Lucene search
K
UbuntuMost viewed

10904 matches found

Ubuntu
Ubuntu
added 2023/04/11 10:55 p.m.89 views

USN-6009-1: Linux kernel (GCP) vulnerabilities

It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2021-3669 It was discovered that a use-after-free vulnerability existed in the SGI GRU...

7.9CVSS7.5AI score0.03702EPSS
Exploits5
Ubuntu
Ubuntu
added 2023/03/06 11:22 p.m.89 views

USN-5925-1: Linux kernel vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

8.8CVSS7.2AI score0.01067EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/03/02 1:54 p.m.89 views

USN-5871-2: Git regression

USN-5871-1 fixed vulnerabilities in Git. A backport fixing part of the vulnerability in CVE-2023-22490 was required. This update fix this for Ubuntu 18.04 LTS. Original advisory details: It was discovered that Git incorrectly handled certain repositories. An attacker could use this issue to make...

5.5CVSS7.3AI score0.0071EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2023/02/15 10:31 p.m.89 views

USN-5876-1: Linux kernel vulnerabilities

It was discovered that a memory leak existed in the Unix domain socket implementation of the Linux kernel. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2022-3543 It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly...

8.8CVSS7AI score0.01393EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/02/15 8:21 p.m.89 views

USN-5875-1: Linux kernel (GKE) vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.4AI score0.21314EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/01/13 7:11 p.m.89 views

USN-5804-2: Linux kernel vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/09 8:51 p.m.89 views

USN-5791-2: Linux kernel (Azure) vulnerabilities

It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20421 David Leadbeater...

7.8CVSS7.2AI score0.01429EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/01/05 5:15 p.m.89 views

USN-5788-1: curl vulnerabilities

Hiroki Kurosawa discovered that curl incorrectly handled HSTS support when certain hostnames included IDN characters. A remote attacker could possibly use this issue to cause curl to use unencrypted connections. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10. CVE-2022-43551 It was...

7.5CVSS7.8AI score0.1654EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/09/21 9:46 a.m.89 views

USN-5624-1: Linux kernel vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Duoming...

7.8CVSS7.1AI score0.05542EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/08/10 12:36 p.m.89 views

USN-5560-2: Linux kernel vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.3AI score0.12746EPSS
Exploits26
Ubuntu
Ubuntu
added 2022/07/05 5:3 p.m.89 views

USN-5504-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass CSP restrictions, bypass sandboxed iframe restrictions, obtain sensitive...

9.8CVSS7.5AI score0.23941EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/07/01 6:44 p.m.89 views

USN-5500-1: Linux kernel vulnerabilities

Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. CVE-2021-4197 Lin Ma discovered that the NFC Controller...

7.8CVSS7.3AI score0.00804EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/06/02 12:21 p.m.89 views

USN-5458-1: Vim vulnerabilities

It was discovered that Vim was incorrectly handling virtual column position operations, which could result in an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information. CVE-2021-4193 It was discovered that Vim was not properly performing bounds checks when...

8.4CVSS7.7AI score0.01762EPSS
Exploits9
Ubuntu
Ubuntu
added 2022/05/17 11:47 a.m.89 views

USN-5424-1: OpenLDAP vulnerability

It was discovered that OpenLDAP incorrectly handled certain SQL statements within LDAP queries in the experimental back-sql backend. A remote attacker could possibly use this issue to perform an SQL injection attack and alter the database...

9.8CVSS8.3AI score0.69899EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/04/28 9:54 a.m.89 views

USN-5392-1: Mutt vulnerabilities

It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 20.04 LTS. CVE-2021-32055 It was discovered that Mutt incorrectly handled certain input. An attacker could possibly use this...

9.1CVSS6.1AI score0.02551EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/02/08 9:24 p.m.89 views

USN-4987-2: ExifTool vulnerability

USN-4987-1 fixed a vulnerability in ExifTool. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that ExifTool did not properly sanitize user data for the DjVu file format. An attacker could use this vulnerability to cause a DoS or...

7.8CVSS7.8AI score0.99981EPSS
Exploits39
Ubuntu
Ubuntu
added 2022/01/31 12:40 p.m.89 views

USN-5257-1: ldns vulnerabilities

It was discovered that ldns incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. CVE-2020-19860, CVE-2020-19861...

7.5CVSS7.5AI score0.01493EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/12/13 7:55 p.m.89 views

USN-5174-2: Samba regression

USN-5174-1 fixed vulnerabilities in Samba. Some of the changes introduced a regression in Kerberos authentication in certain environments. Please see the following upstream bug for more information: https://bugzilla.samba.org/showbug.cgi?id=14922 This update fixes the problem. Original advisory...

6.8AI score
Exploits0References1
Ubuntu
Ubuntu
added 2021/12/06 2:39 p.m.89 views

USN-5170-1: MariaDB vulnerability

A security issue was discovered in MariaDB and this update includes new upstream MariaDB versions to fix the issue. MariaDB has been updated to 10.3.32 in Ubuntu 20.04 LTS and to 10.5.13 in Ubuntu 21.04 and Ubuntu 21.10. In addition to security fixes, the updated packages contain bug fixes, new...

5.5CVSS7.2AI score0.02497EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/08/09 12:33 p.m.89 views

USN-5032-2: Docker vulnerabilities

USN-5032-1 fixed vulnerabilities in Docker. This update provides the corresponding updates for Ubuntu 21.04. Original advisory details: Several vulnerabilities were fixed in Docker. This update provides a new upstream version that fixed them...

5.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2021/01/14 9:13 p.m.89 views

USN-4693-1: Ampache vulnerabilities

It was discovered that an SQL injection vulnerability exists in the Ampache search engine. Any user able to perform searches could dump any data contained in the database. An attacker could use this to disclose sensitive information. CVE-2019-12385 It was discovered that an XSS vulnerability in...

8.8CVSS7.1AI score0.01634EPSS
Exploits2
Ubuntu
Ubuntu
added 2020/11/19 12:46 p.m.89 views

USN-4638-1: c-ares vulnerability

It was discovered that c-ares incorrectly handled certain DNS requests. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.5AI score0.54164EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/10/20 12:2 p.m.89 views

USN-4593-1: FreeType vulnerability

Sergei Glazunov discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges...

9.6CVSS8.5AI score0.5063EPSS
Exploits2
Ubuntu
Ubuntu
added 2020/10/14 2:35 p.m.89 views

USN-4581-1: Python vulnerability

It was discovered that Python incorrectly handled certain character sequences. A remote attacker could possibly use this issue to perform CRLF injection...

7.2CVSS7.4AI score0.0642EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/05/21 4:52 p.m.89 views

USN-4371-1: libvirt vulnerabilities

It was discovered that libvirt incorrectly handled an active pool without a target path. A remote attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. CVE-2020-10703 It was discovered that libvirt incorrectly handled memory when retrieving certain...

6.5CVSS7AI score0.02363EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/05/18 12:2 p.m.89 views

USN-4361-1: Dovecot vulnerabilities

Philippe Antoine discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service. CVE-2020-10957, CVE-2020-10967 Philippe Antoine discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to...

7.5CVSS6.7AI score0.08153EPSS
Exploits5
Ubuntu
Ubuntu
added 2020/05/06 3:27 p.m.89 views

USN-4352-1: OpenLDAP vulnerability

It was discovered that OpenLDAP incorrectly handled certain queries. A remote attacker could possibly use this issue to cause OpenLDAP to consume resources, resulting in a denial of service...

7.5CVSS6.7AI score0.04423EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/04/28 11:54 p.m.89 views

USN-4345-1: Linux kernel vulnerabilities

Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondary address mode. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2020-11884 It was discovered that t...

7.5CVSS7.3AI score0.0415EPSS
Exploits2
Ubuntu
Ubuntu
added 2020/01/22 6:42 p.m.89 views

USN-4248-1: GraphicsMagick vulnerabilities

It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact...

8.8CVSS6.7AI score0.03397EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/11/14 6:36 p.m.89 views

USN-4194-1: postgresql-common vulnerability

Rich Mirch discovered that the postgresql-common pgctlcluster script incorrectly handled directory creation. A local attacker could possibly use this issue to escalate privileges...

7.8CVSS7.4AI score0.00499EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/10/09 5:54 p.m.89 views

USN-4152-1: libsoup vulnerability

It was discovered that libsoup incorrectly handled parsing certain NTLM messages. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to cause a denial of service...

9.8CVSS8AI score0.02784EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/12/05 4:30 p.m.89 views

USN-3811-3: SpamAssassin vulnerabilities

USN-3811-1 fixed a vulnerability in spamassassin. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that SpamAssassin incorrectly handled the PDFInfo plugin. A remote attacker could possibly use this issue to execute arbitrary code...

9.8CVSS8.4AI score0.1082EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/04/23 5:47 p.m.89 views

USN-3629-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.60 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS, and Ubuntu 17.10 have been updated to MySQL 5.7.22. In addition to security fixes, the updated packag...

7.7CVSS6.4AI score0.0401EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/04/04 7:44 p.m.89 views

USN-3620-1: Linux kernel vulnerabilities

It was discovered that the netlink 802.11 configuration interface in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker with the CAPNETADMIN privilege could use this to cause a denial of service system crash or possibly execute arbitrary code...

10CVSS7.2AI score0.05233EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/02/16 12:32 a.m.89 views

USN-3573-1: Quagga vulnerabilities

It was discovered that a double-free vulnerability existed in the Quagga BGP daemon when processing certain forms of UPDATE message. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2018-5379 It was discovered that the Quagga BGP daemon did not...

9.8CVSS7.5AI score0.74599EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/10/11 5:15 a.m.89 views

USN-3443-3: Linux kernel (GCP) vulnerability

Andrey Konovalov discovered that a divide-by-zero error existed in the TCP stack implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2017-14106...

5.5CVSS6.6AI score0.00445EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/09/12 6:25 p.m.89 views

USN-3413-1: BlueZ vulnerability

It was discovered that an information disclosure vulnerability existed in the Service Discovery Protocol SDP implementation in BlueZ. A physically proximate unauthenticated attacker could use this to disclose sensitive information. CVE-2017-1000250...

6.5CVSS6.7AI score0.07774EPSS
Exploits3
Ubuntu
Ubuntu
added 2017/08/28 10:45 p.m.89 views

USN-3405-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3405-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a use-after-free vulnerability existed in the POSIX message que...

7.8CVSS7.1AI score0.03631EPSS
Exploits8
Ubuntu
Ubuntu
added 2017/08/15 8:0 p.m.89 views

USN-3391-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to conduct cross-site scripting XSS attacks, bypass sandbox restrictions, obtain sensitive information, spoof the origin of modal...

10CVSS7.4AI score0.13697EPSS
Exploits25
Ubuntu
Ubuntu
added 2017/06/29 7:45 a.m.89 views

USN-3343-1: Linux kernel vulnerabilities

USN 3335-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. We apologize for the inconvenience. It was discovered that a use-after-free vulnerability in the core voltage regulator driver of the Linux...

7.8CVSS7.2AI score0.01613EPSS
Exploits7References2
Ubuntu
Ubuntu
added 2017/06/29 7:42 a.m.89 views

USN-3344-1: Linux kernel vulnerabilities

USN 3328-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. We apologize for the inconvenience. Roee Hay discovered that the parallel port printer driver in the Linux kernel did not properly bounds che...

7.8CVSS6.8AI score0.01372EPSS
Exploits7References2
Ubuntu
Ubuntu
added 2017/06/21 6:4 p.m.89 views

USN-3338-1: Linux kernel vulnerabilities

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges CVE-2017-1000364 Jesse Hert...

7.8CVSS7.5AI score0.05676EPSS
Exploits13
Ubuntu
Ubuntu
added 2017/02/23 3:26 p.m.89 views

USN-3210-1: LibreOffice vulnerability

Ben Hayak discovered that it was possible to make LibreOffice Calc and Writer disclose arbitrary files to an attacker if a user opened a specially crafted file with embedded links...

5.5CVSS6.2AI score0.03122EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/02/22 12:10 a.m.89 views

USN-3206-1: Linux kernel vulnerabilities

It was discovered that a use-after-free vulnerability existed in the block device layer of the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly gain administrative privileges. CVE-2016-7910 Dmitry Vyukov discovered a use-after-free vulnerability ...

9.3CVSS6.8AI score0.0596EPSS
Exploits14
Ubuntu
Ubuntu
added 2017/02/03 9:48 a.m.89 views

USN-3190-1: Linux kernel vulnerabilities

Mikulas Patocka discovered that the asynchronous multibuffer cryptographic daemon mcryptd in the Linux kernel did not properly handle being invoked with incompatible algorithms. A local attacker could use this to cause a denial of service system crash. CVE-2016-10147 It was discovered that a...

10CVSS7.5AI score0.10177EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/11/03 5:45 p.m.89 views

USN-3123-1: curl vulnerabilities

It was discovered that curl incorrectly reused client certificates when built with NSS. A remote attacker could possibly use this issue to hijack the authentication of a TLS connection. CVE-2016-7141 Nguyen Vu Hoang discovered that curl incorrectly handled escaping certain strings. A remote...

9.8CVSS7.6AI score0.11737EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/06/10 6:56 a.m.89 views

USN-3006-1: Linux kernel vulnerabilities

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-2117 Jann Horn discovered that eCryptfs improperly attempted to use...

7.8CVSS6.8AI score0.06438EPSS
Exploits6
Ubuntu
Ubuntu
added 2016/06/10 6:53 a.m.89 views

USN-3005-1: Linux kernel (Xenial HWE) vulnerabilities

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-2117 Jann Horn discovered that eCryptfs improperly attempted to use...

7.8CVSS6.8AI score0.06438EPSS
Exploits6
Ubuntu
Ubuntu
added 2016/05/06 8:9 p.m.89 views

USN-2965-1: Linux kernel vulnerabilities

Jann Horn discovered that the extended Berkeley Packet Filter eBPF implementation in the Linux kernel did not properly reference count file descriptors, leading to a use-after-free. A local unprivileged attacker could use this to gain administrative privileges. CVE-2016-4557 Ralf Spenneberg...

10CVSS6.8AI score0.2593EPSS
Exploits32
Ubuntu
Ubuntu
added 2016/03/14 4:34 p.m.89 views

USN-2930-2: Linux kernel (Wily HWE) vulnerabilities

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPTSOSETREPLACE events. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges...

8.4CVSS7.1AI score0.03723EPSS
Exploits21
Total number of security vulnerabilities5000