Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
added 2014/11/25 3:8 a.m.92 views

USN-2415-1: Linux kernel vulnerability

Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service memory corruption or OOPS. CVE-2014-4608 Andy Lutomirski discovered that the Linux kernel was not checking the CAPSYSADMIN when remounting...

7.5CVSS6.8AI score0.05421EPSS
Exploits0
Ubuntu
Ubuntu
added 2014/05/27 6:28 a.m.90 views

USN-2223-1: Linux kernel (Quantal HWE) vulnerabilities

Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. CVE-2014-1738 Matthew Daley reported a flaw in the handling of ioctl commands by the floppy...

10CVSS7.5AI score0.10385EPSS
Exploits16
Ubuntu
Ubuntu
added 2014/04/26 1:31 p.m.90 views

USN-2174-1: Linux kernel (EC2) vulnerabilities

A flaw was discovered in the Linux kernel's handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2014-0101 An error was discovered in the Linux kernel's DCCP protocol support. A remote attacked could exploit this flaw to cause a...

10CVSS7AI score0.10385EPSS
Exploits1
Ubuntu
Ubuntu
added 2014/01/03 10:51 a.m.90 views

USN-2068-1: Linux kernel (Quantal HWE) vulnerabilities

Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function tracing. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. CVE-2013-2930 Stephan Mueller reported an erro...

7.1CVSS7.1AI score0.09408EPSS
Exploits5
Ubuntu
Ubuntu
added 2013/12/03 7:9 p.m.90 views

USN-2037-1: Linux kernel (EC2) vulnerabilities

A flaw was discovered in the Linux kernel's KVM kernel virtual machine. An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. CVE-2012-2121 Multiple integer overflow flaws were discovered in the Alchemy LCD frame- buffer drivers in the Linux...

6.9CVSS7.8AI score0.00596EPSS
Exploits1
Ubuntu
Ubuntu
added 2013/11/08 9:47 p.m.90 views

USN-2019-1: Linux kernel (Quantal HWE) vulnerabilities

An information leak was discovered in the handling of ICMPv6 Router Advertisement RA messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service excessive retries and address-generation outage, and consequently obtain sensitive...

6.2CVSS7.1AI score0.04144EPSS
Exploits3
Ubuntu
Ubuntu
added 2012/12/19 12:51 a.m.90 views

USN-1673-1: Linux kernel (OMAP4) vulnerability

Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. CVE-2012-4508 A flaw was discovered in the Linux kernel's handling of new hot-plugged memory. An unprivileged local user...

4.7CVSS6.6AI score0.00387EPSS
Exploits1
Ubuntu
Ubuntu
added 2012/02/13 7:47 p.m.90 views

USN-1364-1: Linux kernel (OMAP4) vulnerabilities

A bug was discovered in the Linux kernel's calculation of OOM Out of memory scores, that would result in the wrong process being killed. A user could use this to kill the process with the highest OOM score, even if that process belongs to another user or the system. CVE-2011-4097 A flaw was...

7.8CVSS7.3AI score0.20492EPSS
Exploits20
Ubuntu
Ubuntu
added 2012/02/08 4:2 p.m.90 views

USN-1350-1: Thunderbird vulnerabilities

Jesse Ruderman and Bob Clary discovered memory safety issues affecting Thunderbird. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user...

10CVSS8.6AI score0.36511EPSS
Exploits11
Ubuntu
Ubuntu
added 2012/02/06 9:30 p.m.90 views

USN-1356-1: Linux kernel (OMAP4) vulnerabilities

A flaw was discovered in the XFS filesystem. If a local user mounts a specially crafted XFS image it could potential execute arbitrary code on the system. CVE-2012-0038 Chen Haogang discovered an integer overflow that could result in memory corruption. A local unprivileged user could use this to...

7.8CVSS7.1AI score0.20492EPSS
Exploits6
Ubuntu
Ubuntu
added 2011/06/01 12:0 a.m.90 views

USN-1141-1: Linux kernel vulnerabilities

Brad Spengler discovered that the kernel did not correctly account for userspace memory allocations during exec calls. A local attacker could exploit this to consume all system memory, leading to a denial of service. CVE-2010-4243 Alexander Duyck discovered that the Intel Gigabit Ethernet driver...

9.8CVSS7.1AI score0.04177EPSS
Exploits25
Ubuntu
Ubuntu
added 2011/02/25 10:59 p.m.90 views

USN-1072-1: Linux kernel vulnerabilities

Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this to crash the host system, leading to a denial of service. CVE-2010-0435 Dave Chinner discovered that the XFS filesystem did not correctly order...

8.1CVSS6.4AI score0.17009EPSS
Exploits13
Ubuntu
Ubuntu
added 2010/06/21 6:12 p.m.90 views

USN-955-1: OPIE vulnerability

Maksymilian Arciemowicz and Adam Zabrocki discovered that OPIE incorrectly handled long usernames. A remote attacker could exploit this with a crafted username and make applications linked against libopie crash, leading to a denial of service...

9.3CVSS8.3AI score0.21992EPSS
Exploits5
Ubuntu
Ubuntu
added 2009/04/07 3:53 p.m.90 views

USN-752-1: Linux kernel vulnerabilities

NFS did not correctly handle races between fcntl and interrupts. A local attacker on an NFS mount could consume unlimited kernel memory, leading to a denial of service. CVE-2008-4307 Sparc syscalls did not correctly check mmap regions. A local attacker could cause a system panic, leading to a...

10CVSS5.6AI score0.1673EPSS
Exploits13
Ubuntu
Ubuntu
added 2008/11/19 12:23 a.m.90 views

USN-673-1: libxml2 vulnerabilities

Drew Yao discovered that libxml2 did not correctly handle certain corrupt XML documents. If a user or automated system were tricked into processing a malicious XML document, a remote attacker could cause applications linked against libxml2 to enter an infinite loop, leading to a denial of service...

10CVSS8AI score0.04051EPSS
Exploits1
Ubuntu
Ubuntu
added 2008/02/04 10:39 p.m.90 views

USN-575-1: Apache vulnerabilities

It was discovered that Apache did not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user...

6.1CVSS6.7AI score0.94281EPSS
Exploits12
Ubuntu
Ubuntu
added 2007/03/06 10:1 p.m.90 views

USN-429-1: tcpdump vulnerability

Moritz Jodeit discovered that tcpdump had an overflow in the 802.11 packet parser. Remote attackers could send specially crafted packets, crashing tcpdump, possibly leading to a denial of service...

6.8CVSS5.3AI score0.02824EPSS
Exploits0
Ubuntu
Ubuntu
added 2006/09/15 2:44 a.m.90 views

USN-346-1: Linux kernel vulnerabilities

A Denial of service vulnerability was reported in iptables' SCTP conntrack module. On computers which use this iptables module, a remote attacker could expoit this to trigger a kernel crash. CVE-2006-2934 A buffer overflow has been discovered in the dvdreadbca function. By inserting a specially...

7.8CVSS6.3AI score0.1569EPSS
Exploits0
Ubuntu
Ubuntu
added 2005/07/21 7:1 p.m.90 views

USN-151-1: zlib vulnerability

USN-148-1 fixed an improver input verification of zlib CAN-2005-2096. Markus Oberhumer discovered additional ways a disrupted stream could trigger a buffer overflow and crash the application using zlib, so another update is necessary. zlib is used by hundreds of server and client applications, so...

5CVSS8.4AI score0.03999EPSS
Exploits0
Ubuntu
Ubuntu
added 2005/07/05 8:30 p.m.90 views

USN-147-1: PHP XMLRPC vulnerability

A remote code execution vulnerability has been discovered in the XMLRPC module of the PEAR PHP Extension and Application Repository extension of PHP. By sending specially crafted XMLRPC requests to an affected web server, a remote attacker could exploit this to execute arbitrary code with the web...

7.5CVSS6.7AI score0.79071EPSS
Exploits5
Ubuntu
Ubuntu
added 2004/12/23 8:45 p.m.90 views

USN-50-1: CUPS vulnerabilities

CAN-2004-1125: The recent USN-48-1 fixed a buffer overflow in xpdf. Since CUPS contains xpdf code to convert incoming PDF files to the PostScript format, this vulnerability applies to cups as well. In this case it could even lead to privilege escalation: if an attacker submitted a malicious PDF...

9.3CVSS6.2AI score0.08954EPSS
Exploits4
Ubuntu
Ubuntu
added 2025/04/23 2:20 p.m.89 views

USN-7449-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

7.8CVSS7.5AI score0.03558EPSS
Exploits5
Ubuntu
Ubuntu
added 2025/04/17 2:4 p.m.89 views

USN-7443-1: Erlang vulnerability

Fabian Bäumer, Marcel Maehren, Marcus Brinkmann, and Jörg Schwenk discovered that Erlang OTP’s SSH module incorrect handled authentication. A remote attacker could use this issue to execute arbitrary commands without authentication, possibly leading to a system compromise...

10CVSS8.4AI score0.97673EPSS
Exploits36
Ubuntu
Ubuntu
added 2025/04/08 5:26 p.m.89 views

USN-7426-1: poppler vulnerabilities

It was discovered that poppler incorrectly handled memory when opening certain PDF files. An attacker could possibly use this issue to cause poppler to crash, resulting in a denial of service...

7.1CVSS5.8AI score0.00218EPSS
Exploits2
Ubuntu
Ubuntu
added 2025/03/19 11:49 a.m.89 views

USN-7357-1: Libxslt vulnerability

Ivan Fratric discovered that Libxslt incorrectly handled certain memory operations when handling documents. A remote attacker could use this issue to cause Libxslt to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS7.2AI score0.00324EPSS
Exploits3
Ubuntu
Ubuntu
added 2025/02/25 7:23 p.m.89 views

USN-7302-1: libxml2 vulnerabilities

It was discovered that libxml2 incorrectly handled certain memory operations. A remote attacker could use this issue to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS...

9.8CVSS6.9AI score0.02298EPSS
Exploits2
Ubuntu
Ubuntu
added 2025/02/20 5:40 p.m.89 views

USN-7278-1: OpenSSL vulnerabilities

George Pantelakis and Alicja Kario discovered that OpenSSL had a timing side-channel when performing ECDSA signature computations. A remote attacker could possibly use this issue to recover private data. CVE-2024-13176 It was discovered that OpenSSL incorrectly handled certain memory operations...

4.3CVSS7.3AI score0.05966EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/12/14 4:44 p.m.89 views

USN-6558-1: audiofile vulnerabilities

It was discovered that audiofile could be made to dereference invalid memory. If a user or an automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS...

8.8CVSS6.7AI score0.04654EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/12/06 1:34 p.m.89 views

USN-6536-1: Linux kernel vulnerabilities

Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service system crash or possibly expose sensitive information kernel memory. CVE-2023-39189 Kyle Zeng...

8.8CVSS7.4AI score0.09141EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/10/23 6:7 p.m.89 views

USN-6441-2: Linux kernel (GCP) vulnerabilities

Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...

7.8CVSS7.5AI score0.00549EPSS
Exploits5
Ubuntu
Ubuntu
added 2023/10/06 1:13 p.m.89 views

USN-6416-2: Linux kernel vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Daniël Trujillo, Johannes Wikner, and Kaveh Razavi...

9.1CVSS8AI score0.54577EPSS
Exploits6
Ubuntu
Ubuntu
added 2023/06/16 7:55 p.m.89 views

USN-6173-1: Linux kernel (OEM) vulnerabilities

Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-31436 It was discovered that the...

9.8CVSS7.1AI score0.16642EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/05/29 5:19 a.m.89 views

USN-6097-1: Linux PTP vulnerability

It was discovered that Linux PTP did not properly perform a length check when forwarding a PTP message between ports. A remote attacker could possibly use this issue to access sensitive information, execute arbitrary code, or cause a denial of service...

8.8CVSS7.9AI score0.02955EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/04/26 5:59 p.m.89 views

USN-6042-1: Cloud-init vulnerability

James Golovich discovered that sensitive data could be exposed in logs. An attacker could use this information to find hashed passwords and possibly escalate their privilege...

5.5CVSS6.1AI score0.00263EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2023/04/14 10:22 a.m.89 views

USN-6020-1: Linux kernel (BlueField) vulnerabilities

It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2021-3669 It was discovered that the KVM VMX implementation in the Linux kernel did no...

8.8CVSS7.2AI score0.0048EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/04/13 7:16 a.m.89 views

USN-6012-1: Smarty vulnerability

It was discovered that Smarty incorrectly parsed blocks' names and included files' names. A remote attacker with template writing permissions could use this issue to execute arbitrary PHP code. CVE-2022-29221...

8.8CVSS7AI score0.0454EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/04/12 2:41 p.m.89 views

USN-6013-1: Linux kernel (AWS) vulnerabilities

Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service connection termination or inject forged data. CVE-2020-36516 Ke Sun, Alyssa Milburn,...

7.8CVSS7.2AI score0.01747EPSS
Exploits27
Ubuntu
Ubuntu
added 2023/03/06 11:22 p.m.89 views

USN-5925-1: Linux kernel vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

8.8CVSS7.2AI score0.01067EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/03/02 1:54 p.m.89 views

USN-5871-2: Git regression

USN-5871-1 fixed vulnerabilities in Git. A backport fixing part of the vulnerability in CVE-2023-22490 was required. This update fix this for Ubuntu 18.04 LTS. Original advisory details: It was discovered that Git incorrectly handled certain repositories. An attacker could use this issue to make...

5.5CVSS7.3AI score0.0071EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2023/02/15 10:31 p.m.89 views

USN-5876-1: Linux kernel vulnerabilities

It was discovered that a memory leak existed in the Unix domain socket implementation of the Linux kernel. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2022-3543 It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly...

8.8CVSS7AI score0.01393EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/02/15 8:21 p.m.89 views

USN-5875-1: Linux kernel (GKE) vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.4AI score0.21314EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/01/13 7:11 p.m.89 views

USN-5804-2: Linux kernel vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/12 9:31 p.m.89 views

USN-5801-1: Vim vulnerabilities

It was discovered that Vim makes illegal memory calls when pasting brackets in Ex mode. An attacker could possibly use this to crash Vim, access or modify memory, or execute arbitrary commands. This issue affected only Ubuntu 20.04 and 22.04 CVE-2022-0392 It was discovered that Vim makes illegal...

8.4CVSS7.5AI score0.01541EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/01/09 8:51 p.m.89 views

USN-5791-2: Linux kernel (Azure) vulnerabilities

It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20421 David Leadbeater...

7.8CVSS7.2AI score0.01417EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/09/21 9:46 a.m.89 views

USN-5624-1: Linux kernel vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Duoming...

7.8CVSS7.1AI score0.05542EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/08/10 12:36 p.m.89 views

USN-5560-2: Linux kernel vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.3AI score0.12746EPSS
Exploits26
Ubuntu
Ubuntu
added 2022/07/14 9:28 a.m.89 views

USN-5512-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, spoof the UI, bypass CSP restrictions, or execute...

9.8CVSS7.5AI score0.23941EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/07/01 6:44 p.m.89 views

USN-5500-1: Linux kernel vulnerabilities

Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. CVE-2021-4197 Lin Ma discovered that the NFC Controller...

7.8CVSS7.3AI score0.00804EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/06/02 12:21 p.m.89 views

USN-5458-1: Vim vulnerabilities

It was discovered that Vim was incorrectly handling virtual column position operations, which could result in an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information. CVE-2021-4193 It was discovered that Vim was not properly performing bounds checks when...

8.4CVSS7.7AI score0.01762EPSS
Exploits9
Ubuntu
Ubuntu
added 2022/05/17 11:47 a.m.89 views

USN-5424-1: OpenLDAP vulnerability

It was discovered that OpenLDAP incorrectly handled certain SQL statements within LDAP queries in the experimental back-sql backend. A remote attacker could possibly use this issue to perform an SQL injection attack and alter the database...

9.8CVSS8.3AI score0.69899EPSS
Exploits1
Total number of security vulnerabilities5000