10904 matches found
USN-520-1: fetchmail vulnerabilities
Gaetan Leurent discovered a vulnerability in the APOP protocol based on MD5 collisions. As fetchmail supports the APOP protocol, this vulnerability can be used by attackers to discover a portion of the APOP user's authentication credentials. CVE-2007-1558 Earl Chew discovered that fetchmail can b...
USN-499-1: Apache vulnerabilities
Stefan Esser discovered that modstatus did not force a character set, which could result in browsers becoming vulnerable to XSS attacks when processing the output. If a user were tricked into viewing server status output during a crafted server request, a remote attacker could exploit this to...
USN-455-1: PHP vulnerabilities
Stefan Esser discovered multiple vulnerabilities in the "Month of PHP bugs". The substrcompare function did not sufficiently verify its length argument. This might be exploited to read otherwise unaccessible memory, which might lead to information disclosure. CVE-2007-1375 The shared memory shmop...
USN-7419-1: Vim vulnerabilities
It was discovered that Vim incorrectly handled memory when using invalid input with the log option. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. CVE-2025-1215 It was discovered that Vim incorrectly handled memo...
USN-7361-1: Libxslt vulnerability
Ivan Fratric discovered that Libxslt incorrectly handled certain memory operations when handling documents. A remote attacker could use this issue to cause Libxslt to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-7314-1: Kerberos vulnerabilities
It was discovered that Kerberos incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause Kerberos to consume memory,leading to a denial of service. CVE-2024-26458, CVE-2024-26461 It was discovered that Kerberos incorrectly handled certain memory...
USN-6465-3: Linux kernel (GKE) vulnerabilities
Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2023-31083 Lin Ma discovered that the Netlink...
USN-6466-1: Linux kernel (NVIDIA) vulnerabilities
Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...
USN-6461-1: Linux kernel (OEM) vulnerabilities
Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Marek Marczykowski-Górecki discovered that the Xen event...
USN-6412-1: Linux kernel vulnerabilities
Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...
USN-6122-1: Linux kernel (OEM) vulnerabilities
Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...
USN-5950-1: Linux kernel (KVM) vulnerabilities
It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...
USN-5861-1: Linux kernel (Dell300x) vulnerabilities
It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...
USN-5855-1: ImageMagick vulnerabilities
It was discovered that ImageMagick incorrectly handled certain PNG images. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause ImageMagick to stop responding, resulting in a denial of service, or possibly obtain the...
USN-5854-1: Linux kernel vulnerabilities
It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 V4L2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20369 Pawan Kumar Gupta, Alyssa Milburn, Ami...
USN-5846-1: X.Org X Server vulnerability
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges...
USN-5810-1: Git vulnerabilities
Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain gitattributes. An attacker could possibly use this issue to cause a crash or execute arbitrary code. CVE-2022-23521 Joern Schneeweisz discovered that Git incorrectly handled certain commands. An attacker could...
USN-5799-1: Linux kernel (OEM) vulnerability
Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...
USN-5454-1: CUPS vulnerabilities
Joshua Mason discovered that CUPS incorrectly handled the secret key used to access the administrative web interface. A remote attacker could possibly use this issue to open a session as an administrator and execute arbitrary code. CVE-2022-26691 It was discovered that CUPS incorrectly handled...
USN-5174-2: Samba regression
USN-5174-1 fixed vulnerabilities in Samba. Some of the changes introduced a regression in Kerberos authentication in certain environments. Please see the following upstream bug for more information: https://bugzilla.samba.org/showbug.cgi?id=14922 This update fixes the problem. Original advisory...
USN-4617-1: SPICE vdagent vulnerabilities
Matthias Gerstner discovered that SPICE vdagent incorrectly handled the activexfers hash table. A local attacker could possibly use this issue to cause SPICE vdagent to consume memory, resulting in a denial of service. CVE-2020-25650 Matthias Gerstner discovered that SPICE vdagent incorrectly...
USN-4589-1: containerd vulnerability
It was discovered that containerd could be made to expose sensitive information when processing URLs in container image manifests. A remote attacker could use this to trick the user and obtain the user's registry credentials...
USN-4472-1: PostgreSQL vulnerabilities
Noah Misch discovered that PostgreSQL incorrectly handled the searchpath setting when used with logical replication. A remote attacker could possibly use this issue to execute arbitrary SQL code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2020-14349 Andres Freund discover...
USN-4459-1: Salt vulnerabilities
It was discovered that Salt allows remote attackers to determine which files exist on the server. An attacker could use that to extract sensitive information. CVE-2018-15750 It was discovered that Salt has a vulnerability that allows an user to bypass authentication. An attacker could use that to...
USN-4298-2: SQLite vulnerabilities
USN-4298-1 fixed several vulnerabilities in SQLite. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that SQLite incorrectly handled certain shadow tables. An attacker could use this issue to cause SQLite to crash, resulting in a...
USN-4356-1: Squid vulnerabilities
Jeriko One discovered that Squid incorrectly handled certain Edge Side Includes ESI responses. A malicious remote server could cause Squid to crash, possibly poison the cache, or possibly execute arbitrary code. CVE-2019-12519, CVE-2019-12521 It was discovered that Squid incorrectly handled the...
USN-4328-1: Thunderbird vulnerabilities
It was discovered that Message ID calculation was based on uninitialized data. An attacker could potentially exploit this to obtain sensitive information. CVE-2020-6792 Mutiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an...
USN-4304-1: Ceph vulnerability
Or Friedman discovered that Ceph incorrectly handled disconnects. A remote authenticated attacker could possibly use this issue to cause Ceph to consume resources, leading to a denial of service...
USN-4277-1: libexif vulnerabilities
Liu Bingchang discovered that libexif incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information or cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. CVE-2016-6328 Lili Xu and Bingchang Li...
USN-4230-1: ClamAV vulnerability
It was discovered that ClamAV incorrectly handled certain MIME messages. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service...
USN-4217-1: Samba vulnerabilities
Andreas Oster discovered that the Samba DNS management server incorrectly handled certain records. An authenticated attacker could possibly use this issue to crash Samba, resulting in a denial of service. CVE-2019-14861 Isaac Boukris discovered that Samba did not enforce the Kerberos...
USN-4193-1: Ghostscript vulnerability
Paul Manfred and Lukas Schauer discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause...
USN-4101-1: Firefox vulnerability
It was discovered that passwords could be copied to the clipboard from the "Saved Logins" dialog without entering the master password, even when a master password has been set. A local attacker could potentially exploit this to obtain saved passwords...
USN-4084-1: Django vulnerabilities
It was discovered that Django incorrectly handled the Truncator function. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service. CVE-2019-14232 It was discovered that Django incorrectly handled the striptags function. A remote attacke...
USN-3866-3: Ghostscript regression
USN-3866-2 fixed a regression in Ghostscript. The Ghostscript update introduced a new regression that resulted in certain pages being printed with a blue background. This update fixes the problem. Original advisory details: Tavis Ormandy discovered that Ghostscript incorrectly handled certain...
USN-3878-1: Linux kernel vulnerabilities
It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information host machine kernel memory. CVE-2018-14625 Cfir...
USN-3763-1: Linux kernel vulnerability
Juha-Matti Tilli discovered that the TCP implementation in the Linux kernel performed algorithmically expensive operations in some situations when handling incoming packets. A remote attacker could use this to cause a denial of service...
USN-3734-1: OpenJDK 8 vulnerability
It was discovered that the PatternSyntaxException class in OpenJDK did not properly validate arguments passed to it. An attacker could use this to possibly construct a class that caused a denial of service excessive memory consumption...
USN-3690-2: AMD Microcode regression
USN-3690-1 provided updated microcode for AMD processors to address CVE-2017-5715 aka Spectre. Unfortunately, the update caused some systems to fail to boot. This update reverts the update for Ubuntu 14.04 LTS. We apologize for the inconvenience. Original advisory details: Jann Horn discovered th...
USN-3629-2: MySQL vulnerabilities
USN-3629-1 fixed a vulnerability in MySQL. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.60 in...
USN-3531-2: Intel Microcode regression
USN-3531-1 updated Intel microcode to the 20180108 release. Regressions were discovered in the microcode updates which could cause system instability on certain hardware platforms. At the request of Intel, we have reverted to the previous packaged microcode version, the 20170707 release. Original...
USN-3445-2: Linux kernel (Trusty HWE) vulnerabilities
USN-3445-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Eyal Itkin discovered that the IP over IEEE 1394 FireWire implementation in the Linux...
USN-3444-1: Linux kernel vulnerabilities
Jan H. Schönherr discovered that the Xen subsystem did not properly handle block IO merges correctly in some situations. An attacker in a guest vm could use this to cause a denial of service host crash or possibly gain administrative privileges in the host. CVE-2017-12134 Andrey Konovalov...
USN-3435-1: Firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, obtain sensitive information, bypass phishing and malware protection, spoof the origin in modal dialogs,...
USN-3396-1: OpenJDK 7 vulnerabilities
It was discovered that the JPEGImageReader class in OpenJDK would incorrectly read unused image data. An attacker could use this to specially construct a jpeg image file that when opened by a Java application would cause a denial of service. CVE-2017-10053 It was discovered that the JAR verifier ...
USN-3309-1: Libtasn1 vulnerability
Jakub Jirasek discovered that GnuTLS incorrectly handled certain assignments files. If a user were tricked into processing a specially crafted assignments file, a remote attacker could possibly execute arbirary code...
USN-3169-3: Linux kernel (Raspberry Pi 2) vulnerabilities
Baozeng Ding discovered a race condition that could lead to a use-after- free in the Advanced Linux Sound Architecture ALSA subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2016-9794 Andrey Konovalov discovered that signed integer...
USN-3166-1: WebKitGTK+ vulnerabilities
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...
USN-3134-1: Python vulnerabilities
It was discovered that the smtplib library in Python did not return an error when StartTLS fails. A remote attacker could possibly use this to expose sensitive information. CVE-2016-0772 Rémi Rampin discovered that Python would not protect CGI applications from contents of the HTTPPROXY environme...
USN-3099-3: Linux kernel (Raspberry Pi 2) vulnerabilities
Vladimír Beneš discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload GRO processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service system crash. CVE-2016-7039 Marco Grassi discovered a...