Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2020/01/14 3:1 p.m.•91 views

USN-4238-1: SDL_image vulnerabilities

It was discovered that SDLimage incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact...

8.8CVSS6.7AI score0.04515EPSS
Exploits12
Ubuntu
Ubuntu
•added 2020/01/13 2:12 p.m.•91 views

USN-4047-2: libvirt update vulnerability

USN-4047-1 fixed a vulnerability in libvirt. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Matthias Gerstner and Ján Tomko discovered that libvirt incorrectly handled certain API calls. An attacker could possibly use this issue to check for arbitra...

8.8CVSS7.9AI score0.00516EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/12/20 11:42 p.m.•91 views

USN-3848-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3848-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a double free existed in the AMD GPIO driver in the Linux kerne...

9.8CVSS6.9AI score0.03399EPSS
Exploits2
Ubuntu
Ubuntu
•added 2018/08/29 1:2 p.m.•91 views

USN-3757-1: poppler vulnerability

Hosein Askari discovered that poppler incorrectly handled certain PDF files. An attacker could possible use this issue to cause a denial of service...

6.5CVSS6.9AI score0.0315EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/08/10 2:0 a.m.•91 views

USN-3735-1: OpenJDK 7 vulnerability

It was discovered that the PatternSyntaxException class in OpenJDK did not properly validate arguments passed to it. An attacker could use this to potentially construct a class that caused a denial of service excessive memory consumption...

4.3CVSS6.5AI score0.04184EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/07/02 5:49 p.m.•91 views

USN-3695-2: Linux kernel (HWE) vulnerabilities

USN-3695-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Wen Xu discovered that the ext4 file system implementation in the Linux kernel did not...

7.1CVSS6.4AI score0.02128EPSS
Exploits6
Ubuntu
Ubuntu
•added 2018/06/26 2:6 p.m.•91 views

USN-3692-2: OpenSSL vulnerabilities

USN-3692-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Keegan Ryan discovered that OpenSSL incorrectly handled ECDSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and...

7.5CVSS6.6AI score0.49268EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/05/21 11:59 p.m.•91 views

USN-3651-1: QEMU update

Ken Johnson and Jann Horn independently discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via sidechannel attacks. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This update...

5.5CVSS7.2AI score0.60631EPSS
Exploits2References1
Ubuntu
Ubuntu
•added 2018/05/16 5:32 p.m.•91 views

USN-3646-2: PHP vulnerabilities

USN-3646-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that PHP incorrectly handled opcache access controls when configured to use PHP-FPM. A local user could possibly use this issue to obtain...

7.5CVSS6.5AI score0.08677EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/03/15 6:38 a.m.•91 views

USN-3597-1: Linux kernel vulnerabilities

USNS 3541-1 and 3523-1 provided mitigations for Spectre and Meltdown CVE-2017-5715, CVE-2017-5753, CVE-2017-5754 for the i386, amd64, and ppc64el architectures in Ubuntu 17.10. This update provides the corresponding mitigations for the arm64 architecture. Original advisory details: Jann Horn...

5.6CVSS7.3AI score0.93838EPSS
Exploits13References2
Ubuntu
Ubuntu
•added 2018/03/09 9:2 a.m.•91 views

USN-3594-1: Linux kernel vulnerability

USN-3542-1 mitigated CVE-2017-5715 Spectre Variant 2 for the amd64 architecture in Ubuntu 14.04 LTS. This update provides the compiler-based retpoline kernel mitigation for the amd64 and i386 architectures. Original advisory details: Jann Horn discovered that microprocessors utilizing speculative...

5.6CVSS7.2AI score0.74041EPSS
Exploits9References1
Ubuntu
Ubuntu
•added 2018/02/22 12:10 a.m.•91 views

USN-3580-1: Linux kernel vulnerabilities

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory...

5.6CVSS7.2AI score0.93838EPSS
Exploits12References1
Ubuntu
Ubuntu
•added 2018/01/09 11:10 p.m.•91 views

USN-3522-1: Linux kernel vulnerability

Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory...

5.6CVSS7.1AI score0.84172EPSS
Exploits3
Ubuntu
Ubuntu
•added 2017/11/21 5:36 a.m.•91 views

USN-3485-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the ALSA subsystem of the Linux kernel when creating and deleting a port via ioctl. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-15265 Eric Biggers discovered that the key...

7.8CVSS7.3AI score0.0097EPSS
Exploits4
Ubuntu
Ubuntu
•added 2017/07/20 11:32 p.m.•91 views

USN-3359-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information kernel memory. CVE-2014-9900 Dmitry Vyukov, Andrey Konovalov, Florian Westphal, and Eric Dumazet discovered that the netfiler subsyste...

10CVSS7AI score0.1081EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/04/25 2:46 a.m.•91 views

USN-3266-2: Linux kernel (HWE) vulnerability

USN-3266-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS. Alexander Popov discovered that a race condition existed in the Stream Control Transmission...

7.1CVSS6.7AI score0.01162EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/03/21 2:58 a.m.•91 views

USN-3239-1: GNU C Library vulnerabilities

It was discovered that the GNU C Library incorrectly handled the strxfrm function. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2015-8982 It was discovered that an integer...

8.1CVSS7.8AI score0.0627EPSS
Exploits3
Ubuntu
Ubuntu
•added 2017/01/19 1:32 p.m.•91 views

USN-3174-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.54 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 16.04 LTS and Ubuntu 16.10 have been updated to MySQL 5.7.17. In addition to security fixes...

6.8CVSS6.5AI score0.04792EPSS
Exploits1
Ubuntu
Ubuntu
•added 2016/08/10 10:1 a.m.•91 views

USN-3052-1: Linux kernel vulnerabilities

It was discovered that the keyring implementation in the Linux kernel did not ensure a data structure was initialized before referencing it after an error condition occurred. A local attacker could use this to cause a denial of service system crash. CVE-2016-4470 Kangjie Lu discovered an...

5.5CVSS6.6AI score0.00582EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/06/10 6:58 a.m.•91 views

USN-3007-1: Linux kernel (Raspberry Pi 2) vulnerabilities

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-2117 Jann Horn discovered that eCryptfs improperly attempted to use...

7.8CVSS6.8AI score0.06438EPSS
Exploits6
Ubuntu
Ubuntu
•added 2016/05/25 8:22 p.m.•91 views

USN-2985-1: GNU C Library vulnerabilities

Martin Carpenter discovered that ptchown in the GNU C Library did not properly check permissions for tty files. A local attacker could use this to gain administrative privileges or expose sensitive information. CVE-2013-2207, CVE-2016-2856 Robin Hack discovered that the Name Service Switch NSS...

9.8CVSS8.2AI score0.07629EPSS
Exploits6
Ubuntu
Ubuntu
•added 2016/05/16 5:9 p.m.•91 views

USN-2975-2: Linux kernel (Trusty HWE) vulnerability

USN-2975-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properl...

7.8CVSS7.3AI score0.00397EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/05/09 10:4 p.m.•91 views

USN-2970-1: Linux kernel (Vivid HWE) vulnerabilities

Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not properly validate the endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7515 Ben Hawkes discovered that the Linux kernel's AIO...

7.8CVSS6.6AI score0.01946EPSS
Exploits19
Ubuntu
Ubuntu
•added 2016/04/06 6:59 a.m.•91 views

USN-2947-2: Linux kernel (Wily HWE) vulnerabilities

Ralf Spenneberg discovered that the usbvision driver in the Linux kernel did not properly validate the interfaces and endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7833 Venkatesh Pottem discovered a use-after-free...

10CVSS7.1AI score0.14281EPSS
Exploits1
Ubuntu
Ubuntu
•added 2016/03/14 3:34 p.m.•91 views

USN-2928-1: Linux kernel vulnerability

Andrey Konovalov discovered that the ALSA USB MIDI driver incorrectly performed a double-free. A local attacker with physical access could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges...

4.9CVSS6.5AI score0.03723EPSS
Exploits10
Ubuntu
Ubuntu
•added 2016/02/09 6:7 p.m.•91 views

USN-2892-1: nginx vulnerabilities

It was discovered that nginx incorrectly handled certain DNS server responses when the resolver is enabled. A remote attacker could possibly use this issue to cause nginx to crash, resulting in a denial of service. CVE-2016-0742 It was discovered that nginx incorrectly handled CNAME response...

9.8CVSS6.8AI score0.81958EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/07/29 4:36 p.m.•91 views

USN-2694-1: PCRE vulnerabilities

Michele Spagnuolo discovered that PCRE incorrectly handled certain regular expressions. A remote attacker could use this issue to cause applications using PCRE to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. CVE-2014-8964...

9.8CVSS7.1AI score0.09157EPSS
Exploits4
Ubuntu
Ubuntu
•added 2015/07/06 12:14 p.m.•91 views

USN-2658-1: PHP vulnerabilities

Neal Poole and Tomas Hoger discovered that PHP incorrectly handled NULL bytes in file paths. A remote attacker could possibly use this issue to bypass intended restrictions and create or obtain access to sensitive files. CVE-2015-3411, CVE-2015-3412, CVE-2015-4025, CVE-2015-4026, CVE-2015-4598...

10CVSS7.5AI score0.50129EPSS
Exploits19
Ubuntu
Ubuntu
•added 2015/05/20 11:34 a.m.•91 views

USN-2616-1: Linux kernel vulnerabilities

Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes xattrs. A local attacker could exploit this flaw to bypass ACLs and potentially escalate privileges. CVE-2014-9710 A memory corruption issue was discovered in AES decryption when using the...

9.3CVSS6.9AI score0.10108EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/03/19 5:10 p.m.•91 views

USN-2537-1: OpenSSL vulnerabilities

It was discovered that OpenSSL incorrectly handled malformed EC private key files. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service, or execute arbitrary code. CVE-2015-0209 Stephen Henson discovered that OpenSSL incorrectly handled...

7.5CVSS7.8AI score0.44503EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/01/13 11:40 a.m.•91 views

USN-2464-1: Linux kernel (OMAP4) vulnerabilities

Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment SS register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. CVE-2014-9322 An information leak in the Linux kernel was discovered...

7.8CVSS6.7AI score0.01504EPSS
Exploits10
Ubuntu
Ubuntu
•added 2014/11/25 4:10 a.m.•91 views

USN-2421-1: Linux kernel vulnerabilities

A flaw was discovered in how the Linux kernel's KVM Kernel Virtual Machine subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service kill arbitrary processes, or system disruption by leveraging /dev/kvm access...

7.5CVSS6.9AI score0.05421EPSS
Exploits0
Ubuntu
Ubuntu
•added 2014/07/17 1:33 a.m.•91 views

USN-2290-1: Linux kernel vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Salva Peiró discovered an information leak in the Linux kernel's media- device...

6.9CVSS7.1AI score0.08103EPSS
Exploits11
Ubuntu
Ubuntu
•added 2014/06/05 9:56 p.m.•91 views

USN-2241-1: Linux kernel vulnerabilities

Pinkie Pie discovered a flaw in the Linux kernel's futex subsystem. An unprivileged local user could exploit this flaw to cause a denial of service system crash or gain administrative privileges. CVE-2014-3153 A flaw was discovered in the Linux kernel virtual machine's kvm validation of interrupt...

7.8CVSS7AI score0.37233EPSS
Exploits19
Ubuntu
Ubuntu
•added 2014/05/27 10:1 a.m.•91 views

USN-2228-1: Linux kernel vulnerabilities

Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. CVE-2014-1738 Matthew Daley reported a flaw in the handling of ioctl commands by the floppy...

10CVSS7.5AI score0.10385EPSS
Exploits16
Ubuntu
Ubuntu
•added 2014/05/27 6:46 a.m.•91 views

USN-2225-1: Linux kernel (Saucy HWE) vulnerabilities

Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. CVE-2014-1738 Matthew Daley reported a flaw in the handling of ioctl commands by the floppy...

10CVSS7.5AI score0.10385EPSS
Exploits16
Ubuntu
Ubuntu
•added 2014/05/26 12:12 p.m.•91 views

USN-2220-1: Linux kernel (EC2) vulnerabilities

Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. CVE-2014-1738 Matthew Daley reported a flaw in the handling of ioctl commands by the floppy...

7.2CVSS6.9AI score0.00524EPSS
Exploits3
Ubuntu
Ubuntu
•added 2013/12/03 7:16 p.m.•91 views

USN-2039-1: Linux kernel (OMAP4) vulnerabilities

An information leak was discovered in the handling of ICMPv6 Router Advertisement RA messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service excessive retries and address-generation outage, and consequently obtain sensitive...

6.2CVSS7.1AI score0.04144EPSS
Exploits5
Ubuntu
Ubuntu
•added 2013/11/08 9:47 p.m.•91 views

USN-2019-1: Linux kernel (Quantal HWE) vulnerabilities

An information leak was discovered in the handling of ICMPv6 Router Advertisement RA messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service excessive retries and address-generation outage, and consequently obtain sensitive...

6.2CVSS7.1AI score0.04144EPSS
Exploits3
Ubuntu
Ubuntu
•added 2013/07/29 12:48 p.m.•91 views

USN-1910-1: Bind vulnerability

Maxim Shudrak discovered that Bind incorrectly handled certain malformed rdata. A remote attacker could use this flaw with a specially crafted query to cause Bind to stop responding, resulting in a denial of service...

7.8CVSS6.7AI score0.3415EPSS
Exploits1
Ubuntu
Ubuntu
•added 2013/07/16 5:24 p.m.•91 views

USN-1907-1: OpenJDK 7 vulnerabilities

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. CVE-2013-1500, CVE-2013-2454, CVE-2013-2458 A vulnerability was discovered in the OpenJDK Javadoc related to...

10CVSS7.7AI score0.98704EPSS
Exploits32
Ubuntu
Ubuntu
•added 2013/04/19 7:32 a.m.•91 views

USN-1805-1: Linux kernel vulnerabilities

Mathias Krause discovered an information leak in the Linux kernel's getsockname implementation for Logical Link Layer llc sockets. A local user could exploit this flaw to examine some of the kernel's stack memory. CVE-2012-6542 Mathias Krause discovered information leaks in the Linux kernel's...

6.8CVSS6.5AI score0.00946EPSS
Exploits2
Ubuntu
Ubuntu
•added 2013/04/08 11:58 p.m.•91 views

USN-1797-1: Linux kernel (OMAP4) vulnerabilities

Andrew Jones discovered a flaw with the xeniret function in Linux kernel's Xen virtualizeation. In the 32-bit Xen paravirt platform an unprivileged guest OS user could exploit this flaw to cause a denial of service crash the system or gain guest OS privilege. CVE-2013-0228 Emese Revfy discovered...

6.2CVSS6.3AI score0.005EPSS
Exploits4
Ubuntu
Ubuntu
•added 2012/11/30 10:2 a.m.•91 views

USN-1651-1: Linux kernel vulnerability

Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. CVE-2012-4565 Mathias Krause discovered an information leak in the Linux kernel's TUN/TAP device driver. A local user could exploit this...

7.8CVSS6.3AI score0.03336EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/03/06 6:0 p.m.•91 views

USN-1386-1: Linux kernel (Natty backport) vulnerabilities

The linux kernel did not properly account for PTE pages when deciding which task to kill in out of memory conditions. A local, unprivileged could exploit this flaw to cause a denial of service. CVE-2011-2498 A flaw was discovered in the TOMOYO LSM's handling of mount system calls. An unprivileged...

7.8CVSS7AI score0.20492EPSS
Exploits11
Ubuntu
Ubuntu
•added 2012/01/24 9:7 p.m.•91 views

USN-1263-2: OpenJDK 6 regression

USN-1263-1 fixed vulnerabilities in OpenJDK 6. The upstream patch for the chosen plaintext attack on the block-wise AES encryption algorithm CVE-2011-3389 introduced a regression that caused TLS/SSL connections to fail when using certain algorithms. This update fixes the problem. We apologize for...

8.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2012/01/23 9:59 p.m.•91 views

USN-1341-1: Linux kernel vulnerabilities

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 Dan Rosenberg reported an error in the old ABI compatibility layer of ARM kernels. A local attacker could...

7.2CVSS7.4AI score0.00489EPSS
Exploits4
Ubuntu
Ubuntu
•added 2011/10/04 10:51 p.m.•91 views

USN-1222-2: Mozvoikko, ubufox, webfav update

USN-1222-1 fixed vulnerabilities in Firefox. This update provides updated packages for use with Firefox 7. Original advisory details: Benjamin Smedberg, Bob Clary, Jesse Ruderman, Bob Clary, Andrew McCreight, Andreas Gal, Gary Kwong, Igor Bukanov, Jason Orendorff, Jesse Ruderman, and Marcia Knous...

8.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2011/08/19 4:22 p.m.•91 views

USN-1189-1: Linux kernel vulnerabilities

It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities...

9.8CVSS7.4AI score0.08793EPSS
Exploits9
Ubuntu
Ubuntu
•added 2010/04/15 7:22 p.m.•91 views

USN-890-6: CMake vulnerabilities

USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for CMake. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked in...

5CVSS6.5AI score0.27924EPSS
Exploits3
Total number of security vulnerabilities5000