Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
added 2006/09/25 5:5 p.m.91 views

USN-352-1: Thunderbird vulnerabilities

Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious email containing JavaScript. Please note that JavaScript is disabled by default for emails, and it is not recommended to enable it. CVE-2006-4253,...

10CVSS7.9AI score0.14074EPSS
Exploits1
Ubuntu
Ubuntu
added 2006/09/15 2:44 a.m.91 views

USN-346-1: Linux kernel vulnerabilities

A Denial of service vulnerability was reported in iptables' SCTP conntrack module. On computers which use this iptables module, a remote attacker could expoit this to trigger a kernel crash. CVE-2006-2934 A buffer overflow has been discovered in the dvdreadbca function. By inserting a specially...

7.8CVSS6.3AI score0.1569EPSS
Exploits0
Ubuntu
Ubuntu
added 2005/07/05 8:30 p.m.91 views

USN-147-1: PHP XMLRPC vulnerability

A remote code execution vulnerability has been discovered in the XMLRPC module of the PEAR PHP Extension and Application Repository extension of PHP. By sending specially crafted XMLRPC requests to an affected web server, a remote attacker could exploit this to execute arbitrary code with the web...

7.5CVSS6.7AI score0.79071EPSS
Exploits5
Ubuntu
Ubuntu
added 2004/12/23 8:45 p.m.91 views

USN-50-1: CUPS vulnerabilities

CAN-2004-1125: The recent USN-48-1 fixed a buffer overflow in xpdf. Since CUPS contains xpdf code to convert incoming PDF files to the PostScript format, this vulnerability applies to cups as well. In this case it could even lead to privilege escalation: if an attacker submitted a malicious PDF...

9.3CVSS6.2AI score0.08954EPSS
Exploits4
Ubuntu
Ubuntu
added 2025/04/08 1:48 p.m.90 views

USN-7425-1: Erlang vulnerability

It was discovered that Erlang OTP's SSH module did not limit the size of certain data in initialization messages. An attacker could possibly use this issue to consume large amount of memory leading to a denial of service...

7.5CVSS7.3AI score0.00436EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/03/31 9:47 a.m.90 views

USN-7376-2: MariaDB vulnerability

USN-7376-1 fixed vulnerabilities in MariaDB. This update provides the corresponding updates for Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. Original advisory details: A security issue was discovered in MariaDB and this update includes a new upstream MariaDB version to fix the issue. In addition to...

4.9CVSS6.5AI score0.01236EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/03/12 4:19 p.m.90 views

USN-7350-1: UnRAR vulnerabilities

It was discovered that UnRAR incorrectly handled certain paths. If a user or automated system were tricked into extracting a specially crafted RAR archive, a remote attacker could possibly use this issue to write arbitrary files outside of the targeted directory. CVE-2022-30333, CVE-2022-48579 It...

7.8CVSS7.1AI score0.98975EPSS
Exploits14
Ubuntu
Ubuntu
added 2025/03/12 2:36 p.m.90 views

USN-7348-1: Python vulnerabilities

It was discovered that the Python ipaddress module contained incorrect information about which IP address ranges were considered “private” or “globally reachable”. This could possibly result in applications applying incorrect security policies. This issue only affected Ubuntu 14.04 LTS and Ubuntu...

7.8CVSS7.5AI score0.01499EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/06/11 5:45 p.m.90 views

USN-6828-1: Linux kernel (Intel IoTG) vulnerabilities

Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service system crash. CVE-2023-47233 It was...

9.1CVSS7.7AI score0.78388EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/02/07 8:16 p.m.90 views

USN-6624-1: Linux kernel vulnerabilities

Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service paravirtualized device unavailability. CVE-2023-34324 Zheng Wang discovered...

7.8CVSS7.2AI score0.00888EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/29 5:48 p.m.90 views

USN-6526-1: GStreamer Bad Plugins vulnerabilities

It was discovered that GStreamer Bad Plugins incorrectly handled certain media files. A remote attacker could use this issue to cause GStreamer Bad Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.8CVSS7.1AI score0.02189EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/07/03 2:38 p.m.90 views

USN-6199-1: PHP vulnerability

It was discovered that PHP incorrectly handled certain Digest authentication for SOAP. An attacker could possibly use this issue to expose sensitive information...

4.3CVSS7.1AI score0.00709EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/04/19 1:42 p.m.90 views

USN-6028-1: libxml2 vulnerabilities

It was discovered that lixml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. CVE-2023-28484 It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a cras...

6.5CVSS7.2AI score0.01086EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/02/15 8:3 p.m.90 views

USN-5874-1: Linux kernel vulnerabilities

It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service system crash or possibly...

8.8CVSS6.9AI score0.01067EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/01/27 6:49 p.m.90 views

USN-5830-1: Linux kernel vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/12 9:31 p.m.90 views

USN-5801-1: Vim vulnerabilities

It was discovered that Vim makes illegal memory calls when pasting brackets in Ex mode. An attacker could possibly use this to crash Vim, access or modify memory, or execute arbitrary commands. This issue affected only Ubuntu 20.04 and 22.04 CVE-2022-0392 It was discovered that Vim makes illegal...

8.4CVSS7.5AI score0.01541EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/09/02 12:24 a.m.90 views

USN-5594-1: Linux kernel vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 Moshe Kol, Amit Klein and Yossi Gilad discovered that the I...

8.2CVSS6.8AI score0.02972EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/08/08 12:6 p.m.90 views

USN-5553-1: libjpeg-turbo vulnerabilities

It was discovered that libjpeg-turbo was not properly handling EOF characters, which could lead to excessive memory consumption through the execution of a large loop. An attacker could possibly use this issue to cause a denial of service. CVE-2018-11813 It was discovered that libjpeg-turbo was no...

8.8CVSS7.1AI score0.03162EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/07/08 2:49 a.m.90 views

USN-5507-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled memory access. An attacker could potentially use this issue to cause the program to crash, use unexpected values, or execute arbitrary code. CVE-2022-1968 It was discovered that Vim incorrectly handled memory access. An attacker could potentially use...

7.8CVSS8AI score0.01559EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/05/23 11:39 a.m.90 views

USN-5433-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled parsing of filenames in its search functionality. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service. CVE-2021-3973 It was discovered that Vim incorrectly handled memo...

9.8CVSS7.7AI score0.02086EPSS
Exploits9
Ubuntu
Ubuntu
added 2022/05/12 8:43 a.m.90 views

USN-5419-1: Rsyslog vulnerabilities

It was discovered that Rsyslog improperly handled certain invalid input. An attacker could use this issue to cause Rsyslog to crash...

9.8CVSS6.2AI score0.04568EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/27 6:40 a.m.90 views

USN-5366-2: FriBidi vulnerabilities

USN-5366-1 fixed several vulnerabilities in FriBidi. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: It was discovered that FriBidi incorrectly handled processing of input strings resulting in memory corruption. An attacker could use this issue to...

7.8CVSS7AI score0.00508EPSS
Exploits3
Ubuntu
Ubuntu
added 2021/12/13 7:48 p.m.90 views

USN-5189-1: GLib vulnerability

It was discovered that GLib incorrectly handled certain environment variables. An attacker could possibly use this issue to escalate privileges...

5.5CVSS6.8AI score0.00531EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/11/09 2:38 a.m.90 views

USN-5134-1: Docker vulnerability

An information disclosure issue was discovered in the command line interface of Docker. A misconfigured credential store could result in supplied credentials being leaked to the public registry, when using the docker login command with a private registry...

7.5CVSS6.4AI score0.01536EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/09/23 11:46 a.m.90 views

USN-5089-1: ca-certificates update

The ca-certificates package contained a CA certificate that will expire on 2021-09-30 and will cause connectivity issues. This update removes the “DST Root CA X3” CA...

5.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2021/08/05 1:32 p.m.90 views

USN-5032-1: Docker vulnerabilities

Several vulnerabilities were fixed in Docker. This update provides a new upstream version that fixed them...

5.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2020/09/22 4:15 p.m.90 views

USN-4532-1: Netty vulnerabilities

It was discovered that Netty incorrectly handled certain HTTP headers. By sending an HTTP header with whitespace before the colon, a remote attacker could possibly use this issue to perform an HTTP request smuggling attack. CVE-2019-16869 It was discovered that Netty incorrectly handled certain...

9.1CVSS7.1AI score0.13474EPSS
Exploits3
Ubuntu
Ubuntu
added 2020/07/02 11:39 p.m.90 views

USN-4413-1: Linux kernel vulnerabilities

Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service system crash. CVE-2020-10711 It was discovered that the SCSI generic sg driver in...

6.7CVSS6.8AI score0.04505EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/05/06 5:31 p.m.91 views

USN-4352-2: OpenLDAP vulnerability

USN-4352-1 fixed a vulnerability in OpenLDAP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that OpenLDAP incorrectly handled certain queries. A remote attacker could possibly use this issue to cause OpenLDAP ...

7.5CVSS6.8AI score0.04423EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/04/30 11:37 a.m.90 views

USN-4333-2: Python vulnerabilities

USN-4333-1 fixed vulnerabilities in Python. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: It was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection...

7.1CVSS7.4AI score0.06617EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/02/06 1:10 p.m.90 views

USN-4271-1: Mesa vulnerability

Tim Brown discovered that Mesa incorrectly handled shared memory permissions. A local attacker could use this issue to obtain and possibly alter sensitive information belonging to another user...

5.1CVSS5.2AI score0.00504EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/01/29 7:51 p.m.90 views

USN-4261-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

9.3CVSS6.9AI score0.02238EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/01/14 3:1 p.m.90 views

USN-4238-1: SDL_image vulnerabilities

It was discovered that SDLimage incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact...

8.8CVSS6.7AI score0.04515EPSS
Exploits12
Ubuntu
Ubuntu
added 2020/01/13 2:12 p.m.90 views

USN-4047-2: libvirt update vulnerability

USN-4047-1 fixed a vulnerability in libvirt. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Matthias Gerstner and Ján Tomko discovered that libvirt incorrectly handled certain API calls. An attacker could possibly use this issue to check for arbitra...

8.8CVSS7.9AI score0.00516EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/11/05 2:4 p.m.90 views

USN-4171-4: Apport regression

USN-4171-1 fixed a vulnerability in Apport. The update caused a regression in the Python Apport library. This update fixes the problem for Ubuntu 14.04 ESM. We apologize for the inconvenience. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings fil...

5.6AI score
Exploits0References1
Ubuntu
Ubuntu
added 2019/11/05 1:13 p.m.90 views

USN-4175-1: Nokogiri vulnerability

It was discovered that Nokogiri incorrectly handled inputs. A remote attacker could possibly use this issue to execute arbitrary OS commands...

9.8CVSS8.4AI score0.05899EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/08/19 11:50 a.m.90 views

USN-4102-1: LibreOffice vulnerabilities

It was discovered that LibreOffice incorrectly handled LibreLogo scripts. If a user were tricked into opening a specially crafted document, a remote attacker could cause LibreOffice to execute arbitrary code. CVE-2019-9850, CVE-2019-9851 It was discovered that LibreOffice incorrectly handled...

9.8CVSS8.3AI score0.78347EPSS
Exploits4
Ubuntu
Ubuntu
added 2019/04/09 12:49 p.m.90 views

USN-3943-2: Wget vulnerability

USN-3943-1 fixed a vulnerability in Wget. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Kusano Kazuhiko discovered that Wget incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. CVE-2019-5953...

9.8CVSS8.6AI score0.05751EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/03/21 3:40 p.m.90 views

USN-3915-1: Ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service...

7.3CVSS7.2AI score0.02642EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/02/26 6:20 p.m.90 views

USN-3896-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass same origin protections, or execute arbitrary code...

8.8CVSS7.7AI score0.0313EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/12/20 10:39 p.m.90 views

USN-3847-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2018-10902 It was discovered that an integer overr...

7.8CVSS6.7AI score0.00683EPSS
Exploits2
Ubuntu
Ubuntu
added 2018/08/30 5:28 p.m.90 views

USN-3758-1: libx11 vulnerabilities

Tobias Stoeckmann discovered that libx11 incorrectly handled certain images. An attacker could possibly use this issue to access sensitive information CVE-2016-7942 Tobias Stoeckmann discovered that libx11 incorrectly handled certain inputs. An attacker could possibly use this issue to access...

9.8CVSS7.5AI score0.09341EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/08/24 12:38 a.m.90 views

USN-3754-1: Linux kernel vulnerabilities

Ralf Spenneberg discovered that the ext4 implementation in the Linux kernel did not properly validate meta block groups. An attacker with physical access could use this to specially craft an ext4 image that causes a denial of service system crash. CVE-2016-10208 It was discovered that an...

9.8CVSS7.7AI score0.05794EPSS
Exploits14
Ubuntu
Ubuntu
added 2018/05/16 5:32 p.m.90 views

USN-3646-2: PHP vulnerabilities

USN-3646-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that PHP incorrectly handled opcache access controls when configured to use PHP-FPM. A local user could possibly use this issue to obtain...

7.5CVSS6.5AI score0.08677EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/01/11 1:59 p.m.90 views

USN-3530-1: WebKitGTK+ vulnerabilities

It was discovered that speculative execution performed by modern CPUs could leak information through a timing side-channel attack, and that this could be exploited in web browser JavaScript engines. If a user were tricked in to opening a specially crafted website, an attacker could potentially...

5.6CVSS7.4AI score0.93838EPSS
Exploits12
Ubuntu
Ubuntu
added 2017/07/25 5:52 p.m.90 views

USN-3365-1: Ruby vulnerabilities

It was discovered that Ruby DL::dlopen incorrectly handled opening libraries. An attacker could possibly use this issue to open libraries with tainted names. This issue only applied to Ubuntu 14.04 LTS. CVE-2009-5147 Tony Arcieri, Jeffrey Walton, and Steffan Ullrich discovered that the Ruby OpenS...

9.8CVSS7.5AI score0.07766EPSS
Exploits6
Ubuntu
Ubuntu
added 2017/05/30 4:38 p.m.90 views

USN-3304-1: Sudo vulnerability

It was discovered that Sudo did not properly parse the contents of /proc/pid/stat when attempting to determine its controlling tty. A local attacker in some configurations could possibly use this to overwrite any file on the filesystem, bypassing intended permissions...

6.9CVSS7.2AI score0.08018EPSS
Exploits8
Ubuntu
Ubuntu
added 2017/05/17 1:25 a.m.90 views

USN-3293-1: Linux kernel vulnerabilities

Dmitry Vyukov discovered that KVM implementation in the Linux kernel improperly emulated the VMXON instruction. A local attacker in a guest OS could use this to cause a denial of service memory consumption in the host OS. CVE-2017-2596 Dmitry Vyukov discovered that the generic SCSI sg subsystem i...

7.8CVSS7.4AI score0.00414EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/03/09 6:41 p.m.90 views

USN-3225-1: libarchive vulnerabilities

It was discovered that libarchive incorrectly handled hardlink entries when extracting archives. A remote attacker could possibly use this issue to overwrite arbitrary files. CVE-2016-5418 Christian Wressnegger, Alwin Maier, and Fabian Yamaguchi discovered that libarchive incorrectly handled...

8.6CVSS7.1AI score0.06251EPSS
Exploits1
Ubuntu
Ubuntu
added 2017/03/07 11:48 p.m.90 views

USN-3219-1: Linux kernel vulnerability

Alexander Popov discovered that the NHDLC line discipline implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly gain administrative privileges...

7CVSS6.7AI score0.01029EPSS
Exploits2
Total number of security vulnerabilities5000