Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2016/05/09 8:55 p.m.•98 views

USN-2967-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly enforce rlimits for file descriptors sent over UNIX domain sockets. A local attacker could use this to cause a denial of service. CVE-2013-4312 Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not...

10CVSS7.6AI score0.14281EPSS
Exploits15
Ubuntu
Ubuntu
•added 2015/12/03 10:48 a.m.•98 views

USN-2827-1: OpenJDK 6 vulnerabilities

Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. CVE-2015-4805, CVE-2015-4835, CVE-2015-4843, CVE-2015-4844,...

10CVSS6.6AI score0.09991EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/03/05 1:31 p.m.•98 views

USN-2522-1: ICU vulnerabilities

It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubun...

10CVSS7.6AI score0.22753EPSS
Exploits5
Ubuntu
Ubuntu
•added 2014/02/10 9:58 p.m.•98 views

USN-2102-1: Firefox vulnerabilities

Christian Holler, Terrence Cole, Jesse Ruderman, Gary Kwong, Eric Rescorla, Jonathan Kew, Dan Gohman, Ryan VanderMeulen, Carsten Book, Andrew Sutherland, Byron Campen, Nicholas Nethercote, Paul Adenot, David Baron, Julian Seward and Sotaro Ikeda discovered multiple memory safety issues in Firefox...

10CVSS8.4AI score0.07072EPSS
Exploits11References1
Ubuntu
Ubuntu
•added 2011/12/03 1:59 a.m.•98 views

USN-1286-1: Linux kernel vulnerabilities

Vasily Averin discovered that the NFS Lock Manager NLM incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. CVE-2011-2491 Robert Swiecki discovered that mapping extensions were incorrectly handled. A local attacker could exploit this to crash the...

7.8CVSS7.3AI score0.00496EPSS
Exploits2
Ubuntu
Ubuntu
•added 2011/07/06 1:9 p.m.•98 views

USN-1164-1: Linux kernel vulnerabilities (i.MX51)

Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. CVE-2010-3865 Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly...

7.8CVSS7AI score0.04308EPSS
Exploits24
Ubuntu
Ubuntu
•added 2011/04/30 12:18 a.m.•98 views

USN-1123-1: Xulrunner vulnerabilities

A large number of security issues were discovered in the Gecko rendering engine. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

10CVSS8.2AI score0.73655EPSS
Exploits23
Ubuntu
Ubuntu
•added 2025/04/24 12:40 p.m.•97 views

USN-7457-1: OpenSSH vulnerability

It was discovered that OpenSSH incorrectly handled the DisableForwarding directive. The directive would fail to disable X11 and agent forwarding, contrary to documentation and expectations...

4.3CVSS6.5AI score0.0016EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/03/25 11:58 p.m.•97 views

USN-6701-3: Linux kernel vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 It was discovered that the NVIDIA Tegra...

7.8CVSS7.4AI score0.28058EPSS
Exploits18
Ubuntu
Ubuntu
•added 2023/12/13 5:41 p.m.•97 views

USN-6555-2: X.Org X Server vulnerabilities

USN-6555-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled XKB button actions. An attacker could possibly use this iss...

7.8CVSS7AI score0.01631EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/10 5:2 p.m.•97 views

USN-6072-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS7.3AI score0.0788EPSS
Exploits16
Ubuntu
Ubuntu
•added 2023/03/06 11:32 p.m.•97 views

USN-5926-1: Linux kernel vulnerabilities

Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. CVE-2021-4155 Lee Jones discovered that a use-after-free vulnerabilit...

7.8CVSS6.9AI score0.02399EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/03/06 4:26 p.m.•97 views

USN-5892-2: NSS vulnerability

USN-5892-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Christian Holler discovered that NSS incorrectly handled certain PKCS 12 certificated bundles. A remote attacker could use this issue to cau...

8.8CVSS7.8AI score0.00817EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/02/28 2:18 p.m.•97 views

USN-5902-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain invalid Blowfish password hashes. An invalid password hash could possibly allow applications to accept any password as valid, contrary to expectations. CVE-2023-0567 It was discovered that PHP incorrectly handled resolving long paths. A remot...

8.1CVSS7.2AI score0.01408EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/02/13 12:20 p.m.•97 views

USN-5867-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS7.7AI score0.00902EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/02/09 6:26 p.m.•97 views

USN-5853-1: Linux kernel vulnerabilities

It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service system crash or possibly...

8.8CVSS6.9AI score0.01067EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/08/04 5:6 p.m.•97 views

USN-5546-2: OpenJDK 8 vulnerabilities

USN-5546-1 fixed vulnerabilities in OpenJDK. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain...

7.5CVSS7.4AI score0.17673EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/07/21 12:0 a.m.•97 views

USN-5529-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-1679...

7.8CVSS7.5AI score0.06451EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/04/27 7:44 p.m.•97 views

USN-5393-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, conduct spoofing attacks, or execute arbitrary code. CVE-2022-1097,...

8.8CVSS7.9AI score0.02556EPSS
Exploits6
Ubuntu
Ubuntu
•added 2021/12/17 3:10 p.m.•97 views

USN-5201-1: Python vulnerabilities

It was discovered that the Python urllib http client could enter into an infinite loop when incorrectly handling certain server responses 100 Continue response. Specially crafted traffic from a malicious HTTP server could cause a denial of service Dos condition for a client...

7.5CVSS7.4AI score0.11586EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/10/19 10:54 a.m.•97 views

USN-5111-1: strongSwan vulnerabilities

It was discovered that strongSwan incorrectly handled certain RSASSA-PSS signatures. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service. CVE-2021-41990 It was discovered that strongSwan incorrectly handled replacing certificates in the cache. A...

7.5CVSS7.5AI score0.06438EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/11/03 3:16 p.m.•97 views

USN-4616-1: AccountsService vulnerabilities

Kevin Backhouse discovered that AccountsService incorrectly dropped privileges. A local user could possibly use this issue to cause AccountsService to crash or hang, resulting in a denial of service. CVE-2020-16126 Kevin Backhouse discovered that AccountsService incorrectly handled reading...

6.5CVSS6.5AI score0.03086EPSS
Exploits4
Ubuntu
Ubuntu
•added 2020/08/27 10:46 a.m.•97 views

USN-4446-2: Squid regression

USN-4446-1 fixed vulnerabilities in Squid. The update introduced a regression when using Squid with the icap or ecap protocols. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jeriko One discovered that Squid incorrectly handled caching certain...

6.8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/07/28 2:56 p.m.•97 views

USN-4441-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.21 in Ubuntu 20.04 LTS. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.31. In addition to security fixes, the updated...

7.2CVSS6.5AI score0.02692EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/07/23 11:14 a.m.•97 views

USN-4430-2: Pillow vulnerabilities

USN-4430-1 fixed vulnerabilities in Pillow. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted image file...

8.1CVSS7.1AI score0.02514EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/12/11 3:7 p.m.•97 views

USN-4217-2: Samba vulnerabilities

USN-4217-1 fixed several vulnerabilities in Samba. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Andreas Oster discovered that the Samba DNS management server incorrectly handled certain records. An authenticated attacker could possibly use this...

6.4CVSS6.4AI score0.02783EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/12/03 1:44 p.m.•97 views

USN-4207-1: GraphicsMagick vulnerabilities

It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact...

9.8CVSS6.5AI score0.0377EPSS
Exploits9
Ubuntu
Ubuntu
•added 2019/11/27 6:23 p.m.•97 views

USN-4203-2: NSS vulnerability

USN-4203-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could use this issue to cause NSS to crash,...

8.8CVSS7.5AI score0.02994EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/08/20 1:46 p.m.•97 views

USN-4106-1: NLTK vulnerability

Mike Salvatore discovered that NLTK mishandled crafted ZIP archives during extraction. A remote attacker could use this vulnerability to write arbitrary files to the filesystem...

7.5CVSS7.4AI score0.05831EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/08/06 11:59 a.m.•97 views

USN-4049-4: GLib regression

USN-4049-1 fixed a vulnerability in GLib. The update introduced a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that GLib created directories and files without properly restricting permissions. An attacker could possibl...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2019/06/11 6:27 p.m.•97 views

USN-4016-2: Neovim vulnerability

It was discovered that Neovim incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. CVE-2019-12735...

9.3CVSS8.4AI score0.19111EPSS
Exploits5
Ubuntu
Ubuntu
•added 2019/05/02 2:47 p.m.•97 views

USN-3964-1: python-gnupg vulnerabilities

Marcus Brinkmann discovered that GnuPG before 2.2.8 improperly handled certain command line parameters. A remote attacker could use this to spoof the output of GnuPG and cause unsigned e-mail to appear signed. CVE-2018-12020 It was discovered that python-gnupg incorrectly handled the GPG...

7.5CVSS7.1AI score0.08654EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/04/30 5:57 p.m.•97 views

USN-3962-1: libpng vulnerability

It was discovered that libpng incorrectly handled certain memory operations. If a user or automated system were tricked into opening a specially crafted PNG file, a remote attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possibly execute arbitrary code...

5.3CVSS7.7AI score0.09393EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/03/12 9:40 p.m.•97 views

USN-3908-1: Linux kernel vulnerability

Jann Horn discovered a race condition in the fork system call in the Linux kernel. A local attacker could use this to gain access to services that cache authorizations...

6.7CVSS6.9AI score0.00446EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/08/24 12:41 a.m.•97 views

USN-3752-2: Linux kernel (HWE) vulnerabilities

USN-3752-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that, when attempting to handle an out-of-memory situation, a null...

7.8CVSS7.6AI score0.16352EPSS
Exploits18
Ubuntu
Ubuntu
•added 2018/08/21 4:38 a.m.•97 views

USN-3747-1: OpenJDK 10 vulnerabilities

It was discovered that OpenJDK did not properly validate types in some situations. An attacker could use this to construct a Java class that could possibly bypass sandbox restrictions. CVE-2018-2825, CVE-2018-2826 It was discovered that the PatternSyntaxException class in OpenJDK did not properly...

8.3CVSS6.5AI score0.04979EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/08/21 1:14 a.m.•97 views

USN-3742-3: Linux kernel (Trusty HWE) regressions

USN-3742-2 introduced mitigations in the Linux Hardware Enablement HWE kernel for Ubuntu 12.04 ESM to address L1 Terminal Fault L1TF vulnerabilities CVE-2018-3620, CVE-2018-3646. Unfortunately, the update introduced regressions that caused kernel panics when booting in some environments as well a...

6.9AI score
Exploits0References3
Ubuntu
Ubuntu
•added 2018/04/24 6:25 a.m.•97 views

USN-3632-1: Linux kernel (Azure) vulnerabilities

It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-0861 It was discovered that the KVM...

7.8CVSS6.9AI score0.07679EPSS
Exploits10
Ubuntu
Ubuntu
•added 2017/08/07 6:36 p.m.•97 views

USN-3381-1: Linux kernel vulnerabilities

Peter Pi discovered that the colormap handling for frame buffer devices in the Linux kernel contained an integer overflow. A local attacker could use this to disclose sensitive information kernel memory. CVE-2016-8405 It was discovered that the Linux kernel did not properly restrict RLIMITSTACK...

7.8CVSS6.8AI score0.01551EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/04/24 11:53 p.m.•97 views

USN-3264-2: Linux kernel (Trusty HWE) vulnerability

USN-3264-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Alexander Popov discovered that a race condition existed in the Stream Control...

7.1CVSS6.7AI score0.01162EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/12/20 9:17 p.m.•97 views

USN-3161-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3161-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Tilman Schmidt and Sasha Levin discovered a use-after-free condition in the TTY...

10CVSS7.2AI score0.09144EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/09/30 4:58 p.m.•97 views

USN-2756-1: rpcbind vulnerability

It was discovered that rpcbind incorrectly handled certain memory structures. A remote attacker could use this issue to cause rpcbind to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.5AI score0.06408EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/04/30 8:34 a.m.•97 views

USN-2590-1: Linux kernel vulnerabilities

Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service host crash. CVE-2015-2150 A stack overflow was discovered in the the microcode loader for...

6.9CVSS6.9AI score0.03052EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/03/24 9:12 a.m.•97 views

USN-2541-1: Linux kernel vulnerabilities

The Linux kernel's splice system call did not correctly validate its parameters. A local, unprivileged user could exploit this flaw to cause a denial of service system crash. CVE-2014-7822 A flaw was discovered in how Thread Local Storage TLS is handled by the task switching function in the Linux...

10CVSS6.6AI score0.09828EPSS
Exploits2
Ubuntu
Ubuntu
•added 2014/11/25 3:14 a.m.•97 views

USN-2417-1: Linux kernel vulnerabilities

Nadav Amit reported that the KVM Kernel Virtual Machine mishandles noncanonical addresses when emulating instructions that change the rip Instruction Pointer. A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service system crash of the guest. CVE-2014-3647 A flaw...

7.8CVSS7AI score0.08579EPSS
Exploits4
Ubuntu
Ubuntu
•added 2014/07/15 5:43 p.m.•97 views

USN-2278-1: file vulnerabilities

Mike Frysinger discovered that the file awk script detector used multiple wildcard with unlimited repetitions. An attacker could use this issue to cause file to consume resources, resulting in a denial of service. CVE-2013-7345 Francisco Alonso discovered that file incorrectly handled certain CDF...

6.5CVSS7.8AI score0.16853EPSS
Exploits3
Ubuntu
Ubuntu
•added 2014/03/07 11:30 a.m.•97 views

USN-2134-1: Linux kernel (OMAP4) vulnerabilities

Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported an error in the Linux Kernel's Kernel Virtual Machine KVM...

6.2CVSS6.7AI score0.10209EPSS
Exploits6
Ubuntu
Ubuntu
•added 2013/08/20 12:12 p.m.•97 views

USN-1933-1: Linux kernel (OMAP4) vulnerabilities

Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2013-1059 An information leak was discovered in the Linux kernel's fanotify interface. A local user could exploit this flaw to obtai...

7.8CVSS6.9AI score0.04546EPSS
Exploits1
Ubuntu
Ubuntu
•added 2013/05/24 9:34 a.m.•98 views

USN-1836-1: Linux kernel (OMAP4) vulnerabilities

An flaw was discovered in the Linux kernel's perfevents interface. A local user could exploit this flaw to escalate privileges on the system. CVE-2013-2094 A buffer overflow vulnerability was discovered in the Broadcom tg3 ethernet driver for the Linux kernel. A local user could exploit this flaw...

8.4CVSS7.7AI score0.47709EPSS
Exploits17
Ubuntu
Ubuntu
•added 2012/06/19 3:11 p.m.•97 views

USN-1481-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain Tidy::diagnose operations on invalid objects. A remote attacker could use this flaw to cause PHP to crash, leading to a denial of service. CVE-2012-0781 It was discovered that PHP incorrectly handled certain multi-file upload filenames. A...

7.5CVSS8.7AI score0.50723EPSS
Exploits8
Total number of security vulnerabilities5000