Lucene search
K
UbuntuMost viewed

10890 matches found

Ubuntu
Ubuntu
added 2005/05/23 5:29 p.m.96 views

USN-131-1: Linux kernel vulnerabilities

Colin Percival discovered an information disclosure in the "Hyper Threading Technology" architecture in processors which are capable of simultaneous multithreading in particular Intel Pentium 4, Intel Mobile Pentium 4, and Intel Xeon processors. This allows a malicious thread to monitor the...

7.2CVSS7AI score0.01774EPSS
Exploits4
Ubuntu
Ubuntu
added 2024/08/21 5:6 p.m.95 views

USN-6950-4: Linux kernel (HWE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - Block layer subsystem; - Bluetooth drivers; - Clock framework and...

9.8CVSS6.9AI score0.01305EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/12/14 4:51 p.m.95 views

USN-6233-2: YAJL vulnerabilities

USN-6233-1 fixed vulnerabilities in YAJL. This update provides the corresponding updates for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. Original advisory details: It was discovered that YAJL was not properly performing bounds checks when decoding a string with escape sequences. If a us...

7.5CVSS6.8AI score0.03735EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/09/08 9:36 p.m.95 views

USN-6340-2: Linux kernel vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 Zi Fan Tan discovered that the binder IPC...

10CVSS7.7AI score0.03546EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/07/25 9:32 p.m.95 views

USN-6246-1: Linux kernel vulnerabilities

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-3090...

7.8CVSS7AI score0.02163EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/06/06 6:44 a.m.95 views

USN-6140-1: Go vulnerabilities

It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10. CVE-2022-41724, CVE-2023-24534, CVE-2023-24537 It was discovered...

9.8CVSS7AI score0.02281EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/03/06 1:9 p.m.95 views

USN-5922-1: FriBidi vulnerabilities

It was discovered that FriBidi incorrectly handled the processing of input strings, resulting in memory corruption. An attacker could possibly use this issue to cause FriBidi to crash, resulting in a denial of service, or potentially execute arbitrary code. CVE-2022-25308 It was discovered that...

7.8CVSS7AI score0.00508EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/03/02 3:48 p.m.95 views

USN-5909-1: Linux kernel (Azure CVM) vulnerabilities

It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service system crash or possibly...

8.8CVSS6.9AI score0.01067EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/02/28 3:42 p.m.95 views

USN-5903-1: lighttpd vulnerabilities

It was discovered that lighttpd incorrectly handled certain inputs, which could result in a stack buffer overflow. A remote attacker could possibly use this issue to cause a denial of service DoS. CVE-2022-22707, CVE-2022-41556...

7.5CVSS7AI score0.08969EPSS
Exploits5
Ubuntu
Ubuntu
added 2023/02/15 11:5 p.m.95 views

USN-5877-1: Linux kernel (GKE) vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

8.8CVSS7.6AI score0.02014EPSS
Exploits6
Ubuntu
Ubuntu
added 2023/02/09 11:0 p.m.95 views

USN-5862-1: Linux kernel (Qualcomm Snapdragon) vulnerabilities

It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 V4L2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20369 Pawan Kumar Gupta, Alyssa Milburn, Ami...

7CVSS7.3AI score0.04947EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/01/31 4:42 p.m.95 views

USN-5836-1: Vim vulnerabilities

It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2022-47024, CVE-2023-0049, CVE-2023-0054, CVE-2023-0288, CVE-2023-0433...

7.8CVSS7.8AI score0.00555EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/01/13 2:4 a.m.95 views

USN-5803-1: Linux kernel vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

8.8CVSS7.7AI score0.02014EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/10/19 11:10 a.m.95 views

USN-5689-1: Perl vulnerability

It was discovered that Perl incorrectly handled certain signature verification. An remote attacker could possibly use this issue to bypass signature verification...

7.8CVSS7.7AI score0.00791EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/08/15 12:23 p.m.95 views

USN-5568-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS7.7AI score0.70461EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/06/27 1:35 a.m.95 views

USN-5493-1: Linux kernel vulnerability

It was discovered that the 8 Devices USB2CAN interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service system crash...

5.5CVSS6.6AI score0.00395EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/06/06 4:33 p.m.95 views

USN-5461-1: FreeRDP vulnerabilities

It was discovered that FreeRDP incorrectly handled empty password values. A remote attacker could use this issue to bypass server authentication. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10. CVE-2022-24882 It was discovered that FreeRDP incorrectly handled server...

9.8CVSS8.1AI score0.02674EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/05/24 8:31 p.m.95 views

USN-5444-1: Linux kernel vulnerability

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS6.6AI score0.01027EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/02/08 2:10 p.m.95 views

USN-5276-1: NVIDIA graphics drivers vulnerabilities

It was discovered that the NVIDIA graphics drivers incorrectly handled permissions in the kernel mode layer. A local attacker could use this issue to write to protected memory and cause a denial of service...

6.1CVSS6.1AI score0.00232EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/02/03 8:32 p.m.95 views

USN-5262-1: GPT fdisk vulnerabilities

The potential for an out of bounds write due to a missing bounds check was discovered to impact the sgdisk utility of GPT fdisk. Exploitation requires the use of a maliciously formatted storage device and could cause sgdisk to crash as well as possibly allow for local privilege escalation...

7.2CVSS6.7AI score0.00436EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/02/03 11:54 a.m.95 views

USN-5269-1: Django vulnerabilities

Keryn Knight discovered that Django incorrectly handled certain template tags. A remote attacker could possibly use this issue to perform a cross-site scripting attack. CVE-2022-22818 Alan Ryan discovered that Django incorrectly handled file uploads. A remote attacker could possibly use this issu...

7.5CVSS6.9AI score0.49246EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/11/11 7:52 a.m.95 views

USN-5141-1: Firejail vulnerability

Roman Fiedler discovered that a race condition existed in Firejail when using OverlayFS to prevent writes to the underlying file system. A local attacker could use this to gain administrative privileges. Note: this update disables support for OverlayFS in Firejail...

7.8CVSS7AI score0.00444EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/06/07 4:41 p.m.95 views

USN-4937-2: GNOME Autoar regression

USN-4937-1 fixed a vulnerability in GNOME Autoar. The update caused a regression when extracting certain archives. This update fixes the problem. Original advisory details: Ondrej Holy discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into...

5.7AI score
Exploits0References1
Ubuntu
Ubuntu
added 2021/02/08 11:36 p.m.95 views

USN-4717-2: Firefox regression

USN-4717-1 fixed vulnerabilities in Firefox. The update caused a startup hang in some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially...

5.8AI score
Exploits0References1
Ubuntu
Ubuntu
added 2020/11/30 12:25 p.m.95 views

USN-4650-1: QEMU vulnerabilities

Alexander Bulekov discovered that QEMU incorrectly handled SDHCI device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvir...

6.5CVSS6.6AI score0.02515EPSS
Exploits2
Ubuntu
Ubuntu
added 2020/10/27 1:40 p.m.95 views

USN-4600-2: Netty vulnerabilities

USN-4600-1 fixed multiple vunerabilities in Netty 3.9. This update provides the corresponding fixes for CVE-2019-20444, CVE-2019-20445 for Netty. Also it was discovered that Netty allow for unbounded memory allocation. A remote attacker could send a large stream to the Netty server causing it to...

9.1CVSS7.1AI score0.13474EPSS
Exploits2
Ubuntu
Ubuntu
added 2020/10/26 9:1 p.m.95 views

USN-4599-2: Firefox vulnerabilities

USN-4599-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Ubuntu 16.04 LTS. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit...

9.8CVSS7.7AI score0.02743EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/09/15 8:33 p.m.95 views

USN-4500-1: bsdiff vulnerabilities

It was discovered that bsdiff mishandled certain input. If a user were tricked into opening a malicious file, an attacker could cause bsdiff to crash or potentially execute arbitrary code...

7.8CVSS7.7AI score0.06762EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/11/21 12:15 p.m.95 views

USN-4197-1: Bind vulnerability

It was discovered that Bind incorrectly handled certain TCP-pipelined queries. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service...

7.5CVSS6.6AI score0.04022EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/11/12 9:50 p.m.95 views

USN-4182-1: Intel Microcode update

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...

6.5CVSS7.2AI score0.03133EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2019/10/15 2:12 p.m.95 views

USN-4155-1: Aspell vulnerability

It was discovered that Aspell incorrectly handled certain inputs. An attacker could potentially access sensitive information...

9.1CVSS7AI score0.03259EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/10/08 9:18 p.m.95 views

USN-4122-2: Firefox regression

USN-4122-1 fixed vulnerabilities in Firefox. The update caused a regression that resulted in a crash when changing YouTube playback speed in some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered i...

7.6AI score
Exploits0References1
Ubuntu
Ubuntu
added 2019/09/18 12:40 p.m.95 views

USN-4136-1: wpa_supplicant and hostapd vulnerability

It was discovered that wpasupplicant incorrectly handled certain management frames. An attacker could possibly use this issue to cause a denial of service...

6.5CVSS6.5AI score0.01214EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/09/09 2:34 p.m.95 views

USN-4125-1: Memcached vulnerability

It was discovered that Memcached incorrectly handled certain UNIX sockets. An attacker could possibly use this issue to access sensitive information...

7.5CVSS6.5AI score0.02638EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/08/21 1:30 p.m.95 views

USN-4108-1: Zstandard vulnerability

It was discovered that Zstandard incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code...

8.1CVSS8AI score0.01424EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/04/18 6:23 p.m.95 views

USN-3950-1: ZNC vulnerability

It was discovered that ZNC incorrectly handled certain invalid encodings. An authenticated remote user could use this issue to cause ZNC to crash, resulting in a denial of service, or possibly execute arbitrary code...

6.5CVSS7.3AI score0.03133EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/01/14 5:53 p.m.95 views

USN-3857-1: PEAR vulnerability

Fariskhi Vidyan discovered that PEAR ArchiveTar incorrectly handled certain archive paths. A remote attacker could possibly use this issue to execute arbitrary code...

8.8CVSS7.8AI score0.18286EPSS
Exploits5
Ubuntu
Ubuntu
added 2018/07/25 5:2 p.m.95 views

USN-3723-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly handled decoding certain UTF-8 strings. A remote attacker could possibly use this issue to cause Tomcat to crash, resulting in a denial of service. CVE-2018-1336 It was discovered that the Tomcat WebSocket client incorrectly performed hostname verificatio...

7.5CVSS7.7AI score0.213EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/02/23 6:57 a.m.95 views

USN-3581-3: Linux kernel (Raspberry Pi 2) vulnerabilities

Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contained a race condition leading to uninitialized pointer usage. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2017-17712 ChunYu Wang discovered that a...

7.8CVSS6.8AI score0.01355EPSS
Exploits5
Ubuntu
Ubuntu
added 2017/08/16 2:9 p.m.95 views

USN-3391-2: Ubufox update

USN-3391-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Ubufox. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to...

7.5AI score0.13697EPSS
Exploits25References1
Ubuntu
Ubuntu
added 2017/06/29 7:58 a.m.95 views

USN-3342-1: Linux kernel vulnerabilities

USN 3326-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. We apologize for the inconvenience. It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux...

7.8CVSS7AI score0.01372EPSS
Exploits7References2
Ubuntu
Ubuntu
added 2017/04/25 1:47 a.m.95 views

USN-3265-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3265-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a use-after-free flaw existed in the filesystem encryption...

9.8CVSS7AI score0.04953EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/01/11 6:54 a.m.95 views

USN-3168-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3168-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not...

7.8CVSS6.4AI score0.01566EPSS
Exploits8
Ubuntu
Ubuntu
added 2017/01/11 6:23 a.m.95 views

USN-3168-1: Linux kernel vulnerabilities

Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment CS in certain error cases. A local attacker could use this to expose sensitive information kernel memory. CVE-2016-9756 Andrey Konovalov discovered that signed integer overflows...

7.8CVSS6.4AI score0.01566EPSS
Exploits8
Ubuntu
Ubuntu
added 2016/12/20 9:3 p.m.95 views

USN-3161-1: Linux kernel vulnerabilities

Tilman Schmidt and Sasha Levin discovered a use-after-free condition in the TTY implementation in the Linux kernel. A local attacker could use this to expose sensitive information kernel memory. CVE-2015-8964 It was discovered that the Video For Linux Two v4l2 implementation in the Linux kernel d...

10CVSS7.2AI score0.09144EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/07/05 4:55 p.m.95 views

USN-3024-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly handled pathnames used by web applications in a getResource, getResourceAsStream, or getResourcePaths call. A remote attacker could use this issue to possibly list a parent directory . This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu...

8.8CVSS7.3AI score0.35927EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/05/06 8:21 p.m.95 views

USN-2965-2: Linux kernel (Xenial HWE) vulnerabilities

USN-2965-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn discovered that the extended Berkeley Packet Filter eBPF implementation in t...

10CVSS7.1AI score0.2593EPSS
Exploits32
Ubuntu
Ubuntu
added 2016/04/21 3:16 p.m.95 views

USN-2952-1: PHP vulnerabilities

It was discovered that the PHP Zip extension incorrectly handled directories when processing certain zip files. A remote attacker could possibly use this issue to create arbitrary directories. CVE-2014-9767 It was discovered that the PHP Soap client incorrectly validated data types. A remote...

10CVSS7.7AI score0.35438EPSS
Exploits4
Ubuntu
Ubuntu
added 2015/12/17 8:34 a.m.95 views

USN-2844-1: Linux kernel (Utopic HWE) vulnerabilities

Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS. CVE-2015-8104 郭永刚 discovered that the pp...

10CVSS6.4AI score0.02501EPSS
Exploits1
Ubuntu
Ubuntu
added 2015/12/01 12:50 p.m.95 views

USN-2819-1: Thunderbird vulnerabilities

Christian Holler, David Major, Jesse Ruderman, Tyson Smith, Boris Zbarsky, Randell Jesup, Olli Pettay, Karl Tomlinson, Jeff Walden, and Gary Kwong discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potential...

9.8CVSS8.4AI score0.10238EPSS
Exploits0
Total number of security vulnerabilities5000