Lucene search
K
UbuntuMost viewed

10904 matches found

Ubuntu
Ubuntu
added 2007/09/26 12:45 a.m.88 views

USN-520-1: fetchmail vulnerabilities

Gaetan Leurent discovered a vulnerability in the APOP protocol based on MD5 collisions. As fetchmail supports the APOP protocol, this vulnerability can be used by attackers to discover a portion of the APOP user's authentication credentials. CVE-2007-1558 Earl Chew discovered that fetchmail can b...

5CVSS8.2AI score0.02423EPSS
Exploits2
Ubuntu
Ubuntu
added 2007/08/17 4:41 a.m.88 views

USN-499-1: Apache vulnerabilities

Stefan Esser discovered that modstatus did not force a character set, which could result in browsers becoming vulnerable to XSS attacks when processing the output. If a user were tricked into viewing server status output during a crafted server request, a remote attacker could exploit this to...

5CVSS7.4AI score0.27783EPSS
Exploits2
Ubuntu
Ubuntu
added 2007/04/27 9:10 p.m.88 views

USN-455-1: PHP vulnerabilities

Stefan Esser discovered multiple vulnerabilities in the "Month of PHP bugs". The substrcompare function did not sufficiently verify its length argument. This might be exploited to read otherwise unaccessible memory, which might lead to information disclosure. CVE-2007-1375 The shared memory shmop...

7.8CVSS6.1AI score0.10028EPSS
Exploits9
Ubuntu
Ubuntu
added 2025/04/07 1:1 p.m.87 views

USN-7419-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled memory when using invalid input with the log option. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. CVE-2025-1215 It was discovered that Vim incorrectly handled memo...

7.8CVSS5.5AI score0.00492EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/03/20 11:57 a.m.87 views

USN-7361-1: Libxslt vulnerability

Ivan Fratric discovered that Libxslt incorrectly handled certain memory operations when handling documents. A remote attacker could use this issue to cause Libxslt to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS7.2AI score0.00324EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/03/03 12:40 p.m.87 views

USN-7314-1: Kerberos vulnerabilities

It was discovered that Kerberos incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause Kerberos to consume memory,leading to a denial of service. CVE-2024-26458, CVE-2024-26461 It was discovered that Kerberos incorrectly handled certain memory...

7.5CVSS7.3AI score0.01128EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/11/10 10:25 a.m.87 views

USN-6465-3: Linux kernel (GKE) vulnerabilities

Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2023-31083 Lin Ma discovered that the Netlink...

5.5CVSS6.7AI score0.00454EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/10/31 9:47 p.m.87 views

USN-6466-1: Linux kernel (NVIDIA) vulnerabilities

Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

9.8CVSS8.4AI score0.54577EPSS
Exploits8
Ubuntu
Ubuntu
added 2023/10/31 12:51 p.m.87 views

USN-6461-1: Linux kernel (OEM) vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Marek Marczykowski-Górecki discovered that the Xen event...

7.8CVSS7.2AI score0.00888EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/10/05 2:27 p.m.87 views

USN-6412-1: Linux kernel vulnerabilities

Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

9.8CVSS8AI score0.0616EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/05/30 5:32 p.m.87 views

USN-6122-1: Linux kernel (OEM) vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS6.7AI score0.12966EPSS
Exploits7
Ubuntu
Ubuntu
added 2023/03/14 6:4 p.m.87 views

USN-5950-1: Linux kernel (KVM) vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

7.8CVSS7.3AI score0.06346EPSS
Exploits7
Ubuntu
Ubuntu
added 2023/02/09 10:42 p.m.87 views

USN-5861-1: Linux kernel (Dell300x) vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.8AI score0.21314EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/02/09 8:50 p.m.87 views

USN-5855-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain PNG images. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause ImageMagick to stop responding, resulting in a denial of service, or possibly obtain the...

6.5CVSS7.7AI score0.89855EPSS
Exploits31
Ubuntu
Ubuntu
added 2023/02/09 6:28 p.m.87 views

USN-5854-1: Linux kernel vulnerabilities

It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 V4L2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20369 Pawan Kumar Gupta, Alyssa Milburn, Ami...

7CVSS7.3AI score0.04947EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/02/07 5:32 p.m.87 views

USN-5846-1: X.Org X Server vulnerability

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges...

7.8CVSS7.8AI score0.00899EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/17 6:36 p.m.87 views

USN-5810-1: Git vulnerabilities

Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain gitattributes. An attacker could possibly use this issue to cause a crash or execute arbitrary code. CVE-2022-23521 Joern Schneeweisz discovered that Git incorrectly handled certain commands. An attacker could...

9.8CVSS8.7AI score0.56334EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/11 1:23 a.m.87 views

USN-5799-1: Linux kernel (OEM) vulnerability

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.5AI score0.00428EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/05/31 11:29 a.m.87 views

USN-5454-1: CUPS vulnerabilities

Joshua Mason discovered that CUPS incorrectly handled the secret key used to access the administrative web interface. A remote attacker could possibly use this issue to open a session as an administrator and execute arbitrary code. CVE-2022-26691 It was discovered that CUPS incorrectly handled...

7.2CVSS6.4AI score0.02006EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/12/13 7:55 p.m.87 views

USN-5174-2: Samba regression

USN-5174-1 fixed vulnerabilities in Samba. Some of the changes introduced a regression in Kerberos authentication in certain environments. Please see the following upstream bug for more information: https://bugzilla.samba.org/showbug.cgi?id=14922 This update fixes the problem. Original advisory...

6.8AI score
Exploits0References1
Ubuntu
Ubuntu
added 2020/11/04 11:53 a.m.87 views

USN-4617-1: SPICE vdagent vulnerabilities

Matthias Gerstner discovered that SPICE vdagent incorrectly handled the activexfers hash table. A local attacker could possibly use this issue to cause SPICE vdagent to consume memory, resulting in a denial of service. CVE-2020-25650 Matthias Gerstner discovered that SPICE vdagent incorrectly...

6.4CVSS5.9AI score0.0049EPSS
Exploits4
Ubuntu
Ubuntu
added 2020/10/15 7:58 p.m.87 views

USN-4589-1: containerd vulnerability

It was discovered that containerd could be made to expose sensitive information when processing URLs in container image manifests. A remote attacker could use this to trick the user and obtain the user's registry credentials...

6.1CVSS6.5AI score0.02209EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/08/25 12:20 p.m.87 views

USN-4472-1: PostgreSQL vulnerabilities

Noah Misch discovered that PostgreSQL incorrectly handled the searchpath setting when used with logical replication. A remote attacker could possibly use this issue to execute arbitrary SQL code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2020-14349 Andres Freund discover...

7.3CVSS7.9AI score0.02235EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/08/13 9:23 p.m.87 views

USN-4459-1: Salt vulnerabilities

It was discovered that Salt allows remote attackers to determine which files exist on the server. An attacker could use that to extract sensitive information. CVE-2018-15750 It was discovered that Salt has a vulnerability that allows an user to bypass authentication. An attacker could use that to...

9.8CVSS8.1AI score0.96405EPSS
Exploits25
Ubuntu
Ubuntu
added 2020/08/03 6:29 p.m.87 views

USN-4298-2: SQLite vulnerabilities

USN-4298-1 fixed several vulnerabilities in SQLite. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that SQLite incorrectly handled certain shadow tables. An attacker could use this issue to cause SQLite to crash, resulting in a...

8.8CVSS7.8AI score0.06997EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/05/13 11:37 a.m.87 views

USN-4356-1: Squid vulnerabilities

Jeriko One discovered that Squid incorrectly handled certain Edge Side Includes ESI responses. A malicious remote server could cause Squid to crash, possibly poison the cache, or possibly execute arbitrary code. CVE-2019-12519, CVE-2019-12521 It was discovered that Squid incorrectly handled the...

9.8CVSS7.1AI score0.27246EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/04/13 7:46 p.m.87 views

USN-4328-1: Thunderbird vulnerabilities

It was discovered that Message ID calculation was based on uninitialized data. An attacker could potentially exploit this to obtain sensitive information. CVE-2020-6792 Mutiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an...

9.8CVSS7.6AI score0.06305EPSS
Exploits4
Ubuntu
Ubuntu
added 2020/03/17 12:28 p.m.87 views

USN-4304-1: Ceph vulnerability

Or Friedman discovered that Ceph incorrectly handled disconnects. A remote authenticated attacker could possibly use this issue to cause Ceph to consume resources, leading to a denial of service...

6.8CVSS6.8AI score0.02488EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/02/11 4:48 p.m.87 views

USN-4277-1: libexif vulnerabilities

Liu Bingchang discovered that libexif incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information or cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. CVE-2016-6328 Lili Xu and Bingchang Li...

9.1CVSS7.4AI score0.04059EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/01/08 1:39 p.m.87 views

USN-4230-1: ClamAV vulnerability

It was discovered that ClamAV incorrectly handled certain MIME messages. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service...

7.5CVSS7.5AI score0.03135EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/12/10 12:54 p.m.87 views

USN-4217-1: Samba vulnerabilities

Andreas Oster discovered that the Samba DNS management server incorrectly handled certain records. An authenticated attacker could possibly use this issue to crash Samba, resulting in a denial of service. CVE-2019-14861 Isaac Boukris discovered that Samba did not enforce the Kerberos...

6.4CVSS6.4AI score0.02783EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/11/14 4:26 p.m.87 views

USN-4193-1: Ghostscript vulnerability

Paul Manfred and Lukas Schauer discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause...

8.8CVSS7.7AI score0.03434EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/08/16 7:23 p.m.87 views

USN-4101-1: Firefox vulnerability

It was discovered that passwords could be copied to the clipboard from the "Saved Logins" dialog without entering the master password, even when a master password has been set. A local attacker could potentially exploit this to obtain saved passwords...

9.8CVSS7.6AI score0.01411EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/08/01 11:59 a.m.87 views

USN-4084-1: Django vulnerabilities

It was discovered that Django incorrectly handled the Truncator function. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service. CVE-2019-14232 It was discovered that Django incorrectly handled the striptags function. A remote attacke...

9.8CVSS7.5AI score0.47694EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/02/26 2:14 p.m.87 views

USN-3866-3: Ghostscript regression

USN-3866-2 fixed a regression in Ghostscript. The Ghostscript update introduced a new regression that resulted in certain pages being printed with a blue background. This update fixes the problem. Original advisory details: Tavis Ormandy discovered that Ghostscript incorrectly handled certain...

5.9AI score
Exploits0References1
Ubuntu
Ubuntu
added 2019/02/04 7:44 p.m.87 views

USN-3878-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information host machine kernel memory. CVE-2018-14625 Cfir...

8.8CVSS6.2AI score0.00477EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/09/11 4:9 a.m.87 views

USN-3763-1: Linux kernel vulnerability

Juha-Matti Tilli discovered that the TCP implementation in the Linux kernel performed algorithmically expensive operations in some situations when handling incoming packets. A remote attacker could use this to cause a denial of service...

7.8CVSS6.7AI score0.7354EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/08/10 1:17 a.m.87 views

USN-3734-1: OpenJDK 8 vulnerability

It was discovered that the PatternSyntaxException class in OpenJDK did not properly validate arguments passed to it. An attacker could use this to possibly construct a class that caused a denial of service excessive memory consumption...

4.3CVSS6.5AI score0.04184EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/07/05 10:13 p.m.87 views

USN-3690-2: AMD Microcode regression

USN-3690-1 provided updated microcode for AMD processors to address CVE-2017-5715 aka Spectre. Unfortunately, the update caused some systems to fail to boot. This update reverts the update for Ubuntu 14.04 LTS. We apologize for the inconvenience. Original advisory details: Jann Horn discovered th...

7.1AI score
Exploits0References1
Ubuntu
Ubuntu
added 2018/04/25 12:20 p.m.87 views

USN-3629-2: MySQL vulnerabilities

USN-3629-1 fixed a vulnerability in MySQL. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.60 in...

7.7CVSS6.6AI score0.0401EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/01/22 4:9 p.m.87 views

USN-3531-2: Intel Microcode regression

USN-3531-1 updated Intel microcode to the 20180108 release. Regressions were discovered in the microcode updates which could cause system instability on certain hardware platforms. At the request of Intel, we have reverted to the previous packaged microcode version, the 20170707 release. Original...

7.2AI score
Exploits0References1
Ubuntu
Ubuntu
added 2017/10/11 6:14 a.m.87 views

USN-3445-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3445-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Eyal Itkin discovered that the IP over IEEE 1394 FireWire implementation in the Linux...

6.8CVSS7.1AI score0.01765EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/10/10 11:29 p.m.87 views

USN-3444-1: Linux kernel vulnerabilities

Jan H. Schönherr discovered that the Xen subsystem did not properly handle block IO merges correctly in some situations. An attacker in a guest vm could use this to cause a denial of service host crash or possibly gain administrative privileges in the host. CVE-2017-12134 Andrey Konovalov...

8.8CVSS6.5AI score0.00497EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/10/02 10:55 p.m.87 views

USN-3435-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, obtain sensitive information, bypass phishing and malware protection, spoof the origin in modal dialogs,...

10CVSS7.8AI score0.03641EPSS
Exploits12
Ubuntu
Ubuntu
added 2017/08/18 5:46 a.m.87 views

USN-3396-1: OpenJDK 7 vulnerabilities

It was discovered that the JPEGImageReader class in OpenJDK would incorrectly read unused image data. An attacker could use this to specially construct a jpeg image file that when opened by a Java application would cause a denial of service. CVE-2017-10053 It was discovered that the JAR verifier ...

9.6CVSS7.6AI score0.05034EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/06/05 4:35 p.m.87 views

USN-3309-1: Libtasn1 vulnerability

Jakub Jirasek discovered that GnuTLS incorrectly handled certain assignments files. If a user were tricked into processing a specially crafted assignments file, a remote attacker could possibly execute arbirary code...

8.8CVSS6.9AI score0.05585EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/01/11 8:16 a.m.87 views

USN-3169-3: Linux kernel (Raspberry Pi 2) vulnerabilities

Baozeng Ding discovered a race condition that could lead to a use-after- free in the Advanced Linux Sound Architecture ALSA subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2016-9794 Andrey Konovalov discovered that signed integer...

7.8CVSS6.5AI score0.01566EPSS
Exploits8
Ubuntu
Ubuntu
added 2017/01/10 6:45 p.m.87 views

USN-3166-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

9.6CVSS6.8AI score0.66788EPSS
Exploits9
Ubuntu
Ubuntu
added 2016/11/22 6:51 p.m.87 views

USN-3134-1: Python vulnerabilities

It was discovered that the smtplib library in Python did not return an error when StartTLS fails. A remote attacker could possibly use this to expose sensitive information. CVE-2016-0772 Rémi Rampin discovered that Python would not protect CGI applications from contents of the HTTPPROXY environme...

10CVSS7.8AI score0.2548EPSS
Exploits7
Ubuntu
Ubuntu
added 2016/10/11 7:14 a.m.87 views

USN-3099-3: Linux kernel (Raspberry Pi 2) vulnerabilities

Vladimír Beneš discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload GRO processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service system crash. CVE-2016-7039 Marco Grassi discovered a...

7.8CVSS6.9AI score0.07613EPSS
Exploits5
Total number of security vulnerabilities5000