Lucene search
K
UbuntuMost viewed

10888 matches found

Ubuntu
Ubuntu
•added 2024/07/12 2:12 p.m.•310 views

USN-6896-1: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

9.1CVSS7.5AI score0.01635EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/01/26 6:48 p.m.•309 views

USN-4705-1: Sudo vulnerabilities

It was discovered that Sudo incorrectly handled memory when parsing command lines. A local attacker could possibly use this issue to obtain unintended access to the administrator account. CVE-2021-3156 It was discovered that the Sudo sudoedit utility incorrectly handled checking directory...

7.8CVSS7AI score0.99295EPSS
Exploits82
Ubuntu
Ubuntu
•added 2024/06/10 2:27 p.m.•306 views

USN-6824-1: GIFLIB vulnerabilities

It was discovered that GIFLIB incorrectly handled certain GIF files. An attacker could possibly use this issue to cause a denial of service. CVE-2021-40633, CVE-2022-28506, CVE-2023-39742...

8.8CVSS6.3AI score0.01533EPSS
Exploits3
Ubuntu
Ubuntu
•added 2024/08/15 7:0 p.m.•305 views

USN-6964-1: ORC vulnerability

Noriko Totsuka discovered that ORC incorrectly handled certain crafted file. An attacker could possibly use this issue to execute arbitrary code...

7CVSS7AI score0.00379EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/02/02 7:23 a.m.•305 views

USN-4709-1: Linux kernel vulnerabilities

It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data...

9.3CVSS6.9AI score0.06563EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/11/19 3:1 p.m.•305 views

USN-4639-1: phpMyAdmin vulnerabilities

It was discovered that there was a bug in the way phpMyAdmin handles the phpMyAdmin Configuration Storage tables. An authenticated attacker could use this vulnerability to cause phpmyAdmin to leak sensitive files. CVE-2018-19968 It was discovered that phpMyAdmin incorrectly handled user input. An...

9.8CVSS7.1AI score0.67081EPSS
Exploits10
Ubuntu
Ubuntu
•added 2018/10/03 6:39 p.m.•305 views

USN-3783-1: Apache HTTP Server vulnerabilities

Robert Swiecki discovered that the Apache HTTP Server HTTP/2 module incorrectly destroyed certain streams. A remote attacker could possibly use this issue to cause the server to crash, leading to a denial of service. CVE-2018-1302 Craig Young discovered that the Apache HTTP Server HTTP/2 module...

7.5CVSS6.8AI score0.51002EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/10/01 4:12 a.m.•304 views

USN-4145-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the GFS2 file system in the Linux kernel. A local attacker could possibly use this to cause a denial of service system crash. CVE-2016-10905 It was discovered that the IPv6 implementation in the Linux kernel did not properly validate socket optio...

10CVSS6.8AI score0.06342EPSS
Exploits6
Ubuntu
Ubuntu
•added 2024/07/15 11:27 a.m.•303 views

USN-6897-1: Ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly handled certain long PDF filter names. An attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. CVE-2024-29506 It was discovered that...

8.8CVSS6.5AI score0.01446EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/01/31 8:17 p.m.•303 views

USN-6619-1: runC vulnerability

Rory McNamara discovered that runC did not properly manage internal file descriptor while managing containers. An attacker could possibly use this issue to obtain sensitive information or bypass container restrictions...

8.6CVSS7.4AI score0.18087EPSS
Exploits18
Ubuntu
Ubuntu
•added 2024/05/30 3:53 p.m.•302 views

USN-6803-1: FFmpeg vulnerabilities

Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 24.04 LTS. CVE-2023-49501 Zen...

8.8CVSS6.8AI score0.01545EPSS
Exploits7
Ubuntu
Ubuntu
•added 2022/06/29 10:11 p.m.•299 views

USN-5496-1: cloud-init vulnerability

Mike Stroyan discovered that cloud-init could log password hashes when reporting schema failures. An attacker with access to these logs could potentially use this to gain user credentials...

5.5CVSS5.7AI score0.00236EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/02/28 1:20 p.m.•298 views

USN-6666-1: libuv vulnerability

It was discovered that libuv incorrectly truncated certain hostnames. A remote attacker could possibly use this issue with specially crafted hostnames to bypass certain checks...

7.3CVSS7AI score0.02003EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/01/27 3:1 p.m.•298 views

USN-4705-2: Sudo vulnerability

USN-4705-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that Sudo incorrectly handled memory when parsing command lines. A local attacker could possibly use this issue to obtain...

7.8CVSS7.2AI score0.99295EPSS
Exploits81
Ubuntu
Ubuntu
•added 2022/08/10 6:12 p.m.•296 views

USN-5566-1: Linux kernel vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.6AI score0.12746EPSS
Exploits24
Ubuntu
Ubuntu
•added 2024/06/06 12:29 p.m.•295 views

USN-6567-2: QEMU regression

USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behaviour change leading to a regression in certain environments. This update fixes the problem. Original advisory details: Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the...

7.1AI score0.01606EPSS
Exploits5References1
Ubuntu
Ubuntu
•added 2021/02/03 1:1 a.m.•294 views

USN-4710-1: Linux kernel vulnerability

Kiyin 尹亮 discovered that the perf subsystem in the Linux kernel did not properly deallocate memory in some situations. A privileged attacker could use this to cause a denial of service kernel memory exhaustion...

5.5CVSS6.5AI score0.00348EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/04/29 10:18 a.m.•293 views

USN-6756-1: less vulnerability

It was discovered that less mishandled newline characters in file names. If a user or automated system were tricked into opening specially crafted files, an attacker could possibly use this issue to execute arbitrary commands on the host...

8.6CVSS7.2AI score0.00628EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/03/09 12:0 a.m.•293 views

USN-5317-1: Linux kernel vulnerabilities

Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-25636 Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida...

7.8CVSS7.5AI score0.88106EPSS
Exploits106References1
Ubuntu
Ubuntu
•added 2024/07/19 9:4 a.m.•292 views

USN-6895-3: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the HugeTLB file syst...

7.8CVSS7.4AI score0.00756EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/12/13 8:35 a.m.•291 views

USN-5776-1: containerd vulnerabilities

It was discovered that containerd incorrectly handled memory when receiving certain faulty Exec or ExecSync commands. A remote attacker could possibly use this issue to cause a denial of service or crash containerd. CVE-2022-23471, CVE-2022-31030 It was discovered that containerd incorrectly set ...

7.5CVSS6.6AI score0.02676EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/11/21 4:36 p.m.•290 views

USN-6501-1: RabbitMQ vulnerability

It was discovered that RabbitMQ incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denial of service...

4.9CVSS5.8AI score0.01077EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/01/19 12:50 p.m.•289 views

USN-4699-1: Apache Log4net vulnerability

It was discovered that Apache Log4net incorrectly handled certain configuration files. An attacker could possibly use this issue to expose sensitive information...

9.8CVSS7.2AI score0.49839EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/07/05 10:44 a.m.•288 views

USN-6202-1: containerd vulnerabilities

David Korczynski and Adam Korczynski discovered that containerd incorrectly processed certain images with large files. An attacker could possibly use this issue to cause containerd to crash, resulting in a denial of service. CVE-2023-25153 It was discovered that containerd incorrectly set up...

7.8CVSS7.2AI score0.00542EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/11/17 12:57 a.m.•288 views

USN-5728-1: Linux kernel vulnerabilities

Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-427...

8.8CVSS7.1AI score0.04947EPSS
Exploits7
Ubuntu
Ubuntu
•added 2019/06/29 3:23 a.m.•288 views

USN-4041-1: Linux kernel update

USN-4017-1 fixed vulnerabilities in the Linux kernel for Ubuntu. Unfortunately, the update introduced a regression that interfered with networking applications that setup very low SOSNDBUF values. This update fixes the problem. We apologize for the inconvenience. Jonathan Looney discovered that t...

7.5CVSS6.8AI score0.9166EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2019/10/03 2:21 p.m.•287 views

USN-4146-2: ClamAV vulnerabilities

USN-4146-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that ClamAV incorrectly handled unpacking ZIP files. A remote attacker could possibly use this issue to cause...

9.8CVSS7.5AI score0.08042EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/01/11 3:44 p.m.•286 views

USN-6578-1: .NET vulnerabilities

Vishal Mishra and Anita Gaud discovered that .NET did not properly validate X.509 certificates with malformed signatures. An attacker could possibly use this issue to bypass an application's typical authentication logic. CVE-2024-0057 Morgan Brown discovered that .NET did not properly handle...

9.8CVSS7.3AI score0.02868EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/06/27 1:29 p.m.•285 views

USN-4042-1: poppler vulnerabilities

It was discovered that poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service, or possibly execute arbitrary code...

9.8CVSS6.8AI score0.03518EPSS
Exploits10
Ubuntu
Ubuntu
•added 2024/07/10 6:7 a.m.•284 views

USN-6889-1: .NET vulnerabilities

It was discovered that .NET did not properly handle object deserialization. An attacker could possibly use this issue to cause a denial of service. CVE-2024-30105 Radek Zikmund discovered that .NET did not properly manage memory. An attacker could use this issue to cause a denial of service or...

8.1CVSS7.8AI score0.02915EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/04/22 3:59 a.m.•284 views

USN-4916-2: Linux kernel regression

USN-4916-1 fixed vulnerabilities in the Linux kernel. Unfortunately, the fix for CVE-2021-3493 introduced a memory leak in some situations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the overlayfs implementation in the Linu...

7.5AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2018/08/16 1:9 p.m.•284 views

USN-3744-1: PostgreSQL vulnerabilities

Andrew Krasichkov discovered that the PostgreSQL client library incorrectly reset its internal state between connections. A remote attacker could possibly use this issue to bypass certain client-side connection security features. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS...

8.5CVSS7.6AI score0.05154EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/10/14 5:42 p.m.•283 views

USN-4583-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain encrypt ciphers. An attacker could possibly use this issue to decrease security or cause incorrect encryption data. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2020-7069 It was discorevered that PHP incorrectly handled...

6.5CVSS7.1AI score0.05029EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/11/14 10:6 p.m.•283 views

USN-3820-2: Linux kernel (HWE) vulnerabilities

USN-3820-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Felix Wilhelm discovered that the Xen netback driver in the Linux kernel did not...

8.4CVSS7.2AI score0.00552EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/02/19 5:14 p.m.•282 views

USN-6643-1: NPM IP vulnerability

Emre Durmaz discovered that NPM IP package incorrectly distinguished between private and public IP addresses. A remote attacker could possibly use this issue to perform Server-Side Request Forgery SSRF attacks...

9.8CVSS7AI score0.01613EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/18 1:38 p.m.•282 views

USN-6379-1: vsftpd vulnerability

It was discovered that vsftpd was vulnerable to the ALPACA TLS protocol content confusion attack. A remote attacker could possibly use this issue to redirect traffic from one subdomain to another...

7.4CVSS7.5AI score0.02037EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/08/20 3:55 a.m.•282 views

USN-4105-1: CUPS vulnerabilities

Stephan Zeisberg discovered that the CUPS SNMP backend incorrectly handled encoded ASN.1 inputs. A remote attacker could possibly use this issue to cause CUPS to crash by providing specially crafted network traffic. CVE-2019-8696, CVE-2019-8675 It was discovered that CUPS did not properly handle...

8.8CVSS6.5AI score0.02091EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/31 12:5 a.m.•282 views

USN-4080-1: OpenJDK 8 vulnerabilities

Keegan Ryan discovered that the ECC implementation in OpenJDK was not sufficiently resilient to side-channel attacks. An attacker could possibly use this to expose sensitive information. CVE-2019-2745 It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing...

5.8CVSS7.5AI score0.09393EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/03/01 3:9 p.m.•280 views

USN-5310-1: GNU C Library vulnerabilities

Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could possibly use this issue to cause the GNU C Library to hang or crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS...

9.8CVSS7.4AI score0.05223EPSS
Exploits5
Ubuntu
Ubuntu
•added 2019/09/02 8:38 p.m.•280 views

USN-4115-1: Linux kernel vulnerabilities

Hui Peng and Mathias Payer discovered that the Option USB High Speed driver in the Linux kernel did not properly validate metadata received from the device. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2018-19985 Zhipeng Xie discovered that an...

10CVSS7.6AI score0.05789EPSS
Exploits17
Ubuntu
Ubuntu
•added 2019/07/25 9:51 p.m.•280 views

USN-4076-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the Serial Attached SCSI SAS implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service system crash or execute arbitrary code. CVE-2018-20836 It was discovered that the ext4 file system implementati...

9.3CVSS7AI score0.05111EPSS
Exploits0
Ubuntu
Ubuntu
•added 2014/03/25 2:51 p.m.•280 views

USN-2155-1: OpenSSH vulnerability

Jann Horn discovered that OpenSSH incorrectly handled wildcards in AcceptEnv lines. A remote attacker could use this issue to possibly bypass certain intended environment variable restrictions...

5.8CVSS6.7AI score0.04751EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/09/20 12:52 p.m.•279 views

USN-5620-1: OpenEXR vulnerabilities

It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. These issues only affected Ubuntu 20.04 ESM. CVE-2021-3598,...

6.5CVSS6.8AI score0.01747EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/04/13 12:45 p.m.•278 views

USN-5378-2: XZ Utils vulnerability

Cleemy Desu Wayo discovered that XZ Utils incorrectly handled certain filenames. If a user or automated system were tricked into performing xzgrep operations with specially crafted filenames, a remote attacker could overwrite arbitrary files...

8.8CVSS7.2AI score0.04271EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/23 4:47 a.m.•278 views

USN-4068-2: Linux kernel (HWE) vulnerabilities

USN-4068-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 for Ubuntu 16.04 LTS. Adam Zabrocki discovered that the Intel i915 kernel mode graphics driver in the Linux kern...

9.3CVSS6.9AI score0.04458EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/06/05 3:2 p.m.•278 views

USN-4009-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain exif tags in images. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. CVE-2019-11036 It was discovered that PHP incorrectly decoding certain MIME headers...

9.1CVSS7AI score0.07031EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/06/05 7:56 p.m.•277 views

USN-6809-1: BlueZ vulnerabilities

It was discovered that BlueZ could be made to dereference invalid memory. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. CVE-2022-3563 It was discovered that BlueZ could be made to write out of bounds. If a user were tricked into...

8CVSS6.8AI score0.01427EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/09 9:31 a.m.•277 views

USN-5181-1: jQuery UI vulnerability

It was discovered that jQuery UI did not properly validate the values from untrusted sources. An attacker could use this vulnerability to cause a crash or possibly execute arbitrary code. This issue affected only Ubuntu 18.04 ESM and Ubuntu 20.4 ESM. CVE-2021-41184 It was discovered that jQuery U...

6.5CVSS7.3AI score0.42847EPSS
Exploits3
Ubuntu
Ubuntu
•added 2017/08/28 8:37 p.m.•277 views

USN-3405-1: Linux kernel vulnerabilities

It was discovered that a use-after-free vulnerability existed in the POSIX message queue implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-11176 Huang Weller discovered that the ext4 filesyste...

7.8CVSS7.1AI score0.03631EPSS
Exploits8
Ubuntu
Ubuntu
•added 2022/05/24 7:40 p.m.•276 views

USN-5442-1: Linux kernel vulnerabilities

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.2AI score0.01027EPSS
Exploits3
Total number of security vulnerabilities5000