Lucene search
K
UbuntuMost viewed

10869 matches found

Ubuntu
Ubuntu
•added 2024/06/07 10:40 p.m.•371 views

USN-6820-1: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

9.1CVSS7.4AI score0.01635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2009/11/10 1:39 p.m.•371 views

USN-856-1: CUPS vulnerability

Aaron Sigel discovered that the CUPS web interface incorrectly protected against cross-site scripting XSS and cross-site request forgery CSRF attacks. If an authenticated user were tricked into visiting a malicious website while logged into CUPS, a remote attacker could modify the CUPS...

4.3CVSS5.1AI score0.0578EPSS
Exploits5
Ubuntu
Ubuntu
•added 2024/06/17 1:0 p.m.•370 views

USN-6836-1: SSSD vulnerability

It was discovered that SSSD did not always correctly apply the GPO policy for authenticated users, contrary to expectations. This could result in improper authorization or improper access to resources...

7.1CVSS7AI score0.01033EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/09/04 8:40 a.m.•369 views

USN-6988-1: Twisted vulnerabilities

Ben Kallus discovered that Twisted incorrectly handled response order when processing multiple HTTP requests. A remote attacker could possibly use this issue to delay and manipulate responses. This issue only affected Ubuntu 24.04 LTS. CVE-2024-41671 It was discovered that Twisted did not properl...

8.3CVSS6.5AI score0.01109EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/03/27 2:59 p.m.•369 views

USN-6718-2: curl vulnerability

USN-6718-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that curl incorrectly handled memory when limiting the amount of headers when HTTP/2 server push is allowed. A remote...

8.6CVSS7AI score0.36081EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/08/12 11:59 a.m.•369 views

USN-3809-2: OpenSSH regression

USN-3809-1 fixed vulnerabilities in OpenSSH. The update for CVE-2018-15473 was incomplete and could introduce a regression in certain environments. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Robert Swiecki discovered that OpenSSH incorrectly...

6.8AI score0.98631EPSS
Exploits23References1
Ubuntu
Ubuntu
•added 2024/07/30 1:20 p.m.•368 views

USN-6928-1: Python vulnerabilities

It was discovered that the Python ssl module contained a memory race condition when handling the APIs to obtain the CA certificates and certificate store statistics. This could possibly result in applications obtaining wrong results, leading to various SSL issues. CVE-2024-0397 It was discovered...

7.5CVSS6.8AI score0.01034EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/03/26 8:9 a.m.•368 views

USN-6588-2: PAM vulnerability

USN-6588-1 fixed a vulnerability in PAM. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Original advisory details: Matthias Gerstner discovered that the PAM pamnamespace module incorrectly handled special files when performing director...

5.5CVSS6.3AI score0.00455EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/07/31 5:4 a.m.•366 views

USN-6930-1: OpenJDK 11 vulnerabilities

It was discovered that the Hotspot component of OpenJDK 11 was not properly bounding certain UTF-8 strings, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2024-21131 It was discovered that the Hotspot...

7.4CVSS7.5AI score0.01257EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/02/01 5:45 p.m.•366 views

USN-6621-1: ImageMagick vulnerability

It was discovered that ImageMagick incorrectly handled certain values when processing BMP files. An attacker could exploit this to cause a denial of service...

6.2CVSS6.6AI score0.00437EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/22 7:0 p.m.•366 views

USN-4246-1: zlib vulnerabilities

It was discovered that zlib incorrectly handled pointer arithmetic. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2016-9840, CVE-2016-9841 It was discovered that zlib incorrectly handled vectors involving left...

9.8CVSS7.8AI score0.07489EPSS
Exploits0
Ubuntu
Ubuntu
•added 2014/09/17 2:6 a.m.•365 views

USN-2319-3: OpenJDK 7 update

USN-2319-1 fixed vulnerabilities in OpenJDK 7. This update provides stability fixes for the arm64 and ppc64el architectures. Original advisory details: Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could...

7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2024/06/13 12:35 p.m.•364 views

USN-6833-1: VTE vulnerability

Siddharth Dushantha discovered that VTE incorrectly handled large window resize escape sequences. An attacker could possibly use this issue to consume resources, leading to a denial of service...

4.4CVSS5.7AI score0.00238EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/02/27 2:36 a.m.•363 views

USN-6660-1: OpenJDK 11 vulnerabilities

Yi Yang discovered that the Hotspot component of OpenJDK 11 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. CVE-2024-20918 It was discovered that the Hotspot...

7.4CVSS7.2AI score0.01026EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/08/01 6:35 a.m.•362 views

USN-6940-1: snapd vulnerabilities

Neil McPhail discovered that snapd did not properly restrict writes to the $HOME/bin path in the AppArmor profile for snaps using the home plug. An attacker who could convince a user to install a malicious snap could use this vulnerability to escape the snap sandbox. CVE-2024-1724 Zeyad Gouda...

8.2CVSS7.6AI score0.00306EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/06/11 3:4 a.m.•361 views

USN-6827-1: LibTIFF vulnerability

It was discovered that LibTIFF incorrectly handled memory when performing certain cropping operations, leading to a heap buffer overflow. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code...

5.5CVSS7.2AI score0.00317EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/08/19 3:4 p.m.•360 views

USN-6968-1: PostgreSQL vulnerability

Noah Misch discovered that PostgreSQL incorrectly handled certain SQL objects. An attacker could possibly use this issue to execute arbitrary SQL functions as the superuser...

8.8CVSS7.5AI score0.01565EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/01/11 7:35 p.m.•359 views

USN-3531-1: Intel Microcode update

It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. CVE-2017-5715 This...

5.6CVSS7.2AI score0.74041EPSS
Exploits8
Ubuntu
Ubuntu
•added 2024/08/06 4:21 p.m.•358 views

USN-6946-1: Django vulnerabilities

It was discovered that Django incorrectly handled certain strings in floatformat function. An attacker could possibly use this issue to cause a memory exhaustion. CVE-2024-41989 It was discovered that Django incorrectly handled very large inputs. An attacker could possibly use this issue to cause...

9.8CVSS7AI score0.01258EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/21 7:31 a.m.•357 views

USN-5621-1: Linux kernel vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Domingo...

7.5CVSS7.1AI score0.05561EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/06/26 1:45 p.m.•356 views

USN-6851-1: Netplan vulnerabilities

Andreas Hasenack discovered that netplan incorrectly handled the permissions for netdev files containing wireguard configuration. An attacker could use this to obtain wireguard secret keys. It was discovered that netplan configuration could be manipulated into injecting arbitrary commands while...

6.5CVSS5.8AI score0.00264EPSS
Exploits1References3
Ubuntu
Ubuntu
•added 2024/06/28 3:0 a.m.•352 views

USN-6855-1: libcdio vulnerability

Mansour Gashasbi discovered that libcdio incorrectly handled certain memory operations when parsing an ISO file, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code...

8.4CVSS8AI score0.00363EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/07/27 6:8 p.m.•352 views

USN-4425-1: Linux kernel vulnerabilities

It was discovered that the network block device nbd implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service system crash. CVE-2019-16089 It was discovered that the kernel-user space relay...

7.2CVSS7.3AI score0.01314EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/10/14 3:43 p.m.•351 views

USN-2769-1: Apache Commons HttpClient vulnerabilities

It was discovered that Apache Commons HttpClient did not properly verify the Common Name or subjectAltName fields of X.509 certificates. An attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications. This issue only affect...

5.8CVSS6.5AI score0.19312EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/06/28 4:8 p.m.•350 views

USN-6844-2: CUPS regression

USN-6844-1 fixed vulnerabilities in the CUPS package. The update lead to the discovery of a regression in CUPS with regards to how the cupsd daemon handles Listen configuration directive. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Rory McNamara...

5.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2019/03/18 12:50 p.m.•345 views

USN-3911-1: file vulnerabilities

It was discovered that file incorrectly handled certain malformed ELF files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code...

8.8CVSS7.1AI score0.03465EPSS
Exploits4
Ubuntu
Ubuntu
•added 2024/07/31 10:51 a.m.•344 views

USN-6934-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.39 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. In addition to security fixes, the updated packages contain bug fixes, new...

6.5CVSS5.8AI score0.00904EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/02/05 12:18 p.m.•344 views

USN-6622-1: OpenSSL vulnerabilities

David Benjamin discovered that OpenSSL incorrectly handled excessively long X9.42 DH keys. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, leading to a denial of service. CVE-2023-5678 Sverker Eriksson discovered that OpenSSL incorrectly handled POLY1304 MAC...

6.5CVSS6.8AI score0.04459EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/03/08 3:54 a.m.•343 views

USN-5316-1: Redis vulnerability

Reginaldo Silva discovered that due to a packaging issue, a remote attacker with the ability to execute arbitrary Lua scripts could possibly escape the Lua sandbox and execute arbitrary code on the host...

10CVSS9.1AI score0.9967EPSS
Exploits8
Ubuntu
Ubuntu
•added 2022/03/17 11:31 a.m.•342 views

USN-5333-1: Apache HTTP Server vulnerabilities

Chamal De Silva discovered that the Apache HTTP Server modlua module incorrectly handled certain crafted request bodies. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. CVE-2022-22719 James Kettle discovered that the Apache HTTP Serv...

9.8CVSS8.4AI score0.69803EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/04/05 8:14 p.m.•340 views

USN-3619-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3619-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn discovered that the Berkeley Packet Filter BPF implementation in the Linux...

7.8CVSS7.4AI score0.30052EPSS
Exploits26
Ubuntu
Ubuntu
•added 2024/08/21 7:27 p.m.•338 views

USN-6973-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service system crash. CVE-2024-24860 Several security issues were discovere...

8.4CVSS6.6AI score0.00798EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/11/14 9:35 p.m.•336 views

USN-3819-1: Linux kernel vulnerability

Felix Wilhelm discovered that the Xen netback driver in the Linux kernel did not properly perform input validation in some situations. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.1AI score0.00352EPSS
Exploits0
Ubuntu
Ubuntu
•added 2010/06/02 7:36 p.m.•336 views

USN-946-1: Net-SNMP vulnerability

The SNMP server did not correctly validate certain UDP clients when using TCP wrappers. Under some situations, a remote attacker could bypass access restrictions and communicate with the SNMP server, potentially leading to a loss of privacy or a denial of service...

5CVSS5.1AI score0.0292EPSS
Exploits2
Ubuntu
Ubuntu
•added 2005/10/18 11:53 p.m.•335 views

USN-210-1: netpbm vulnerability

A buffer overflow was found in the "pnmtopng" conversion program. By tricking an user or automated system to process a specially crafted PNM image with pnmtopng, this could be exploited to execute arbitrary code with the privileges of the user running pnmtopng...

7.5CVSS5.7AI score0.04873EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/07/20 1:9 a.m.•334 views

USN-5526-1: PyJWT vulnerability

Aapo Oksman discovered that PyJWT incorrectly handled signatures constructed from SSH public keys. A remote attacker could use this to forge a JWT signature...

7.5CVSS7.4AI score0.012EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/04/28 8:34 a.m.•334 views

USN-5371-2: nginx vulnerability

USN-5371-1 fixed several vulnerabilities in nginx. This update provides the fix for CVE-2021-3618 for Ubuntu 22.04 LTS. Original advisory details: It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to perform an HTTP Request Smuggling...

7.4CVSS6.9AI score0.02037EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/10/11 5:28 p.m.•334 views

USN-3788-1: Tex Live vulnerabilities

Jakub Wilk discovered that Tex Live incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. CVE-2015-5700 It was discovered that Tex Live incorrectly handled certain files. An attacker could possibly use th...

7.8CVSS7.4AI score0.02058EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/04/04 3:8 p.m.•333 views

USN-3937-1: Apache HTTP Server vulnerabilities

Charles Fol discovered that the Apache HTTP Server incorrectly handled the scoreboard shared memory area. A remote attacker able to upload and run scripts could possibly use this issue to execute arbitrary code with root privileges. CVE-2019-0211 It was discovered that the Apache HTTP Server HTTP...

7.8CVSS7.6AI score0.65005EPSS
Exploits8
Ubuntu
Ubuntu
•added 2019/02/27 5:23 p.m.•330 views

USN-3899-1: OpenSSL vulnerability

Juraj Somorovsky, Robert Merget, and Nimrod Aviram discovered that certain applications incorrectly used OpenSSL and could be exposed to a padding oracle attack. A remote attacker could possibly use this issue to decrypt data...

5.9CVSS6.6AI score0.17139EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/10/11 5:35 p.m.•330 views

USN-3789-1: ClamAV vulnerability

It was discovered that ClamAV incorrectly handled unpacking MEW executables. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service...

5.5CVSS7AI score0.01315EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/08/31 4:48 p.m.•330 views

USN-2726-1: Expat vulnerability

It was discovered that Expat incorrectly handled malformed XML data. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service, or possibly execute arbitrary code...

6.8CVSS7.6AI score0.19069EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/18 5:47 p.m.•328 views

USN-6793-2: Git vulnerability

USN-6793-1 fixed vulnerabilities in Git. The CVE-2024-32002 was pending further investigation. This update fixes the problem. Original advisory details: It was discovered that Git incorrectly handled certain submodules. An attacker could possibly use this issue to execute arbitrary code. This iss...

9CVSS8AI score0.25334EPSS
Exploits32
Ubuntu
Ubuntu
•added 2024/08/15 1:19 p.m.•327 views

USN-6963-1: GNOME Shell vulnerability

It was discovered that GNOME Shell incorrectly opened the portal helper automatically when detecting a captive network portal. A remote attacker could possibly use this issue to load arbitrary web pages containing JavaScript, leading to resource consumption or other attacks...

6.5CVSS6.9AI score0.00299EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/28 7:14 p.m.•323 views

USN-6851-2: Netplan regression

USN-6851-1 fixed vulnerabilities in Netplan. The update lead to the discovery of a regression in netplan which caused systemctl enable to fail on systems where systemd is not running. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Andreas Hasenack...

6AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2024/07/15 4:13 p.m.•322 views

USN-6898-1: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Gui-Dong Han discovered that the...

9.1CVSS7.1AI score0.01401EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/01/22 1:16 p.m.•321 views

USN-6593-1: GnuTLS vulnerabilities

It was discovered that GnuTLS had a timing side-channel when processing malformed ciphertexts in RSA-PSK ClientKeyExchange. A remote attacker could possibly use this issue to recover sensitive information. CVE-2024-0553 It was discovered that GnuTLS incorrectly handled certain certificate chains...

7.5CVSS6.8AI score0.01614EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/06/10 8:27 p.m.•320 views

USN-4987-1: ExifTool vulnerability

It was discovered that ExifTool did not properly sanitize user data for the DjVu file format. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code...

7.8CVSS7.8AI score0.99981EPSS
Exploits39
Ubuntu
Ubuntu
•added 2013/04/08 10:40 p.m.•318 views

USN-1793-1: Linux kernel vulnerabilities

Emese Revfy discovered that in the Linux kernel signal handlers could leak address information across an exec, making it possible to by pass ASLR Address Space Layout Randomization. A local user could use this flaw to by pass ASLR to reliably deliver an exploit payload that would otherwise be...

6.2CVSS6.4AI score0.005EPSS
Exploits3
Ubuntu
Ubuntu
•added 2024/07/12 2:12 p.m.•310 views

USN-6896-1: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

9.1CVSS7.5AI score0.01635EPSS
Exploits1
Total number of security vulnerabilities5000