Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
added 2022/07/14 9:28 a.m.89 views

USN-5512-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, spoof the UI, bypass CSP restrictions, or execute...

9.8CVSS7.5AI score0.23941EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/07/05 5:3 p.m.89 views

USN-5504-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass CSP restrictions, bypass sandboxed iframe restrictions, obtain sensitive...

9.8CVSS7.5AI score0.23941EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/07/01 6:44 p.m.89 views

USN-5500-1: Linux kernel vulnerabilities

Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. CVE-2021-4197 Lin Ma discovered that the NFC Controller...

7.8CVSS7.3AI score0.00804EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/06/02 12:21 p.m.89 views

USN-5458-1: Vim vulnerabilities

It was discovered that Vim was incorrectly handling virtual column position operations, which could result in an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information. CVE-2021-4193 It was discovered that Vim was not properly performing bounds checks when...

8.4CVSS7.7AI score0.01762EPSS
Exploits9
Ubuntu
Ubuntu
added 2022/05/17 11:47 a.m.89 views

USN-5424-1: OpenLDAP vulnerability

It was discovered that OpenLDAP incorrectly handled certain SQL statements within LDAP queries in the experimental back-sql backend. A remote attacker could possibly use this issue to perform an SQL injection attack and alter the database...

9.8CVSS8.3AI score0.69899EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/04/28 9:54 a.m.89 views

USN-5392-1: Mutt vulnerabilities

It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 20.04 LTS. CVE-2021-32055 It was discovered that Mutt incorrectly handled certain input. An attacker could possibly use this...

9.1CVSS6.1AI score0.02551EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/02/08 9:24 p.m.89 views

USN-4987-2: ExifTool vulnerability

USN-4987-1 fixed a vulnerability in ExifTool. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that ExifTool did not properly sanitize user data for the DjVu file format. An attacker could use this vulnerability to cause a DoS or...

7.8CVSS7.8AI score0.99981EPSS
Exploits39
Ubuntu
Ubuntu
added 2022/01/31 12:40 p.m.89 views

USN-5257-1: ldns vulnerabilities

It was discovered that ldns incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. CVE-2020-19860, CVE-2020-19861...

7.5CVSS7.5AI score0.01493EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/12/06 2:39 p.m.89 views

USN-5170-1: MariaDB vulnerability

A security issue was discovered in MariaDB and this update includes new upstream MariaDB versions to fix the issue. MariaDB has been updated to 10.3.32 in Ubuntu 20.04 LTS and to 10.5.13 in Ubuntu 21.04 and Ubuntu 21.10. In addition to security fixes, the updated packages contain bug fixes, new...

5.5CVSS7.2AI score0.02497EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/08/09 12:33 p.m.89 views

USN-5032-2: Docker vulnerabilities

USN-5032-1 fixed vulnerabilities in Docker. This update provides the corresponding updates for Ubuntu 21.04. Original advisory details: Several vulnerabilities were fixed in Docker. This update provides a new upstream version that fixed them...

5.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2021/08/05 1:32 p.m.89 views

USN-5032-1: Docker vulnerabilities

Several vulnerabilities were fixed in Docker. This update provides a new upstream version that fixed them...

5.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2021/01/14 9:13 p.m.89 views

USN-4693-1: Ampache vulnerabilities

It was discovered that an SQL injection vulnerability exists in the Ampache search engine. Any user able to perform searches could dump any data contained in the database. An attacker could use this to disclose sensitive information. CVE-2019-12385 It was discovered that an XSS vulnerability in...

8.8CVSS7.1AI score0.01634EPSS
Exploits2
Ubuntu
Ubuntu
added 2020/11/19 12:46 p.m.89 views

USN-4638-1: c-ares vulnerability

It was discovered that c-ares incorrectly handled certain DNS requests. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.5AI score0.54164EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/10/20 12:2 p.m.89 views

USN-4593-1: FreeType vulnerability

Sergei Glazunov discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges...

9.6CVSS8.5AI score0.5063EPSS
Exploits2
Ubuntu
Ubuntu
added 2020/10/14 2:35 p.m.89 views

USN-4581-1: Python vulnerability

It was discovered that Python incorrectly handled certain character sequences. A remote attacker could possibly use this issue to perform CRLF injection...

7.2CVSS7.4AI score0.0642EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/05/21 4:52 p.m.89 views

USN-4371-1: libvirt vulnerabilities

It was discovered that libvirt incorrectly handled an active pool without a target path. A remote attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. CVE-2020-10703 It was discovered that libvirt incorrectly handled memory when retrieving certain...

6.5CVSS7AI score0.02363EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/05/18 12:2 p.m.89 views

USN-4361-1: Dovecot vulnerabilities

Philippe Antoine discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service. CVE-2020-10957, CVE-2020-10967 Philippe Antoine discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to...

7.5CVSS6.7AI score0.08153EPSS
Exploits5
Ubuntu
Ubuntu
added 2020/05/06 3:27 p.m.89 views

USN-4352-1: OpenLDAP vulnerability

It was discovered that OpenLDAP incorrectly handled certain queries. A remote attacker could possibly use this issue to cause OpenLDAP to consume resources, resulting in a denial of service...

7.5CVSS6.7AI score0.04423EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/04/30 11:37 a.m.89 views

USN-4333-2: Python vulnerabilities

USN-4333-1 fixed vulnerabilities in Python. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: It was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection...

7.1CVSS7.4AI score0.06617EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/04/28 11:54 p.m.89 views

USN-4345-1: Linux kernel vulnerabilities

Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondary address mode. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2020-11884 It was discovered that t...

7.5CVSS7.3AI score0.0415EPSS
Exploits2
Ubuntu
Ubuntu
added 2020/01/22 6:42 p.m.89 views

USN-4248-1: GraphicsMagick vulnerabilities

It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact...

8.8CVSS6.7AI score0.03397EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/11/14 6:36 p.m.89 views

USN-4194-1: postgresql-common vulnerability

Rich Mirch discovered that the postgresql-common pgctlcluster script incorrectly handled directory creation. A local attacker could possibly use this issue to escalate privileges...

7.8CVSS7.4AI score0.00499EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/10/09 5:54 p.m.89 views

USN-4152-1: libsoup vulnerability

It was discovered that libsoup incorrectly handled parsing certain NTLM messages. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to cause a denial of service...

9.8CVSS8AI score0.02784EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/12/20 10:39 p.m.89 views

USN-3847-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2018-10902 It was discovered that an integer overr...

7.8CVSS6.7AI score0.00683EPSS
Exploits2
Ubuntu
Ubuntu
added 2018/12/05 4:30 p.m.89 views

USN-3811-3: SpamAssassin vulnerabilities

USN-3811-1 fixed a vulnerability in spamassassin. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that SpamAssassin incorrectly handled the PDFInfo plugin. A remote attacker could possibly use this issue to execute arbitrary code...

9.8CVSS8.4AI score0.1082EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/08/30 5:28 p.m.89 views

USN-3758-1: libx11 vulnerabilities

Tobias Stoeckmann discovered that libx11 incorrectly handled certain images. An attacker could possibly use this issue to access sensitive information CVE-2016-7942 Tobias Stoeckmann discovered that libx11 incorrectly handled certain inputs. An attacker could possibly use this issue to access...

9.8CVSS7.5AI score0.09341EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/04/04 7:44 p.m.89 views

USN-3620-1: Linux kernel vulnerabilities

It was discovered that the netlink 802.11 configuration interface in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker with the CAPNETADMIN privilege could use this to cause a denial of service system crash or possibly execute arbitrary code...

10CVSS7.2AI score0.05233EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/02/16 12:32 a.m.89 views

USN-3573-1: Quagga vulnerabilities

It was discovered that a double-free vulnerability existed in the Quagga BGP daemon when processing certain forms of UPDATE message. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2018-5379 It was discovered that the Quagga BGP daemon did not...

9.8CVSS7.5AI score0.74599EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/10/11 5:15 a.m.89 views

USN-3443-3: Linux kernel (GCP) vulnerability

Andrey Konovalov discovered that a divide-by-zero error existed in the TCP stack implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2017-14106...

5.5CVSS6.6AI score0.00445EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/09/12 6:25 p.m.89 views

USN-3413-1: BlueZ vulnerability

It was discovered that an information disclosure vulnerability existed in the Service Discovery Protocol SDP implementation in BlueZ. A physically proximate unauthenticated attacker could use this to disclose sensitive information. CVE-2017-1000250...

6.5CVSS6.7AI score0.07774EPSS
Exploits3
Ubuntu
Ubuntu
added 2017/08/28 10:45 p.m.89 views

USN-3405-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3405-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a use-after-free vulnerability existed in the POSIX message que...

7.8CVSS7.1AI score0.03631EPSS
Exploits8
Ubuntu
Ubuntu
added 2017/08/15 8:0 p.m.89 views

USN-3391-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to conduct cross-site scripting XSS attacks, bypass sandbox restrictions, obtain sensitive information, spoof the origin of modal...

10CVSS7.4AI score0.13697EPSS
Exploits25
Ubuntu
Ubuntu
added 2017/06/29 7:45 a.m.89 views

USN-3343-1: Linux kernel vulnerabilities

USN 3335-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. We apologize for the inconvenience. It was discovered that a use-after-free vulnerability in the core voltage regulator driver of the Linux...

7.8CVSS7.2AI score0.01613EPSS
Exploits7References2
Ubuntu
Ubuntu
added 2017/06/29 7:42 a.m.89 views

USN-3344-1: Linux kernel vulnerabilities

USN 3328-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. We apologize for the inconvenience. Roee Hay discovered that the parallel port printer driver in the Linux kernel did not properly bounds che...

7.8CVSS6.8AI score0.01372EPSS
Exploits7References2
Ubuntu
Ubuntu
added 2017/06/21 6:4 p.m.89 views

USN-3338-1: Linux kernel vulnerabilities

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges CVE-2017-1000364 Jesse Hert...

7.8CVSS7.5AI score0.05676EPSS
Exploits13
Ubuntu
Ubuntu
added 2017/02/22 12:10 a.m.89 views

USN-3206-1: Linux kernel vulnerabilities

It was discovered that a use-after-free vulnerability existed in the block device layer of the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly gain administrative privileges. CVE-2016-7910 Dmitry Vyukov discovered a use-after-free vulnerability ...

9.3CVSS6.8AI score0.0596EPSS
Exploits14
Ubuntu
Ubuntu
added 2017/02/03 9:48 a.m.89 views

USN-3190-1: Linux kernel vulnerabilities

Mikulas Patocka discovered that the asynchronous multibuffer cryptographic daemon mcryptd in the Linux kernel did not properly handle being invoked with incompatible algorithms. A local attacker could use this to cause a denial of service system crash. CVE-2016-10147 It was discovered that a...

10CVSS7.5AI score0.10177EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/01/11 7:7 a.m.89 views

USN-3169-1: Linux kernel vulnerabilities

Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment CS in certain error cases. A local attacker could use this to expose sensitive information kernel memory. CVE-2016-9756 Andrey Konovalov discovered that signed integer overflows...

7.8CVSS6.5AI score0.01566EPSS
Exploits8
Ubuntu
Ubuntu
added 2016/11/03 5:45 p.m.89 views

USN-3123-1: curl vulnerabilities

It was discovered that curl incorrectly reused client certificates when built with NSS. A remote attacker could possibly use this issue to hijack the authentication of a TLS connection. CVE-2016-7141 Nguyen Vu Hoang discovered that curl incorrectly handled escaping certain strings. A remote...

9.8CVSS7.6AI score0.11737EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/06/10 6:56 a.m.89 views

USN-3006-1: Linux kernel vulnerabilities

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-2117 Jann Horn discovered that eCryptfs improperly attempted to use...

7.8CVSS6.8AI score0.06438EPSS
Exploits6
Ubuntu
Ubuntu
added 2016/06/10 6:53 a.m.89 views

USN-3005-1: Linux kernel (Xenial HWE) vulnerabilities

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-2117 Jann Horn discovered that eCryptfs improperly attempted to use...

7.8CVSS6.8AI score0.06438EPSS
Exploits6
Ubuntu
Ubuntu
added 2016/05/06 8:9 p.m.89 views

USN-2965-1: Linux kernel vulnerabilities

Jann Horn discovered that the extended Berkeley Packet Filter eBPF implementation in the Linux kernel did not properly reference count file descriptors, leading to a use-after-free. A local unprivileged attacker could use this to gain administrative privileges. CVE-2016-4557 Ralf Spenneberg...

10CVSS6.8AI score0.2593EPSS
Exploits32
Ubuntu
Ubuntu
added 2016/03/14 4:34 p.m.89 views

USN-2930-2: Linux kernel (Wily HWE) vulnerabilities

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPTSOSETREPLACE events. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges...

8.4CVSS7.1AI score0.03723EPSS
Exploits21
Ubuntu
Ubuntu
added 2016/02/22 7:44 p.m.89 views

USN-2907-1: Linux kernel vulnerabilities

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. CVE-2016-1576 halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security...

7.8CVSS6.7AI score0.0123EPSS
Exploits4
Ubuntu
Ubuntu
added 2016/02/16 9:31 p.m.89 views

USN-2900-1: GNU C Library vulnerability

It was discovered that the GNU C Library incorrectly handled receiving responses while performing DNS resolution. A remote attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.1CVSS8.3AI score0.89557EPSS
Exploits17
Ubuntu
Ubuntu
added 2015/07/28 9:14 a.m.89 views

USN-2689-1: Linux kernel (Utopic HWE) vulnerabilities

Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs non-maskable interrupts. An unprivileged local user could exploit this flaw to cause a denial of service system crash or potentially escalate their privileges. CVE-2015-3290 Colin King discovered a flaw in the addkey...

7.2CVSS6.7AI score0.01103EPSS
Exploits4
Ubuntu
Ubuntu
added 2015/06/10 9:53 p.m.89 views

USN-2637-1: Linux kernel vulnerabilities

Xiong Zhou discovered a bug in the way the EXT4 filesystem handles fallocate zero range functionality when the page size is greater than the block size. A local attacker could exploit this flaw to cause a denial of service system crash. CVE-2015-0275 Wen Xu discovered a use-after-free flaw in the...

4.9CVSS7.5AI score0.02472EPSS
Exploits6
Ubuntu
Ubuntu
added 2015/05/20 11:17 a.m.89 views

USN-2612-1: Linux kernel (OMAP4) vulnerabilities

A race condition between chown and execve was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to gain administrative privileges. CVE-2015-3339 Vincent Tondellier discovered an integer overflow in the Linux kernel's netfilter connecti...

6.2CVSS6.7AI score0.00396EPSS
Exploits0
Ubuntu
Ubuntu
added 2015/04/30 7:51 a.m.89 views

USN-2584-1: Linux kernel (EC2) vulnerability

A race condition between chown and execve was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to gain administrative privileges...

6.2CVSS6.8AI score0.00317EPSS
Exploits0
Ubuntu
Ubuntu
added 2015/02/17 6:14 p.m.89 views

USN-2501-1: PHP vulnerabilities

Stefan Esser discovered that PHP incorrectly handled unserializing objects. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2014-8142, CVE-2015-0231 Brian Carpenter discovered that the PHP CGI component...

7.5CVSS7.6AI score0.53166EPSS
Exploits14
Total number of security vulnerabilities5000