Lucene search
K
UbuntuMost viewed

10888 matches found

Ubuntu
Ubuntu
added 2015/01/13 11:40 a.m.91 views

USN-2464-1: Linux kernel (OMAP4) vulnerabilities

Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment SS register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. CVE-2014-9322 An information leak in the Linux kernel was discovered...

7.8CVSS6.7AI score0.01504EPSS
Exploits10
Ubuntu
Ubuntu
added 2014/11/25 4:10 a.m.91 views

USN-2421-1: Linux kernel vulnerabilities

A flaw was discovered in how the Linux kernel's KVM Kernel Virtual Machine subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service kill arbitrary processes, or system disruption by leveraging /dev/kvm access...

7.5CVSS6.9AI score0.05421EPSS
Exploits0
Ubuntu
Ubuntu
added 2014/07/17 1:33 a.m.91 views

USN-2290-1: Linux kernel vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Salva Peiró discovered an information leak in the Linux kernel's media- device...

6.9CVSS7.1AI score0.08103EPSS
Exploits11
Ubuntu
Ubuntu
added 2014/05/27 10:1 a.m.91 views

USN-2228-1: Linux kernel vulnerabilities

Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. CVE-2014-1738 Matthew Daley reported a flaw in the handling of ioctl commands by the floppy...

10CVSS7.5AI score0.10385EPSS
Exploits16
Ubuntu
Ubuntu
added 2014/05/26 12:12 p.m.91 views

USN-2220-1: Linux kernel (EC2) vulnerabilities

Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. CVE-2014-1738 Matthew Daley reported a flaw in the handling of ioctl commands by the floppy...

7.2CVSS6.9AI score0.00524EPSS
Exploits3
Ubuntu
Ubuntu
added 2013/12/19 7:36 p.m.91 views

USN-2060-1: libjpeg, libjpeg-turbo vulnerabilities

Michal Zalewski discovered that libjpeg and libjpeg-turbo incorrectly handled certain memory operations. An attacker could use this issue with a specially-crafted JPEG file to possibly expose sensitive information...

5CVSS7.9AI score0.10117EPSS
Exploits0
Ubuntu
Ubuntu
added 2013/12/03 7:16 p.m.91 views

USN-2039-1: Linux kernel (OMAP4) vulnerabilities

An information leak was discovered in the handling of ICMPv6 Router Advertisement RA messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service excessive retries and address-generation outage, and consequently obtain sensitive...

6.2CVSS7.1AI score0.04144EPSS
Exploits5
Ubuntu
Ubuntu
added 2013/07/29 12:48 p.m.91 views

USN-1910-1: Bind vulnerability

Maxim Shudrak discovered that Bind incorrectly handled certain malformed rdata. A remote attacker could use this flaw with a specially crafted query to cause Bind to stop responding, resulting in a denial of service...

7.8CVSS6.7AI score0.3415EPSS
Exploits1
Ubuntu
Ubuntu
added 2013/07/16 5:24 p.m.91 views

USN-1907-1: OpenJDK 7 vulnerabilities

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. CVE-2013-1500, CVE-2013-2454, CVE-2013-2458 A vulnerability was discovered in the OpenJDK Javadoc related to...

10CVSS7.7AI score0.98704EPSS
Exploits32
Ubuntu
Ubuntu
added 2013/04/08 11:58 p.m.91 views

USN-1797-1: Linux kernel (OMAP4) vulnerabilities

Andrew Jones discovered a flaw with the xeniret function in Linux kernel's Xen virtualizeation. In the 32-bit Xen paravirt platform an unprivileged guest OS user could exploit this flaw to cause a denial of service crash the system or gain guest OS privilege. CVE-2013-0228 Emese Revfy discovered...

6.2CVSS6.3AI score0.005EPSS
Exploits4
Ubuntu
Ubuntu
added 2012/10/24 3:51 p.m.91 views

USN-1616-1: Python 3.1 vulnerabilities

It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. This issue only affected Ubuntu 10.04 LTS. CVE-2008-5983 It was discovered that th...

6.9CVSS7.6AI score0.14643EPSS
Exploits8
Ubuntu
Ubuntu
added 2012/03/06 6:0 p.m.91 views

USN-1386-1: Linux kernel (Natty backport) vulnerabilities

The linux kernel did not properly account for PTE pages when deciding which task to kill in out of memory conditions. A local, unprivileged could exploit this flaw to cause a denial of service. CVE-2011-2498 A flaw was discovered in the TOMOYO LSM's handling of mount system calls. An unprivileged...

7.8CVSS7AI score0.20492EPSS
Exploits11
Ubuntu
Ubuntu
added 2012/01/24 9:7 p.m.91 views

USN-1263-2: OpenJDK 6 regression

USN-1263-1 fixed vulnerabilities in OpenJDK 6. The upstream patch for the chosen plaintext attack on the block-wise AES encryption algorithm CVE-2011-3389 introduced a regression that caused TLS/SSL connections to fail when using certain algorithms. This update fixes the problem. We apologize for...

8.4AI score
Exploits0References1
Ubuntu
Ubuntu
added 2012/01/23 9:59 p.m.91 views

USN-1341-1: Linux kernel vulnerabilities

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 Dan Rosenberg reported an error in the old ABI compatibility layer of ARM kernels. A local attacker could...

7.2CVSS7.4AI score0.00489EPSS
Exploits4
Ubuntu
Ubuntu
added 2011/10/04 10:51 p.m.91 views

USN-1222-2: Mozvoikko, ubufox, webfav update

USN-1222-1 fixed vulnerabilities in Firefox. This update provides updated packages for use with Firefox 7. Original advisory details: Benjamin Smedberg, Bob Clary, Jesse Ruderman, Bob Clary, Andrew McCreight, Andreas Gal, Gary Kwong, Igor Bukanov, Jason Orendorff, Jesse Ruderman, and Marcia Knous...

8.7AI score
Exploits0References1
Ubuntu
Ubuntu
added 2011/08/19 4:22 p.m.91 views

USN-1189-1: Linux kernel vulnerabilities

It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities...

9.8CVSS7.4AI score0.08793EPSS
Exploits9
Ubuntu
Ubuntu
added 2011/07/15 10:46 p.m.91 views

USN-1150-1: Thunderbird vulnerabilities

Multiple memory vulnerabilities were discovered in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Thunderbird. CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2376 Martin Barbella discovered that under...

10CVSS9AI score0.75691EPSS
Exploits19
Ubuntu
Ubuntu
added 2011/03/01 10:32 p.m.91 views

USN-1080-1: Linux kernel vulnerabilities

Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. CVE-2010-3865 Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not...

7.2CVSS6.2AI score0.02523EPSS
Exploits6
Ubuntu
Ubuntu
added 2010/04/15 7:22 p.m.91 views

USN-890-6: CMake vulnerabilities

USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for CMake. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked in...

5CVSS6.5AI score0.27924EPSS
Exploits3
Ubuntu
Ubuntu
added 2010/02/24 7:59 a.m.91 views

USN-903-1: OpenOffice.org vulnerabilities

It was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. CVE-2009-0217 Sebastian Apelt and Frank Reißner discovered that OpenOffice did not correct...

9.3CVSS8AI score0.14092EPSS
Exploits1
Ubuntu
Ubuntu
added 2009/12/18 9:52 p.m.91 views

USN-873-1: Firefox 3.0 and Xulrunner 1.9 vulnerabilities

Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary...

9.3CVSS8.5AI score0.03963EPSS
Exploits8
Ubuntu
Ubuntu
added 2009/03/06 12:26 a.m.91 views

USN-728-2: Firefox vulnerabilities

Jesse Ruderman and Gary Kwong discovered flaws in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2009-0772, CVE-2009-0774...

9.3CVSS8.6AI score0.04047EPSS
Exploits0
Ubuntu
Ubuntu
added 2007/06/12 12:43 a.m.91 views

USN-472-1: libpng vulnerability

It was discovered that libpng did not correctly handle corrupted CRC in grayscale PNG images. By tricking a user into opening a specially crafted PNG, a remote attacker could cause the application using libpng to crash, resulting in a denial of service...

5CVSS5.3AI score0.05115EPSS
Exploits1
Ubuntu
Ubuntu
added 2007/05/16 3:23 a.m.91 views

USN-460-1: Samba vulnerabilities

Paul Griffith and Andrew Hogue discovered that Samba did not fully drop root privileges while translating SIDs. A remote authenticated user could issue SMB operations during a small window of opportunity and gain root privileges. CVE-2007-2444 Brian Schafer discovered that Samba did not handle ND...

10CVSS8.6AI score0.77806EPSS
Exploits37
Ubuntu
Ubuntu
added 2006/09/25 5:5 p.m.91 views

USN-352-1: Thunderbird vulnerabilities

Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious email containing JavaScript. Please note that JavaScript is disabled by default for emails, and it is not recommended to enable it. CVE-2006-4253,...

10CVSS7.9AI score0.14074EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/05/06 1:25 p.m.90 views

USN-7492-1: Linux kernel vulnerability

A security issues was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystems: - Bluetooth drivers; CVE-2024-56653...

7.8CVSS7.2AI score0.00216EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/04/08 1:48 p.m.90 views

USN-7425-1: Erlang vulnerability

It was discovered that Erlang OTP's SSH module did not limit the size of certain data in initialization messages. An attacker could possibly use this issue to consume large amount of memory leading to a denial of service...

7.5CVSS7.3AI score0.00436EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/03/31 9:47 a.m.90 views

USN-7376-2: MariaDB vulnerability

USN-7376-1 fixed vulnerabilities in MariaDB. This update provides the corresponding updates for Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. Original advisory details: A security issue was discovered in MariaDB and this update includes a new upstream MariaDB version to fix the issue. In addition to...

4.9CVSS6.5AI score0.01236EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/03/12 4:19 p.m.90 views

USN-7350-1: UnRAR vulnerabilities

It was discovered that UnRAR incorrectly handled certain paths. If a user or automated system were tricked into extracting a specially crafted RAR archive, a remote attacker could possibly use this issue to write arbitrary files outside of the targeted directory. CVE-2022-30333, CVE-2022-48579 It...

7.8CVSS7.1AI score0.98975EPSS
Exploits14
Ubuntu
Ubuntu
added 2025/03/12 2:36 p.m.90 views

USN-7348-1: Python vulnerabilities

It was discovered that the Python ipaddress module contained incorrect information about which IP address ranges were considered “private” or “globally reachable”. This could possibly result in applications applying incorrect security policies. This issue only affected Ubuntu 14.04 LTS and Ubuntu...

7.8CVSS7.5AI score0.01499EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/06/11 5:45 p.m.90 views

USN-6828-1: Linux kernel (Intel IoTG) vulnerabilities

Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service system crash. CVE-2023-47233 It was...

9.1CVSS7.7AI score0.78388EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/02/07 8:16 p.m.90 views

USN-6624-1: Linux kernel vulnerabilities

Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service paravirtualized device unavailability. CVE-2023-34324 Zheng Wang discovered...

7.8CVSS7.2AI score0.00888EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/28 8:17 p.m.90 views

USN-6502-3: Linux kernel (NVIDIA) vulnerabilities

Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. CVE-2023-25775 Yu Hao discover...

9.8CVSS7.5AI score0.00986EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/10/11 11:34 a.m.90 views

USN-6429-1: curl vulnerabilities

Jay Satiro discovered that curl incorrectly handled hostnames when using a SOCKS5 proxy. In environments where curl is configured to use a SOCKS5 proxy, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04...

9.8CVSS7.8AI score0.78483EPSS
Exploits6
Ubuntu
Ubuntu
added 2023/02/15 8:3 p.m.90 views

USN-5874-1: Linux kernel vulnerabilities

It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service system crash or possibly...

8.8CVSS6.9AI score0.01067EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/01/27 6:49 p.m.90 views

USN-5830-1: Linux kernel vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/12 5:12 p.m.90 views

USN-5800-1: Heimdal vulnerabilities

It was discovered that Heimdal incorrectly handled certain SPNEGO tokens. A remote attacker could possibly use this issue to cause a denial of service. CVE-2021-44758 Evgeny Legerov discovered that Heimdal incorrectly handled memory when performing certain DES decryption operations. A remote...

9.8CVSS7.1AI score0.06419EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/09/02 12:24 a.m.90 views

USN-5594-1: Linux kernel vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 Moshe Kol, Amit Klein and Yossi Gilad discovered that the I...

8.2CVSS6.8AI score0.02972EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/08/08 12:6 p.m.90 views

USN-5553-1: libjpeg-turbo vulnerabilities

It was discovered that libjpeg-turbo was not properly handling EOF characters, which could lead to excessive memory consumption through the execution of a large loop. An attacker could possibly use this issue to cause a denial of service. CVE-2018-11813 It was discovered that libjpeg-turbo was no...

8.8CVSS7.1AI score0.03162EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/07/08 2:49 a.m.90 views

USN-5507-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled memory access. An attacker could potentially use this issue to cause the program to crash, use unexpected values, or execute arbitrary code. CVE-2022-1968 It was discovered that Vim incorrectly handled memory access. An attacker could potentially use...

7.8CVSS8AI score0.01559EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/05/23 11:39 a.m.90 views

USN-5433-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled parsing of filenames in its search functionality. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service. CVE-2021-3973 It was discovered that Vim incorrectly handled memo...

9.8CVSS7.7AI score0.02086EPSS
Exploits9
Ubuntu
Ubuntu
added 2022/04/27 6:40 a.m.90 views

USN-5366-2: FriBidi vulnerabilities

USN-5366-1 fixed several vulnerabilities in FriBidi. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: It was discovered that FriBidi incorrectly handled processing of input strings resulting in memory corruption. An attacker could use this issue to...

7.8CVSS7AI score0.00508EPSS
Exploits3
Ubuntu
Ubuntu
added 2021/12/13 7:48 p.m.90 views

USN-5189-1: GLib vulnerability

It was discovered that GLib incorrectly handled certain environment variables. An attacker could possibly use this issue to escalate privileges...

5.5CVSS6.8AI score0.00531EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/11/09 2:38 a.m.90 views

USN-5134-1: Docker vulnerability

An information disclosure issue was discovered in the command line interface of Docker. A misconfigured credential store could result in supplied credentials being leaked to the public registry, when using the docker login command with a private registry...

7.5CVSS6.4AI score0.01536EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/09/23 11:46 a.m.90 views

USN-5089-1: ca-certificates update

The ca-certificates package contained a CA certificate that will expire on 2021-09-30 and will cause connectivity issues. This update removes the “DST Root CA X3” CA...

5.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2020/10/22 10:18 p.m.90 views

USN-4601-1: pip vulnerability

It was discovered that pip did not properly sanitize the filename during pip install. A remote attacker could possible use this issue to read and write arbitrary files on the host filesystem as root, resulting in a directory traversal attack. CVE-2019-20916...

7.5CVSS7.7AI score0.03028EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/09/22 4:15 p.m.90 views

USN-4532-1: Netty vulnerabilities

It was discovered that Netty incorrectly handled certain HTTP headers. By sending an HTTP header with whitespace before the colon, a remote attacker could possibly use this issue to perform an HTTP request smuggling attack. CVE-2019-16869 It was discovered that Netty incorrectly handled certain...

9.1CVSS7.1AI score0.13474EPSS
Exploits3
Ubuntu
Ubuntu
added 2020/08/21 11:29 a.m.90 views

USN-4468-1: Bind vulnerabilities

Emanuel Almeida discovered that Bind incorrectly handled certain TCP payloads. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. CVE-2020-8620 Joseph Gullo discovered that Bind incorrectly handled...

7.5CVSS6.5AI score0.06348EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/07/27 2:32 p.m.90 views

USN-4438-1: SQLite vulnerability

It was discovered that SQLite incorrectly handled query-flattener optimization. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code...

5.5CVSS7.7AI score0.01027EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/07/02 11:39 p.m.90 views

USN-4413-1: Linux kernel vulnerabilities

Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service system crash. CVE-2020-10711 It was discovered that the SCSI generic sg driver in...

6.7CVSS6.8AI score0.04505EPSS
Exploits0
Total number of security vulnerabilities5000