Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
added 2011/06/09 8:34 p.m.97 views

USN-1146-1: Linux kernel vulnerabilities

Kees Cook discovered that some ethtool functions did not correctly clear heap memory. A local attacker with CAPNETADMIN privileges could exploit this to read portions of kernel heap memory, leading to a loss of privacy. CVE-2010-4655 Kees Cook discovered that the IOWarrior USB device driver did n...

7.8CVSS6.5AI score0.01194EPSS
Exploits7
Ubuntu
Ubuntu
added 2011/02/28 7:53 p.m.97 views

USN-1074-2: Linux kernel vulnerabilities

Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. CVE-2010-3904 Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service...

10CVSS7AI score0.17009EPSS
Exploits75References1
Ubuntu
Ubuntu
added 2010/06/04 6:35 a.m.97 views

USN-947-2: Linux kernel regression

USN-947-1 fixed vulnerabilities in the Linux kernel. Fixes for CVE-2010-0419 caused failures when using KVM in certain situations. This update reverts that fix until a better solution can be found. We apologize for the inconvenience. Original advisory details: It was discovered that the Linux...

6.6AI score
Exploits0References1
Ubuntu
Ubuntu
added 2010/01/21 9:27 p.m.97 views

USN-890-2: Python 2.5 vulnerabilities

USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for the PyExpat module in Python 2.5. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked...

5CVSS6.5AI score0.27924EPSS
Exploits3
Ubuntu
Ubuntu
added 2008/06/19 4:50 p.m.97 views

USN-618-1: Linux kernel vulnerabilities

It was discovered that the ALSA /proc interface did not write the correct number of bytes when reporting memory allocations. A local attacker might be able to access sensitive kernel memory, leading to a loss of privacy. CVE-2007-4571 Multiple buffer overflows were discovered in the handling of...

7.8CVSS6.1AI score0.02589EPSS
Exploits10
Ubuntu
Ubuntu
added 2007/11/27 2:9 a.m.97 views

USN-547-1: PCRE vulnerabilities

Tavis Ormandy and Will Drewry discovered multiple flaws in the regular expression handling of PCRE. By tricking a user or service into running specially crafted expressions via applications linked against libpcre3, a remote attacker could crash the application, monopolize CPU resources, or possib...

7.5CVSS5.9AI score0.0507EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/12/05 11:21 p.m.96 views

USN-6534-1: Linux kernel vulnerabilities

It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-37453 Lin Ma...

8.8CVSS7AI score0.09141EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/07/18 11:26 a.m.96 views

USN-6078-2: libwebp vulnerability

USN-6078-1 fixed a vulnerability in libwebp. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: Irvan Kurniawan discovered that libwebp incorrectly handled certain memory operations. If a user or automated system were tricked into opening a specially...

7.5CVSS7.7AI score0.00952EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/07/05 9:23 a.m.96 views

USN-6201-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-37201, CVE-2023-37202,...

8.8CVSS8.2AI score0.00696EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/05/16 2:21 p.m.96 views

USN-6081-1: Linux kernel vulnerabilities

Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information kernel memory. CVE-2023-0459 Xingyuan Mo discovered that the...

7.8CVSS7.1AI score0.00635EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/03/20 11:59 a.m.96 views

USN-5963-1: Vim vulnerabilities

It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. CVE-2022-47024,...

7.8CVSS7.2AI score0.00555EPSS
Exploits8
Ubuntu
Ubuntu
added 2023/02/09 11:0 p.m.96 views

USN-5862-1: Linux kernel (Qualcomm Snapdragon) vulnerabilities

It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 V4L2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20369 Pawan Kumar Gupta, Alyssa Milburn, Ami...

7CVSS7.3AI score0.04947EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/01/31 4:42 p.m.96 views

USN-5836-1: Vim vulnerabilities

It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2022-47024, CVE-2023-0049, CVE-2023-0054, CVE-2023-0288, CVE-2023-0433...

7.8CVSS7.8AI score0.00555EPSS
Exploits4
Ubuntu
Ubuntu
added 2022/10/17 6:37 p.m.96 views

USN-5570-2: zlib vulnerability

USN-5570-1 fixed a vulnerability in zlib. This update provides the corresponding update for Ubuntu 22.04 LTS and Ubuntu 20.04 LTS. Original advisory details: Evgeny Legerov discovered that zlib incorrectly handled memory when performing certain inflate operations. An attacker could use this issue...

9.8CVSS7.4AI score0.1593EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/08/10 6:26 p.m.96 views

USN-5567-1: Linux kernel (OEM) vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.2AI score0.12746EPSS
Exploits12
Ubuntu
Ubuntu
added 2022/08/10 4:32 p.m.96 views

USN-5563-1: http-parser vulnerability

It was discovered that http-parser incorrectly handled certain requests. An attacker could possibly use this issue to bypass security controls or gain unauthorized access to sensitive data...

6.5CVSS7.5AI score0.16296EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/07/25 11:22 a.m.96 views

USN-5530-1: PHP vulnerability

It was discovered that PHP incorrectly handled certain memory operations when obtaining file information. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.8AI score0.01659EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/06/27 1:35 a.m.96 views

USN-5493-1: Linux kernel vulnerability

It was discovered that the 8 Devices USB2CAN interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service system crash...

5.5CVSS6.6AI score0.00395EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/05/05 9:11 p.m.96 views

USN-5405-1: jbig2dec vulnerabilities

It was discovered that jbig2dec incorrectly handled memory when parsing invalid files. An attacker could use this issue to cause jbig2dec to crash, leading to a denial of service. CVE-2017-9216 It was discovered that jbig2dec incorrectly handled memory when processing untrusted input. An attacker...

9.8CVSS6.9AI score0.03452EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/04/27 7:44 p.m.96 views

USN-5393-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, conduct spoofing attacks, or execute arbitrary code. CVE-2022-1097,...

8.8CVSS7.9AI score0.02556EPSS
Exploits6
Ubuntu
Ubuntu
added 2022/02/28 5:44 p.m.96 views

USN-5309-1: virglrenderer vulnerabilities

It was discovered that virglrenderer incorrectly handled memory. An attacker inside a guest could use this issue to cause virglrenderer to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2022-0135 It was discovered that virglrenderer incorrectly initialized memory...

7.8CVSS6.5AI score0.0038EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/02/08 2:10 p.m.96 views

USN-5276-1: NVIDIA graphics drivers vulnerabilities

It was discovered that the NVIDIA graphics drivers incorrectly handled permissions in the kernel mode layer. A local attacker could use this issue to write to protected memory and cause a denial of service...

6.1CVSS6.1AI score0.00232EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/01/11 12:45 p.m.96 views

USN-5043-2: Exiv2 regression

USN-5043-1 fixed vulnerabilities in Exiv2. The update introduced a new regression that could cause a crash in applications using libexiv2. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Exiv2 incorrectly handled certain image...

5.5CVSS6.4AI score0.01051EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2021/10/19 10:54 a.m.96 views

USN-5111-1: strongSwan vulnerabilities

It was discovered that strongSwan incorrectly handled certain RSASSA-PSS signatures. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service. CVE-2021-41990 It was discovered that strongSwan incorrectly handled replacing certificates in the cache. A...

7.5CVSS7.5AI score0.06438EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/10/18 1:51 p.m.96 views

USN-5110-1: Ardour vulnerability

It was discovered that Ardour incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

9.8CVSS8.2AI score0.01247EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/09/30 9:3 p.m.96 views

USN-5098-1: bl vulnerability

It was discovered that bl didn't properly sanitize the inputs. An attacker could use this to leak sensitive information...

6.5CVSS7.3AI score0.02123EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/05/17 9:4 a.m.96 views

LSN-0077-1: Kernel Live Patch Security Notice

Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copyfromuser when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service memory exhaustion or execute arbitrary...

8.8CVSS7.3AI score0.01547EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/11/17 1:3 p.m.96 views

USN-4633-1: PostgreSQL vulnerabilities

Peter Eisentraut discovered that PostgreSQL incorrectly handled connection security settings. Client applications could possibly be connecting with certain security parameters dropped, contrary to expectations. CVE-2020-25694 Etienne Stalmans discovered that PostgreSQL incorrectly handled the...

8.8CVSS7.3AI score0.4644EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/10/22 12:47 p.m.96 views

USN-4597-1: mod_auth_mellon vulnerabilities

François Kooman discovered that modauthmellon incorrectly handled cookies. An attacker could possibly use this issue to cause a Cross-Site Session Transfer attack. CVE-2017-6807 It was discovered that modauthmellon incorrectly handled certain requests. An attacker could possibly use this issue to...

8.1CVSS6.9AI score0.02969EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/10/19 11:51 p.m.96 views

USN-4591-1: Linux kernel vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

8.8CVSS7.5AI score0.07693EPSS
Exploits6
Ubuntu
Ubuntu
added 2020/09/15 11:22 a.m.96 views

USN-4494-1: GUPnP vulnerability

It was discovered that GUPnP incorrectly handled certain subscription requests. A remote attacker could possibly use this issue to exfiltrate data or use GUPnP to perform DDoS attacks...

7.8CVSS6.9AI score0.15193EPSS
Exploits3
Ubuntu
Ubuntu
added 2020/03/11 9:53 p.m.96 views

USN-4299-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the URL or other browser chrome, obtain sensitive information, bypass Content Security Policy CSP...

9.8CVSS7.7AI score0.03191EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/11/12 9:50 p.m.96 views

USN-4182-1: Intel Microcode update

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...

6.5CVSS7.2AI score0.03133EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2019/08/20 3:25 p.m.96 views

USN-4107-1: GIFLIB vulnerabilities

It was discovered that GIFLIB incorrectly handled certain GIF files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2016-3977 It was discovered that GIFLIB incorrectly handled certain GIF files. An attacker could possibly use...

8.8CVSS6AI score0.02479EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/05/01 5:31 p.m.96 views

USN-3953-2: PHP vulnerabilities

USN-3953-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that PHP incorrectly handled certain exif tags in JPEG images. A remote attacker could use this issue to cause PHP...

9.1CVSS7.1AI score0.04409EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/01/14 5:53 p.m.96 views

USN-3857-1: PEAR vulnerability

Fariskhi Vidyan discovered that PEAR ArchiveTar incorrectly handled certain archive paths. A remote attacker could possibly use this issue to execute arbitrary code...

8.8CVSS7.8AI score0.18286EPSS
Exploits5
Ubuntu
Ubuntu
added 2018/04/24 6:48 a.m.96 views

USN-3633-1: Linux kernel (Intel Euclid) vulnerability

Jann Horn discovered that the Berkeley Packet Filter BPF implementation in the Linux kernel improperly performed sign extension in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.2AI score0.30052EPSS
Exploits16
Ubuntu
Ubuntu
added 2018/01/23 1:18 a.m.96 views

USN-3541-2: Linux kernel (HWE) vulnerabilities

USN-3541-1 addressed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Jann Horn discovered that microprocessors utilizing speculative execution and branch...

5.6CVSS7.4AI score0.93838EPSS
Exploits13References1
Ubuntu
Ubuntu
added 2017/12/18 1:23 p.m.96 views

USN-3382-2: PHP vulnerabilities

USN-3382-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that the PHP URL parser incorrectly handled certain URI components. A remote attacker could possibly use this issue to bypass...

9.8CVSS7.1AI score0.07511EPSS
Exploits6
Ubuntu
Ubuntu
added 2017/08/16 2:9 p.m.96 views

USN-3391-2: Ubufox update

USN-3391-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Ubufox. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to...

7.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2017/08/16 6:55 a.m.96 views

USN-3392-1: Linux kernel regression

USN-3378-1 fixed vulnerabilities in the Linux kernel. Unfortunately, a regression was introduced that prevented conntrack from working correctly in some situations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Fan Wu and Shixiong Zhao discovered a...

6.8AI score
Exploits0References2
Ubuntu
Ubuntu
added 2017/06/07 5:19 a.m.96 views

USN-3313-2: Linux kernel (HWE) vulnerability

USN-3313-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS. It was discovered that a buffer overflow existed in the trace subsystem in the Linux kernel. A...

6.9AI score
Exploits0
Ubuntu
Ubuntu
added 2017/03/16 11:46 a.m.96 views

USN-3235-1: libxml2 vulnerabilities

It was discovered that libxml2 incorrectly handled format strings. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS...

10CVSS7.7AI score0.08628EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/11/21 2:7 p.m.96 views

USN-3131-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of th...

9.8CVSS7.1AI score0.13393EPSS
Exploits15
Ubuntu
Ubuntu
added 2016/08/10 10:47 a.m.96 views

USN-3054-1: Linux kernel (Xenial HWE) vulnerabilities

Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges. CVE-2016-3135 It was...

7.8CVSS7.3AI score0.01009EPSS
Exploits2
Ubuntu
Ubuntu
added 2016/02/02 12:37 a.m.96 views

USN-2887-1: Linux kernel vulnerabilities

It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollctl calls to cause a denial of service system crash or expose sensitive information. CVE-2013-7446 It was discovered that the KVM implementation ...

6.5CVSS6.3AI score0.00625EPSS
Exploits1
Ubuntu
Ubuntu
added 2016/02/01 8:15 p.m.96 views

USN-2884-1: OpenJDK 7 vulnerabilities

Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. CVE-2016-0483, CVE-2016-0494 A...

10CVSS8.2AI score0.14714EPSS
Exploits0
Ubuntu
Ubuntu
added 2015/06/15 10:1 p.m.96 views

USN-2647-1: Linux kernel vulnerability

Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system...

7.8CVSS7.4AI score0.37679EPSS
Exploits22
Ubuntu
Ubuntu
added 2015/03/18 12:33 p.m.96 views

USN-2535-1: PHP vulnerabilities

Thomas Jarosch discovered that PHP incorrectly limited recursion in the fileinfo extension. A remote attacker could possibly use this issue to cause PHP to consume resources or crash, resulting in a denial of service. CVE-2014-8117 S. Paraschoudis discovered that PHP incorrectly handled memory in...

7.5CVSS7.5AI score0.41315EPSS
Exploits11
Ubuntu
Ubuntu
added 2015/02/04 1:11 a.m.96 views

USN-2490-1: Linux kernel vulnerabilities

Andy Lutomirski discovered an information leak in the Linux kernel's Thread Local Storage TLS implementation allowing users to bypass the espfix to obtain information that could be used to bypass the Address Space Layout Randomization ASLR protection mechanism. A local user could exploit this fla...

4.9CVSS6.6AI score0.00583EPSS
Exploits0
Total number of security vulnerabilities5000