Lucene search
K
UbuntuMost viewed

10888 matches found

Ubuntu
Ubuntu
added 2022/04/27 7:44 p.m.96 views

USN-5393-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, conduct spoofing attacks, or execute arbitrary code. CVE-2022-1097,...

8.8CVSS7.9AI score0.02556EPSS
Exploits6
Ubuntu
Ubuntu
added 2022/02/28 5:44 p.m.96 views

USN-5309-1: virglrenderer vulnerabilities

It was discovered that virglrenderer incorrectly handled memory. An attacker inside a guest could use this issue to cause virglrenderer to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2022-0135 It was discovered that virglrenderer incorrectly initialized memory...

7.8CVSS6.5AI score0.0038EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/01/11 12:45 p.m.96 views

USN-5043-2: Exiv2 regression

USN-5043-1 fixed vulnerabilities in Exiv2. The update introduced a new regression that could cause a crash in applications using libexiv2. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Exiv2 incorrectly handled certain image...

5.5CVSS6.4AI score0.01051EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2021/10/19 10:54 a.m.96 views

USN-5111-1: strongSwan vulnerabilities

It was discovered that strongSwan incorrectly handled certain RSASSA-PSS signatures. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service. CVE-2021-41990 It was discovered that strongSwan incorrectly handled replacing certificates in the cache. A...

7.5CVSS7.5AI score0.06438EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/10/18 1:51 p.m.96 views

USN-5110-1: Ardour vulnerability

It was discovered that Ardour incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

9.8CVSS8.2AI score0.01247EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/09/30 9:3 p.m.96 views

USN-5098-1: bl vulnerability

It was discovered that bl didn't properly sanitize the inputs. An attacker could use this to leak sensitive information...

6.5CVSS7.3AI score0.02123EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/05/17 9:4 a.m.96 views

LSN-0077-1: Kernel Live Patch Security Notice

Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copyfromuser when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service memory exhaustion or execute arbitrary...

8.8CVSS7.3AI score0.01547EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/11/17 1:3 p.m.96 views

USN-4633-1: PostgreSQL vulnerabilities

Peter Eisentraut discovered that PostgreSQL incorrectly handled connection security settings. Client applications could possibly be connecting with certain security parameters dropped, contrary to expectations. CVE-2020-25694 Etienne Stalmans discovered that PostgreSQL incorrectly handled the...

8.8CVSS7.3AI score0.4644EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/10/22 12:47 p.m.96 views

USN-4597-1: mod_auth_mellon vulnerabilities

François Kooman discovered that modauthmellon incorrectly handled cookies. An attacker could possibly use this issue to cause a Cross-Site Session Transfer attack. CVE-2017-6807 It was discovered that modauthmellon incorrectly handled certain requests. An attacker could possibly use this issue to...

8.1CVSS6.9AI score0.02969EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/10/19 11:51 p.m.96 views

USN-4591-1: Linux kernel vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

8.8CVSS7.5AI score0.07693EPSS
Exploits6
Ubuntu
Ubuntu
added 2020/09/15 11:22 a.m.96 views

USN-4494-1: GUPnP vulnerability

It was discovered that GUPnP incorrectly handled certain subscription requests. A remote attacker could possibly use this issue to exfiltrate data or use GUPnP to perform DDoS attacks...

7.8CVSS6.9AI score0.15193EPSS
Exploits3
Ubuntu
Ubuntu
added 2020/07/23 11:14 a.m.96 views

USN-4430-2: Pillow vulnerabilities

USN-4430-1 fixed vulnerabilities in Pillow. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted image file...

8.1CVSS7.1AI score0.02514EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/09/09 5:22 p.m.96 views

USN-4127-1: Python vulnerabilities

It was discovered that Python incorrectly handled certain pickle files. An attacker could possibly use this issue to consume memory, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2018-20406 It was discovered that Python incorrectly validated t...

9.8CVSS7.2AI score0.20743EPSS
Exploits6
Ubuntu
Ubuntu
added 2019/08/20 3:25 p.m.96 views

USN-4107-1: GIFLIB vulnerabilities

It was discovered that GIFLIB incorrectly handled certain GIF files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2016-3977 It was discovered that GIFLIB incorrectly handled certain GIF files. An attacker could possibly use...

8.8CVSS6AI score0.02479EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/08/20 1:46 p.m.96 views

USN-4106-1: NLTK vulnerability

Mike Salvatore discovered that NLTK mishandled crafted ZIP archives during extraction. A remote attacker could use this vulnerability to write arbitrary files to the filesystem...

7.5CVSS7.4AI score0.05831EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/05/02 2:47 p.m.96 views

USN-3964-1: python-gnupg vulnerabilities

Marcus Brinkmann discovered that GnuPG before 2.2.8 improperly handled certain command line parameters. A remote attacker could use this to spoof the output of GnuPG and cause unsigned e-mail to appear signed. CVE-2018-12020 It was discovered that python-gnupg incorrectly handled the GPG...

7.5CVSS7.1AI score0.08654EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/05/01 5:31 p.m.96 views

USN-3953-2: PHP vulnerabilities

USN-3953-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that PHP incorrectly handled certain exif tags in JPEG images. A remote attacker could use this issue to cause PHP...

9.1CVSS7.1AI score0.04409EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/04/30 5:57 p.m.96 views

USN-3962-1: libpng vulnerability

It was discovered that libpng incorrectly handled certain memory operations. If a user or automated system were tricked into opening a specially crafted PNG file, a remote attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possibly execute arbitrary code...

5.3CVSS7.7AI score0.09393EPSS
Exploits3
Ubuntu
Ubuntu
added 2018/04/24 6:48 a.m.96 views

USN-3633-1: Linux kernel (Intel Euclid) vulnerability

Jann Horn discovered that the Berkeley Packet Filter BPF implementation in the Linux kernel improperly performed sign extension in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.2AI score0.30052EPSS
Exploits16
Ubuntu
Ubuntu
added 2018/01/23 1:18 a.m.96 views

USN-3541-2: Linux kernel (HWE) vulnerabilities

USN-3541-1 addressed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Jann Horn discovered that microprocessors utilizing speculative execution and branch...

5.6CVSS7.4AI score0.93838EPSS
Exploits12References1
Ubuntu
Ubuntu
added 2017/12/18 1:23 p.m.96 views

USN-3382-2: PHP vulnerabilities

USN-3382-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that the PHP URL parser incorrectly handled certain URI components. A remote attacker could possibly use this issue to bypass...

9.8CVSS7.1AI score0.07511EPSS
Exploits6
Ubuntu
Ubuntu
added 2017/08/16 6:55 a.m.96 views

USN-3392-1: Linux kernel regression

USN-3378-1 fixed vulnerabilities in the Linux kernel. Unfortunately, a regression was introduced that prevented conntrack from working correctly in some situations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Fan Wu and Shixiong Zhao discovered a...

6.8AI score0.03763EPSS
Exploits3References2
Ubuntu
Ubuntu
added 2017/06/07 5:19 a.m.96 views

USN-3313-2: Linux kernel (HWE) vulnerability

USN-3313-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS. It was discovered that a buffer overflow existed in the trace subsystem in the Linux kernel. A...

6.9AI score
Exploits0
Ubuntu
Ubuntu
added 2017/03/16 11:46 a.m.96 views

USN-3235-1: libxml2 vulnerabilities

It was discovered that libxml2 incorrectly handled format strings. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS...

10CVSS7.7AI score0.08628EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/11/21 2:7 p.m.96 views

USN-3131-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of th...

9.8CVSS7.1AI score0.13393EPSS
Exploits15
Ubuntu
Ubuntu
added 2016/08/10 10:47 a.m.96 views

USN-3054-1: Linux kernel (Xenial HWE) vulnerabilities

Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges. CVE-2016-3135 It was...

7.8CVSS7.3AI score0.01009EPSS
Exploits2
Ubuntu
Ubuntu
added 2016/02/02 12:37 a.m.96 views

USN-2887-1: Linux kernel vulnerabilities

It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollctl calls to cause a denial of service system crash or expose sensitive information. CVE-2013-7446 It was discovered that the KVM implementation ...

6.5CVSS6.3AI score0.00625EPSS
Exploits1
Ubuntu
Ubuntu
added 2016/02/01 8:15 p.m.96 views

USN-2884-1: OpenJDK 7 vulnerabilities

Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. CVE-2016-0483, CVE-2016-0494 A...

10CVSS8.2AI score0.14714EPSS
Exploits0
Ubuntu
Ubuntu
added 2015/06/15 10:1 p.m.96 views

USN-2647-1: Linux kernel vulnerability

Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system...

7.8CVSS7.4AI score0.37679EPSS
Exploits22
Ubuntu
Ubuntu
added 2015/03/18 12:33 p.m.96 views

USN-2535-1: PHP vulnerabilities

Thomas Jarosch discovered that PHP incorrectly limited recursion in the fileinfo extension. A remote attacker could possibly use this issue to cause PHP to consume resources or crash, resulting in a denial of service. CVE-2014-8117 S. Paraschoudis discovered that PHP incorrectly handled memory in...

7.5CVSS7.5AI score0.41315EPSS
Exploits11
Ubuntu
Ubuntu
added 2015/02/04 1:11 a.m.96 views

USN-2490-1: Linux kernel vulnerabilities

Andy Lutomirski discovered an information leak in the Linux kernel's Thread Local Storage TLS implementation allowing users to bypass the espfix to obtain information that could be used to bypass the Address Space Layout Randomization ASLR protection mechanism. A local user could exploit this fla...

4.9CVSS6.6AI score0.00583EPSS
Exploits0
Ubuntu
Ubuntu
added 2014/07/15 5:43 p.m.96 views

USN-2278-1: file vulnerabilities

Mike Frysinger discovered that the file awk script detector used multiple wildcard with unlimited repetitions. An attacker could use this issue to cause file to consume resources, resulting in a denial of service. CVE-2013-7345 Francisco Alonso discovered that file incorrectly handled certain CDF...

6.5CVSS7.8AI score0.16853EPSS
Exploits3
Ubuntu
Ubuntu
added 2012/06/12 9:37 p.m.96 views

USN-1471-1: Linux kernel (Oneiric backport) vulnerabilities

Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server attacker could exploit this flaw to cause a denial of service. CVE-2011-4131 A flaw was discovered in the Linux kernel's KVM kernel virtual machine. An administrative user in the guest OS could leverage...

7.2CVSS6.7AI score0.00775EPSS
Exploits3
Ubuntu
Ubuntu
added 2012/02/29 1:15 a.m.96 views

USN-1380-1: Linux kernel vulnerabilities

A flaw was discovered in the TOMOYO LSM's handling of mount system calls. An unprivileged user could oops the system causing a denial of service. CVE-2011-2518 A bug was discovered in the Linux kernel's calculation of OOM Out of memory scores, that would result in the wrong process being killed. ...

7.8CVSS6.4AI score0.20492EPSS
Exploits8
Ubuntu
Ubuntu
added 2011/10/13 12:31 p.m.96 views

USN-1229-1: PostgreSQL vulnerability

It was discovered that the blowfish algorithm in the pgcrypto module incorrectly handled certain 8-bit characters, resulting in the password hashes being easier to crack than expected. An attacker who could obtain the password hashes would be able to recover the plaintext with less effort...

5CVSS7.3AI score0.04972EPSS
Exploits0
Ubuntu
Ubuntu
added 2011/02/28 7:53 p.m.96 views

USN-1074-2: Linux kernel vulnerabilities

Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. CVE-2010-3904 Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service...

10CVSS7AI score0.17009EPSS
Exploits75References1
Ubuntu
Ubuntu
added 2010/01/21 9:27 p.m.96 views

USN-890-2: Python 2.5 vulnerabilities

USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for the PyExpat module in Python 2.5. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked...

5CVSS6.5AI score0.27924EPSS
Exploits3
Ubuntu
Ubuntu
added 2009/11/10 1:58 p.m.96 views

USN-857-1: Qt vulnerabilities

It was discovered that QtWebKit did not properly handle certain SVGPathList data structures. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. CVE-2009-0945 Several flaws were...

9.3CVSS7.8AI score0.29098EPSS
Exploits9
Ubuntu
Ubuntu
added 2009/03/26 9:20 p.m.96 views

USN-748-1: OpenJDK vulnerabilities

It was discovered that font creation could leak temporary files. If a user were tricked into loading a malicious program or applet, a remote attacker could consume disk space, leading to a denial of service. CVE-2006-2426, CVE-2009-1100 It was discovered that the lightweight HttpServer did not...

10CVSS6.2AI score0.12692EPSS
Exploits1
Ubuntu
Ubuntu
added 2009/03/10 8:22 p.m.96 views

USN-731-1: Apache vulnerabilities

It was discovered that Apache did not sanitize the method specifier header from an HTTP request when it is returned in an error message, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a...

5CVSS6.8AI score0.80749EPSS
Exploits10
Ubuntu
Ubuntu
added 2005/05/23 5:29 p.m.96 views

USN-131-1: Linux kernel vulnerabilities

Colin Percival discovered an information disclosure in the "Hyper Threading Technology" architecture in processors which are capable of simultaneous multithreading in particular Intel Pentium 4, Intel Mobile Pentium 4, and Intel Xeon processors. This allows a malicious thread to monitor the...

7.2CVSS7AI score0.01774EPSS
Exploits4
Ubuntu
Ubuntu
added 2024/08/21 5:6 p.m.95 views

USN-6950-4: Linux kernel (HWE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - Block layer subsystem; - Bluetooth drivers; - Clock framework and...

9.8CVSS6.9AI score0.01305EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/12/05 11:21 p.m.95 views

USN-6534-1: Linux kernel vulnerabilities

It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-37453 Lin Ma...

8.8CVSS7AI score0.09141EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/09/08 9:36 p.m.95 views

USN-6340-2: Linux kernel vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 Zi Fan Tan discovered that the binder IPC...

10CVSS7.7AI score0.03546EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/07/25 9:32 p.m.95 views

USN-6246-1: Linux kernel vulnerabilities

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-3090...

7.8CVSS7AI score0.02163EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/07/18 11:26 a.m.95 views

USN-6078-2: libwebp vulnerability

USN-6078-1 fixed a vulnerability in libwebp. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: Irvan Kurniawan discovered that libwebp incorrectly handled certain memory operations. If a user or automated system were tricked into opening a specially...

7.5CVSS7.7AI score0.00952EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/07/05 9:23 a.m.95 views

USN-6201-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-37201, CVE-2023-37202,...

8.8CVSS8.2AI score0.00696EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/06/06 6:44 a.m.95 views

USN-6140-1: Go vulnerabilities

It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10. CVE-2022-41724, CVE-2023-24534, CVE-2023-24537 It was discovered...

9.8CVSS7AI score0.02281EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/03/06 1:9 p.m.95 views

USN-5922-1: FriBidi vulnerabilities

It was discovered that FriBidi incorrectly handled the processing of input strings, resulting in memory corruption. An attacker could possibly use this issue to cause FriBidi to crash, resulting in a denial of service, or potentially execute arbitrary code. CVE-2022-25308 It was discovered that...

7.8CVSS7AI score0.00508EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/03/02 3:48 p.m.95 views

USN-5909-1: Linux kernel (Azure CVM) vulnerabilities

It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service system crash or possibly...

8.8CVSS6.9AI score0.01067EPSS
Exploits2
Total number of security vulnerabilities5000