:3 p.m.100 views

USN-4153-1: Octavia vulnerability

Daniel Preussker discovered that Octavia incorrectly handled client certificate checking. A remote attacker on the management network could possibly use this issue to perform configuration changes and obtain sensitive information...

9.1CVSS7AI score0.02296EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/10/08 12:9 p.m.100 views

USN-4149-1: Unbound vulnerability

It was discovered that Unbound incorrectly handled certain NOTIFY queries. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS6.7AI score0.03506EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/07/15 1:42 p.m.100 views

USN-4055-1: flightcrew vulnerabilities

Mike Salvatore discovered that FlightCrew improperly handled certain malformed EPUB files. An attacker could potentially use this vulnerability to cause a denial of service. CVE-2019-13032 Mike Salvatore discovered that FlightCrew mishandled certain malformed EPUB files. An attacker could use thi...

7.8CVSS6.6AI score0.02026EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/04/29 12:59 p.m.100 views

USN-3959-1: Evince vulnerability

It was discovered that Evince incorrectly handled certain images. An attacker could possibly use this issue to expose sensitive information...

5.5CVSS6.5AI score0.01443EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/03/28 8:4 p.m.100 views

USN-3927-1: Thunderbird vulnerabilities

It was discovered that Thunderbird allowed PAC files to specify that requests to localhost are sent through the proxy to another server. If proxy auto-detection is enabled, an attacker could potentially exploit this to conduct attacks on local services and tools. CVE-2018-18506 Multiple security...

9.8CVSS8.2AI score0.29514EPSS
Exploits24
Ubuntu
Ubuntu
added 2019/02/07 11:45 a.m.100 views

USN-3884-1: libarchive vulnerabilities

It was discovered that libarchive incorrectly handled certain 7zip files. An attacker could possibly use this issue to cause a denial of service. CVE-2019-1000019, CVE-2019-1000020...

6.5CVSS6.3AI score0.03407EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/08/14 9:58 p.m.100 views

USN-3742-1: Linux kernel vulnerabilities

It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault L1TF. A local attacker in a guest virtual machine could use this to expose sensitive...

7.8CVSS6.8AI score0.7354EPSS
Exploits8References1
Ubuntu
Ubuntu
added 2017/10/24 6:11 p.m.100 views

USN-3425-2: Apache HTTP Server vulnerability

USN-3425-1 fixed a vulnerability in Apache HTTP Server. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Hanno Böck discovered that the Apache HTTP Server incorrectly handled Limit directives in .htaccess files. In certain configurations, a remote...

7.5CVSS7.2AI score0.94999EPSS
Exploits9
Ubuntu
Ubuntu
added 2017/08/11 3:37 a.m.100 views

USN-3386-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3386-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload UFO code...

7.8CVSS7AI score0.20797EPSS
Exploits19
Ubuntu
Ubuntu
added 2017/03/02 2:40 p.m.100 views

USN-3211-2: PHP regression

USN-3211-1 fixed vulnerabilities in PHP by updating to the new 7.0.15 upstream release. PHP 7.0.15 introduced a regression when using MySQL with large blobs. This update fixes the problem with a backported fix. Original advisory details: It was discovered that PHP incorrectly handled certain...

8.1AI score
Exploits0References1
Ubuntu
Ubuntu
added 2017/02/22 7:26 a.m.100 views

USN-3208-1: Linux kernel vulnerabilities

It was discovered that the generic SCSI block layer in the Linux kernel did not properly restrict write operations in certain situations. A local attacker could use this to cause a denial of service system crash or possibly gain administrative privileges. CVE-2016-10088 CAI Qian discovered that t...

8.4CVSS6.8AI score0.0596EPSS
Exploits13
Ubuntu
Ubuntu
added 2016/05/09 10:11 p.m.100 views

USN-2971-1: Linux kernel vulnerabilities

Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not properly validate the endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7515 Zach Riggle discovered that the Linux kernel's list...

7.8CVSS6.4AI score0.01946EPSS
Exploits19
Ubuntu
Ubuntu
added 2016/05/04 6:44 p.m.100 views

USN-2950-3: Samba regressions

USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update resolves some of these issues by updating to Samba 4.3.9 in Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. Backported regression fixes were adde...

7.1AI score
Exploits0References1
Ubuntu
Ubuntu
added 2016/02/23 2:14 p.m.100 views

USN-2912-1: libssh vulnerabilities

Mariusz Ziulek discovered that libssh incorrectly handled certain packets. A remote attacker could possibly use this issue to cause libssh to crash, resulting in a denial of service. CVE-2015-3146 Aris Adamantiadis discovered that libssh incorrectly generated ephemeral secret keys of 128 bits...

7.5CVSS6.4AI score0.0391EPSS
Exploits0
Ubuntu
Ubuntu
added 2013/02/05 10:38 p.m.100 views

USN-1681-4: Firefox regression

USN-1681-1 fixed vulnerabilities in Firefox. Due to an upstream regression, Firefox suffered from instabilities when accessing some websites. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Christoph Diehl, Christian Holler, Mats Palmgren, Chiaki...

9.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2012/10/17 8:4 p.m.100 views

USN-1613-2: Python 2.4 vulnerabilities

USN-1613-1 fixed vulnerabilities in Python 2.5. This update provides the corresponding updates for Python 2.4. Original advisory details: It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working...

6.9CVSS6.8AI score0.14643EPSS
Exploits7
Ubuntu
Ubuntu
added 2012/03/27 10:21 a.m.100 views

USN-1405-1: Linux kernel vulnerabilities

Paolo Bonzini discovered a flaw in Linux's handling of the SGIO ioctl command. A local user, or user in a VM could exploit this flaw to bypass restrictions and gain read/write access to all data on the affected block device. CVE-2011-4127 A flaw was found in the Linux kernel's ext4 file system wh...

7.1CVSS6.4AI score0.02678EPSS
Exploits2
Ubuntu
Ubuntu
added 2012/02/03 10:37 p.m.100 views

USN-1355-3: ubufox and webfav update

USN-1355-1 fixed vulnerabilities in Firefox. This update provides updated ubufox and webfav packages for use with the latest Firefox. Original advisory details: It was discovered that if a user chose to export their Firefox Sync key the "Firefox Recovery Key.html" file is saved with incorrect...

8.4AI score
Exploits0References1
Ubuntu
Ubuntu
added 2011/09/26 10:25 p.m.100 views

USN-1216-1: Linux kernel (EC2) vulnerabilities

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 Alex Shi and Eric Dumazet discovered that the network stack...

7.8CVSS6.8AI score0.08793EPSS
Exploits21
Ubuntu
Ubuntu
added 2009/01/29 12:1 a.m.100 views

USN-714-1: Linux kernel vulnerabilities

Hugo Dias discovered that the ATM subsystem did not correctly manage socket counts. A local attacker could exploit this to cause a system hang, leading to a denial of service. CVE-2008-5079 It was discovered that the libertas wireless driver did not correctly handle beacon and probe responses. A...

10CVSS5.5AI score0.05261EPSS
Exploits9
Ubuntu
Ubuntu
added 2005/08/21 12:19 a.m.100 views

USN-171-1: PHP4 vulnerabilities

CAN-2005-1751: The php4-dev package ships a copy of the "shtool" utility in /usr/lib/php4/build/, which provides useful functionality for developers of software packages. Eric Romang discovered that shtool created temporary files in an insecure manner. This could allow a symlink attack to create ...

7.5CVSS6.8AI score0.05091EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/04/02 2:24 p.m.99 views

USN-7406-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Network namespace; - Networking core; CVE-2024-26928, CVE-2024-56658,...

7.8CVSS6.9AI score0.00276EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/02/18 1:4 p.m.99 views

USN-7270-1: OpenSSH vulnerabilities

It was discovered that the OpenSSH client incorrectly handled the non-default VerifyHostKeyDNS option. If that option were enabled, an attacker could possibly impersonate a server by completely bypassing the server identity check. CVE-2025-26465 It was discovered that OpenSSH incorrectly handled...

6.8CVSS7.1AI score0.38474EPSS
Exploits5
Ubuntu
Ubuntu
added 2024/07/19 9:39 a.m.99 views

USN-6898-3: Linux kernel kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Gui-Dong Han discovered that the...

9.1CVSS7.1AI score0.01401EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/01/29 10:43 p.m.99 views

USN-6605-2: Linux kernel (KVM) vulnerabilities

Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6040 It was discovered that the CIFS...

7.8CVSS7.1AI score0.00715EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/12/13 2:1 p.m.99 views

USN-6549-3: Linux kernel (Low Latency) vulnerabilities

It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-37453 Lin Ma...

8.8CVSS7AI score0.09141EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/09/25 10:55 a.m.99 views

USN-6365-2: Open VM Tools vulnerability

USN-6365-1 fixed a vulnerability in Open VM Tools. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker could possibly use this issue to bypass SA...

7.5CVSS7.1AI score0.01193EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/03/15 2:33 p.m.99 views

USN-5956-1: PHPMailer vulnerabilities

Dawid Golunski discovered that PHPMailer was not properly escaping user input data used as arguments to functions executed by the system shell. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 ESM. CVE-2016-10033, CVE-2016-10045 It was...

9.8CVSS7.2AI score0.99714EPSS
Exploits67
Ubuntu
Ubuntu
added 2023/03/15 9:54 a.m.99 views

USN-5953-1: IPython vulnerabilities

It was discovered that IPython incorrectly processed REST API POST requests. An attacker could possibly use this issue to launch a cross-site request forgery CSRF attack and leak user's sensitive information. This issue only affected Ubuntu 14.04 ESM. CVE-2015-5607 It was discovered that IPython...

8.8CVSS7.8AI score0.01201EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/02/27 6:25 p.m.99 views

USN-5896-1: Rack vulnerabilities

It was discovered that Rack was not properly parsing data when processing multipart POST requests. If a user or automated system were tricked into sending a specially crafted multipart POST request to an application using Rack, a remote attacker could possibly use this issue to cause a denial of...

10CVSS8.2AI score0.02056EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/09 9:3 p.m.99 views

USN-5793-2: Linux kernel (Azure) vulnerabilities

It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-3910 ...

7.8CVSS7AI score0.01429EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/06/03 1:18 p.m.99 views

USN-5271-1: Adminer vulnerabilities

It was discovered that Adminer did not escape data in the history parameter of the default URI. A remote attacker could possibly use this issue to perform cross-site scripting XSS attacks. This issue only affected Ubuntu 20.04 ESM. CVE-2020-35572 Adam Crosser and Brian Sizemore discovered that...

7.5CVSS7.1AI score0.90461EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/05/25 7:47 a.m.99 views

USN-5435-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass permission prompts, obtain sensitive information, bypass security...

9.8CVSS8AI score0.26709EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/03/28 10:9 a.m.99 views

USN-5348-1: Smarty vulnerabilities

David Gnedt and Thomas Konrad discovered that Smarty was incorrectly sanitizing the paths present in the templates. An attacker could possibly use this use to read arbitrary files when controlling the executed template. CVE-2018-13982 It was discovered that Smarty was incorrectly sanitizing the...

9.8CVSS7.2AI score0.82316EPSS
Exploits4
Ubuntu
Ubuntu
added 2022/02/03 4:54 p.m.99 views

USN-5030-2: Perl DBI module vulnerabilities

USN-5030-1 addressed vulnerabilities in Perl DBI module. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: It was discovered that the Perl DBI module incorrectly opened files outside of the folder specified in the data source name. A remote attacker...

7.1CVSS7AI score0.00602EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/01/18 6:29 p.m.99 views

USN-5234-1: Byobu vulnerability

Sander Bos discovered that Byobu incorrectly handled certain Apport data. An attacker could possibly use this issue to expose sensitive information...

7.5CVSS7.3AI score0.01616EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/11/02 1:56 p.m.99 views

USN-4611-1: Samba vulnerabilities

Steven French discovered that Samba incorrectly handled ChangeNotify permissions. A remote attacker could possibly use this issue to obtain file name information. CVE-2020-14318 Bas Alberts discovered that Samba incorrectly handled certain winbind requests. A remote attacker could possibly use th...

6.5CVSS7AI score0.0218EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/07/23 11:14 a.m.99 views

USN-4430-2: Pillow vulnerabilities

USN-4430-1 fixed vulnerabilities in Pillow. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted image file...

8.1CVSS7.1AI score0.02514EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/07/22 12:59 p.m.99 views

USN-4428-1: Python vulnerabilities

It was discovered that Python documentation had a misleading information. A security issue could be possibly caused by wrong assumptions of this information. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2019-17514 It was discovered that...

7.5CVSS7.3AI score0.12826EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/07/08 5:7 p.m.99 views

USN-4421-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbtirary code. CVE-2020-12405,...

9.3CVSS7.5AI score0.03034EPSS
Exploits3
Ubuntu
Ubuntu
added 2020/07/02 12:42 p.m.99 views

USN-4409-1: Samba vulnerabilities

Andrew Bartlett discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 19.10 and Ubuntu 20.04 LTS...

7.8CVSS7.1AI score0.03874EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/04/02 10:6 p.m.99 views

USN-4316-1: GD Graphics Library vulnerabilities

It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service. CVE-2018-14553 It was discovered that GD Graphics Library incorrectly handled loading images from X...

7.5CVSS5.7AI score0.04332EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/02/06 11:48 p.m.99 views

USN-4250-2: MariaDB vulnerability

It was discovered that an unspecified vulnerability existed in the C API component of MariaDB. An attacker could use this to cause a denial of service for MariaDB clients. MariaDB has been updated to 10.3.22 in Ubuntu 19.10 and 10.1.44 in Ubuntu 18.04 LTS. In addition to security fixes, the updat...

5.9CVSS6.8AI score0.03485EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2020/01/28 11:38 p.m.99 views

USN-4253-2: Linux kernel (HWE) vulnerability

USN-4253-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 19.10 for Ubuntu 18.04 LTS. It was discovered that the Linux kernel did not properly clear data structures on context...

5.5CVSS6.9AI score0.01447EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/10/29 12:15 p.m.99 views

USN-4167-1: Samba vulnerabilities

Michael Hanselmann discovered that the Samba client code incorrectly handled path separators. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause the client to access local pathnames instead of network pathnames. CVE-2019-10218 Simon...

6.5CVSS6.2AI score0.03515EPSS
Exploits1
Total number of security vulnerabilities5000