Lucene search
K
UbuntuMost viewed

10890 matches found

Ubuntu
Ubuntu
•added 2016/09/19 7:12 p.m.•88 views

USN-3084-4: Linux kernel (Qualcomm Snapdragon) vulnerabilities

Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. CVE-2016-6136 It was discovered that the powerpc and powerpc64 hypervisor-mode KVM implementation in the Linux kernel for did...

6.5CVSS6.4AI score0.00348EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/09/19 7:6 p.m.•88 views

USN-3084-3: Linux kernel (Raspberry Pi 2) vulnerabilities

Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. CVE-2016-6136 It was discovered that the powerpc and powerpc64 hypervisor-mode KVM implementation in the Linux kernel for did...

6.5CVSS6.4AI score0.00348EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/08/10 10:58 a.m.•88 views

USN-3057-1: Linux kernel (Qualcomm Snapdragon) vulnerabilities

Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges. CVE-2016-3135 It was...

7.8CVSS7.3AI score0.01009EPSS
Exploits2
Ubuntu
Ubuntu
•added 2016/08/10 9:39 a.m.•88 views

USN-3049-1: Linux kernel vulnerabilities

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPTSOSETREPLACE events. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges...

8.4CVSS7.4AI score0.01234EPSS
Exploits1
Ubuntu
Ubuntu
•added 2016/06/10 7:1 a.m.•88 views

USN-3008-1: Linux kernel (Qualcomm Snapdragon) vulnerability

Jann Horn discovered that eCryptfs improperly attempted to use the mmap handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service system crash or possibly execute arbitrary code with...

7.8CVSS7.2AI score0.01393EPSS
Exploits2
Ubuntu
Ubuntu
•added 2016/05/18 12:52 p.m.•88 views

USN-2950-4: Samba regressions

USN-2950-1 fixed vulnerabilities in Samba. The backported fixes introduced in Ubuntu 12.04 LTS caused interoperability issues. This update fixes compatibility with certain NAS devices, and allows connecting to Samba 3.6 servers by relaxing the "client ipc signing" parameter to "auto". We apologiz...

7.1AI score0.3693EPSS
Exploits0References2
Ubuntu
Ubuntu
•added 2016/05/09 10:36 p.m.•88 views

USN-2971-3: Linux kernel (Raspberry Pi 2) vulnerabilities

Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not properly validate the endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7515 Zach Riggle discovered that the Linux kernel's list...

7.8CVSS6.4AI score0.01946EPSS
Exploits19
Ubuntu
Ubuntu
•added 2016/05/09 9:57 p.m.•88 views

USN-2969-1: Linux kernel (Utopic HWE) vulnerabilities

Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not properly validate the endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7515 Ben Hawkes discovered that the Linux kernel's AIO...

7.8CVSS6.6AI score0.01946EPSS
Exploits14
Ubuntu
Ubuntu
•added 2016/05/06 8:9 p.m.•88 views

USN-2965-1: Linux kernel vulnerabilities

Jann Horn discovered that the extended Berkeley Packet Filter eBPF implementation in the Linux kernel did not properly reference count file descriptors, leading to a use-after-free. A local unprivileged attacker could use this to gain administrative privileges. CVE-2016-4557 Ralf Spenneberg...

10CVSS6.8AI score0.2593EPSS
Exploits32
Ubuntu
Ubuntu
•added 2016/03/01 2:38 p.m.•88 views

USN-2914-1: OpenSSL vulnerabilities

Yuval Yarom, Daniel Genkin, and Nadia Heninger discovered that OpenSSL was vulnerable to a side-channel attack on modular exponentiation. On certain CPUs, a local attacker could possibly use this issue to recover RSA keys. This flaw is known as CacheBleed. CVE-2016-0702 Adam Langley discovered th...

10CVSS7.8AI score0.32414EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/07/27 5:47 p.m.•88 views

USN-2686-1: Apache HTTP Server vulnerabilities

It was discovered that the Apache HTTP Server incorrectly parsed chunk headers. A remote attacker could possibly use this issue to perform HTTP request smuggling attacks. CVE-2015-3183 It was discovered that the Apache HTTP Server incorrectly handled the apsomeauthrequired API. A remote attacker...

5CVSS6.6AI score0.73327EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/07/23 11:25 p.m.•88 views

USN-2681-1: Linux kernel vulnerabilities

A flaw was discovered in the user space memory copying for the pipe iovecs in the Linux kernel. An unprivileged local user could exploit this flaw to cause a denial of service system crash or potentially escalate their privileges. CVE-2015-1805 A flaw was discovered in the kvm kernel virtual...

7.8CVSS7AI score0.06267EPSS
Exploits3
Ubuntu
Ubuntu
•added 2015/01/13 11:37 a.m.•88 views

USN-2463-1: Linux kernel vulnerabilities

A race condition with MMIO and PIO transactions in the KVM Kernel Virtual Machine subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service guest OS crash via a specially crafted application. CVE-2014-7842 The KVM kernel virtual machine...

7.8CVSS6.8AI score0.00565EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/09/02 5:57 p.m.•88 views

USN-2336-1: Linux kernel (Trusty HWE) vulnerabilities

A flaw was discovered in the Linux kernel virtual machine's kvm validation of interrupt requests irq. A guest OS user could exploit this flaw to cause a denial of service host OS crash. CVE-2014-0155 Andy Lutomirski discovered a flaw in the authorization of netlink socket operations when a socket...

6.2CVSS6.7AI score0.05926EPSS
Exploits8
Ubuntu
Ubuntu
•added 2014/06/05 9:27 p.m.•88 views

USN-2235-1: Linux kernel vulnerabilities

Pinkie Pie discovered a flaw in the Linux kernel's futex subsystem. An unprivileged local user could exploit this flaw to cause a denial of service system crash or gain administrative privileges. CVE-2014-3153 A flaw was discovered in the vhost-net subsystem of the Linux kernel. Guest OS users...

7.8CVSS7.5AI score0.37233EPSS
Exploits16
Ubuntu
Ubuntu
•added 2014/05/27 9:49 a.m.•88 views

USN-2227-1: Linux kernel (OMAP4) vulnerabilities

A flaw was discovered in the Linux kernel's pseudo tty pty device. An unprivileged user could exploit this flaw to cause a denial of service system crash or potentially gain administrator privileges. CVE-2014-0196 Matthew Daley reported an information leak in the floppy disk driver of the Linux...

10CVSS7.5AI score0.22475EPSS
Exploits22
Ubuntu
Ubuntu
•added 2013/08/06 7:34 p.m.•88 views

USN-1924-1: Firefox vulnerabilities

Jeff Gilbert, Henrik Skupin, Ben Turner, Christian Holler, Andrew McCreight, Gary Kwong, Jan Varga and Jesse Ruderman discovered multiple memory safety issues in Firefox. If the user were tricked in to opening a specially crafted page, an attacker could possibly exploit these to cause a denial of...

10CVSS7.9AI score0.40118EPSS
Exploits14References1
Ubuntu
Ubuntu
•added 2013/07/03 5:55 p.m.•88 views

USN-1897-1: PyMongo vulnerability

Jibbers McGee discovered that PyMongo incorrectly handled certain invalid DBRefs. An attacker could use this issue to cause PyMongo to crash, resulting in a denial of service...

4.3CVSS7.6AI score0.02633EPSS
Exploits2
Ubuntu
Ubuntu
•added 2013/04/09 1:45 a.m.•88 views

USN-1798-1: Linux kernel (EC2) vulnerabilities

Mathias Krause discovered several errors in the Linux kernel's xfrmuser implementation. A local attacker could exploit these flaws to examine parts of kernel memory. CVE-2012-6537 Mathias Krause discovered information leak in the Linux kernel's compat ioctl interface. A local user could exploit t...

6.2CVSS6.6AI score0.005EPSS
Exploits2
Ubuntu
Ubuntu
•added 2013/01/14 10:59 p.m.•88 views

USN-1687-2: NSPR update

USN-1687-1 fixed a vulnerability NSS. This update provides the NSPR needed to use the new NSS. Original advisory details: Two intermediate CA certificates were mis-issued by the TURKTRUST certificate authority. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw...

8.4AI score
Exploits0
Ubuntu
Ubuntu
•added 2012/10/04 9:40 p.m.•88 views

USN-1596-1: Python 2.6 vulnerabilities

It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. CVE-2008-5983 It was discovered that the audioop module did not correctly perform...

6.9CVSS7.3AI score0.14643EPSS
Exploits10
Ubuntu
Ubuntu
•added 2012/10/03 8:14 p.m.•88 views

USN-1594-1: Linux kernel (Oneiric backport) vulnerabilities

Vadim Ponomarev discovered a flaw in the Linux kernel causing a reference leak when PID namespaces are used. A remote attacker could exploit this flaw causing a denial of service. CVE-2012-2127 A flaw was found in how the Linux kernel's KVM Kernel-based Virtual Machine subsystem handled MSI Messa...

6.9CVSS6.5AI score0.04309EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/08/10 10:29 p.m.•88 views

USN-1534-1: Linux kernel (EC2) vulnerabilities

An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface which is not available to unprivileged users until granted by a root user could exploit this flaw to crash the system or potential gain administrative privileges...

7.2CVSS5.8AI score0.00583EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/08/10 9:45 p.m.•88 views

USN-1531-1: Linux kernel vulnerabilities

An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface which is not available to unprivileged users until granted by a root user could exploit this flaw to crash the system or potential gain administrative privileges...

7.2CVSS6.6AI score0.00583EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/01/23 3:2 p.m.•88 views

USN-1336-1: Linux kernel vulnerability

Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. CVE-2011-2203 A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain ro...

7.8CVSS7.4AI score0.10904EPSS
Exploits18
Ubuntu
Ubuntu
•added 2011/07/13 8:25 p.m.•88 views

USN-1159-1: Linux kernel vulnerabilities (Marvell Dove)

Brad Spengler discovered that the kernel did not correctly account for userspace memory allocations during exec calls. A local attacker could exploit this to consume all system memory, leading to a denial of service. CVE-2010-4243 Alexander Duyck discovered that the Intel Gigabit Ethernet driver...

9.8CVSS7.1AI score0.04364EPSS
Exploits30
Ubuntu
Ubuntu
•added 2009/03/17 8:56 p.m.•88 views

USN-740-1: NSS vulnerability

The MD5 algorithm is known not to be collision resistant. This update blocklists the proof of concept rogue certificate authority as discussed in http://www.win.tue.nl/hashclash/rogue-ca/...

9.8CVSS6.5AI score0.09854EPSS
Exploits0
Ubuntu
Ubuntu
•added 2008/11/19 12:23 a.m.•88 views

USN-673-1: libxml2 vulnerabilities

Drew Yao discovered that libxml2 did not correctly handle certain corrupt XML documents. If a user or automated system were tricked into processing a malicious XML document, a remote attacker could cause applications linked against libxml2 to enter an infinite loop, leading to a denial of service...

10CVSS8AI score0.04051EPSS
Exploits1
Ubuntu
Ubuntu
•added 2008/01/18 2:9 a.m.•88 views

USN-571-1: X.org vulnerabilities

Multiple overflows were discovered in the XFree86-Misc, XInput-Misc, TOG-CUP, EVI, and MIT-SHM extensions which did not correctly validate function arguments. An authenticated attacker could send specially crafted requests and gain root privileges. CVE-2007-5760, CVE-2007-6427, CVE-2007-6428,...

9.3CVSS8.4AI score0.05332EPSS
Exploits7
Ubuntu
Ubuntu
•added 2007/09/28 11:11 p.m.•88 views

USN-522-1: openssl vulnerabilities

It was discovered that OpenSSL did not correctly perform Montgomery multiplications. Local attackers might be able to reconstruct RSA private keys by examining another user's OpenSSL processes. CVE-2007-3108 Moritz Jodeit discovered that OpenSSL's SSLgetsharedciphers function did not correctly...

6.8CVSS7.7AI score0.16061EPSS
Exploits1
Ubuntu
Ubuntu
•added 2007/04/27 9:10 p.m.•88 views

USN-455-1: PHP vulnerabilities

Stefan Esser discovered multiple vulnerabilities in the "Month of PHP bugs". The substrcompare function did not sufficiently verify its length argument. This might be exploited to read otherwise unaccessible memory, which might lead to information disclosure. CVE-2007-1375 The shared memory shmop...

7.8CVSS6.1AI score0.10028EPSS
Exploits9
Ubuntu
Ubuntu
•added 2006/06/08 11:33 p.m.•88 views

USN-291-1: FreeType vulnerabilities

Several integer overflows have been discovered in the FreeType library. By tricking a user into installing and/or opening a specially crafted font file, these could be exploited to execute arbitrary code with the privileges of that user...

7.5CVSS5.8AI score0.16172EPSS
Exploits0
Ubuntu
Ubuntu
•added 2005/10/18 1:39 a.m.•88 views

USN-209-1: SSH server vulnerability

An information disclosure vulnerability has been found in the SSH server. When the GSSAPIAuthentication option was enabled, the SSH server could send GSSAPI credentials even to users who attempted to log in with a method other than GSSAPI. This could inadvertently expose these credentials to an...

5CVSS7.4AI score0.02299EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/26 6:27 p.m.•87 views

USN-8309-1: libssh2 vulnerability

It was discovered that libssh2 incorrectly handled username and password length values during SSH password authentication. A remote attacker could possibly use this issue to cause a denial of service...

9.1CVSS5.8AI score0.00466EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/07 1:1 p.m.•87 views

USN-7419-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled memory when using invalid input with the log option. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. CVE-2025-1215 It was discovered that Vim incorrectly handled memo...

7.8CVSS5.5AI score0.00492EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/03/20 11:57 a.m.•87 views

USN-7361-1: Libxslt vulnerability

Ivan Fratric discovered that Libxslt incorrectly handled certain memory operations when handling documents. A remote attacker could use this issue to cause Libxslt to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS7.2AI score0.00324EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/03/03 12:40 p.m.•87 views

USN-7314-1: Kerberos vulnerabilities

It was discovered that Kerberos incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause Kerberos to consume memory,leading to a denial of service. CVE-2024-26458, CVE-2024-26461 It was discovered that Kerberos incorrectly handled certain memory...

7.5CVSS7.3AI score0.01128EPSS
Exploits3
Ubuntu
Ubuntu
•added 2024/05/07 7:36 p.m.•87 views

USN-6767-1: Linux kernel vulnerabilities

Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service system crash. CVE-2024-23849 Several security issues were discovered in the Linux kernel. An attacker...

7.8CVSS6.9AI score0.00316EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/11/10 10:25 a.m.•87 views

USN-6465-3: Linux kernel (GKE) vulnerabilities

Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2023-31083 Lin Ma discovered that the Netlink...

5.5CVSS6.7AI score0.00454EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/31 9:47 p.m.•87 views

USN-6466-1: Linux kernel (NVIDIA) vulnerabilities

Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

9.8CVSS8.4AI score0.54577EPSS
Exploits8
Ubuntu
Ubuntu
•added 2023/10/31 12:51 p.m.•87 views

USN-6461-1: Linux kernel (OEM) vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Marek Marczykowski-Górecki discovered that the Xen event...

7.8CVSS7.2AI score0.00888EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/10/05 2:27 p.m.•87 views

USN-6412-1: Linux kernel vulnerabilities

Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

9.8CVSS8AI score0.0616EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/05/30 5:32 p.m.•87 views

USN-6122-1: Linux kernel (OEM) vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS6.7AI score0.12966EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/03/02 2:0 p.m.•87 views

USN-5908-1: Sudo vulnerability

It was discovered that Sudo incorrectly handled the per-command chroot feature. In certain environments where Sudo is configured with a rule that contains a CHROOT setting, a local attacker could use this issue to cause Sudo to crash, resulting in a denial of service, or possibly escalate...

7.2CVSS6.7AI score0.01664EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/02/09 10:42 p.m.•87 views

USN-5861-1: Linux kernel (Dell300x) vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.8AI score0.21314EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/02/09 6:28 p.m.•87 views

USN-5854-1: Linux kernel vulnerabilities

It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 V4L2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20369 Pawan Kumar Gupta, Alyssa Milburn, Ami...

7CVSS7.3AI score0.04947EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/02/07 5:32 p.m.•87 views

USN-5846-1: X.Org X Server vulnerability

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges...

7.8CVSS7.8AI score0.00899EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/17 6:36 p.m.•87 views

USN-5810-1: Git vulnerabilities

Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain gitattributes. An attacker could possibly use this issue to cause a crash or execute arbitrary code. CVE-2022-23521 Joern Schneeweisz discovered that Git incorrectly handled certain commands. An attacker could...

9.8CVSS8.7AI score0.56334EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/01/11 1:23 a.m.•87 views

USN-5799-1: Linux kernel (OEM) vulnerability

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.5AI score0.00428EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/31 11:29 a.m.•87 views

USN-5454-1: CUPS vulnerabilities

Joshua Mason discovered that CUPS incorrectly handled the secret key used to access the administrative web interface. A remote attacker could possibly use this issue to open a session as an administrator and execute arbitrary code. CVE-2022-26691 It was discovered that CUPS incorrectly handled...

7.2CVSS6.4AI score0.02006EPSS
Exploits0
Total number of security vulnerabilities5000