Lucene search
K
UbuntuMost viewed

10905 matches found

Ubuntu
Ubuntu
•added 2019/02/26 6:20 p.m.•90 views

USN-3896-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass same origin protections, or execute arbitrary code...

8.8CVSS7.7AI score0.0313EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/12/20 10:39 p.m.•90 views

USN-3847-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2018-10902 It was discovered that an integer overr...

7.8CVSS6.7AI score0.00683EPSS
Exploits2
Ubuntu
Ubuntu
•added 2018/08/30 5:28 p.m.•90 views

USN-3758-1: libx11 vulnerabilities

Tobias Stoeckmann discovered that libx11 incorrectly handled certain images. An attacker could possibly use this issue to access sensitive information CVE-2016-7942 Tobias Stoeckmann discovered that libx11 incorrectly handled certain inputs. An attacker could possibly use this issue to access...

9.8CVSS7.5AI score0.09341EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/08/24 12:38 a.m.•90 views

USN-3754-1: Linux kernel vulnerabilities

Ralf Spenneberg discovered that the ext4 implementation in the Linux kernel did not properly validate meta block groups. An attacker with physical access could use this to specially craft an ext4 image that causes a denial of service system crash. CVE-2016-10208 It was discovered that an...

9.8CVSS7.7AI score0.05794EPSS
Exploits14
Ubuntu
Ubuntu
•added 2018/01/11 1:59 p.m.•90 views

USN-3530-1: WebKitGTK+ vulnerabilities

It was discovered that speculative execution performed by modern CPUs could leak information through a timing side-channel attack, and that this could be exploited in web browser JavaScript engines. If a user were tricked in to opening a specially crafted website, an attacker could potentially...

5.6CVSS7.4AI score0.93838EPSS
Exploits12
Ubuntu
Ubuntu
•added 2017/07/25 5:52 p.m.•90 views

USN-3365-1: Ruby vulnerabilities

It was discovered that Ruby DL::dlopen incorrectly handled opening libraries. An attacker could possibly use this issue to open libraries with tainted names. This issue only applied to Ubuntu 14.04 LTS. CVE-2009-5147 Tony Arcieri, Jeffrey Walton, and Steffan Ullrich discovered that the Ruby OpenS...

9.8CVSS7.5AI score0.07766EPSS
Exploits6
Ubuntu
Ubuntu
•added 2017/05/30 4:38 p.m.•90 views

USN-3304-1: Sudo vulnerability

It was discovered that Sudo did not properly parse the contents of /proc/pid/stat when attempting to determine its controlling tty. A local attacker in some configurations could possibly use this to overwrite any file on the filesystem, bypassing intended permissions...

6.9CVSS7.2AI score0.08018EPSS
Exploits8
Ubuntu
Ubuntu
•added 2017/05/17 1:25 a.m.•90 views

USN-3293-1: Linux kernel vulnerabilities

Dmitry Vyukov discovered that KVM implementation in the Linux kernel improperly emulated the VMXON instruction. A local attacker in a guest OS could use this to cause a denial of service memory consumption in the host OS. CVE-2017-2596 Dmitry Vyukov discovered that the generic SCSI sg subsystem i...

7.8CVSS7.4AI score0.00414EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/03/09 6:41 p.m.•90 views

USN-3225-1: libarchive vulnerabilities

It was discovered that libarchive incorrectly handled hardlink entries when extracting archives. A remote attacker could possibly use this issue to overwrite arbitrary files. CVE-2016-5418 Christian Wressnegger, Alwin Maier, and Fabian Yamaguchi discovered that libarchive incorrectly handled...

8.6CVSS7.1AI score0.06251EPSS
Exploits1
Ubuntu
Ubuntu
•added 2017/03/07 11:48 p.m.•90 views

USN-3219-1: Linux kernel vulnerability

Alexander Popov discovered that the NHDLC line discipline implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly gain administrative privileges...

7CVSS6.7AI score0.01029EPSS
Exploits2
Ubuntu
Ubuntu
•added 2017/01/11 7:7 a.m.•90 views

USN-3169-1: Linux kernel vulnerabilities

Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment CS in certain error cases. A local attacker could use this to expose sensitive information kernel memory. CVE-2016-9756 Andrey Konovalov discovered that signed integer overflows...

7.8CVSS6.5AI score0.01566EPSS
Exploits8
Ubuntu
Ubuntu
•added 2016/11/17 10:29 p.m.•90 views

USN-3130-1: OpenJDK 7 vulnerabilities

It was discovered that OpenJDK did not restrict the set of algorithms used for Jar integrity verification. An attacker could use this to modify without detection the content of a JAR file, affecting system integrity. CVE-2016-5542 It was discovered that the JMX component of OpenJDK did not...

9.6CVSS7.2AI score0.05437EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/10/11 6:14 a.m.•90 views

USN-3099-1: Linux kernel vulnerabilities

VladimĆ­r BeneÅ” discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload GRO processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service system crash. CVE-2016-7039 Marco Grassi discovered a...

7.8CVSS6.6AI score0.07613EPSS
Exploits5
Ubuntu
Ubuntu
•added 2016/05/09 9:23 p.m.•90 views

USN-2968-1: Linux kernel vulnerabilities

Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not properly validate the endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7515 Ben Hawkes discovered that the Linux kernel's AIO...

7.8CVSS7.4AI score0.01946EPSS
Exploits19
Ubuntu
Ubuntu
•added 2016/01/13 12:36 p.m.•90 views

USN-2868-1: DHCP vulnerability

Sebastian Poehn discovered that the DHCP server, client, and relay incorrectly handled certain malformed UDP packets. A remote attacker could use this issue to cause the DHCP server, client, or relay to stop responding, resulting in a denial of service...

6.5CVSS6.8AI score0.7645EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/11/04 11:12 p.m.•90 views

USN-2785-1: Firefox vulnerabilities

Christian Holler, David Major, Jesse Ruderman, Tyson Smith, Boris Zbarsky, Randell Jesup, Olli Pettay, Karl Tomlinson, Jeff Walden, Gary Kwong, Andrew McCreight, Georg Fritzsche, and Carsten Book discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially...

9.8CVSS8.4AI score0.10238EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/10/01 8:49 p.m.•90 views

USN-2759-1: Linux kernel vulnerabilities

It was discovered that an integer overflow error existed in the SCSI generic sg driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service system crash or potentially escalate their privileges. CVE-2015-5707 Marc-AndrƩ...

4.9CVSS6.7AI score0.00493EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/09/08 2:1 p.m.•90 views

USN-2736-1: Spice vulnerability

Frediano Ziglio discovered that Spice incorrectly handled monitor configs. A malicious guest could use this issue to cause a denial of service, or possibly execute arbitrary code on the host as the user running the QEMU process. In the default installation, when QEMU is used with libvirt, attacke...

6.9CVSS7.9AI score0.01144EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/06/25 12:32 p.m.•90 views

USN-2654-1: Tomcat vulnerabilities

It was discovered that the Tomcat XML parser incorrectly handled XML External Entities XXE. A remote attacker could possibly use this issue to read arbitrary files. This issue only affected Ubuntu 14.04 LTS. CVE-2014-0119 It was discovered that Tomcat incorrectly handled data with malformed chunk...

7.8CVSS6.8AI score0.21045EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/06/10 9:56 p.m.•90 views

USN-2638-1: Linux kernel vulnerabilities

Xiong Zhou discovered a bug in the way the EXT4 filesystem handles fallocate zero range functionality when the page size is greater than the block size. A local attacker could exploit this flaw to cause a denial of service system crash. CVE-2015-0275 Wen Xu discovered a use-after-free flaw in the...

7.2CVSS7.1AI score0.02472EPSS
Exploits7
Ubuntu
Ubuntu
•added 2015/06/10 9:53 p.m.•90 views

USN-2637-1: Linux kernel vulnerabilities

Xiong Zhou discovered a bug in the way the EXT4 filesystem handles fallocate zero range functionality when the page size is greater than the block size. A local attacker could exploit this flaw to cause a denial of service system crash. CVE-2015-0275 Wen Xu discovered a use-after-free flaw in the...

4.9CVSS7.5AI score0.02472EPSS
Exploits6
Ubuntu
Ubuntu
•added 2015/06/10 9:49 p.m.•90 views

USN-2635-1: Linux kernel (Utopic HWE) vulnerabilities

Xiong Zhou discovered a bug in the way the EXT4 filesystem handles fallocate zero range functionality when the page size is greater than the block size. A local attacker could exploit this flaw to cause a denial of service system crash. CVE-2015-0275 Wen Xu discovered a use-after-free flaw in the...

4.9CVSS7.5AI score0.02472EPSS
Exploits6
Ubuntu
Ubuntu
•added 2015/04/30 8:17 a.m.•90 views

USN-2588-1: Linux kernel vulnerabilities

A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of service kernel crash or to potentially execute code with kernel privileges. CVE-2015-2666 It was discovered that the Linux kernel's IPv6 networking...

6.9CVSS6.9AI score0.03052EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/04/30 7:51 a.m.•90 views

USN-2584-1: Linux kernel (EC2) vulnerability

A race condition between chown and execve was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to gain administrative privileges...

6.2CVSS6.8AI score0.00317EPSS
Exploits0
Ubuntu
Ubuntu
•added 2014/05/27 6:28 a.m.•90 views

USN-2223-1: Linux kernel (Quantal HWE) vulnerabilities

Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. CVE-2014-1738 Matthew Daley reported a flaw in the handling of ioctl commands by the floppy...

10CVSS7.5AI score0.10385EPSS
Exploits16
Ubuntu
Ubuntu
•added 2014/04/26 1:31 p.m.•90 views

USN-2174-1: Linux kernel (EC2) vulnerabilities

A flaw was discovered in the Linux kernel's handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2014-0101 An error was discovered in the Linux kernel's DCCP protocol support. A remote attacked could exploit this flaw to cause a...

10CVSS7AI score0.10385EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/01/03 10:51 a.m.•90 views

USN-2068-1: Linux kernel (Quantal HWE) vulnerabilities

Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function tracing. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. CVE-2013-2930 Stephan Mueller reported an erro...

7.1CVSS7.1AI score0.09408EPSS
Exploits5
Ubuntu
Ubuntu
•added 2013/12/03 7:9 p.m.•90 views

USN-2037-1: Linux kernel (EC2) vulnerabilities

A flaw was discovered in the Linux kernel's KVM kernel virtual machine. An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. CVE-2012-2121 Multiple integer overflow flaws were discovered in the Alchemy LCD frame- buffer drivers in the Linux...

6.9CVSS7.8AI score0.00596EPSS
Exploits1
Ubuntu
Ubuntu
•added 2012/12/19 12:51 a.m.•90 views

USN-1673-1: Linux kernel (OMAP4) vulnerability

Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. CVE-2012-4508 A flaw was discovered in the Linux kernel's handling of new hot-plugged memory. An unprivileged local user...

4.7CVSS6.6AI score0.00387EPSS
Exploits1
Ubuntu
Ubuntu
•added 2012/06/29 6:33 p.m.•90 views

USN-1488-1: Linux kernel vulnerabilities

Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. CVE-2012-2313 Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user...

7.2CVSS6.8AI score0.00979EPSS
Exploits4
Ubuntu
Ubuntu
•added 2012/02/24 10:35 a.m.•90 views

USN-1373-1: OpenJDK 6 vulnerabilities

It was discovered that the Java HttpServer class did not limit the number of headers read from a HTTP request. A remote attacker could cause a denial of service by sending special requests that trigger hash collisions predictably. CVE-2011-5035 ATTENTION: this update changes previous Java...

10CVSS8.2AI score0.98113EPSS
Exploits19
Ubuntu
Ubuntu
•added 2012/02/13 7:47 p.m.•90 views

USN-1364-1: Linux kernel (OMAP4) vulnerabilities

A bug was discovered in the Linux kernel's calculation of OOM Out of memory scores, that would result in the wrong process being killed. A user could use this to kill the process with the highest OOM score, even if that process belongs to another user or the system. CVE-2011-4097 A flaw was...

7.8CVSS7.3AI score0.20492EPSS
Exploits20
Ubuntu
Ubuntu
•added 2012/02/08 4:2 p.m.•90 views

USN-1350-1: Thunderbird vulnerabilities

Jesse Ruderman and Bob Clary discovered memory safety issues affecting Thunderbird. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user...

10CVSS8.6AI score0.36511EPSS
Exploits11
Ubuntu
Ubuntu
•added 2012/02/06 9:30 p.m.•90 views

USN-1356-1: Linux kernel (OMAP4) vulnerabilities

A flaw was discovered in the XFS filesystem. If a local user mounts a specially crafted XFS image it could potential execute arbitrary code on the system. CVE-2012-0038 Chen Haogang discovered an integer overflow that could result in memory corruption. A local unprivileged user could use this to...

7.8CVSS7.1AI score0.20492EPSS
Exploits6
Ubuntu
Ubuntu
•added 2011/06/01 12:0 a.m.•90 views

USN-1141-1: Linux kernel vulnerabilities

Brad Spengler discovered that the kernel did not correctly account for userspace memory allocations during exec calls. A local attacker could exploit this to consume all system memory, leading to a denial of service. CVE-2010-4243 Alexander Duyck discovered that the Intel Gigabit Ethernet driver...

9.8CVSS7.1AI score0.04177EPSS
Exploits25
Ubuntu
Ubuntu
•added 2010/06/21 6:12 p.m.•90 views

USN-955-1: OPIE vulnerability

Maksymilian Arciemowicz and Adam Zabrocki discovered that OPIE incorrectly handled long usernames. A remote attacker could exploit this with a crafted username and make applications linked against libopie crash, leading to a denial of service...

9.3CVSS8.3AI score0.21992EPSS
Exploits5
Ubuntu
Ubuntu
•added 2009/04/07 3:53 p.m.•90 views

USN-752-1: Linux kernel vulnerabilities

NFS did not correctly handle races between fcntl and interrupts. A local attacker on an NFS mount could consume unlimited kernel memory, leading to a denial of service. CVE-2008-4307 Sparc syscalls did not correctly check mmap regions. A local attacker could cause a system panic, leading to a...

10CVSS5.6AI score0.1673EPSS
Exploits13
Ubuntu
Ubuntu
•added 2008/11/19 12:23 a.m.•90 views

USN-673-1: libxml2 vulnerabilities

Drew Yao discovered that libxml2 did not correctly handle certain corrupt XML documents. If a user or automated system were tricked into processing a malicious XML document, a remote attacker could cause applications linked against libxml2 to enter an infinite loop, leading to a denial of service...

10CVSS8AI score0.04051EPSS
Exploits1
Ubuntu
Ubuntu
•added 2005/07/21 7:1 p.m.•90 views

USN-151-1: zlib vulnerability

USN-148-1 fixed an improver input verification of zlib CAN-2005-2096. Markus Oberhumer discovered additional ways a disrupted stream could trigger a buffer overflow and crash the application using zlib, so another update is necessary. zlib is used by hundreds of server and client applications, so...

5CVSS8.4AI score0.03999EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/17 2:4 p.m.•89 views

USN-7443-1: Erlang vulnerability

Fabian BƤumer, Marcel Maehren, Marcus Brinkmann, and Jƶrg Schwenk discovered that Erlang OTP’s SSH module incorrect handled authentication. A remote attacker could use this issue to execute arbitrary commands without authentication, possibly leading to a system compromise...

10CVSS8.4AI score0.97673EPSS
Exploits36
Ubuntu
Ubuntu
•added 2025/04/08 5:26 p.m.•89 views

USN-7426-1: poppler vulnerabilities

It was discovered that poppler incorrectly handled memory when opening certain PDF files. An attacker could possibly use this issue to cause poppler to crash, resulting in a denial of service...

7.1CVSS5.8AI score0.00218EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/03/19 11:49 a.m.•89 views

USN-7357-1: Libxslt vulnerability

Ivan Fratric discovered that Libxslt incorrectly handled certain memory operations when handling documents. A remote attacker could use this issue to cause Libxslt to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS7.2AI score0.00324EPSS
Exploits3
Ubuntu
Ubuntu
•added 2025/02/25 7:23 p.m.•89 views

USN-7302-1: libxml2 vulnerabilities

It was discovered that libxml2 incorrectly handled certain memory operations. A remote attacker could use this issue to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS...

9.8CVSS6.9AI score0.02298EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/02/20 5:40 p.m.•89 views

USN-7278-1: OpenSSL vulnerabilities

George Pantelakis and Alicja Kario discovered that OpenSSL had a timing side-channel when performing ECDSA signature computations. A remote attacker could possibly use this issue to recover private data. CVE-2024-13176 It was discovered that OpenSSL incorrectly handled certain memory operations...

4.3CVSS7.3AI score0.05966EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/12/14 4:44 p.m.•89 views

USN-6558-1: audiofile vulnerabilities

It was discovered that audiofile could be made to dereference invalid memory. If a user or an automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS...

8.8CVSS6.7AI score0.04654EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/10/23 6:7 p.m.•89 views

USN-6441-2: Linux kernel (GCP) vulnerabilities

Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...

7.8CVSS7.5AI score0.00549EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/10/06 1:13 p.m.•89 views

USN-6416-2: Linux kernel vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Daniƫl Trujillo, Johannes Wikner, and Kaveh Razavi...

9.1CVSS8AI score0.54577EPSS
Exploits6
Ubuntu
Ubuntu
•added 2023/06/16 7:55 p.m.•89 views

USN-6173-1: Linux kernel (OEM) vulnerabilities

Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-31436 It was discovered that the...

9.8CVSS7.1AI score0.16642EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/05/29 5:19 a.m.•89 views

USN-6097-1: Linux PTP vulnerability

It was discovered that Linux PTP did not properly perform a length check when forwarding a PTP message between ports. A remote attacker could possibly use this issue to access sensitive information, execute arbitrary code, or cause a denial of service...

8.8CVSS7.9AI score0.02955EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/04/26 5:59 p.m.•89 views

USN-6042-1: Cloud-init vulnerability

James Golovich discovered that sensitive data could be exposed in logs. An attacker could use this information to find hashed passwords and possibly escalate their privilege...

5.5CVSS6.1AI score0.00263EPSS
Exploits0References1
Total number of security vulnerabilities5000