Lucene search
K
UbuntuMost viewed

10894 matches found

Ubuntu
Ubuntu
•added 2016/12/20 9:3 p.m.•95 views

USN-3161-1: Linux kernel vulnerabilities

Tilman Schmidt and Sasha Levin discovered a use-after-free condition in the TTY implementation in the Linux kernel. A local attacker could use this to expose sensitive information kernel memory. CVE-2015-8964 It was discovered that the Video For Linux Two v4l2 implementation in the Linux kernel d...

10CVSS7.2AI score0.09144EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/07/05 4:55 p.m.•95 views

USN-3024-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly handled pathnames used by web applications in a getResource, getResourceAsStream, or getResourcePaths call. A remote attacker could use this issue to possibly list a parent directory . This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu...

8.8CVSS7.3AI score0.35927EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/05/06 8:21 p.m.•95 views

USN-2965-2: Linux kernel (Xenial HWE) vulnerabilities

USN-2965-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn discovered that the extended Berkeley Packet Filter eBPF implementation in t...

10CVSS7.1AI score0.2593EPSS
Exploits32
Ubuntu
Ubuntu
•added 2016/04/21 3:16 p.m.•95 views

USN-2952-1: PHP vulnerabilities

It was discovered that the PHP Zip extension incorrectly handled directories when processing certain zip files. A remote attacker could possibly use this issue to create arbitrary directories. CVE-2014-9767 It was discovered that the PHP Soap client incorrectly validated data types. A remote...

10CVSS7.7AI score0.35438EPSS
Exploits4
Ubuntu
Ubuntu
•added 2016/02/27 8:51 a.m.•95 views

USN-2910-2: Linux kernel (Vivid HWE) regression

USN-2910-1 fixed vulnerabilities in the Ubuntu 15.04 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 14.04 LTS guests running the Ubuntu 15.04 backport kernel within VMWare virtual machines. This update fixes the...

6.8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2015/12/17 8:34 a.m.•95 views

USN-2844-1: Linux kernel (Utopic HWE) vulnerabilities

Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS. CVE-2015-8104 郭永刚 discovered that the pp...

10CVSS6.4AI score0.02501EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/12/01 12:50 p.m.•95 views

USN-2819-1: Thunderbird vulnerabilities

Christian Holler, David Major, Jesse Ruderman, Tyson Smith, Boris Zbarsky, Randell Jesup, Olli Pettay, Karl Tomlinson, Jeff Walden, and Gary Kwong discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potential...

9.8CVSS8.4AI score0.10238EPSS
Exploits0
Ubuntu
Ubuntu
•added 2014/11/25 3:10 a.m.•95 views

USN-2416-1: Linux kernel (EC2) vulnerabilities

Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service memory corruption or OOPS. CVE-2014-4608 Andy Lutomirski discovered that the Linux kernel was not checking the CAPSYSADMIN when remounting...

7.5CVSS6.8AI score0.05421EPSS
Exploits0
Ubuntu
Ubuntu
•added 2014/10/09 10:51 a.m.•95 views

USN-2377-1: Linux kernel (OMAP4) vulnerabilities

Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service system crash or possibly execute arbitrary code via specially crafted devices. CVE-2014-3181 A bounds check error...

7.8CVSS7.1AI score0.06167EPSS
Exploits4
Ubuntu
Ubuntu
•added 2014/10/09 10:30 a.m.•95 views

USN-2374-1: Linux kernel vulnerabilities

Ben Hawkes reported some off by one errors for report descriptors in the Linux kernel's HID stack. A physically proximate attacker could exploit these flaws to cause a denial of service out-of-bounds write via a specially crafted device. CVE-2014-3184 Several bounds check flaws allowing for buffe...

6.9CVSS6.8AI score0.00596EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/07/09 4:6 p.m.•95 views

USN-2276-1: PHP vulnerabilities

Francisco Alonso discovered that the PHP Fileinfo component incorrectly handled certain CDF documents. A remote attacker could use this issue to cause PHP to hang or crash, resulting in a denial of service. CVE-2014-0207, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487 Stefan Esser...

7.5CVSS8.3AI score0.30128EPSS
Exploits6
Ubuntu
Ubuntu
•added 2014/02/27 7:7 p.m.•95 views

USN-2124-1: OpenJDK 6 vulnerabilities

A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to expose sensitive data over the network. CVE-2014-0411 Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data...

10CVSS6.4AI score0.08383EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2013/04/08 11:43 p.m.•95 views

USN-1796-1: Linux kernel vulnerabilities

Andrew Jones discovered a flaw with the xeniret function in Linux kernel's Xen virtualizeation. In the 32-bit Xen paravirt platform an unprivileged guest OS user could exploit this flaw to cause a denial of service crash the system or gain guest OS privilege. CVE-2013-0228 Emese Revfy discovered...

6.2CVSS6.3AI score0.005EPSS
Exploits4
Ubuntu
Ubuntu
•added 2013/01/16 6:27 p.m.•95 views

USN-1693-1: OpenJDK 7 vulnerabilities

It was discovered that OpenJDK 7's security mechanism could be bypassed via Java applets. If a user were tricked into opening a malicious website, a remote attacker could exploit this to perform arbitrary code execution as the user invoking the program...

10CVSS9.1AI score0.97612EPSS
Exploits38
Ubuntu
Ubuntu
•added 2011/10/25 12:57 p.m.•95 views

USN-1241-1: Linux kernel (i.MX51) vulnerabilities

It was discovered that the Stream Control Transmission Protocol SCTP implementation incorrectly calculated lengths. If the net.sctp.addipenable variable was turned on, a remote attacker could send specially crafted traffic to crash the system. CVE-2011-1573 Ryan Sweat discovered that the kernel...

9.1CVSS7.5AI score0.05689EPSS
Exploits9
Ubuntu
Ubuntu
•added 2011/09/29 5:19 p.m.•95 views

USN-1220-1: Linux kernel (OMAP4) vulnerabilities

Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. CVE-2011-1576 Timo Warns discovered that the EFI GUID partition table was not correctly...

9.1CVSS7.8AI score0.05689EPSS
Exploits5
Ubuntu
Ubuntu
•added 2011/06/22 11:32 a.m.•95 views

USN-1149-1: Firefox and Xulrunner vulnerabilities

Multiple memory vulnerabilities were discovered in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Firefox. CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2376 Martin Barbella discovered that under certai...

10CVSS9AI score0.75691EPSS
Exploits19
Ubuntu
Ubuntu
•added 2011/06/22 9:32 a.m.•95 views

USN-1157-2: mozvoikko, ubufox, webfav update

USN-1157-1 fixed vulnerabilities in Firefox. This update provides updated packages for use with Firefox 5. Original advisory details: Bob Clary, Kevin Brosnan, Gary Kwong, Jesse Ruderman, Christian Biesinger, Bas Schouten, Igor Bukanov, Bill McCloskey, Olli Pettay, Daniel Veditz and Marcia Knous...

8.8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2010/10/20 9:42 p.m.•95 views

USN-998-1: Thunderbird vulnerabilities

Paul Nickerson, Jesse Ruderman, Olli Pettay, Igor Bukanov, Josh Soref, Gary Kwong, Martijn Wargers, Siddharth Agarwal and Michal Zalewski discovered various flaws in the browser engine. An attacker could exploit this to crash Thunderbird or possibly run arbitrary code as the user invoking the...

9.3CVSS9AI score0.10118EPSS
Exploits2
Ubuntu
Ubuntu
•added 2010/09/21 1:34 p.m.•95 views

USN-990-1: OpenSSL vulnerability

Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a machine-in-the-middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds backported support for...

9.8CVSS7.8AI score0.87264EPSS
Exploits14
Ubuntu
Ubuntu
•added 2010/07/23 9:8 a.m.•95 views

USN-930-5: ant, apturl, Epiphany, gluezilla, gnome-python-extras, liferea, mozvoikko, OpenJDK, packagekit, ubufox, webfav, yelp update

USN-930-4 fixed vulnerabilities in Firefox and Xulrunner on Ubuntu 9.04 and 9.10. This update provides updated packages for use with Firefox 3.6 and Xulrunner 1.9.2. Original advisory details: If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing...

8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2008/08/25 5:55 p.m.•95 views

USN-637-1: Linux kernel vulnerabilities

It was discovered that there were multiple NULL-pointer function dereferences in the Linux kernel terminal handling code. A local attacker could exploit this to execute arbitrary code as root, or crash the system, leading to a denial of service. CVE-2008-2812 The dochangetype routine did not...

7.8CVSS7AI score0.00509EPSS
Exploits7
Ubuntu
Ubuntu
•added 2008/05/06 5:47 p.m.•95 views

USN-605-1: Thunderbird vulnerabilities

Various flaws were discovered in the JavaScript engine. If a user had JavaScript enabled and were tricked into opening a malicious email, an attacker could escalate privileges within Thunderbird, perform cross-site scripting attacks and/or execute arbitrary code with the user's privileges...

9.3CVSS8.6AI score0.06055EPSS
Exploits1
Ubuntu
Ubuntu
•added 2006/10/02 10:40 p.m.•95 views

USN-355-1: openssh vulnerabilities

Tavis Ormandy discovered that the SSH daemon did not properly handle authentication packets with duplicated blocks. By sending specially crafted packets, a remote attacker could exploit this to cause the ssh daemon to drain all available CPU resources until the login grace time expired...

9.3CVSS7AI score0.44963EPSS
Exploits8
Ubuntu
Ubuntu
•added 2006/09/22 12:0 a.m.•95 views

USN-350-1: Thunderbird vulnerabilities

This update upgrades Thunderbird from 1.0.8 to 1.5.0.7. This step was necessary since the 1.0.x series is not supported by upstream any more. Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious email...

10CVSS8.3AI score0.14074EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/02/24 11:0 a.m.•94 views

USN-7285-1: nginx vulnerability

It was discovered that nginx incorrectly handled when multiple server blocks are configured to share the same IP address and port. An attacker could use this issue to use session resumption to bypass client certificate authentication requirements on these servers. This issue only affected Ubuntu...

5.3CVSS5.7AI score0.02646EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2025/02/20 5:54 p.m.•94 views

USN-7280-1: Python vulnerability

It was discovered that Python incorrectly handled parsing domain names that included square brackets. A remote attacker could possibly use this issue to perform a Server-Side Request Forgery SSRF attack...

6.3CVSS6.8AI score0.01499EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/25 12:40 p.m.•94 views

USN-6435-2: OpenSSL vulnerabilities

USN-6435-1 fixed vulnerabilities in OpenSSL. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that OpenSSL incorrectly handled excessively large Diffie-Hellman parameters. An attacker could possibly use this issue to cause a denial ...

5.3CVSS6.6AI score0.05533EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/04 5:9 p.m.•94 views

USN-6413-1: GNU binutils vulnerabilities

It was discovered that GNU binutils was not properly performing checks when dealing with memory allocation operations, which could lead to excessive memory consumption. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2017-1712...

7.8CVSS7.1AI score0.02329EPSS
Exploits9
Ubuntu
Ubuntu
•added 2023/10/03 5:6 p.m.•94 views

USN-6408-1: libXpm vulnerabilities

Yair Mizrahi discovered that libXpm incorrectly handled certain malformed XPM image files. If a user were tricked into opening a specially crafted XPM image file, a remote attacker could possibly use this issue to consume memory, leading to a denial of service. CVE-2023-43786 Yair Mizrahi...

7.8CVSS6.8AI score0.00461EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/07/03 12:47 a.m.•94 views

USN-6195-1: Vim vulnerabilities

It was discovered that Vim contained an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2022-0128 It was discovered that Vim did not properly manage memory when freeing allocated memory. An attacker could...

8.4CVSS7.1AI score0.01739EPSS
Exploits6
Ubuntu
Ubuntu
•added 2023/05/18 8:45 p.m.•94 views

USN-6092-1: Linux kernel (Azure) vulnerabilities

Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information kernel memory. CVE-2023-0459 Xingyuan Mo discovered that the...

7.8CVSS7.1AI score0.00635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/04/19 6:8 p.m.•94 views

USN-6033-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS6.8AI score0.01377EPSS
Exploits5
Ubuntu
Ubuntu
•added 2022/03/28 4:43 p.m.•94 views

USN-5351-1: Paramiko vulnerability

Jan Schejbal discovered that Paramiko incorrectly handled permissions when writing private key files. A local attacker could possibly use this issue to gain access to private keys...

5.9CVSS6.5AI score0.0208EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/02/10 12:14 p.m.•94 views

USN-5280-1: Speex vulnerability

It was discovered that Speex incorrectly handled certain WAV files. An attacker could possibly use this issue to cause a denial of service...

5.5CVSS6.3AI score0.0094EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/10/04 4:59 p.m.•94 views

USN-5101-1: MongoDB vulnerability

It was discovered that MongoDB incorrectly handled certain wire protocol messages. A remote attacker could possibly use this issue to cause MongoDB to crash, resulting in a denial of service...

7.5CVSS7.3AI score0.01655EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/09/30 8:14 p.m.•94 views

USN-5097-1: LedgerSMB vulnerabilities

It was discovered that LedgerSMB incorrectly handled certain inputs. An attacker could use this to leak sensitive information, cause a DoS, or execute arbitrary code. CVE-2021-3693, CVE-2021-3694, CVE-2021-3731...

9.6CVSS6.3AI score0.03014EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/12/11 12:39 a.m.•94 views

USN-4666-2: lxml vulnerability

USN-4666-1 partially fixed a vulnerability in lxml, but an additional patch was needed. This update provides the corresponding additional patch in order to properly fix the vulnerability. Original advisory details: It was discovered that lxml incorrectly handled certain HTML. An attacker could...

6.1CVSS7AI score0.03934EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/12/09 12:10 p.m.•94 views

USN-4665-1: curl vulnerabilities

Marc Aldorasi discovered that curl incorrectly handled the libcurl CURLOPTCONNECTONLY option. This could result in data being sent to the wrong destination, possibly exposing sensitive information. This issue only affected Ubuntu 20.10. CVE-2020-8231 Varnavas Papaioannou discovered that curl...

7.5CVSS6.8AI score0.09917EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/07/29 6:50 p.m.•94 views

USN-4432-1: GRUB 2 vulnerabilities

Jesse Michael and Mickey Shkatov discovered that the configuration parser in GRUB2 did not properly exit when errors were discovered, resulting in heap-based buffer overflows. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. CVE-2020-10713 Chris...

8.2CVSS8AI score0.01588EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2020/06/04 8:26 p.m.•94 views

USN-4383-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the addressbar, or execute arbitrary code. CVE-2020-12405, CVE-2020-12406, CVE-2020-12407,...

9.3CVSS7.7AI score0.01537EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/05/26 2:33 p.m.•94 views

USN-4373-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. CVE-2020-6831, CVE-2020-12387, CVE-2020-12395 It wa...

10CVSS7.8AI score0.05803EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/05/12 5:52 p.m.•94 views

USN-4353-2: Firefox regression

USN-4353-1 fixed vulnerabilities in Firefox. The update caused a regression that impaired the functionality of some addons. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in ...

7.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/05/01 9:44 a.m.•94 views

LSN-0066-1: Kernel Live Patch Security Notice

It was discovered that the virtual terminal implementation in the Linux kernel did not properly handle resize events. A local attacker could use this to expose sensitive information. CVE-2020-8647 It was discovered that the virtual terminal implementation in the Linux kernel contained a race...

7.1CVSS6.5AI score0.00661EPSS
Exploits2
Ubuntu
Ubuntu
•added 2020/03/03 11:54 a.m.•94 views

USN-4290-2: libpam-radius-auth vulnerability

USN-4290-1 fixed a vulnerability in libpam-radius-auth. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that libpam-radius-auth incorrectly handled certain long passwords. A remote attacker could possibly use th...

7.5CVSS7.3AI score0.03449EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/02/18 8:25 p.m.•94 views

USN-4287-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. CVE-2019-14615 It was discovered that the Atheros 802.11ac wireless USB device driver in the...

7.8CVSS6.9AI score0.10114EPSS
Exploits8
Ubuntu
Ubuntu
•added 2020/02/10 2:4 p.m.•94 views

USN-4274-1: libxml2 vulnerabilities

It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a denial of service. CVE-2019-19956, CVE-2020-7595...

7.5CVSS7AI score0.07836EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/29 4:55 p.m.•94 views

USN-4259-1: Apache Solr vulnerability

Michael Stepankin and Olga Barinova discovered that Apache Solr was vulnerable to an XXE attack. An attacker could use this vulnerability to remotely execute code...

9.8CVSS8.1AI score0.91896EPSS
Exploits11
Ubuntu
Ubuntu
•added 2020/01/09 10:3 p.m.•94 views

USN-4234-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass Content Security Policy CSP restrictions, conduct cross-site...

8.8CVSS8.3AI score0.46589EPSS
Exploits8
Ubuntu
Ubuntu
•added 2019/09/12 7:47 p.m.•94 views

USN-4132-2: Expat vulnerability

USN-4132-1 fixed a vulnerability in Expat. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive...

7.5CVSS7.4AI score0.06643EPSS
Exploits1
Total number of security vulnerabilities5000