Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2018/04/02 7:17 p.m.•99 views

USN-3614-1: OpenJDK 7 vulnerabilities

It was discovered that a race condition existed in the cryptography implementation in OpenJDK. An attacker could possibly use this to expose sensitive information. CVE-2018-2579 It was discovered that the LDAP implementation in OpenJDK did not properly encode login names. A remote attacker could...

8.3CVSS7.2AI score0.06905EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/08/21 1:7 p.m.•99 views

USN-3398-1: graphite2 vulnerabilities

Holger Fuhrmannek and Tyson Smith discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially-crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or...

9.8CVSS7.7AI score0.05216EPSS
Exploits6
Ubuntu
Ubuntu
•added 2017/07/26 4:37 p.m.•99 views

USN-3367-1: gdb vulnerabilities

Hanno Böck discovered that gdb incorrectly handled certain malformed AOUT headers in PE executables. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause gdb to crash, resulting in a denial of service, or possibly...

9.8CVSS6.8AI score0.07267EPSS
Exploits2
Ubuntu
Ubuntu
•added 2017/05/11 2:45 p.m.•99 views

USN-3284-1: OpenVPN vulnerabilities

It was discovered that OpenVPN improperly triggered an assert when receiving an oversized control packet in some situations. A remote attacker could use this to cause a denial of service server or client crash. CVE-2017-7478 It was discovered that OpenVPN improperly triggered an assert when packe...

7.5CVSS7AI score0.13892EPSS
Exploits2
Ubuntu
Ubuntu
•added 2016/12/20 9:35 p.m.•99 views

USN-3161-4: Linux kernel (Qualcomm Snapdragon) vulnerabilities

Tilman Schmidt and Sasha Levin discovered a use-after-free condition in the TTY implementation in the Linux kernel. A local attacker could use this to expose sensitive information kernel memory. CVE-2015-8964 It was discovered that the Video For Linux Two v4l2 implementation in the Linux kernel d...

10CVSS7.3AI score0.09144EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/11/11 9:11 a.m.•99 views

USN-3129-2: Linux kernel (Raspberry Pi 2) vulnerabilities

Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service system crash. CVE-2016-7042...

6.2CVSS7.1AI score0.00395EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/05/16 6:34 p.m.•99 views

USN-2978-3: Linux kernel (Raspberry Pi 2) vulnerability

Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

7.8CVSS7.3AI score0.00397EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/03/14 5:8 p.m.•99 views

USN-2929-2: Linux kernel (Trusty HWE) vulnerabilities

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPTSOSETREPLACE events. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges...

8.4CVSS7AI score0.03723EPSS
Exploits22
Ubuntu
Ubuntu
•added 2015/07/30 11:36 a.m.•99 views

USN-2696-1: OpenJDK 7 vulnerabilities

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. CVE-2015-2590, CVE-2015-2628, CVE-2015-4731, CVE-2015-4732,...

10CVSS7.4AI score0.9986EPSS
Exploits1References2
Ubuntu
Ubuntu
•added 2014/12/12 7:43 a.m.•99 views

USN-2446-1: Linux kernel vulnerabilities

Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment SS register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. CVE-2014-9322 An information leak in the Linux kernel was discovered...

7.8CVSS6.7AI score0.08579EPSS
Exploits15
Ubuntu
Ubuntu
•added 2014/09/24 3:40 p.m.•99 views

USN-2362-1: Bash vulnerability

Stephane Chazelas discovered that Bash incorrectly handled trailing code in function definitions. An attacker could use this issue to bypass environment restrictions, such as SSH forced command environments...

10CVSS8.4AI score0.99999EPSS
Exploits131
Ubuntu
Ubuntu
•added 2013/11/08 9:51 p.m.•99 views

USN-2020-1: Linux kernel (Raring HWE) vulnerabilities

An information leak was discovered in the handling of ICMPv6 Router Advertisement RA messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service excessive retries and address-generation outage, and consequently obtain sensitive...

6.9CVSS6.7AI score0.0181EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/09/28 12:54 p.m.•99 views

USN-1551-2: Thunderbird regressions

USN-1551-1 fixed vulnerabilities in Thunderbird. The new package caused a regression in the message editor and certain performance regressions as well. This update fixes the problems. Original advisory details: Gary Kwong, Christian Holler, Jesse Ruderman, Steve Fink, Bob Clary, Andrew Sutherland...

8.3AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2012/03/27 10:21 a.m.•99 views

USN-1405-1: Linux kernel vulnerabilities

Paolo Bonzini discovered a flaw in Linux's handling of the SGIO ioctl command. A local user, or user in a VM could exploit this flaw to bypass restrictions and gain read/write access to all data on the affected block device. CVE-2011-4127 A flaw was found in the Linux kernel's ext4 file system wh...

7.1CVSS6.4AI score0.02678EPSS
Exploits2
Ubuntu
Ubuntu
•added 2011/08/09 3:9 a.m.•99 views

USN-1187-1: Linux kernel (Maverick backport) vulnerabilities

It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. CVE-2010-3698 Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could...

9.8CVSS7.1AI score0.04177EPSS
Exploits41
Ubuntu
Ubuntu
•added 2011/01/11 11:57 p.m.•99 views

USN-1042-1: PHP vulnerabilities

It was discovered that an integer overflow in the XML UTF-8 decoding code could allow an attacker to bypass cross-site scripting XSS protections. This issue only affected Ubuntu 6.06 LTS, Ubuntu 8.04 LTS, and Ubuntu 9.10. CVE-2009-5016 It was discovered that the XML UTF-8 decoding code did not...

6.8CVSS7.2AI score0.18878EPSS
Exploits16
Ubuntu
Ubuntu
•added 2008/02/04 4:25 p.m.•99 views

USN-574-1: Linux kernel vulnerabilities

The minix filesystem did not properly validate certain filesystem values. If a local attacker could trick the system into attempting to mount a corrupted minix filesystem, the kernel could be made to hang for long periods of time, resulting in a denial of service. This was only vulnerable in Ubun...

7.8CVSS6.3AI score0.14336EPSS
Exploits7
Ubuntu
Ubuntu
•added 2025/04/24 12:40 p.m.•98 views

USN-7457-1: OpenSSH vulnerability

It was discovered that OpenSSH incorrectly handled the DisableForwarding directive. The directive would fail to disable X11 and agent forwarding, contrary to documentation and expectations...

4.3CVSS6.5AI score0.0016EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/12/14 9:21 p.m.•98 views

USN-6488-2: strongSwan vulnerability

USN-6488-1 fixed a vulnerability in strongSwan. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Florian Picca discovered that strongSwan incorrectly handled certain DH public values. A remote attacker could use this issue to cau...

9.8CVSS8.3AI score0.0229EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/30 1:22 p.m.•98 views

USN-6459-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.35 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. In addition to security fixes, the updated packages contain bug fixes...

6.5CVSS7AI score0.01782EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/21 1:46 p.m.•98 views

USN-6393-1: ImageMagick vulnerability

It was discovered that ImageMagick did not properly handle memory when processing the -help option. An attacker could potentially use this issue to cause a crash...

7.1CVSS7AI score0.01188EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/16 1:9 p.m.•98 views

USN-6077-1: OpenJDK vulnerabilities

Ben Smyth discovered that OpenJDK incorrectly handled half-duplex connections during TLS handshake. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. CVE-2023-21930 It was discovered that OpenJDK incorrectly handled certain inputs. An attacker could...

7.4CVSS6.5AI score0.02474EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/03/07 12:12 p.m.•98 views

USN-5930-1: Python vulnerability

It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2022-37454...

9.8CVSS7.4AI score0.05193EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/02/27 2:10 p.m.•98 views

USN-5894-1: curl vulnerabilities

Harry Sintonen and Tomas Hoger discovered that curl incorrectly handled TELNET connections when the -t option was used on the command line. Uninitialized data possibly containing sensitive information could be sent to the remote server, contrary to expectations. This issue was only fixed in Ubunt...

5.9CVSS6.9AI score0.04929EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/02/02 1:34 p.m.•98 views

USN-5839-2: Apache HTTP Server vulnerability

USN-5839-1 fixed a vulnerability in Apache. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Dimas Fariski Setyawan Putra discovered that the Apache HTTP Server modproxy module incorrectly truncated certain response headers. This may result in later...

5.3CVSS7.3AI score0.57941EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/27 7:1 p.m.•98 views

USN-5831-1: Linux kernel (Azure CVM) vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

8.8CVSS7.7AI score0.02014EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/09 9:3 p.m.•98 views

USN-5793-2: Linux kernel (Azure) vulnerabilities

It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-3910 ...

7.8CVSS7AI score0.01429EPSS
Exploits5
Ubuntu
Ubuntu
•added 2022/01/20 12:31 p.m.•98 views

USN-5242-1: Open vSwitch vulnerability

It was discovered that Open vSwitch incorrectly handled certain fragmented packets. A remote attacker could possibly use this issue to cause Open vSwitch to consume resources, leading to a denial of service...

7.5CVSS7.5AI score0.01576EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/01/18 6:29 p.m.•98 views

USN-5234-1: Byobu vulnerability

Sander Bos discovered that Byobu incorrectly handled certain Apport data. An attacker could possibly use this issue to expose sensitive information...

7.5CVSS7.3AI score0.01616EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/11/23 7:4 p.m.•98 views

USN-5155-1: BlueZ vulnerabilities

It was discovered that BlueZ incorrectly handled the Discoverable status when a device is powered down. This could result in devices being powered up discoverable, contrary to expectations. This issue only affected Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. CVE-2021-3658 It was discovered...

9.1CVSS6.5AI score0.01544EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/02 1:56 p.m.•98 views

USN-4611-1: Samba vulnerabilities

Steven French discovered that Samba incorrectly handled ChangeNotify permissions. A remote attacker could possibly use this issue to obtain file name information. CVE-2020-14318 Bas Alberts discovered that Samba incorrectly handled certain winbind requests. A remote attacker could possibly use th...

6.5CVSS7AI score0.0218EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/07/22 4:18 p.m.•98 views

USN-4431-1: FFmpeg vulnerabilities

It was discovered that FFmpeg incorrectly verified empty audio packets or HEVC data. An attacker could possibly use this issue to cause a denial of service via a crafted file. This issue only affected Ubuntu 16.04 LTS, as it was already fixed in Ubuntu 18.04 LTS. For more information see:...

10CVSS6.7AI score0.03756EPSS
Exploits4
Ubuntu
Ubuntu
•added 2020/03/03 2:59 p.m.•98 views

USN-4295-1: Rake vulnerability

It was discovered that Rake incorrectly handled certain files. An attacker could use this issue to possibly execute arbitrary commands...

6.9CVSS7.2AI score0.01359EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/03/02 6:17 p.m.•98 views

USN-4294-1: OpenSMTPD vulnerabilities

It was discovered that OpenSMTPD mishandled certain input. A remote, unauthenticated attacker could use this vulnerability to execute arbitrary shell commands as any non-root user. CVE-2020-8794 It was discovered that OpenSMTPD did not properly handle hardlinks under certain conditions. An...

10CVSS7.5AI score0.88535EPSS
Exploits14
Ubuntu
Ubuntu
•added 2020/02/06 11:48 p.m.•98 views

USN-4250-2: MariaDB vulnerability

It was discovered that an unspecified vulnerability existed in the C API component of MariaDB. An attacker could use this to cause a denial of service for MariaDB clients. MariaDB has been updated to 10.3.22 in Ubuntu 19.10 and 10.1.44 in Ubuntu 18.04 LTS. In addition to security fixes, the updat...

5.9CVSS6.8AI score0.03485EPSS
Exploits0References2
Ubuntu
Ubuntu
•added 2020/01/23 12:21 p.m.•98 views

USN-4249-1: e2fsprogs vulnerability

It was discovered that e2fsprogs incorrectly handled certain ext4 partitions. An attacker could possibly use this issue to execute arbitrary code...

7.5CVSS7.2AI score0.01025EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/10/29 12:15 p.m.•98 views

USN-4167-1: Samba vulnerabilities

Michael Hanselmann discovered that the Samba client code incorrectly handled path separators. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause the client to access local pathnames instead of network pathnames. CVE-2019-10218 Simon...

6.5CVSS6.2AI score0.03515EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/09/09 5:22 p.m.•98 views

USN-4127-1: Python vulnerabilities

It was discovered that Python incorrectly handled certain pickle files. An attacker could possibly use this issue to consume memory, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2018-20406 It was discovered that Python incorrectly validated t...

9.8CVSS7.2AI score0.20743EPSS
Exploits6
Ubuntu
Ubuntu
•added 2019/06/04 10:44 p.m.•98 views

USN-4006-1: Linux kernel vulnerability

Federico Manuel Bento discovered that the Linux kernel did not properly apply Address Space Layout Randomization ASLR in some situations for setuid a.out binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid a.out binary. As a hardeni...

2.5CVSS6.6AI score0.00495EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/04/04 2:30 p.m.•98 views

USN-3936-1: AdvanceCOMP vulnerability

It was discovered that AdvanceCOMP incorrectly handled certain PNG files. An attacker could possibly use this issue to execute arbitrary code...

7.8CVSS5.9AI score0.01424EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/04/02 6:36 p.m.•98 views

USN-3930-2: Linux kernel (HWE) vulnerabilities

USN-3930-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS. Mathias Payer and Hui Peng discovered a use-after-free vulnerability in the Advanced Linux Sou...

8.1CVSS6.9AI score0.16523EPSS
Exploits15
Ubuntu
Ubuntu
•added 2018/08/14 5:28 p.m.•98 views

USN-3739-1: libxml2 vulnerabilities

Matias Brutti discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information. CVE-2016-9318 It was discovered that libxml2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of...

7.5CVSS6.7AI score0.05928EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/06/15 12:43 a.m.•98 views

USN-3675-2: GnuPG 2 vulnerability

USN-3675-1 fixed a vulnerability in GnuPG 2 for Ubuntu 18.04 LTS and Ubuntu 17.10. This update provides the corresponding update for GnuPG 2 in Ubuntu 16.04 LTS and Ubuntu 14.04 LTS. Original advisory details: Marcus Brinkmann discovered that during decryption or verification, GnuPG did not...

7.5CVSS7.1AI score0.08654EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/02/22 10:6 a.m.•98 views

USN-3582-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3582-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel...

7.8CVSS7.4AI score0.74041EPSS
Exploits14
Ubuntu
Ubuntu
•added 2018/02/12 3:19 p.m.•98 views

USN-3565-1: Exim vulnerability

Meh Chang discovered that Exim incorrectly handled memory in certain decoding operations. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS8.3AI score0.82238EPSS
Exploits19
Ubuntu
Ubuntu
•added 2017/10/31 6:29 p.m.•98 views

USN-3470-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3470-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Qian Zhang discovered a heap-based buffer overflow in the tipcmsgbuild function in the...

7.8CVSS7.3AI score0.13378EPSS
Exploits11
Ubuntu
Ubuntu
•added 2017/09/18 11:25 p.m.•98 views

USN-3422-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3422-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux...

8CVSS7.9AI score0.16181EPSS
Exploits17
Ubuntu
Ubuntu
•added 2017/06/29 9:25 a.m.•98 views

USN-3343-2: Linux kernel (Trusty HWE) vulnerabilities

USN 3343-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. USN 3335-2 fixed a vulnerability in the Linux kernel. However, that fix introduced...

7.8CVSS7.2AI score0.01613EPSS
Exploits7References2
Ubuntu
Ubuntu
•added 2017/02/09 5:44 a.m.•98 views

USN-3194-1: OpenJDK 7 vulnerabilities

Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update moves those algorithms to the legacy algorithm set and causes...

9.6CVSS7.4AI score0.95707EPSS
Exploits13
Ubuntu
Ubuntu
•added 2016/10/04 5:18 p.m.•98 views

USN-3095-1: PHP vulnerabilities

Taoguang Chen discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2016-7124 Taoguang Chen discovered that PHP incorrectly...

9.8CVSS7.8AI score0.16482EPSS
Exploits17
Total number of security vulnerabilities5000