Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2019/10/21 12:33 p.m.•100 views

USN-4155-2: Aspell vulnerability

USN-4155-1 fixed a vulnerability in Aspell. This update provides the corresponding update for Ubuntu 19.10. Original advisory details: It was discovered that Aspell incorrectly handled certain inputs. An attacker could potentially access sensitive information...

9.1CVSS7AI score0.03259EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/10/08 12:9 p.m.•100 views

USN-4149-1: Unbound vulnerability

It was discovered that Unbound incorrectly handled certain NOTIFY queries. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS6.7AI score0.03506EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/15 1:42 p.m.•100 views

USN-4055-1: flightcrew vulnerabilities

Mike Salvatore discovered that FlightCrew improperly handled certain malformed EPUB files. An attacker could potentially use this vulnerability to cause a denial of service. CVE-2019-13032 Mike Salvatore discovered that FlightCrew mishandled certain malformed EPUB files. An attacker could use thi...

7.8CVSS6.6AI score0.02026EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/04/29 12:59 p.m.•100 views

USN-3959-1: Evince vulnerability

It was discovered that Evince incorrectly handled certain images. An attacker could possibly use this issue to expose sensitive information...

5.5CVSS6.5AI score0.01443EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/03/28 8:4 p.m.•100 views

USN-3927-1: Thunderbird vulnerabilities

It was discovered that Thunderbird allowed PAC files to specify that requests to localhost are sent through the proxy to another server. If proxy auto-detection is enabled, an attacker could potentially exploit this to conduct attacks on local services and tools. CVE-2018-18506 Multiple security...

9.8CVSS8.2AI score0.29514EPSS
Exploits24
Ubuntu
Ubuntu
•added 2019/02/07 11:45 a.m.•100 views

USN-3884-1: libarchive vulnerabilities

It was discovered that libarchive incorrectly handled certain 7zip files. An attacker could possibly use this issue to cause a denial of service. CVE-2019-1000019, CVE-2019-1000020...

6.5CVSS6.3AI score0.03407EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/05/08 10:24 p.m.•100 views

USN-3641-1: Linux kernel vulnerabilities

Nick Peterson discovered that the Linux kernel did not properly handle debug exceptions following a MOV/POP to SS instruction. A local attacker could use this to cause a denial of service system crash. This issue only affected the amd64 architecture. CVE-2018-8897 Andy Lutomirski discovered that...

8CVSS7.1AI score0.18404EPSS
Exploits9
Ubuntu
Ubuntu
•added 2017/10/24 6:11 p.m.•100 views

USN-3425-2: Apache HTTP Server vulnerability

USN-3425-1 fixed a vulnerability in Apache HTTP Server. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Hanno Böck discovered that the Apache HTTP Server incorrectly handled Limit directives in .htaccess files. In certain configurations, a remote...

7.5CVSS7.2AI score0.94999EPSS
Exploits9
Ubuntu
Ubuntu
•added 2017/08/11 3:37 a.m.•100 views

USN-3386-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3386-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload UFO code...

7.8CVSS7AI score0.20797EPSS
Exploits19
Ubuntu
Ubuntu
•added 2017/03/02 2:40 p.m.•100 views

USN-3211-2: PHP regression

USN-3211-1 fixed vulnerabilities in PHP by updating to the new 7.0.15 upstream release. PHP 7.0.15 introduced a regression when using MySQL with large blobs. This update fixes the problem with a backported fix. Original advisory details: It was discovered that PHP incorrectly handled certain...

8.1AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2017/02/22 7:26 a.m.•100 views

USN-3208-1: Linux kernel vulnerabilities

It was discovered that the generic SCSI block layer in the Linux kernel did not properly restrict write operations in certain situations. A local attacker could use this to cause a denial of service system crash or possibly gain administrative privileges. CVE-2016-10088 CAI Qian discovered that t...

8.4CVSS6.8AI score0.0596EPSS
Exploits13
Ubuntu
Ubuntu
•added 2016/05/09 10:11 p.m.•100 views

USN-2971-1: Linux kernel vulnerabilities

Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not properly validate the endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7515 Zach Riggle discovered that the Linux kernel's list...

7.8CVSS6.4AI score0.01946EPSS
Exploits19
Ubuntu
Ubuntu
•added 2016/05/04 6:44 p.m.•100 views

USN-2950-3: Samba regressions

USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update resolves some of these issues by updating to Samba 4.3.9 in Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. Backported regression fixes were adde...

7.1AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2016/02/23 2:14 p.m.•100 views

USN-2912-1: libssh vulnerabilities

Mariusz Ziulek discovered that libssh incorrectly handled certain packets. A remote attacker could possibly use this issue to cause libssh to crash, resulting in a denial of service. CVE-2015-3146 Aris Adamantiadis discovered that libssh incorrectly generated ephemeral secret keys of 128 bits...

7.5CVSS6.4AI score0.0391EPSS
Exploits0
Ubuntu
Ubuntu
•added 2013/02/05 10:38 p.m.•100 views

USN-1681-4: Firefox regression

USN-1681-1 fixed vulnerabilities in Firefox. Due to an upstream regression, Firefox suffered from instabilities when accessing some websites. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Christoph Diehl, Christian Holler, Mats Palmgren, Chiaki...

9.3AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2012/10/17 8:4 p.m.•100 views

USN-1613-2: Python 2.4 vulnerabilities

USN-1613-1 fixed vulnerabilities in Python 2.5. This update provides the corresponding updates for Python 2.4. Original advisory details: It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working...

6.9CVSS6.8AI score0.14643EPSS
Exploits7
Ubuntu
Ubuntu
•added 2012/02/03 10:37 p.m.•100 views

USN-1355-3: ubufox and webfav update

USN-1355-1 fixed vulnerabilities in Firefox. This update provides updated ubufox and webfav packages for use with the latest Firefox. Original advisory details: It was discovered that if a user chose to export their Firefox Sync key the "Firefox Recovery Key.html" file is saved with incorrect...

8.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2011/09/26 10:25 p.m.•100 views

USN-1216-1: Linux kernel (EC2) vulnerabilities

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 Alex Shi and Eric Dumazet discovered that the network stack...

7.8CVSS6.8AI score0.08793EPSS
Exploits21
Ubuntu
Ubuntu
•added 2010/07/23 8:48 a.m.•100 views

USN-957-1: Firefox and Xulrunner vulnerabilities

Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. CVE-2010-1208, CVE-2010-1209, CVE-2010-1211, CVE-2010-1212 A...

9.8CVSS7.9AI score0.43382EPSS
Exploits27
Ubuntu
Ubuntu
•added 2009/01/29 12:1 a.m.•100 views

USN-714-1: Linux kernel vulnerabilities

Hugo Dias discovered that the ATM subsystem did not correctly manage socket counts. A local attacker could exploit this to cause a system hang, leading to a denial of service. CVE-2008-5079 It was discovered that the libertas wireless driver did not correctly handle beacon and probe responses. A...

10CVSS5.5AI score0.05261EPSS
Exploits9
Ubuntu
Ubuntu
•added 2005/08/21 12:19 a.m.•100 views

USN-171-1: PHP4 vulnerabilities

CAN-2005-1751: The php4-dev package ships a copy of the "shtool" utility in /usr/lib/php4/build/, which provides useful functionality for developers of software packages. Eric Romang discovered that shtool created temporary files in an insecure manner. This could allow a symlink attack to create ...

7.5CVSS6.8AI score0.05091EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/02 2:24 p.m.•99 views

USN-7406-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Network namespace; - Networking core; CVE-2024-26928, CVE-2024-56658,...

7.8CVSS6.9AI score0.00276EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/02/18 1:4 p.m.•99 views

USN-7270-1: OpenSSH vulnerabilities

It was discovered that the OpenSSH client incorrectly handled the non-default VerifyHostKeyDNS option. If that option were enabled, an attacker could possibly impersonate a server by completely bypassing the server identity check. CVE-2025-26465 It was discovered that OpenSSH incorrectly handled...

6.8CVSS7.1AI score0.38474EPSS
Exploits5
Ubuntu
Ubuntu
•added 2024/07/19 9:39 a.m.•99 views

USN-6898-3: Linux kernel kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Gui-Dong Han discovered that the...

9.1CVSS7.1AI score0.01401EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/01/29 10:43 p.m.•99 views

USN-6605-2: Linux kernel (KVM) vulnerabilities

Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6040 It was discovered that the CIFS...

7.8CVSS7.1AI score0.00715EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/12/13 2:1 p.m.•99 views

USN-6549-3: Linux kernel (Low Latency) vulnerabilities

It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-37453 Lin Ma...

8.8CVSS7AI score0.09141EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/09/25 10:55 a.m.•99 views

USN-6365-2: Open VM Tools vulnerability

USN-6365-1 fixed a vulnerability in Open VM Tools. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker could possibly use this issue to bypass SA...

7.5CVSS7.1AI score0.01193EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/03/15 2:33 p.m.•99 views

USN-5956-1: PHPMailer vulnerabilities

Dawid Golunski discovered that PHPMailer was not properly escaping user input data used as arguments to functions executed by the system shell. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 ESM. CVE-2016-10033, CVE-2016-10045 It was...

9.8CVSS7.2AI score0.99714EPSS
Exploits67
Ubuntu
Ubuntu
•added 2023/03/15 9:54 a.m.•99 views

USN-5953-1: IPython vulnerabilities

It was discovered that IPython incorrectly processed REST API POST requests. An attacker could possibly use this issue to launch a cross-site request forgery CSRF attack and leak user's sensitive information. This issue only affected Ubuntu 14.04 ESM. CVE-2015-5607 It was discovered that IPython...

8.8CVSS7.8AI score0.01201EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/02/27 6:25 p.m.•99 views

USN-5896-1: Rack vulnerabilities

It was discovered that Rack was not properly parsing data when processing multipart POST requests. If a user or automated system were tricked into sending a specially crafted multipart POST request to an application using Rack, a remote attacker could possibly use this issue to cause a denial of...

10CVSS8.2AI score0.02056EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/06/01 4:18 a.m.•99 views

USN-5442-2: Linux kernel vulnerabilities

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.2AI score0.01027EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/05/25 7:47 a.m.•99 views

USN-5435-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass permission prompts, obtain sensitive information, bypass security...

9.8CVSS8AI score0.26709EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/03/28 10:9 a.m.•99 views

USN-5348-1: Smarty vulnerabilities

David Gnedt and Thomas Konrad discovered that Smarty was incorrectly sanitizing the paths present in the templates. An attacker could possibly use this use to read arbitrary files when controlling the executed template. CVE-2018-13982 It was discovered that Smarty was incorrectly sanitizing the...

9.8CVSS7.2AI score0.82316EPSS
Exploits4
Ubuntu
Ubuntu
•added 2022/02/03 4:54 p.m.•99 views

USN-5030-2: Perl DBI module vulnerabilities

USN-5030-1 addressed vulnerabilities in Perl DBI module. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: It was discovered that the Perl DBI module incorrectly opened files outside of the folder specified in the data source name. A remote attacker...

7.1CVSS7AI score0.00602EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/07/22 12:59 p.m.•99 views

USN-4428-1: Python vulnerabilities

It was discovered that Python documentation had a misleading information. A security issue could be possibly caused by wrong assumptions of this information. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2019-17514 It was discovered that...

7.5CVSS7.3AI score0.12826EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/07/08 5:7 p.m.•99 views

USN-4421-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbtirary code. CVE-2020-12405,...

9.3CVSS7.5AI score0.03034EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/07/02 12:42 p.m.•99 views

USN-4409-1: Samba vulnerabilities

Andrew Bartlett discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 19.10 and Ubuntu 20.04 LTS...

7.8CVSS7.1AI score0.03874EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/04/02 10:6 p.m.•99 views

USN-4316-1: GD Graphics Library vulnerabilities

It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service. CVE-2018-14553 It was discovered that GD Graphics Library incorrectly handled loading images from X...

7.5CVSS5.7AI score0.04332EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/01/28 11:38 p.m.•99 views

USN-4253-2: Linux kernel (HWE) vulnerability

USN-4253-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 19.10 for Ubuntu 18.04 LTS. It was discovered that the Linux kernel did not properly clear data structures on context...

5.5CVSS6.9AI score0.01447EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/10/10 12:3 p.m.•99 views

USN-4153-1: Octavia vulnerability

Daniel Preussker discovered that Octavia incorrectly handled client certificate checking. A remote attacker on the management network could possibly use this issue to perform configuration changes and obtain sensitive information...

9.1CVSS7AI score0.02296EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/30 7:7 p.m.•99 views

USN-4079-1: SoX vulnerabilities

It was discovered that SoX incorrectly handled certain MP3 files. An attacker could possibly use this issue to cause a denial of service. CVE-2019-8354, CVE-2019-8355, CVE-2019-8356, CVE-2019-8357...

5.5CVSS6.3AI score0.01808EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/04/08 12:50 p.m.•99 views

USN-3939-1: Samba vulnerability

Michael Hanselmann discovered that Samba incorrectly handled registry files. A remote attacker could possibly use this issue to create new registry files outside of the share, contrary to expectations...

5.5CVSS5.8AI score0.03392EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/03/13 6:2 p.m.•99 views

USN-3908-2: Linux kernel (Trusty HWE) vulnerability

USN-3908-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jann Horn discovered a race condition in the fork system call in the Linux kernel. A...

6.7CVSS6.8AI score0.00446EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/01/28 7:7 p.m.•99 views

USN-3870-1: Spice vulnerability

Christophe Fergeau discovered that Spice incorrectly handled memory. A remote attacker could use this to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.4AI score0.01208EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/01/23 1:39 p.m.•99 views

USN-3707-2: NTP vulnerabilities

USN-3707-1 and USN-3349-1 fixed several vulnerabilities in NTP. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Miroslav Lichvar discovered that NTP incorrectly handled certain spoofed addresses when performing rate limiting. A remote attacker could...

9.8CVSS7AI score0.12367EPSS
Exploits4
Ubuntu
Ubuntu
•added 2018/11/30 6:19 a.m.•99 views

USN-3832-1: Linux kernel (AWS) vulnerabilities

Jann Horn discovered that the procfs file system implementation in the Linux kernel did not properly restrict the ability to inspect the kernel stack of an arbitrary task. A local attacker could use this to expose sensitive information. CVE-2018-17972 Jann Horn discovered that the mremap system...

7.8CVSS6.9AI score0.07611EPSS
Exploits28
Ubuntu
Ubuntu
•added 2018/08/14 9:58 p.m.•99 views

USN-3742-1: Linux kernel vulnerabilities

It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault L1TF. A local attacker in a guest virtual machine could use this to expose sensitive...

7.8CVSS6.8AI score0.7354EPSS
Exploits8References1
Ubuntu
Ubuntu
•added 2018/07/10 12:45 p.m.•99 views

USN-3706-2: libjpeg-turbo vulnerabilities

USN-3706-1 fixed a vulnerability in libjpeg-turbo. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that libjpeg-turbo incorrectly handled certain malformed JPEG images. If a user or automated system were tricked into opening a...

8.8CVSS6.7AI score0.05074EPSS
Exploits3
Ubuntu
Ubuntu
•added 2018/06/15 5:17 a.m.•99 views

USN-3678-4: Linux kernel (Raspberry Pi 2) vulnerabilities

Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service system crash when mounted. CVE-2018-1092 It was discovere...

7.1CVSS6.4AI score0.01999EPSS
Exploits2
Ubuntu
Ubuntu
•added 2018/04/02 7:17 p.m.•99 views

USN-3614-1: OpenJDK 7 vulnerabilities

It was discovered that a race condition existed in the cryptography implementation in OpenJDK. An attacker could possibly use this to expose sensitive information. CVE-2018-2579 It was discovered that the LDAP implementation in OpenJDK did not properly encode login names. A remote attacker could...

8.3CVSS7.2AI score0.06905EPSS
Exploits0
Total number of security vulnerabilities5000