Lucene search
K
UbuntuMost viewed

10888 matches found

Ubuntu
Ubuntu
•added 2023/05/16 1:9 p.m.•97 views

USN-6077-1: OpenJDK vulnerabilities

Ben Smyth discovered that OpenJDK incorrectly handled half-duplex connections during TLS handshake. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. CVE-2023-21930 It was discovered that OpenJDK incorrectly handled certain inputs. An attacker could...

7.4CVSS6.5AI score0.02474EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/03/07 12:12 p.m.•97 views

USN-5930-1: Python vulnerability

It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2022-37454...

9.8CVSS7.4AI score0.05193EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/03/06 11:32 p.m.•97 views

USN-5926-1: Linux kernel vulnerabilities

Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. CVE-2021-4155 Lee Jones discovered that a use-after-free vulnerabilit...

7.8CVSS6.9AI score0.02399EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/02/28 2:18 p.m.•97 views

USN-5902-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain invalid Blowfish password hashes. An invalid password hash could possibly allow applications to accept any password as valid, contrary to expectations. CVE-2023-0567 It was discovered that PHP incorrectly handled resolving long paths. A remot...

8.1CVSS7.2AI score0.01408EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/02/27 2:10 p.m.•97 views

USN-5894-1: curl vulnerabilities

Harry Sintonen and Tomas Hoger discovered that curl incorrectly handled TELNET connections when the -t option was used on the command line. Uninitialized data possibly containing sensitive information could be sent to the remote server, contrary to expectations. This issue was only fixed in Ubunt...

5.9CVSS6.9AI score0.04929EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/02/09 6:26 p.m.•97 views

USN-5853-1: Linux kernel vulnerabilities

It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service system crash or possibly...

8.8CVSS6.9AI score0.01067EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/08/04 5:6 p.m.•97 views

USN-5546-2: OpenJDK 8 vulnerabilities

USN-5546-1 fixed vulnerabilities in OpenJDK. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain...

7.5CVSS7.4AI score0.46677EPSS
Exploits8
Ubuntu
Ubuntu
•added 2022/07/21 12:0 a.m.•97 views

USN-5529-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-1679...

7.8CVSS7.5AI score0.06451EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/12/17 3:10 p.m.•97 views

USN-5201-1: Python vulnerabilities

It was discovered that the Python urllib http client could enter into an infinite loop when incorrectly handling certain server responses 100 Continue response. Specially crafted traffic from a malicious HTTP server could cause a denial of service Dos condition for a client...

7.5CVSS7.4AI score0.11586EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/03 3:16 p.m.•97 views

USN-4616-1: AccountsService vulnerabilities

Kevin Backhouse discovered that AccountsService incorrectly dropped privileges. A local user could possibly use this issue to cause AccountsService to crash or hang, resulting in a denial of service. CVE-2020-16126 Kevin Backhouse discovered that AccountsService incorrectly handled reading...

6.5CVSS6.5AI score0.03086EPSS
Exploits4
Ubuntu
Ubuntu
•added 2020/11/02 1:56 p.m.•97 views

USN-4611-1: Samba vulnerabilities

Steven French discovered that Samba incorrectly handled ChangeNotify permissions. A remote attacker could possibly use this issue to obtain file name information. CVE-2020-14318 Bas Alberts discovered that Samba incorrectly handled certain winbind requests. A remote attacker could possibly use th...

6.5CVSS7AI score0.0218EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/08/27 10:46 a.m.•97 views

USN-4446-2: Squid regression

USN-4446-1 fixed vulnerabilities in Squid. The update introduced a regression when using Squid with the icap or ecap protocols. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jeriko One discovered that Squid incorrectly handled caching certain...

6.8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/07/28 2:56 p.m.•97 views

USN-4441-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.21 in Ubuntu 20.04 LTS. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.31. In addition to security fixes, the updated...

7.2CVSS6.5AI score0.02692EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/07/08 5:7 p.m.•97 views

USN-4421-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbtirary code. CVE-2020-12405,...

9.3CVSS7.5AI score0.03034EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/02/06 11:48 p.m.•97 views

USN-4250-2: MariaDB vulnerability

It was discovered that an unspecified vulnerability existed in the C API component of MariaDB. An attacker could use this to cause a denial of service for MariaDB clients. MariaDB has been updated to 10.3.22 in Ubuntu 19.10 and 10.1.44 in Ubuntu 18.04 LTS. In addition to security fixes, the updat...

5.9CVSS6.8AI score0.03485EPSS
Exploits0References2
Ubuntu
Ubuntu
•added 2019/12/11 3:7 p.m.•97 views

USN-4217-2: Samba vulnerabilities

USN-4217-1 fixed several vulnerabilities in Samba. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Andreas Oster discovered that the Samba DNS management server incorrectly handled certain records. An authenticated attacker could possibly use this...

6.4CVSS6.4AI score0.02783EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/12/03 1:44 p.m.•97 views

USN-4207-1: GraphicsMagick vulnerabilities

It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact...

9.8CVSS6.5AI score0.0377EPSS
Exploits9
Ubuntu
Ubuntu
•added 2019/11/27 6:23 p.m.•97 views

USN-4203-2: NSS vulnerability

USN-4203-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could use this issue to cause NSS to crash,...

8.8CVSS7.5AI score0.02994EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/10/29 12:15 p.m.•97 views

USN-4167-1: Samba vulnerabilities

Michael Hanselmann discovered that the Samba client code incorrectly handled path separators. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause the client to access local pathnames instead of network pathnames. CVE-2019-10218 Simon...

6.5CVSS6.2AI score0.03515EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/08/06 11:59 a.m.•97 views

USN-4049-4: GLib regression

USN-4049-1 fixed a vulnerability in GLib. The update introduced a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that GLib created directories and files without properly restricting permissions. An attacker could possibl...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2019/06/11 6:27 p.m.•97 views

USN-4016-2: Neovim vulnerability

It was discovered that Neovim incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. CVE-2019-12735...

9.3CVSS8.4AI score0.19111EPSS
Exploits5
Ubuntu
Ubuntu
•added 2019/03/12 9:40 p.m.•97 views

USN-3908-1: Linux kernel vulnerability

Jann Horn discovered a race condition in the fork system call in the Linux kernel. A local attacker could use this to gain access to services that cache authorizations...

6.7CVSS6.9AI score0.00446EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/08/21 4:38 a.m.•97 views

USN-3747-1: OpenJDK 10 vulnerabilities

It was discovered that OpenJDK did not properly validate types in some situations. An attacker could use this to construct a Java class that could possibly bypass sandbox restrictions. CVE-2018-2825, CVE-2018-2826 It was discovered that the PatternSyntaxException class in OpenJDK did not properly...

8.3CVSS6.5AI score0.04979EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/08/21 1:14 a.m.•97 views

USN-3742-3: Linux kernel (Trusty HWE) regressions

USN-3742-2 introduced mitigations in the Linux Hardware Enablement HWE kernel for Ubuntu 12.04 ESM to address L1 Terminal Fault L1TF vulnerabilities CVE-2018-3620, CVE-2018-3646. Unfortunately, the update introduced regressions that caused kernel panics when booting in some environments as well a...

6.9AI score
Exploits0References3
Ubuntu
Ubuntu
•added 2018/04/24 6:25 a.m.•97 views

USN-3632-1: Linux kernel (Azure) vulnerabilities

It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-0861 It was discovered that the KVM...

7.8CVSS6.9AI score0.07679EPSS
Exploits10
Ubuntu
Ubuntu
•added 2018/02/12 3:19 p.m.•97 views

USN-3565-1: Exim vulnerability

Meh Chang discovered that Exim incorrectly handled memory in certain decoding operations. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS8.3AI score0.82238EPSS
Exploits19
Ubuntu
Ubuntu
•added 2017/04/24 11:53 p.m.•97 views

USN-3264-2: Linux kernel (Trusty HWE) vulnerability

USN-3264-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Alexander Popov discovered that a race condition existed in the Stream Control...

7.1CVSS6.7AI score0.01162EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/12/20 9:17 p.m.•97 views

USN-3161-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3161-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Tilman Schmidt and Sasha Levin discovered a use-after-free condition in the TTY...

10CVSS7.2AI score0.09144EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/09/30 4:58 p.m.•97 views

USN-2756-1: rpcbind vulnerability

It was discovered that rpcbind incorrectly handled certain memory structures. A remote attacker could use this issue to cause rpcbind to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.5AI score0.06408EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/04/30 8:34 a.m.•97 views

USN-2590-1: Linux kernel vulnerabilities

Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service host crash. CVE-2015-2150 A stack overflow was discovered in the the microcode loader for...

6.9CVSS6.9AI score0.03052EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/03/24 9:12 a.m.•97 views

USN-2541-1: Linux kernel vulnerabilities

The Linux kernel's splice system call did not correctly validate its parameters. A local, unprivileged user could exploit this flaw to cause a denial of service system crash. CVE-2014-7822 A flaw was discovered in how Thread Local Storage TLS is handled by the task switching function in the Linux...

10CVSS6.6AI score0.09828EPSS
Exploits2
Ubuntu
Ubuntu
•added 2014/11/25 3:14 a.m.•97 views

USN-2417-1: Linux kernel vulnerabilities

Nadav Amit reported that the KVM Kernel Virtual Machine mishandles noncanonical addresses when emulating instructions that change the rip Instruction Pointer. A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service system crash of the guest. CVE-2014-3647 A flaw...

7.8CVSS7AI score0.08579EPSS
Exploits4
Ubuntu
Ubuntu
•added 2014/03/07 11:30 a.m.•97 views

USN-2134-1: Linux kernel (OMAP4) vulnerabilities

Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported an error in the Linux Kernel's Kernel Virtual Machine KVM...

6.2CVSS6.7AI score0.10209EPSS
Exploits6
Ubuntu
Ubuntu
•added 2013/08/20 12:12 p.m.•97 views

USN-1933-1: Linux kernel (OMAP4) vulnerabilities

Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2013-1059 An information leak was discovered in the Linux kernel's fanotify interface. A local user could exploit this flaw to obtai...

7.8CVSS6.9AI score0.04546EPSS
Exploits1
Ubuntu
Ubuntu
•added 2013/05/24 9:34 a.m.•98 views

USN-1836-1: Linux kernel (OMAP4) vulnerabilities

An flaw was discovered in the Linux kernel's perfevents interface. A local user could exploit this flaw to escalate privileges on the system. CVE-2013-2094 A buffer overflow vulnerability was discovered in the Broadcom tg3 ethernet driver for the Linux kernel. A local user could exploit this flaw...

8.4CVSS7.7AI score0.47709EPSS
Exploits17
Ubuntu
Ubuntu
•added 2012/06/19 3:11 p.m.•97 views

USN-1481-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain Tidy::diagnose operations on invalid objects. A remote attacker could use this flaw to cause PHP to crash, leading to a denial of service. CVE-2012-0781 It was discovered that PHP incorrectly handled certain multi-file upload filenames. A...

7.5CVSS8.7AI score0.50723EPSS
Exploits8
Ubuntu
Ubuntu
•added 2012/03/06 3:50 p.m.•97 views

USN-1384-1: Linux kernel (Oneiric backport) vulnerabilities

A bug was discovered in the Linux kernel's calculation of OOM Out of memory scores, that would result in the wrong process being killed. A user could use this to kill the process with the highest OOM score, even if that process belongs to another user or the system. CVE-2011-4097 Paolo Bonzini...

7.8CVSS6.8AI score0.20492EPSS
Exploits13
Ubuntu
Ubuntu
•added 2011/08/26 3:53 a.m.•97 views

USN-1185-1: Thunderbird vulnerabilities

Gary Kwong, Igor Bukanov, and Bob Clary discovered multiple memory vulnerabilities in the Gecko rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Thunderbird. CVE-2011-2982 It was discovered that a vulnerability in event...

10CVSS8.7AI score0.05556EPSS
Exploits1
Ubuntu
Ubuntu
•added 2011/06/09 8:34 p.m.•97 views

USN-1146-1: Linux kernel vulnerabilities

Kees Cook discovered that some ethtool functions did not correctly clear heap memory. A local attacker with CAPNETADMIN privileges could exploit this to read portions of kernel heap memory, leading to a loss of privacy. CVE-2010-4655 Kees Cook discovered that the IOWarrior USB device driver did n...

7.8CVSS6.5AI score0.01194EPSS
Exploits7
Ubuntu
Ubuntu
•added 2010/06/04 6:35 a.m.•97 views

USN-947-2: Linux kernel regression

USN-947-1 fixed vulnerabilities in the Linux kernel. Fixes for CVE-2010-0419 caused failures when using KVM in certain situations. This update reverts that fix until a better solution can be found. We apologize for the inconvenience. Original advisory details: It was discovered that the Linux...

6.6AI score0.12426EPSS
Exploits19References1
Ubuntu
Ubuntu
•added 2008/06/19 4:50 p.m.•97 views

USN-618-1: Linux kernel vulnerabilities

It was discovered that the ALSA /proc interface did not write the correct number of bytes when reporting memory allocations. A local attacker might be able to access sensitive kernel memory, leading to a loss of privacy. CVE-2007-4571 Multiple buffer overflows were discovered in the handling of...

7.8CVSS6.1AI score0.02589EPSS
Exploits10
Ubuntu
Ubuntu
•added 2007/11/27 2:9 a.m.•97 views

USN-547-1: PCRE vulnerabilities

Tavis Ormandy and Will Drewry discovered multiple flaws in the regular expression handling of PCRE. By tricking a user or service into running specially crafted expressions via applications linked against libpcre3, a remote attacker could crash the application, monopolize CPU resources, or possib...

7.5CVSS5.9AI score0.0507EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/12/13 5:41 p.m.•96 views

USN-6555-2: X.Org X Server vulnerabilities

USN-6555-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled XKB button actions. An attacker could possibly use this iss...

7.8CVSS7AI score0.01631EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/16 2:21 p.m.•96 views

USN-6081-1: Linux kernel vulnerabilities

Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information kernel memory. CVE-2023-0459 Xingyuan Mo discovered that the...

7.8CVSS7.1AI score0.00635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/10 5:2 p.m.•96 views

USN-6072-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS7.3AI score0.0788EPSS
Exploits16
Ubuntu
Ubuntu
•added 2023/02/13 12:20 p.m.•96 views

USN-5867-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS7.7AI score0.00902EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/10/17 6:37 p.m.•96 views

USN-5570-2: zlib vulnerability

USN-5570-1 fixed a vulnerability in zlib. This update provides the corresponding update for Ubuntu 22.04 LTS and Ubuntu 20.04 LTS. Original advisory details: Evgeny Legerov discovered that zlib incorrectly handled memory when performing certain inflate operations. An attacker could use this issue...

9.8CVSS7.4AI score0.1593EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/08/10 6:26 p.m.•96 views

USN-5567-1: Linux kernel (OEM) vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.2AI score0.12746EPSS
Exploits12
Ubuntu
Ubuntu
•added 2022/08/10 4:32 p.m.•96 views

USN-5563-1: http-parser vulnerability

It was discovered that http-parser incorrectly handled certain requests. An attacker could possibly use this issue to bypass security controls or gain unauthorized access to sensitive data...

6.5CVSS7.5AI score0.16296EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/05/05 9:11 p.m.•96 views

USN-5405-1: jbig2dec vulnerabilities

It was discovered that jbig2dec incorrectly handled memory when parsing invalid files. An attacker could use this issue to cause jbig2dec to crash, leading to a denial of service. CVE-2017-9216 It was discovered that jbig2dec incorrectly handled memory when processing untrusted input. An attacker...

9.8CVSS6.9AI score0.03452EPSS
Exploits2
Total number of security vulnerabilities5000