Lucene search
K
UbuntuMost viewed

10890 matches found

Ubuntu
Ubuntu
•added 2014/10/09 10:51 a.m.•94 views

USN-2377-1: Linux kernel (OMAP4) vulnerabilities

Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service system crash or possibly execute arbitrary code via specially crafted devices. CVE-2014-3181 A bounds check error...

7.8CVSS7.1AI score0.06167EPSS
Exploits4
Ubuntu
Ubuntu
•added 2014/02/27 7:7 p.m.•94 views

USN-2124-1: OpenJDK 6 vulnerabilities

A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to expose sensitive data over the network. CVE-2014-0411 Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data...

10CVSS6.4AI score0.08383EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2014/02/26 4:55 p.m.•94 views

USN-2123-1: file vulnerabilities

It was discovered that file incorrectly handled Composite Document files. An attacker could use this issue to cause file to crash, resulting in a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. CVE-2012-1571 Bernd Melchers discovered that file incorrectly handle...

6.5CVSS8AI score0.0507EPSS
Exploits1
Ubuntu
Ubuntu
•added 2013/05/07 5:53 p.m.•94 views

USN-1819-1: OpenJDK 6 vulnerabilities

Ben Murphy discovered a vulnerability in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to execute arbitrary code. CVE-2013-0401 James Forshaw discovered a vulnerability in the OpenJDK JRE related to information disclosure, data integrity and...

10CVSS7.5AI score0.86963EPSS
Exploits15
Ubuntu
Ubuntu
•added 2011/09/29 5:19 p.m.•94 views

USN-1220-1: Linux kernel (OMAP4) vulnerabilities

Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. CVE-2011-1576 Timo Warns discovered that the EFI GUID partition table was not correctly...

9.1CVSS7.8AI score0.05689EPSS
Exploits5
Ubuntu
Ubuntu
•added 2010/10/20 9:42 p.m.•94 views

USN-998-1: Thunderbird vulnerabilities

Paul Nickerson, Jesse Ruderman, Olli Pettay, Igor Bukanov, Josh Soref, Gary Kwong, Martijn Wargers, Siddharth Agarwal and Michal Zalewski discovered various flaws in the browser engine. An attacker could exploit this to crash Thunderbird or possibly run arbitrary code as the user invoking the...

9.3CVSS9AI score0.10118EPSS
Exploits2
Ubuntu
Ubuntu
•added 2008/08/25 5:55 p.m.•94 views

USN-637-1: Linux kernel vulnerabilities

It was discovered that there were multiple NULL-pointer function dereferences in the Linux kernel terminal handling code. A local attacker could exploit this to execute arbitrary code as root, or crash the system, leading to a denial of service. CVE-2008-2812 The dochangetype routine did not...

7.8CVSS7AI score0.00509EPSS
Exploits7
Ubuntu
Ubuntu
•added 2008/05/06 5:47 p.m.•94 views

USN-605-1: Thunderbird vulnerabilities

Various flaws were discovered in the JavaScript engine. If a user had JavaScript enabled and were tricked into opening a malicious email, an attacker could escalate privileges within Thunderbird, perform cross-site scripting attacks and/or execute arbitrary code with the user's privileges...

9.3CVSS8.6AI score0.06055EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/04/01 9:20 p.m.•93 views

USN-7402-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - GPU drivers; - HID subsystem; - Media drivers; - JFS file system; - Network namespace; -...

7.8CVSS7.4AI score0.00809EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/03/31 1:8 p.m.•93 views

USN-7397-1: AOM vulnerability

Xiantong Hou discovered that AOM did not properly handle certain malformed media files. If an application using AOM opened a specially crafted file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...

10CVSS7.5AI score0.01254EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/03/17 11:40 a.m.•93 views

USN-7352-1: FreeType vulnerability

It was discovered that FreeType incorrectly handled certain memory operations when parsing font subglyph structures. A remote attacker could use this issue to cause FreeType to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.1CVSS7.6AI score0.26049EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/05/23 4:27 p.m.•93 views

USN-6785-1: GNOME Remote Desktop vulnerability

Matthias Gerstner discovered that GNOME Remote Desktop incorrectly performed certain user validation checks. A local attacker could possibly use this issue to obtain sensitive information, or take control of remote desktop connections...

7.5CVSS7.3AI score0.00569EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/04/18 11:58 a.m.•93 views

USN-6737-1: GNU C Library vulnerability

Charles Fol discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.3CVSS7.6AI score0.8833EPSS
Exploits16
Ubuntu
Ubuntu
•added 2023/10/10 3:1 p.m.•93 views

USN-6425-1: Samba vulnerabilities

Sri Nagasubramanian discovered that the Samba aclxattr VFS module incorrectly handled read-only files. When Samba is configured to ignore system ACLs, a remote attacker could possibly use this issue to truncate read-only files. CVE-2023-4091 Andrew Bartlett discovered that Samba incorrectly handl...

7.5CVSS6.9AI score0.01723EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/03 4:57 p.m.•93 views

USN-6407-1: libx11 vulnerabilities

Gregory James Duck discovered that libx11 incorrectly handled certain keyboard symbols. If a user were tricked into connecting to a malicious X server, a remote attacker could use this issue to cause libx11 to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS7.2AI score0.00633EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/08 11:47 a.m.•93 views

USN-6060-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.33 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. Ubuntu 18.04 LTS has been updated to MySQL 5.7.42. In addition to...

7.5CVSS6.7AI score0.01501EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/04/27 10:32 p.m.•93 views

USN-6047-1: Linux kernel vulnerability

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS6.6AI score0.01029EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/04/12 8:36 a.m.•93 views

USN-6011-1: Json-smart vulnerabilities

It was discovered that Json-smart incorrectly handled memory when processing input containing unclosed quotes. A remote attacker could possibly use this issue to cause applications using Json-smart to crash, leading to a denial of service. CVE-2021-31684 It was discovered that Json-smart...

7.5CVSS6.5AI score0.023EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/03/27 2:59 p.m.•93 views

USN-5973-1: url-parse vulnerabilities

It was discovered that url-parse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service, or to perform a server-side request forgery attack or open...

10CVSS6.7AI score0.03805EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/01/17 6:0 p.m.•93 views

USN-5808-1: Linux kernel (IBM) vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/09 8:8 p.m.•93 views

USN-5792-2: Linux kernel vulnerabilities

Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization SEV. A local attacker could possibly use this to cause a denial of service host system crash. CVE-2022-0171 It was discovered th...

7.8CVSS7.2AI score0.01417EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/01/05 6:34 p.m.•93 views

USN-5789-1: Linux kernel (OEM) vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Jann Horn discovered that the...

7.8CVSS7.3AI score0.21314EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/01/04 10:53 a.m.•93 views

USN-5785-1: FreeRADIUS vulnerabilities

It was discovered that FreeRADIUS incorrectly handled multiple EAP-pwd handshakes. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2019-17185 Shane Guan discovered that FreeRADIUS incorrectly handled memory when checking unkno...

7.5CVSS6.8AI score0.02168EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/28 9:2 p.m.•93 views

USN-5647-1: Linux kernel (GCP) vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Moshe Ko...

8.2CVSS6.8AI score0.05542EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/09/12 7:49 a.m.•93 views

USN-5523-2: LibTIFF vulnerabilities

USN-5523-1 fixed several vulnerabilities in LibTIFF. This update provides the fixes for CVE-2022-0907, CVE-2022-0908, CVE-2022-0909, CVE-2022-0924 and CVE-2022-22844 for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that LibTIFF was not properly perf orming...

7.7CVSS7AI score0.01336EPSS
Exploits5
Ubuntu
Ubuntu
•added 2022/08/30 2:13 p.m.•93 views

USN-5588-1: Linux kernel vulnerability

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.3AI score0.06214EPSS
Exploits7
Ubuntu
Ubuntu
•added 2022/08/09 11:44 p.m.•95 views

USN-5557-1: Linux kernel vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.2AI score0.12746EPSS
Exploits12
Ubuntu
Ubuntu
•added 2022/06/08 4:29 a.m.•93 views

USN-5468-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

7.8CVSS7.1AI score0.00612EPSS
Exploits7
Ubuntu
Ubuntu
•added 2022/06/02 9:44 a.m.•93 views

LSN-0086-1: Kernel Live Patch Security Notice

It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code.CVE-2021-39713 Yiqi Sun and Kevin Wang...

8.6CVSS7.4AI score0.05528EPSS
Exploits17
Ubuntu
Ubuntu
•added 2022/03/28 4:43 p.m.•93 views

USN-5351-1: Paramiko vulnerability

Jan Schejbal discovered that Paramiko incorrectly handled permissions when writing private key files. A local attacker could possibly use this issue to gain access to private keys...

5.9CVSS6.5AI score0.0208EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/02/10 12:14 p.m.•93 views

USN-5280-1: Speex vulnerability

It was discovered that Speex incorrectly handled certain WAV files. An attacker could possibly use this issue to cause a denial of service...

5.5CVSS6.3AI score0.0094EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/01/13 1:41 p.m.•93 views

USN-5224-2: Ghostscript vulnerabilities

USN-5224-1 fixed several vulnerabilities in Ghostscript. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a...

5.5CVSS6.8AI score0.01401EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/11/01 1:43 p.m.•93 views

USN-5127-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS6.9AI score0.02319EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/10/28 10:52 a.m.•93 views

USN-5126-1: Bind vulnerability

Kishore Kumar Kothapalli discovered that Bind incorrectly handled the lame cache when processing responses. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service...

5.3CVSS6.4AI score0.08001EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/17 10:50 p.m.•93 views

USN-4958-1: Caribou vulnerability

It was discovered that the Caribou onscreen keyboard could be made to crash when given certain input values. An attacker could use this to bypass screen-locking applications that support using Caribou as an input mechanism...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/10/27 11:15 p.m.•93 views

USN-4607-1: OpenJDK vulnerabilities

It was discovered that OpenJDK incorrectly handled deserializing Proxy class objects with many interfaces. A remote attacker could possibly use this issue to cause a denial of service memory consumption via a specially crafted input. CVE-2020-14779 Sergey Ostanin discovered that OpenJDK incorrect...

5.8CVSS6.2AI score0.03713EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/09/15 5:25 p.m.•93 views

USN-4496-1: Apache XML-RPC vulnerability

It was discovered that Apache XML-RPC aka ws-xmlrpc does not properly deserialize untrusted data. An attacker could possibly use this issue to execute arbitrary code. CVE-2019-17570...

9.8CVSS8.2AI score0.49285EPSS
Exploits2
Ubuntu
Ubuntu
•added 2020/07/29 6:50 p.m.•93 views

USN-4432-1: GRUB 2 vulnerabilities

Jesse Michael and Mickey Shkatov discovered that the configuration parser in GRUB2 did not properly exit when errors were discovered, resulting in heap-based buffer overflows. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. CVE-2020-10713 Chris...

8.2CVSS8AI score0.01588EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2020/06/09 12:7 p.m.•93 views

LSN-0068-1: Kernel Live Patch Security Notice

It was discovered that the virtual terminal implementation in the Linux kernel did not properly handle resize events. A local attacker could use this to expose sensitive information. CVE-2020-8647 It was discovered that the virtual terminal implementation in the Linux kernel contained a race...

7.1CVSS6.7AI score0.00722EPSS
Exploits2
Ubuntu
Ubuntu
•added 2020/06/01 5:32 p.m.•93 views

USN-4379-1: FreeRDP vulnerabilities

It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly exeucte arbitrary code...

8.3CVSS6.5AI score0.02689EPSS
Exploits13
Ubuntu
Ubuntu
•added 2020/05/12 5:52 p.m.•93 views

USN-4353-2: Firefox regression

USN-4353-1 fixed vulnerabilities in Firefox. The update caused a regression that impaired the functionality of some addons. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in ...

7.7AI score0.05803EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2020/04/02 10:14 p.m.•93 views

USN-4316-2: GD Graphics Library vulnerabilities

USN-4316-1 fixed a vulnerability in GD Graphics Library. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics...

7.5CVSS5.8AI score0.04332EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/03/03 11:54 a.m.•93 views

USN-4290-2: libpam-radius-auth vulnerability

USN-4290-1 fixed a vulnerability in libpam-radius-auth. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that libpam-radius-auth incorrectly handled certain long passwords. A remote attacker could possibly use th...

7.5CVSS7.3AI score0.03449EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/03/02 1:58 p.m.•93 views

USN-4293-1: libarchive vulnerabilities

It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly use this issue to access sensitive information. CVE-2019-19221 It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly use this issue to cause a...

8.8CVSS7AI score0.02196EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/01/13 3:36 p.m.•93 views

USN-4236-1: Libgcrypt vulnerability

It was discovered that Libgcrypt was susceptible to a ECDSA timing attack. An attacker could possibly use this attack to recover sensitive information...

6.3CVSS6.8AI score0.0051EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/10/30 1:56 p.m.•93 views

USN-4173-1: FreeTDS vulnerability

Felix Wilhelm discovered that FreeTDS incorrectly handled certain types after a protocol downgrade. A remote attacker could use this issue to cause FreeTDS to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS8.3AI score0.01781EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/10/29 3:28 p.m.•93 views

USN-4167-2: Samba vulnerabilities

USN-4167-1 fixed several vulnerabilities in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Michael Hanselmann discovered that the Samba client code incorrectly handled path separators. If a user were tricked into connecti...

6.5CVSS6.3AI score0.03515EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/05/08 6:49 p.m.•93 views

USN-3971-1: Monit vulnerabilities

Zack Flack discovered that Monit incorrectly handled certain input. A remote authenticated user could exploit this to conduct cross-site scripting XSS attacks. CVE-2019-11454 Zack Flack discovered a buffer overread when Monit decoded certain crafted URLs. An attacker could exploit this to leak...

8.1CVSS6.9AI score0.03138EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/02/07 9:56 p.m.•93 views

USN-3871-5: Linux kernel (Azure) vulnerabilities

Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code...

8.8CVSS6.9AI score0.02914EPSS
Exploits7
Ubuntu
Ubuntu
•added 2018/12/20 10:10 p.m.•93 views

USN-3846-1: Linux kernel vulnerability

It was discovered that an integer overflow vulnerability existed in the CDROM driver of the Linux kernel. A local attacker could use this to expose sensitive information kernel memory...

5.5CVSS6.7AI score0.00501EPSS
Exploits0
Total number of security vulnerabilities5000