Lucene search
K
UbuntuMost viewed

10923 matches found

Ubuntu
Ubuntu
added 2024/05/23 4:27 p.m.93 views

USN-6785-1: GNOME Remote Desktop vulnerability

Matthias Gerstner discovered that GNOME Remote Desktop incorrectly performed certain user validation checks. A local attacker could possibly use this issue to obtain sensitive information, or take control of remote desktop connections...

7.5CVSS7.3AI score0.00569EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/04/18 11:58 a.m.93 views

USN-6737-1: GNU C Library vulnerability

Charles Fol discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.3CVSS7.6AI score0.8833EPSS
Exploits16
Ubuntu
Ubuntu
added 2024/03/25 11:59 p.m.93 views

USN-6716-1: Linux kernel (Azure) vulnerabilities

Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service system...

7.8CVSS7.4AI score0.28058EPSS
Exploits17
Ubuntu
Ubuntu
added 2023/10/10 3:1 p.m.93 views

USN-6425-1: Samba vulnerabilities

Sri Nagasubramanian discovered that the Samba aclxattr VFS module incorrectly handled read-only files. When Samba is configured to ignore system ACLs, a remote attacker could possibly use this issue to truncate read-only files. CVE-2023-4091 Andrew Bartlett discovered that Samba incorrectly handl...

7.5CVSS6.9AI score0.01723EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/05/08 11:47 a.m.93 views

USN-6060-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.33 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. Ubuntu 18.04 LTS has been updated to MySQL 5.7.42. In addition to...

7.5CVSS6.7AI score0.01501EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/04/12 8:36 a.m.93 views

USN-6011-1: Json-smart vulnerabilities

It was discovered that Json-smart incorrectly handled memory when processing input containing unclosed quotes. A remote attacker could possibly use this issue to cause applications using Json-smart to crash, leading to a denial of service. CVE-2021-31684 It was discovered that Json-smart...

7.5CVSS6.5AI score0.023EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/03/27 2:59 p.m.93 views

USN-5973-1: url-parse vulnerabilities

It was discovered that url-parse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service, or to perform a server-side request forgery attack or open...

10CVSS6.7AI score0.03805EPSS
Exploits7
Ubuntu
Ubuntu
added 2023/01/24 2:31 p.m.93 views

USN-5821-2: wheel vulnerability

USN-5821-1 fixed a vulnerability in wheel. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Sebastian Chnelik discovered that wheel incorrectly handled certain file names when validated against a regex expression. An attacker could possibly use this...

7.5CVSS7AI score0.02659EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/01/17 6:0 p.m.93 views

USN-5808-1: Linux kernel (IBM) vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/05 6:34 p.m.93 views

USN-5789-1: Linux kernel (OEM) vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Jann Horn discovered that the...

7.8CVSS7.3AI score0.21314EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/08/30 2:13 p.m.93 views

USN-5588-1: Linux kernel vulnerability

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.3AI score0.06214EPSS
Exploits7
Ubuntu
Ubuntu
added 2022/07/04 2:10 p.m.93 views

USN-5479-2: PHP vulnerabilities

USN-5479-1 fixed vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: Charles Fol discovered that PHP incorrectly handled initializing certain arrays when handling the pgqueryparams function. A remote attacker could use this issue...

8.8CVSS8.7AI score0.5838EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/06/16 4:22 p.m.93 views

USN-5482-1: SPIP vulnerabilities

It was discovered that SPIP incorrectly validated inputs. An authenticated attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. CVE-2020-28984 Charles Fol and Théo Gordyjan discovered that SPIP is vulnerable to Cross Site Scripting XSS. If a...

9.8CVSS7.5AI score0.02949EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/01/13 1:41 p.m.93 views

USN-5224-2: Ghostscript vulnerabilities

USN-5224-1 fixed several vulnerabilities in Ghostscript. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a...

5.5CVSS6.8AI score0.01401EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/11/01 1:43 p.m.93 views

USN-5127-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS6.9AI score0.02319EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/10/04 3:9 p.m.93 views

USN-5099-1: Imlib2 vulnerability

It was discovered that Imlib2 incorrectly handled certain ICO images. An attacker could use this issue to cause a denial of service and possibly execute arbitrary code...

9.1CVSS8.5AI score0.01589EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/09/23 1:1 p.m.93 views

USN-5089-2: ca-certificates update

USN-5089-1 updated ca-certificates. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: The ca-certificates package contained a CA certificate that will expire on 2021-09-30 and will cause connectivity issues. This update removes the...

5.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2021/09/08 5:11 p.m.93 views

USN-5069-2: mod-auth-mellon vulnerability

USN-5069-1 fixed a vulnerability in mod-auth-mellon. This update provides the corresponding updates for Ubuntu 21.04. Original advisory details: It was discovered that mod-auth-mellon incorrectly filtered certain URLs. A remote attacker could possibly use this issue to perform an open redirect...

6.1CVSS6.2AI score0.00752EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/08/31 5:40 p.m.93 views

USN-5060-2: NTFS-3G vulnerabilities

USN-5060-1 fixed a vulnerability in NTFS-3G. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that NTFS-3G incorrectly handled certain image file. An attacker could possibly use this issue to execute arbitrary co...

5.9AI score
Exploits0References1
Ubuntu
Ubuntu
added 2021/05/17 10:50 p.m.93 views

USN-4958-1: Caribou vulnerability

It was discovered that the Caribou onscreen keyboard could be made to crash when given certain input values. An attacker could use this to bypass screen-locking applications that support using Caribou as an input mechanism...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
added 2021/05/11 6:30 p.m.93 views

USN-4944-1: MariaDB vulnerabilities

This update fixed multiple vulnerabilities in MariaDB. Ubuntu 18.04 LTS has been updated to MariaDB 10.1.48. Ubuntu 20.04 LTS has been updated to MariaDB 10.3.29. Ubuntu 20.10 has been updated to MariaDB 10.3.29. Ubuntu 21.04 has been updated to MariaDB 10.5.10...

5.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2020/11/12 8:31 p.m.93 views

USN-4632-1: SLiRP vulnerabilities

It was discovered that the SLiRP networking implementation of the QEMU emulator did not properly manage memory under certain circumstances. An attacker could use this to cause a heap-based buffer overflow or other out- of-bounds access, which can lead to a denial of service application crash or...

6.8CVSS7.6AI score0.03566EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/09/15 5:25 p.m.93 views

USN-4496-1: Apache XML-RPC vulnerability

It was discovered that Apache XML-RPC aka ws-xmlrpc does not properly deserialize untrusted data. An attacker could possibly use this issue to execute arbitrary code. CVE-2019-17570...

9.8CVSS8.2AI score0.49285EPSS
Exploits2
Ubuntu
Ubuntu
added 2020/08/17 4:46 p.m.93 views

USN-4460-1: Oniguruma vulnerabilities

It was discovered that Oniguruma incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service, obtain sensitive information or other unspecified impact. CVE-2019-16163, CVE-2019-19012, CVE-2019-19204, CVE-2019-19246...

9.8CVSS7.1AI score0.10539EPSS
Exploits5
Ubuntu
Ubuntu
added 2020/07/15 2:49 p.m.93 views

USN-4424-1: snapd vulnerabilities

It was discovered that cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices ran on every boot without restrictions. A physical attacker could exploit this to craft cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intende...

7.3CVSS6.6AI score0.00365EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/06/09 12:7 p.m.93 views

LSN-0068-1: Kernel Live Patch Security Notice

It was discovered that the virtual terminal implementation in the Linux kernel did not properly handle resize events. A local attacker could use this to expose sensitive information. CVE-2020-8647 It was discovered that the virtual terminal implementation in the Linux kernel contained a race...

7.1CVSS6.7AI score0.00722EPSS
Exploits2
Ubuntu
Ubuntu
added 2020/06/01 5:32 p.m.93 views

USN-4379-1: FreeRDP vulnerabilities

It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly exeucte arbitrary code...

8.3CVSS6.5AI score0.02689EPSS
Exploits13
Ubuntu
Ubuntu
added 2020/04/02 10:14 p.m.93 views

USN-4316-2: GD Graphics Library vulnerabilities

USN-4316-1 fixed a vulnerability in GD Graphics Library. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics...

7.5CVSS5.8AI score0.04332EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/03/02 1:58 p.m.93 views

USN-4293-1: libarchive vulnerabilities

It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly use this issue to access sensitive information. CVE-2019-19221 It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly use this issue to cause a...

8.8CVSS7AI score0.02251EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/01/20 12:7 p.m.93 views

USN-4242-1: Sysstat vulnerabilities

It was discovered that Sysstat incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 19.04 and Ubuntu 19.10. CVE-2019-16167 It was discovered that Sysstat incorrectly handled certain inputs. An...

9.8CVSS7.5AI score0.02762EPSS
Exploits2
Ubuntu
Ubuntu
added 2020/01/13 3:36 p.m.93 views

USN-4236-1: Libgcrypt vulnerability

It was discovered that Libgcrypt was susceptible to a ECDSA timing attack. An attacker could possibly use this attack to recover sensitive information...

6.3CVSS6.8AI score0.0051EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/10/29 3:28 p.m.93 views

USN-4167-2: Samba vulnerabilities

USN-4167-1 fixed several vulnerabilities in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Michael Hanselmann discovered that the Samba client code incorrectly handled path separators. If a user were tricked into connecti...

6.5CVSS6.3AI score0.03515EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/09/18 2:4 p.m.93 views

USN-4136-2: wpa_supplicant and hostapd vulnerability

USN-4136-1 fixed a vulnerability in wpasupplicant. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that wpasupplicant incorrectly handled certain management frames. An attacker could possibly use this issue to...

6.5CVSS6.5AI score0.01214EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/05/08 6:49 p.m.93 views

USN-3971-1: Monit vulnerabilities

Zack Flack discovered that Monit incorrectly handled certain input. A remote authenticated user could exploit this to conduct cross-site scripting XSS attacks. CVE-2019-11454 Zack Flack discovered a buffer overread when Monit decoded certain crafted URLs. An attacker could exploit this to leak...

8.1CVSS6.9AI score0.03138EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/02/07 9:56 p.m.93 views

USN-3871-5: Linux kernel (Azure) vulnerabilities

Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code...

8.8CVSS6.9AI score0.02914EPSS
Exploits7
Ubuntu
Ubuntu
added 2018/06/21 6:18 p.m.93 views

USN-3691-1: OpenJDK 7 vulnerabilities

It was discovered that the Security component of OpenJDK did not correctly perform merging of multiple sections for the same file listed in JAR archive file manifests. An attacker could possibly use this to modify attributes in a manifest without invalidating the signature. CVE-2018-2790 Francesc...

8.3CVSS5.9AI score0.15141EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/05/22 3:32 a.m.93 views

USN-3653-2: Linux kernel (HWE) vulnerabilities

USN-3653-1 fixed vulnerabilities and added mitigations in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Jann Horn and Ken Johnson discovered that microprocessors utilizing...

7.8CVSS7.8AI score0.60631EPSS
Exploits2References1
Ubuntu
Ubuntu
added 2018/05/15 1:14 p.m.93 views

USN-3600-2: PHP vulnerabilities

USN-3600-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that PHP incorrectly handled the PHAR 404 error page. A remote attacker could possibly use this issue to conduct cross-site scripting XSS...

9.8CVSS8AI score0.87606EPSS
Exploits3
Ubuntu
Ubuntu
added 2018/01/09 11:10 p.m.93 views

USN-3522-1: Linux kernel vulnerability

Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory...

5.6CVSS7.1AI score0.84172EPSS
Exploits3
Ubuntu
Ubuntu
added 2017/09/14 12:54 a.m.93 views

USN-3415-1: tcpdump vulnerabilities

Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attacker could use this to cause a denial of service application crash or possibly execute arbitrary code. CVE-2017-11543 Bhargava Shastry discovered a buffer overflow in the bitfield converter utility function...

9.8CVSS8.1AI score0.06196EPSS
Exploits3
Ubuntu
Ubuntu
added 2017/04/28 4:47 a.m.93 views

USN-3271-1: Libxslt vulnerabilities

Holger Fuhrmannek discovered an integer overflow in the xsltAddTextString function in Libxslt. An attacker could use this to craft a malicious document that, when opened, could cause a denial of service application crash or possible execute arbitrary code. CVE-2017-5029 Nicolas Gregoire discovere...

9.3CVSS7.7AI score0.04156EPSS
Exploits1
Ubuntu
Ubuntu
added 2017/04/20 6:33 p.m.93 views

USN-3261-1: QEMU vulnerabilities

Zhenhao Hong discovered that QEMU incorrectly handled the Virtio GPU device. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 16.10. CVE-2016-10028, CVE-2016-10029 Li Qiang discovered...

9.9CVSS7.7AI score0.04448EPSS
Exploits1
Ubuntu
Ubuntu
added 2017/03/20 4:39 p.m.93 views

USN-3183-2: GnuTLS vulnerability

USN-3183-1 fixed CVE-2016-8610 in GnuTLS in Ubuntu 16.04 LTS and Ubuntu 16.10. This update provides the corresponding update for Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Original advisory details: Stefan Buehler discovered that GnuTLS incorrectly verified the serial length of OCSP responses. A remo...

7.5CVSS7.6AI score0.39657EPSS
Exploits1
Ubuntu
Ubuntu
added 2017/03/13 4:42 p.m.93 views

USN-3227-1: ICU vulnerabilities

It was discovered that ICU incorrectly handled certain memory operations when processing data. If an application using ICU processed crafted data, a remote attacker could possibly cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program...

10CVSS7.2AI score0.07514EPSS
Exploits2
Ubuntu
Ubuntu
added 2017/02/06 11:18 p.m.93 views

USN-3175-2: Firefox regression

USN-3175-1 fixed vulnerabilities in Firefox. The update caused a regression on systems where the AppArmor profile for Firefox is set to enforce mode. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple memory safety issues were discovered in...

7.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2017/01/11 8:26 a.m.93 views

USN-3169-4: Linux kernel (Qualcomm Snapdragon) vulnerabilities

Baozeng Ding discovered a race condition that could lead to a use-after- free in the Advanced Linux Sound Architecture ALSA subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2016-9794 Andrey Konovalov discovered that signed integer...

7.8CVSS6.5AI score0.01566EPSS
Exploits8
Ubuntu
Ubuntu
added 2016/11/03 6:35 a.m.93 views

USN-3121-1: OpenJDK 8 vulnerabilities

It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy function in certain cases. An attacker could use this to bypass Java sandbox restrictions. CVE-2016-5582 It was discovered that OpenJDK did not restrict the set of algorithms used for...

9.6CVSS7.2AI score0.05437EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/10/11 6:14 a.m.93 views

USN-3099-1: Linux kernel vulnerabilities

Vladimír Beneš discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload GRO processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service system crash. CVE-2016-7039 Marco Grassi discovered a...

7.8CVSS6.6AI score0.07613EPSS
Exploits5
Ubuntu
Ubuntu
added 2016/05/26 2:59 p.m.93 views

USN-2985-2: GNU C Library regression

USN-2985-1 fixed vulnerabilities in the GNU C Library. The fix for CVE-2014-9761 introduced a regression which affected applications that use the libm library but were not fully restarted after the upgrade. This update removes the fix for CVE-2014-9761 and a future update will be provided to...

8.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2016/05/09 10:28 p.m.93 views

USN-2971-2: Linux kernel (Wily HWE) vulnerabilities

USN-2971-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 15.10 for Ubuntu 14.04 LTS. Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did no...

7.8CVSS6.4AI score0.01946EPSS
Exploits19
Total number of security vulnerabilities5000