Lucene search
K
UbuntuMost viewed

10890 matches found

Ubuntu
Ubuntu
added 2023/10/25 12:40 p.m.94 views

USN-6435-2: OpenSSL vulnerabilities

USN-6435-1 fixed vulnerabilities in OpenSSL. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that OpenSSL incorrectly handled excessively large Diffie-Hellman parameters. An attacker could possibly use this issue to cause a denial ...

5.3CVSS6.6AI score0.05533EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/10/04 5:9 p.m.94 views

USN-6413-1: GNU binutils vulnerabilities

It was discovered that GNU binutils was not properly performing checks when dealing with memory allocation operations, which could lead to excessive memory consumption. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2017-1712...

7.8CVSS7.1AI score0.02329EPSS
Exploits9
Ubuntu
Ubuntu
added 2023/10/03 5:6 p.m.94 views

USN-6408-1: libXpm vulnerabilities

Yair Mizrahi discovered that libXpm incorrectly handled certain malformed XPM image files. If a user were tricked into opening a specially crafted XPM image file, a remote attacker could possibly use this issue to consume memory, leading to a denial of service. CVE-2023-43786 Yair Mizrahi...

7.8CVSS6.8AI score0.00461EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/07/03 12:47 a.m.94 views

USN-6195-1: Vim vulnerabilities

It was discovered that Vim contained an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2022-0128 It was discovered that Vim did not properly manage memory when freeing allocated memory. An attacker could...

8.4CVSS7.1AI score0.01739EPSS
Exploits6
Ubuntu
Ubuntu
added 2023/05/18 8:45 p.m.94 views

USN-6092-1: Linux kernel (Azure) vulnerabilities

Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information kernel memory. CVE-2023-0459 Xingyuan Mo discovered that the...

7.8CVSS7.1AI score0.00635EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/04/19 6:8 p.m.94 views

USN-6033-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS6.8AI score0.01377EPSS
Exploits5
Ubuntu
Ubuntu
added 2023/04/19 2:6 p.m.94 views

USN-6029-1: Linux kernel vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 It was discovered that the infrared...

7.8CVSS7.1AI score0.0046EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/03/06 4:26 p.m.94 views

USN-5892-2: NSS vulnerability

USN-5892-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Christian Holler discovered that NSS incorrectly handled certain PKCS 12 certificated bundles. A remote attacker could use this issue to cau...

8.8CVSS7.8AI score0.00817EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/31 4:42 p.m.94 views

USN-5836-1: Vim vulnerabilities

It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2022-47024, CVE-2023-0049, CVE-2023-0054, CVE-2023-0288, CVE-2023-0433...

7.8CVSS7.8AI score0.00555EPSS
Exploits4
Ubuntu
Ubuntu
added 2022/10/19 11:10 a.m.94 views

USN-5689-1: Perl vulnerability

It was discovered that Perl incorrectly handled certain signature verification. An remote attacker could possibly use this issue to bypass signature verification...

7.8CVSS7.7AI score0.00791EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/08/15 12:23 p.m.94 views

USN-5568-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS7.7AI score0.70461EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/08/10 5:37 p.m.95 views

USN-5565-1: Linux kernel vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.3AI score0.12746EPSS
Exploits12
Ubuntu
Ubuntu
added 2022/07/25 11:22 a.m.94 views

USN-5530-1: PHP vulnerability

It was discovered that PHP incorrectly handled certain memory operations when obtaining file information. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.8AI score0.01659EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/12/20 10:35 p.m.94 views

USN-5186-2: Firefox regressions

USN-5186-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...

7.7AI score0.0202EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2021/10/04 4:59 p.m.94 views

USN-5101-1: MongoDB vulnerability

It was discovered that MongoDB incorrectly handled certain wire protocol messages. A remote attacker could possibly use this issue to cause MongoDB to crash, resulting in a denial of service...

7.5CVSS7.3AI score0.01655EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/09/30 8:14 p.m.94 views

USN-5097-1: LedgerSMB vulnerabilities

It was discovered that LedgerSMB incorrectly handled certain inputs. An attacker could use this to leak sensitive information, cause a DoS, or execute arbitrary code. CVE-2021-3693, CVE-2021-3694, CVE-2021-3731...

9.6CVSS6.3AI score0.03014EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/06/07 4:41 p.m.94 views

USN-4937-2: GNOME Autoar regression

USN-4937-1 fixed a vulnerability in GNOME Autoar. The update caused a regression when extracting certain archives. This update fixes the problem. Original advisory details: Ondrej Holy discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into...

5.7AI score
Exploits0References1
Ubuntu
Ubuntu
added 2020/12/11 12:39 a.m.94 views

USN-4666-2: lxml vulnerability

USN-4666-1 partially fixed a vulnerability in lxml, but an additional patch was needed. This update provides the corresponding additional patch in order to properly fix the vulnerability. Original advisory details: It was discovered that lxml incorrectly handled certain HTML. An attacker could...

6.1CVSS7AI score0.03934EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/09/15 8:33 p.m.94 views

USN-4500-1: bsdiff vulnerabilities

It was discovered that bsdiff mishandled certain input. If a user were tricked into opening a malicious file, an attacker could cause bsdiff to crash or potentially execute arbitrary code...

7.8CVSS7.7AI score0.06762EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/06/04 8:26 p.m.94 views

USN-4383-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the addressbar, or execute arbitrary code. CVE-2020-12405, CVE-2020-12406, CVE-2020-12407,...

9.3CVSS7.7AI score0.01537EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/05/26 2:33 p.m.94 views

USN-4373-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. CVE-2020-6831, CVE-2020-12387, CVE-2020-12395 It wa...

10CVSS7.8AI score0.05803EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/05/01 9:44 a.m.94 views

LSN-0066-1: Kernel Live Patch Security Notice

It was discovered that the virtual terminal implementation in the Linux kernel did not properly handle resize events. A local attacker could use this to expose sensitive information. CVE-2020-8647 It was discovered that the virtual terminal implementation in the Linux kernel contained a race...

7.1CVSS6.5AI score0.00661EPSS
Exploits2
Ubuntu
Ubuntu
added 2020/02/10 2:4 p.m.94 views

USN-4274-1: libxml2 vulnerabilities

It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a denial of service. CVE-2019-19956, CVE-2020-7595...

7.5CVSS7AI score0.07836EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/01/29 4:55 p.m.94 views

USN-4259-1: Apache Solr vulnerability

Michael Stepankin and Olga Barinova discovered that Apache Solr was vulnerable to an XXE attack. An attacker could use this vulnerability to remotely execute code...

9.8CVSS8.1AI score0.91896EPSS
Exploits11
Ubuntu
Ubuntu
added 2020/01/09 10:3 p.m.94 views

USN-4234-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass Content Security Policy CSP restrictions, conduct cross-site...

8.8CVSS8.3AI score0.46589EPSS
Exploits8
Ubuntu
Ubuntu
added 2019/10/08 9:18 p.m.94 views

USN-4122-2: Firefox regression

USN-4122-1 fixed vulnerabilities in Firefox. The update caused a regression that resulted in a crash when changing YouTube playback speed in some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered i...

7.6AI score
Exploits0References1
Ubuntu
Ubuntu
added 2019/09/18 12:40 p.m.94 views

USN-4136-1: wpa_supplicant and hostapd vulnerability

It was discovered that wpasupplicant incorrectly handled certain management frames. An attacker could possibly use this issue to cause a denial of service...

6.5CVSS6.5AI score0.01214EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/09/12 7:47 p.m.94 views

USN-4132-2: Expat vulnerability

USN-4132-1 fixed a vulnerability in Expat. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive...

7.5CVSS7.4AI score0.06643EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/08/21 1:30 p.m.94 views

USN-4108-1: Zstandard vulnerability

It was discovered that Zstandard incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code...

8.1CVSS8AI score0.01424EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/08/12 1:38 p.m.94 views

USN-4092-1: Ghostscript vulnerability

Netanel Fisher discovered that the font handler in Ghostscript did not properly restrict privileged calls when '-dSAFER' restrictions were in effect. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access...

7.8CVSS7.6AI score0.02295EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/05/14 11:33 p.m.94 views

USN-3982-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3982-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 for Ubuntu 14.04 LTS. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas,...

6.5CVSS6.7AI score0.01771EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2019/04/08 3:26 p.m.94 views

USN-3940-2: ClamAV vulnerabilities

USN-3940-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that ClamAV incorrectly handled scanning certain PDF documents. A remote attacker could possibly use this issue to cause ClamAV to...

7.5CVSS7.2AI score0.01839EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/02/26 6:59 p.m.94 views

USN-3897-1: Thunderbird vulnerabilities

A use-after-free was discovered in libical. If a user were tricked in to opening a specially crafted ICS calendar file, an attacker could potentially exploit this to cause a denial of service. CVE-2016-5824 Multiple security issues were discovered in Thunderbird. If a user were tricked in to...

10CVSS8.1AI score0.12658EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/02/04 9:54 p.m.94 views

USN-3871-4: Linux kernel (HWE) vulnerabilities

USN-3871-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem...

8.8CVSS6.9AI score0.02914EPSS
Exploits7
Ubuntu
Ubuntu
added 2018/07/09 4:40 p.m.94 views

USN-3706-1: libjpeg-turbo vulnerabilities

It was discovered that libjpeg-turbo incorrectly handled certain malformed JPEG images. If a user or automated system were tricked into opening a specially crafted JPEG image, a remote attacker could cause libjpeg-turbo to crash, resulting in a denial of service, or possibly execute arbitrary cod...

8.8CVSS6.6AI score0.04898EPSS
Exploits4
Ubuntu
Ubuntu
added 2018/06/13 7:56 p.m.94 views

USN-3685-1: Ruby vulnerabilities

Some of these CVE were already addressed in previous USN: 3439-1, 3553-1, 3528-1. Here we address for the remain releases. It was discovered that Ruby incorrectly handled certain inputs. An attacker could use this to cause a buffer overrun. CVE-2017-0898 It was discovered that Ruby incorrectly...

9.8CVSS7.8AI score0.29442EPSS
Exploits6
Ubuntu
Ubuntu
added 2018/06/12 11:40 a.m.94 views

USN-3681-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of th...

9.8CVSS7.2AI score0.19193EPSS
Exploits50
Ubuntu
Ubuntu
added 2018/05/22 3:35 a.m.94 views

USN-3654-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3654-1 fixed vulnerabilities and added mitigations in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn and Ken Johnson discovered that microprocessors...

7.8CVSS7.9AI score0.60631EPSS
Exploits3References1
Ubuntu
Ubuntu
added 2018/02/23 6:57 a.m.94 views

USN-3581-3: Linux kernel (Raspberry Pi 2) vulnerabilities

Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contained a race condition leading to uninitialized pointer usage. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2017-17712 ChunYu Wang discovered that a...

7.8CVSS6.8AI score0.01355EPSS
Exploits5
Ubuntu
Ubuntu
added 2018/01/29 6:35 p.m.94 views

USN-3549-1: Linux kernel (KVM) vulnerabilities

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. CVE-2017-5715,...

5.6CVSS7.2AI score0.93838EPSS
Exploits11References1
Ubuntu
Ubuntu
added 2017/08/07 6:36 p.m.94 views

USN-3381-1: Linux kernel vulnerabilities

Peter Pi discovered that the colormap handling for frame buffer devices in the Linux kernel contained an integer overflow. A local attacker could use this to disclose sensitive information kernel memory. CVE-2016-8405 It was discovered that the Linux kernel did not properly restrict RLIMITSTACK...

7.8CVSS6.8AI score0.01551EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/07/21 7:25 p.m.94 views

USN-3360-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3360-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan dat...

10CVSS7.1AI score0.1081EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/02/23 4:28 p.m.94 views

USN-3211-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2016-7479 It was discovered that PHP incorrectly handled certain...

9.8CVSS8.1AI score0.41943EPSS
Exploits6
Ubuntu
Ubuntu
added 2017/01/11 6:23 a.m.94 views

USN-3168-1: Linux kernel vulnerabilities

Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment CS in certain error cases. A local attacker could use this to expose sensitive information kernel memory. CVE-2016-9756 Andrey Konovalov discovered that signed integer overflows...

7.8CVSS6.4AI score0.01566EPSS
Exploits8
Ubuntu
Ubuntu
added 2016/11/11 7:57 a.m.94 views

USN-3128-2: Linux kernel (Xenial HWE) vulnerability

USN-3128-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a...

6.2CVSS7.1AI score0.00395EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/07/05 4:55 p.m.94 views

USN-3024-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly handled pathnames used by web applications in a getResource, getResourceAsStream, or getResourcePaths call. A remote attacker could use this issue to possibly list a parent directory . This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu...

8.8CVSS7.3AI score0.35927EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/05/05 2:1 a.m.94 views

USN-2964-1: OpenJDK 7 vulnerabilities

Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. CVE-2016-0686, CVE-2016-0687,...

10CVSS7.5AI score0.92334EPSS
Exploits1
Ubuntu
Ubuntu
added 2016/05/05 1:37 a.m.94 views

USN-2963-1: OpenJDK 8 vulnerabilities

Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. CVE-2016-0686, CVE-2016-0687,...

10CVSS7.5AI score0.92334EPSS
Exploits1
Ubuntu
Ubuntu
added 2016/02/27 8:51 a.m.94 views

USN-2910-2: Linux kernel (Vivid HWE) regression

USN-2910-1 fixed vulnerabilities in the Ubuntu 15.04 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 14.04 LTS guests running the Ubuntu 15.04 backport kernel within VMWare virtual machines. This update fixes the...

6.8AI score
Exploits0References1
Ubuntu
Ubuntu
added 2014/10/09 10:51 a.m.94 views

USN-2377-1: Linux kernel (OMAP4) vulnerabilities

Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service system crash or possibly execute arbitrary code via specially crafted devices. CVE-2014-3181 A bounds check error...

7.8CVSS7.1AI score0.06167EPSS
Exploits4
Total number of security vulnerabilities5000