Lucene search
K
UbuntuMost viewed

10905 matches found

Ubuntu
Ubuntu
added 2013/04/19 7:32 a.m.91 views

USN-1805-1: Linux kernel vulnerabilities

Mathias Krause discovered an information leak in the Linux kernel's getsockname implementation for Logical Link Layer llc sockets. A local user could exploit this flaw to examine some of the kernel's stack memory. CVE-2012-6542 Mathias Krause discovered information leaks in the Linux kernel's...

6.8CVSS6.5AI score0.00946EPSS
Exploits2
Ubuntu
Ubuntu
added 2013/04/08 11:58 p.m.91 views

USN-1797-1: Linux kernel (OMAP4) vulnerabilities

Andrew Jones discovered a flaw with the xeniret function in Linux kernel's Xen virtualizeation. In the 32-bit Xen paravirt platform an unprivileged guest OS user could exploit this flaw to cause a denial of service crash the system or gain guest OS privilege. CVE-2013-0228 Emese Revfy discovered...

6.2CVSS6.3AI score0.005EPSS
Exploits4
Ubuntu
Ubuntu
added 2012/03/06 6:0 p.m.91 views

USN-1386-1: Linux kernel (Natty backport) vulnerabilities

The linux kernel did not properly account for PTE pages when deciding which task to kill in out of memory conditions. A local, unprivileged could exploit this flaw to cause a denial of service. CVE-2011-2498 A flaw was discovered in the TOMOYO LSM's handling of mount system calls. An unprivileged...

7.8CVSS7AI score0.20492EPSS
Exploits11
Ubuntu
Ubuntu
added 2012/01/23 9:59 p.m.91 views

USN-1341-1: Linux kernel vulnerabilities

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 Dan Rosenberg reported an error in the old ABI compatibility layer of ARM kernels. A local attacker could...

7.2CVSS7.4AI score0.00489EPSS
Exploits4
Ubuntu
Ubuntu
added 2011/10/04 10:51 p.m.91 views

USN-1222-2: Mozvoikko, ubufox, webfav update

USN-1222-1 fixed vulnerabilities in Firefox. This update provides updated packages for use with Firefox 7. Original advisory details: Benjamin Smedberg, Bob Clary, Jesse Ruderman, Bob Clary, Andrew McCreight, Andreas Gal, Gary Kwong, Igor Bukanov, Jason Orendorff, Jesse Ruderman, and Marcia Knous...

8.7AI score
Exploits0References1
Ubuntu
Ubuntu
added 2011/08/19 4:22 p.m.91 views

USN-1189-1: Linux kernel vulnerabilities

It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities...

9.8CVSS7.4AI score0.08793EPSS
Exploits9
Ubuntu
Ubuntu
added 2011/02/25 10:59 p.m.91 views

USN-1072-1: Linux kernel vulnerabilities

Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this to crash the host system, leading to a denial of service. CVE-2010-0435 Dave Chinner discovered that the XFS filesystem did not correctly order...

8.1CVSS6.4AI score0.17009EPSS
Exploits13
Ubuntu
Ubuntu
added 2010/04/15 7:22 p.m.91 views

USN-890-6: CMake vulnerabilities

USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for CMake. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked in...

5CVSS6.5AI score0.27924EPSS
Exploits3
Ubuntu
Ubuntu
added 2009/03/06 12:26 a.m.91 views

USN-728-2: Firefox vulnerabilities

Jesse Ruderman and Gary Kwong discovered flaws in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2009-0772, CVE-2009-0774...

9.3CVSS8.6AI score0.04047EPSS
Exploits0
Ubuntu
Ubuntu
added 2008/02/04 10:39 p.m.91 views

USN-575-1: Apache vulnerabilities

It was discovered that Apache did not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user...

6.1CVSS6.7AI score0.94281EPSS
Exploits12
Ubuntu
Ubuntu
added 2007/03/06 10:1 p.m.91 views

USN-429-1: tcpdump vulnerability

Moritz Jodeit discovered that tcpdump had an overflow in the 802.11 packet parser. Remote attackers could send specially crafted packets, crashing tcpdump, possibly leading to a denial of service...

6.8CVSS5.3AI score0.02824EPSS
Exploits0
Ubuntu
Ubuntu
added 2006/09/25 5:5 p.m.91 views

USN-352-1: Thunderbird vulnerabilities

Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious email containing JavaScript. Please note that JavaScript is disabled by default for emails, and it is not recommended to enable it. CVE-2006-4253,...

10CVSS7.9AI score0.14074EPSS
Exploits1
Ubuntu
Ubuntu
added 2006/09/15 2:44 a.m.91 views

USN-346-1: Linux kernel vulnerabilities

A Denial of service vulnerability was reported in iptables' SCTP conntrack module. On computers which use this iptables module, a remote attacker could expoit this to trigger a kernel crash. CVE-2006-2934 A buffer overflow has been discovered in the dvdreadbca function. By inserting a specially...

7.8CVSS6.3AI score0.1569EPSS
Exploits0
Ubuntu
Ubuntu
added 2005/07/05 8:30 p.m.91 views

USN-147-1: PHP XMLRPC vulnerability

A remote code execution vulnerability has been discovered in the XMLRPC module of the PEAR PHP Extension and Application Repository extension of PHP. By sending specially crafted XMLRPC requests to an affected web server, a remote attacker could exploit this to execute arbitrary code with the web...

7.5CVSS6.7AI score0.79071EPSS
Exploits5
Ubuntu
Ubuntu
added 2004/12/23 8:45 p.m.91 views

USN-50-1: CUPS vulnerabilities

CAN-2004-1125: The recent USN-48-1 fixed a buffer overflow in xpdf. Since CUPS contains xpdf code to convert incoming PDF files to the PostScript format, this vulnerability applies to cups as well. In this case it could even lead to privilege escalation: if an attacker submitted a malicious PDF...

9.3CVSS6.2AI score0.08954EPSS
Exploits4
Ubuntu
Ubuntu
added 2026/05/26 6:27 p.m.90 views

USN-8309-1: libssh2 vulnerability

It was discovered that libssh2 incorrectly handled username and password length values during SSH password authentication. A remote attacker could possibly use this issue to cause a denial of service...

9.1CVSS5.8AI score0.00466EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/04/23 2:20 p.m.90 views

USN-7449-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

7.8CVSS7.5AI score0.03558EPSS
Exploits5
Ubuntu
Ubuntu
added 2025/04/08 1:48 p.m.90 views

USN-7425-1: Erlang vulnerability

It was discovered that Erlang OTP's SSH module did not limit the size of certain data in initialization messages. An attacker could possibly use this issue to consume large amount of memory leading to a denial of service...

7.5CVSS7.3AI score0.00436EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/03/12 4:19 p.m.90 views

USN-7350-1: UnRAR vulnerabilities

It was discovered that UnRAR incorrectly handled certain paths. If a user or automated system were tricked into extracting a specially crafted RAR archive, a remote attacker could possibly use this issue to write arbitrary files outside of the targeted directory. CVE-2022-30333, CVE-2022-48579 It...

7.8CVSS7.1AI score0.98975EPSS
Exploits14
Ubuntu
Ubuntu
added 2025/03/12 2:36 p.m.90 views

USN-7348-1: Python vulnerabilities

It was discovered that the Python ipaddress module contained incorrect information about which IP address ranges were considered “private” or “globally reachable”. This could possibly result in applications applying incorrect security policies. This issue only affected Ubuntu 14.04 LTS and Ubuntu...

7.8CVSS7.5AI score0.01499EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/06/11 5:45 p.m.90 views

USN-6828-1: Linux kernel (Intel IoTG) vulnerabilities

Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service system crash. CVE-2023-47233 It was...

9.1CVSS7.7AI score0.78388EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/02/07 8:16 p.m.90 views

USN-6624-1: Linux kernel vulnerabilities

Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service paravirtualized device unavailability. CVE-2023-34324 Zheng Wang discovered...

7.8CVSS7.2AI score0.00888EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/12/06 1:34 p.m.90 views

USN-6536-1: Linux kernel vulnerabilities

Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service system crash or possibly expose sensitive information kernel memory. CVE-2023-39189 Kyle Zeng...

8.8CVSS7.4AI score0.09141EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/11/29 5:48 p.m.90 views

USN-6526-1: GStreamer Bad Plugins vulnerabilities

It was discovered that GStreamer Bad Plugins incorrectly handled certain media files. A remote attacker could use this issue to cause GStreamer Bad Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.8CVSS7.1AI score0.02189EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/07/03 2:38 p.m.90 views

USN-6199-1: PHP vulnerability

It was discovered that PHP incorrectly handled certain Digest authentication for SOAP. An attacker could possibly use this issue to expose sensitive information...

4.3CVSS7.1AI score0.00709EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/04/19 1:42 p.m.90 views

USN-6028-1: libxml2 vulnerabilities

It was discovered that lixml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. CVE-2023-28484 It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a cras...

6.5CVSS7.2AI score0.01086EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/04/13 7:16 a.m.90 views

USN-6012-1: Smarty vulnerability

It was discovered that Smarty incorrectly parsed blocks' names and included files' names. A remote attacker with template writing permissions could use this issue to execute arbitrary PHP code. CVE-2022-29221...

8.8CVSS7AI score0.0454EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/02/15 10:31 p.m.90 views

USN-5876-1: Linux kernel vulnerabilities

It was discovered that a memory leak existed in the Unix domain socket implementation of the Linux kernel. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2022-3543 It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly...

8.8CVSS7AI score0.01393EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/02/15 8:3 p.m.90 views

USN-5874-1: Linux kernel vulnerabilities

It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service system crash or possibly...

8.8CVSS6.9AI score0.01067EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/01/27 6:49 p.m.90 views

USN-5830-1: Linux kernel vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/13 7:11 p.m.90 views

USN-5804-2: Linux kernel vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/12 9:31 p.m.90 views

USN-5801-1: Vim vulnerabilities

It was discovered that Vim makes illegal memory calls when pasting brackets in Ex mode. An attacker could possibly use this to crash Vim, access or modify memory, or execute arbitrary commands. This issue affected only Ubuntu 20.04 and 22.04 CVE-2022-0392 It was discovered that Vim makes illegal...

8.4CVSS7.5AI score0.01541EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/12/14 6:0 p.m.90 views

USN-5780-1: Linux kernel (OEM) vulnerabilities

It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2022-3524 It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly deallocate memory...

8.8CVSS7.2AI score0.02014EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/09/02 12:24 a.m.90 views

USN-5594-1: Linux kernel vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 Moshe Kol, Amit Klein and Yossi Gilad discovered that the I...

8.2CVSS6.8AI score0.02972EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/08/08 12:6 p.m.90 views

USN-5553-1: libjpeg-turbo vulnerabilities

It was discovered that libjpeg-turbo was not properly handling EOF characters, which could lead to excessive memory consumption through the execution of a large loop. An attacker could possibly use this issue to cause a denial of service. CVE-2018-11813 It was discovered that libjpeg-turbo was no...

8.8CVSS7.1AI score0.03162EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/07/14 9:28 a.m.90 views

USN-5512-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, spoof the UI, bypass CSP restrictions, or execute...

9.8CVSS7.5AI score0.23941EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/07/08 2:49 a.m.90 views

USN-5507-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled memory access. An attacker could potentially use this issue to cause the program to crash, use unexpected values, or execute arbitrary code. CVE-2022-1968 It was discovered that Vim incorrectly handled memory access. An attacker could potentially use...

7.8CVSS8AI score0.01559EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/05/23 11:39 a.m.90 views

USN-5433-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled parsing of filenames in its search functionality. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service. CVE-2021-3973 It was discovered that Vim incorrectly handled memo...

9.8CVSS7.7AI score0.02086EPSS
Exploits9
Ubuntu
Ubuntu
added 2022/05/12 8:43 a.m.90 views

USN-5419-1: Rsyslog vulnerabilities

It was discovered that Rsyslog improperly handled certain invalid input. An attacker could use this issue to cause Rsyslog to crash...

9.8CVSS6.2AI score0.04568EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/27 6:40 a.m.90 views

USN-5366-2: FriBidi vulnerabilities

USN-5366-1 fixed several vulnerabilities in FriBidi. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: It was discovered that FriBidi incorrectly handled processing of input strings resulting in memory corruption. An attacker could use this issue to...

7.8CVSS7AI score0.00508EPSS
Exploits3
Ubuntu
Ubuntu
added 2021/12/13 7:48 p.m.90 views

USN-5189-1: GLib vulnerability

It was discovered that GLib incorrectly handled certain environment variables. An attacker could possibly use this issue to escalate privileges...

5.5CVSS6.8AI score0.00531EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/09/23 11:46 a.m.90 views

USN-5089-1: ca-certificates update

The ca-certificates package contained a CA certificate that will expire on 2021-09-30 and will cause connectivity issues. This update removes the “DST Root CA X3” CA...

5.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2021/08/05 1:32 p.m.90 views

USN-5032-1: Docker vulnerabilities

Several vulnerabilities were fixed in Docker. This update provides a new upstream version that fixed them...

5.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2020/09/22 4:15 p.m.90 views

USN-4532-1: Netty vulnerabilities

It was discovered that Netty incorrectly handled certain HTTP headers. By sending an HTTP header with whitespace before the colon, a remote attacker could possibly use this issue to perform an HTTP request smuggling attack. CVE-2019-16869 It was discovered that Netty incorrectly handled certain...

9.1CVSS7.1AI score0.13474EPSS
Exploits3
Ubuntu
Ubuntu
added 2020/07/02 11:39 p.m.90 views

USN-4413-1: Linux kernel vulnerabilities

Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service system crash. CVE-2020-10711 It was discovered that the SCSI generic sg driver in...

6.7CVSS6.8AI score0.04505EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/05/06 5:31 p.m.91 views

USN-4352-2: OpenLDAP vulnerability

USN-4352-1 fixed a vulnerability in OpenLDAP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that OpenLDAP incorrectly handled certain queries. A remote attacker could possibly use this issue to cause OpenLDAP ...

7.5CVSS6.8AI score0.04423EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/04/30 11:37 a.m.90 views

USN-4333-2: Python vulnerabilities

USN-4333-1 fixed vulnerabilities in Python. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: It was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection...

7.1CVSS7.4AI score0.06617EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/02/06 1:10 p.m.90 views

USN-4271-1: Mesa vulnerability

Tim Brown discovered that Mesa incorrectly handled shared memory permissions. A local attacker could use this issue to obtain and possibly alter sensitive information belonging to another user...

5.1CVSS5.2AI score0.00504EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/01/29 7:51 p.m.90 views

USN-4261-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

9.3CVSS6.9AI score0.02238EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/11/05 2:4 p.m.90 views

USN-4171-4: Apport regression

USN-4171-1 fixed a vulnerability in Apport. The update caused a regression in the Python Apport library. This update fixes the problem for Ubuntu 14.04 ESM. We apologize for the inconvenience. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings fil...

5.6AI score
Exploits0References1
Total number of security vulnerabilities5000