Lucene search
K
UbuntuMost viewed

10888 matches found

Ubuntu
Ubuntu
•added 2011/09/26 10:25 p.m.•99 views

USN-1216-1: Linux kernel (EC2) vulnerabilities

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 Alex Shi and Eric Dumazet discovered that the network stack...

7.8CVSS6.8AI score0.08793EPSS
Exploits21
Ubuntu
Ubuntu
•added 2011/01/11 11:57 p.m.•99 views

USN-1042-1: PHP vulnerabilities

It was discovered that an integer overflow in the XML UTF-8 decoding code could allow an attacker to bypass cross-site scripting XSS protections. This issue only affected Ubuntu 6.06 LTS, Ubuntu 8.04 LTS, and Ubuntu 9.10. CVE-2009-5016 It was discovered that the XML UTF-8 decoding code did not...

6.8CVSS7.2AI score0.18878EPSS
Exploits16
Ubuntu
Ubuntu
•added 2008/02/04 4:25 p.m.•99 views

USN-574-1: Linux kernel vulnerabilities

The minix filesystem did not properly validate certain filesystem values. If a local attacker could trick the system into attempting to mount a corrupted minix filesystem, the kernel could be made to hang for long periods of time, resulting in a denial of service. This was only vulnerable in Ubun...

7.8CVSS6.3AI score0.14336EPSS
Exploits7
Ubuntu
Ubuntu
•added 2005/08/21 12:19 a.m.•99 views

USN-171-1: PHP4 vulnerabilities

CAN-2005-1751: The php4-dev package ships a copy of the "shtool" utility in /usr/lib/php4/build/, which provides useful functionality for developers of software packages. Eric Romang discovered that shtool created temporary files in an insecure manner. This could allow a symlink attack to create ...

7.5CVSS6.8AI score0.05091EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/03/15 2:33 p.m.•98 views

USN-5956-1: PHPMailer vulnerabilities

Dawid Golunski discovered that PHPMailer was not properly escaping user input data used as arguments to functions executed by the system shell. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 ESM. CVE-2016-10033, CVE-2016-10045 It was...

9.8CVSS7.2AI score0.99714EPSS
Exploits67
Ubuntu
Ubuntu
•added 2023/02/02 1:34 p.m.•98 views

USN-5839-2: Apache HTTP Server vulnerability

USN-5839-1 fixed a vulnerability in Apache. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Dimas Fariski Setyawan Putra discovered that the Apache HTTP Server modproxy module incorrectly truncated certain response headers. This may result in later...

5.3CVSS7.3AI score0.57941EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/27 7:1 p.m.•98 views

USN-5831-1: Linux kernel (Azure CVM) vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

8.8CVSS7.7AI score0.02014EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/09 9:3 p.m.•98 views

USN-5793-2: Linux kernel (Azure) vulnerabilities

It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-3910 ...

7.8CVSS7AI score0.01364EPSS
Exploits5
Ubuntu
Ubuntu
•added 2022/06/03 1:18 p.m.•98 views

USN-5271-1: Adminer vulnerabilities

It was discovered that Adminer did not escape data in the history parameter of the default URI. A remote attacker could possibly use this issue to perform cross-site scripting XSS attacks. This issue only affected Ubuntu 20.04 ESM. CVE-2020-35572 Adam Crosser and Brian Sizemore discovered that...

7.5CVSS7.1AI score0.90461EPSS
Exploits5
Ubuntu
Ubuntu
•added 2022/01/20 12:31 p.m.•98 views

USN-5242-1: Open vSwitch vulnerability

It was discovered that Open vSwitch incorrectly handled certain fragmented packets. A remote attacker could possibly use this issue to cause Open vSwitch to consume resources, leading to a denial of service...

7.5CVSS7.5AI score0.01576EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/01/18 6:29 p.m.•98 views

USN-5234-1: Byobu vulnerability

Sander Bos discovered that Byobu incorrectly handled certain Apport data. An attacker could possibly use this issue to expose sensitive information...

7.5CVSS7.3AI score0.01616EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/11/23 7:4 p.m.•98 views

USN-5155-1: BlueZ vulnerabilities

It was discovered that BlueZ incorrectly handled the Discoverable status when a device is powered down. This could result in devices being powered up discoverable, contrary to expectations. This issue only affected Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. CVE-2021-3658 It was discovered...

9.1CVSS6.5AI score0.01544EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/11/01 11:49 a.m.•98 views

USN-5121-2: Mailman vulnerabilities

USN-5009-1 fixed vulnerabilities in Mailman. This update provides the corresponding updates for Ubuntu 20.04 LTS. In addition, the following CVEs were fixed: It was discovered that Mailman allows arbitrary content injection. An attacker could use this to inject malicious content. CVE-2020-12108,...

8.5CVSS6.6AI score0.02698EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/07/22 4:18 p.m.•98 views

USN-4431-1: FFmpeg vulnerabilities

It was discovered that FFmpeg incorrectly verified empty audio packets or HEVC data. An attacker could possibly use this issue to cause a denial of service via a crafted file. This issue only affected Ubuntu 16.04 LTS, as it was already fixed in Ubuntu 18.04 LTS. For more information see:...

10CVSS6.7AI score0.03756EPSS
Exploits4
Ubuntu
Ubuntu
•added 2020/07/22 12:59 p.m.•98 views

USN-4428-1: Python vulnerabilities

It was discovered that Python documentation had a misleading information. A security issue could be possibly caused by wrong assumptions of this information. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2019-17514 It was discovered that...

7.5CVSS7.3AI score0.12826EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/03/03 2:59 p.m.•98 views

USN-4295-1: Rake vulnerability

It was discovered that Rake incorrectly handled certain files. An attacker could use this issue to possibly execute arbitrary commands...

6.9CVSS7.2AI score0.01359EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/03/02 6:17 p.m.•98 views

USN-4294-1: OpenSMTPD vulnerabilities

It was discovered that OpenSMTPD mishandled certain input. A remote, unauthenticated attacker could use this vulnerability to execute arbitrary shell commands as any non-root user. CVE-2020-8794 It was discovered that OpenSMTPD did not properly handle hardlinks under certain conditions. An...

10CVSS7.5AI score0.88535EPSS
Exploits14
Ubuntu
Ubuntu
•added 2020/01/28 11:38 p.m.•98 views

USN-4253-2: Linux kernel (HWE) vulnerability

USN-4253-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 19.10 for Ubuntu 18.04 LTS. It was discovered that the Linux kernel did not properly clear data structures on context...

5.5CVSS6.9AI score0.01447EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/23 12:21 p.m.•98 views

USN-4249-1: e2fsprogs vulnerability

It was discovered that e2fsprogs incorrectly handled certain ext4 partitions. An attacker could possibly use this issue to execute arbitrary code...

7.5CVSS7.2AI score0.01025EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/06/04 10:44 p.m.•98 views

USN-4006-1: Linux kernel vulnerability

Federico Manuel Bento discovered that the Linux kernel did not properly apply Address Space Layout Randomization ASLR in some situations for setuid a.out binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid a.out binary. As a hardeni...

2.5CVSS6.6AI score0.00495EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/04/04 2:30 p.m.•98 views

USN-3936-1: AdvanceCOMP vulnerability

It was discovered that AdvanceCOMP incorrectly handled certain PNG files. An attacker could possibly use this issue to execute arbitrary code...

7.8CVSS5.9AI score0.01424EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/04/02 6:36 p.m.•98 views

USN-3930-2: Linux kernel (HWE) vulnerabilities

USN-3930-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS. Mathias Payer and Hui Peng discovered a use-after-free vulnerability in the Advanced Linux Sou...

8.1CVSS6.9AI score0.16523EPSS
Exploits15
Ubuntu
Ubuntu
•added 2018/08/14 9:58 p.m.•98 views

USN-3742-1: Linux kernel vulnerabilities

It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault L1TF. A local attacker in a guest virtual machine could use this to expose sensitive...

7.8CVSS6.8AI score0.7354EPSS
Exploits8References1
Ubuntu
Ubuntu
•added 2018/08/14 5:28 p.m.•98 views

USN-3739-1: libxml2 vulnerabilities

Matias Brutti discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information. CVE-2016-9318 It was discovered that libxml2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of...

7.5CVSS6.7AI score0.05928EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/06/15 12:43 a.m.•98 views

USN-3675-2: GnuPG 2 vulnerability

USN-3675-1 fixed a vulnerability in GnuPG 2 for Ubuntu 18.04 LTS and Ubuntu 17.10. This update provides the corresponding update for GnuPG 2 in Ubuntu 16.04 LTS and Ubuntu 14.04 LTS. Original advisory details: Marcus Brinkmann discovered that during decryption or verification, GnuPG did not...

7.5CVSS7.1AI score0.08654EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/02/22 10:6 a.m.•98 views

USN-3582-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3582-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel...

7.8CVSS7.4AI score0.74041EPSS
Exploits13
Ubuntu
Ubuntu
•added 2017/10/31 6:29 p.m.•98 views

USN-3470-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3470-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Qian Zhang discovered a heap-based buffer overflow in the tipcmsgbuild function in the...

7.8CVSS7.3AI score0.13378EPSS
Exploits11
Ubuntu
Ubuntu
•added 2017/09/18 11:25 p.m.•98 views

USN-3422-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3422-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux...

8CVSS7.9AI score0.16181EPSS
Exploits17
Ubuntu
Ubuntu
•added 2017/06/29 9:25 a.m.•98 views

USN-3343-2: Linux kernel (Trusty HWE) vulnerabilities

USN 3343-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. USN 3335-2 fixed a vulnerability in the Linux kernel. However, that fix introduced...

7.8CVSS7.2AI score0.01598EPSS
Exploits7References2
Ubuntu
Ubuntu
•added 2017/02/22 7:26 a.m.•98 views

USN-3208-1: Linux kernel vulnerabilities

It was discovered that the generic SCSI block layer in the Linux kernel did not properly restrict write operations in certain situations. A local attacker could use this to cause a denial of service system crash or possibly gain administrative privileges. CVE-2016-10088 CAI Qian discovered that t...

8.4CVSS6.8AI score0.0596EPSS
Exploits13
Ubuntu
Ubuntu
•added 2017/02/09 5:44 a.m.•98 views

USN-3194-1: OpenJDK 7 vulnerabilities

Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update moves those algorithms to the legacy algorithm set and causes...

9.6CVSS7.4AI score0.95707EPSS
Exploits13
Ubuntu
Ubuntu
•added 2016/12/20 9:35 p.m.•98 views

USN-3161-4: Linux kernel (Qualcomm Snapdragon) vulnerabilities

Tilman Schmidt and Sasha Levin discovered a use-after-free condition in the TTY implementation in the Linux kernel. A local attacker could use this to expose sensitive information kernel memory. CVE-2015-8964 It was discovered that the Video For Linux Two v4l2 implementation in the Linux kernel d...

10CVSS7.3AI score0.09144EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/10/04 5:18 p.m.•98 views

USN-3095-1: PHP vulnerabilities

Taoguang Chen discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2016-7124 Taoguang Chen discovered that PHP incorrectly...

9.8CVSS7.8AI score0.16482EPSS
Exploits17
Ubuntu
Ubuntu
•added 2016/07/11 4:47 p.m.•98 views

USN-3030-1: GD library vulnerabilities

It was discovered that the GD library incorrectly handled memory when using gdImageScaleTwoPass. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2013-7456 It was discovered that the GD library incorrectly handled certain...

9.1CVSS7.5AI score0.07495EPSS
Exploits2
Ubuntu
Ubuntu
•added 2016/05/16 6:34 p.m.•98 views

USN-2978-3: Linux kernel (Raspberry Pi 2) vulnerability

Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

7.8CVSS7.3AI score0.00397EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/05/09 8:55 p.m.•98 views

USN-2967-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly enforce rlimits for file descriptors sent over UNIX domain sockets. A local attacker could use this to cause a denial of service. CVE-2013-4312 Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not...

10CVSS7.6AI score0.14281EPSS
Exploits15
Ubuntu
Ubuntu
•added 2015/12/03 10:48 a.m.•98 views

USN-2827-1: OpenJDK 6 vulnerabilities

Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. CVE-2015-4805, CVE-2015-4835, CVE-2015-4843, CVE-2015-4844,...

10CVSS6.6AI score0.09991EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/03/05 1:31 p.m.•98 views

USN-2522-1: ICU vulnerabilities

It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubun...

10CVSS7.6AI score0.22753EPSS
Exploits5
Ubuntu
Ubuntu
•added 2014/02/10 9:58 p.m.•98 views

USN-2102-1: Firefox vulnerabilities

Christian Holler, Terrence Cole, Jesse Ruderman, Gary Kwong, Eric Rescorla, Jonathan Kew, Dan Gohman, Ryan VanderMeulen, Carsten Book, Andrew Sutherland, Byron Campen, Nicholas Nethercote, Paul Adenot, David Baron, Julian Seward and Sotaro Ikeda discovered multiple memory safety issues in Firefox...

10CVSS8.4AI score0.07072EPSS
Exploits11References1
Ubuntu
Ubuntu
•added 2012/10/17 8:4 p.m.•98 views

USN-1613-2: Python 2.4 vulnerabilities

USN-1613-1 fixed vulnerabilities in Python 2.5. This update provides the corresponding updates for Python 2.4. Original advisory details: It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working...

6.9CVSS6.8AI score0.14643EPSS
Exploits7
Ubuntu
Ubuntu
•added 2011/12/03 1:59 a.m.•98 views

USN-1286-1: Linux kernel vulnerabilities

Vasily Averin discovered that the NFS Lock Manager NLM incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. CVE-2011-2491 Robert Swiecki discovered that mapping extensions were incorrectly handled. A local attacker could exploit this to crash the...

7.8CVSS7.3AI score0.00496EPSS
Exploits2
Ubuntu
Ubuntu
•added 2011/08/09 3:9 a.m.•98 views

USN-1187-1: Linux kernel (Maverick backport) vulnerabilities

It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. CVE-2010-3698 Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could...

9.8CVSS7.1AI score0.04177EPSS
Exploits41
Ubuntu
Ubuntu
•added 2011/07/06 1:9 p.m.•98 views

USN-1164-1: Linux kernel vulnerabilities (i.MX51)

Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. CVE-2010-3865 Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly...

7.8CVSS7AI score0.04308EPSS
Exploits24
Ubuntu
Ubuntu
•added 2011/04/30 12:18 a.m.•98 views

USN-1123-1: Xulrunner vulnerabilities

A large number of security issues were discovered in the Gecko rendering engine. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

10CVSS8.2AI score0.73655EPSS
Exploits23
Ubuntu
Ubuntu
•added 2025/04/24 12:40 p.m.•97 views

USN-7457-1: OpenSSH vulnerability

It was discovered that OpenSSH incorrectly handled the DisableForwarding directive. The directive would fail to disable X11 and agent forwarding, contrary to documentation and expectations...

4.3CVSS6.5AI score0.0016EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/03/25 11:58 p.m.•97 views

USN-6701-3: Linux kernel vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 It was discovered that the NVIDIA Tegra...

7.8CVSS7.4AI score0.28058EPSS
Exploits18
Ubuntu
Ubuntu
•added 2023/12/14 9:21 p.m.•97 views

USN-6488-2: strongSwan vulnerability

USN-6488-1 fixed a vulnerability in strongSwan. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Florian Picca discovered that strongSwan incorrectly handled certain DH public values. A remote attacker could use this issue to cau...

9.8CVSS8.3AI score0.0229EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/30 1:22 p.m.•97 views

USN-6459-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.35 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. In addition to security fixes, the updated packages contain bug fixes...

6.5CVSS7AI score0.01782EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/25 10:55 a.m.•97 views

USN-6365-2: Open VM Tools vulnerability

USN-6365-1 fixed a vulnerability in Open VM Tools. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker could possibly use this issue to bypass SA...

7.5CVSS7.1AI score0.01193EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/21 1:46 p.m.•97 views

USN-6393-1: ImageMagick vulnerability

It was discovered that ImageMagick did not properly handle memory when processing the -help option. An attacker could potentially use this issue to cause a crash...

7.1CVSS7AI score0.01188EPSS
Exploits1
Total number of security vulnerabilities5000