Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2010/10/19 3:42 p.m.•87 views

USN-1005-1: poppler vulnerabilities

It was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the progra...

7.5CVSS7.1AI score0.03597EPSS
Exploits0
Ubuntu
Ubuntu
•added 2010/09/17 2:56 p.m.•87 views

USN-988-1: Linux kernel vulnerabilities

Ben Hawkes discovered that the Linux kernel did not correctly validate memory ranges on 64bit kernels when allocating memory on behalf of 32bit system calls. On a 64bit system, a local attacker could perform malicious multicast getsockopt calls to gain root privileges. CVE-2010-3081 Ben Hawkes...

7.8CVSS7.3AI score0.03818EPSS
Exploits4
Ubuntu
Ubuntu
•added 2010/03/17 1:1 a.m.•87 views

USN-914-1: Linux kernel vulnerabilities

Mathias Krause discovered that the Linux kernel did not correctly handle missing ELF interpreters. A local attacker could exploit this to cause the system to crash, leading to a denial of service. CVE-2010-0307 Marcelo Tosatti discovered that the Linux kernel's hardware virtualization did not...

6.8CVSS7.2AI score0.02718EPSS
Exploits5
Ubuntu
Ubuntu
•added 2009/08/26 7:6 p.m.•87 views

USN-826-1: Mono vulnerabilities

It was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. CVE-2009-0217 It was discovered that Mono did not properly escape certain attributes in th...

5CVSS7.1AI score0.07102EPSS
Exploits1
Ubuntu
Ubuntu
•added 2009/08/19 2:55 p.m.•87 views

USN-802-2: Apache regression

USN-802-1 fixed vulnerabilities in Apache. The upstream fix for CVE-2009-1891 introduced a regression that would cause Apache children to occasionally segfault when moddeflate is used. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered...

7.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2009/08/04 9:19 p.m.•87 views

USN-810-1: NSS vulnerabilities

Moxie Marlinspike discovered that NSS did not properly handle regular expressions in certificate names. A remote attacker could create a specially crafted certificate to cause a denial of service via application crash or execute arbitrary code as the user invoking the program. CVE-2009-2404 Moxie...

9.3CVSS7.6AI score0.05741EPSS
Exploits5
Ubuntu
Ubuntu
•added 2009/03/06 12:26 a.m.•87 views

USN-728-3: Firefox vulnerabilities

Jesse Ruderman and Gary Kwong discovered flaws in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2009-0772, CVE-2009-0774...

9.3CVSS8.6AI score0.04047EPSS
Exploits0
Ubuntu
Ubuntu
•added 2008/11/05 9:50 a.m.•87 views

USN-662-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel could be made to hang temporarily when mounting corrupted ext2/3 filesystems. If a user were tricked into mounting a specially crafted filesystem, a remote attacker could cause system hangs, leading to a denial of service. CVE-2008-3528 Anders Kaseorg...

8.3CVSS5.7AI score0.02403EPSS
Exploits2
Ubuntu
Ubuntu
•added 2007/09/26 12:45 a.m.•87 views

USN-520-1: fetchmail vulnerabilities

Gaetan Leurent discovered a vulnerability in the APOP protocol based on MD5 collisions. As fetchmail supports the APOP protocol, this vulnerability can be used by attackers to discover a portion of the APOP user's authentication credentials. CVE-2007-1558 Earl Chew discovered that fetchmail can b...

5CVSS8.2AI score0.02423EPSS
Exploits2
Ubuntu
Ubuntu
•added 2007/08/17 4:41 a.m.•87 views

USN-499-1: Apache vulnerabilities

Stefan Esser discovered that modstatus did not force a character set, which could result in browsers becoming vulnerable to XSS attacks when processing the output. If a user were tricked into viewing server status output during a crafted server request, a remote attacker could exploit this to...

5CVSS7.4AI score0.27783EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/04/24 11:18 a.m.•86 views

USN-7455-1: Linux kernel vulnerabilities

Jann Horn discovered that the watchqueue event notification subsystem in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service system crash or escalate their privileges. CVE-2022-0995 Several security issues were discovered i...

7.8CVSS7.3AI score0.06197EPSS
Exploits13
Ubuntu
Ubuntu
•added 2025/04/14 11:48 a.m.•86 views

USN-7434-1: Perl vulnerability

It was discovered that Perl incorrectly handled transliterating non-ASCII bytes. A remote attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.4CVSS7.8AI score0.0052EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/03/11 5:25 p.m.•86 views

USN-7343-1: Jinja2 vulnerabilities

Rafal Krupinski discovered that Jinja2 did not properly restrict the execution of code in situations where templates are used maliciously. An attacker with control over a template's filename and content could potentially use this issue to enable the execution of arbitrary code. This issue only...

8.8CVSS7.5AI score0.005EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/03/03 12:56 p.m.•86 views

USN-7315-1: PostgreSQL vulnerability

Stephen Fewer discovered that PostgreSQL incorrectly handled quoting syntax in certain scenarios. A remote attacker could possibly use this issue to perform SQL injection attacks...

8.1CVSS8AI score0.89472EPSS
Exploits10
Ubuntu
Ubuntu
•added 2024/01/25 8:24 p.m.•86 views

USN-6603-1: Linux kernel (AWS) vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could...

7.8CVSS7.1AI score0.00715EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/09/04 6:36 p.m.•86 views

USN-6337-1: Linux kernel (Azure) vulnerabilities

It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service infinite recursion. CVE-2020-36691 Billy Jheng Bing Jhong discovered that the CIFS network...

7.8CVSS7AI score0.00491EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/21 8:42 a.m.•86 views

USN-6181-1: Ruby vulnerabilities

Hiroshi Tokumaru discovered that Ruby did not properly handle certain user input for applications the generate HTTP responses using cgi gem. An attacker could possibly use this issue to maliciously modify the response a user would receive from a vulnerable application. This issue only affected...

8.8CVSS7.7AI score0.02637EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/23 2:7 p.m.•86 views

USN-6088-2: runC vulnerabilities

USN-6088-1 fixed vulnerabilities in runC. This update provides the corresponding updates for Ubuntu 16.04 LTS. It was discovered that runC incorrectly performed access control when mounting /proc to non-directories. An attacker could possibly use this issue to escalate privileges. CVE-2019-19921...

7.8CVSS7.2AI score0.01663EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/05/10 3:11 p.m.•86 views

USN-6071-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS7.2AI score0.0788EPSS
Exploits18
Ubuntu
Ubuntu
•added 2023/04/06 12:13 a.m.•86 views

USN-6001-1: Linux kernel (AWS) vulnerabilities

Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service connection termination or inject forged data. CVE-2020-36516 Ke Sun, Alyssa Milburn,...

7.8CVSS7.2AI score0.01747EPSS
Exploits27
Ubuntu
Ubuntu
•added 2023/03/14 6:4 p.m.•86 views

USN-5950-1: Linux kernel (KVM) vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

7.8CVSS7.3AI score0.06346EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/03/09 1:3 p.m.•86 views

USN-5941-1: Linux kernel (KVM) vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

7.8CVSS7.3AI score0.06346EPSS
Exploits8
Ubuntu
Ubuntu
•added 2023/02/09 9:29 p.m.•86 views

USN-5857-1: Linux kernel (OEM) vulnerability

Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS6.8AI score0.01944EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/02/09 8:50 p.m.•86 views

USN-5855-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain PNG images. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause ImageMagick to stop responding, resulting in a denial of service, or possibly obtain the...

6.5CVSS7.7AI score0.89855EPSS
Exploits31
Ubuntu
Ubuntu
•added 2023/01/24 6:20 p.m.•86 views

USN-5823-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.32 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.41. In addition to security fixes, t...

9.8CVSS6.9AI score0.43131EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/01/09 1:12 p.m.•86 views

USN-5795-1: Net-SNMP vulnerabilities

It was discovered that Net-SNMP incorrectly handled certain requests. A remote attacker could possibly use these issues to cause Net-SNMP to crash, resulting in a denial of service...

6.5CVSS6.7AI score0.5346EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/08/10 9:50 a.m.•86 views

USN-5558-1: libcdio vulnerabilities

Zhao Liang discovered that libcdio was not properly performing memory management operations when processing ISO files, which could result in a heap buffer overflow or in a NULL pointer dereference. If a user or automated system were tricked into opening a specially crafted file, an attacker could...

8.8CVSS6.9AI score0.03427EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/08/04 5:40 p.m.•86 views

USN-5548-1: libxml2 vulnerability

It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to execute arbitrary code...

6.1CVSS7.7AI score0.00764EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/26 11:16 a.m.•86 views

USN-5446-1: dpkg vulnerability

Max Justicz discovered that dpkg incorrectly handled unpacking certain source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service or...

9.8CVSS8.3AI score0.02871EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/05 10:21 a.m.•86 views

USN-5403-1: SQLite vulnerability

It was discovered that SQLite command-line component incorrectly handled certain queries. An attacker could possibly use this issue to cause a crash or possibly execute arbitrary code...

7.5CVSS6.9AI score0.03898EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/04/28 5:4 p.m.•86 views

USN-5396-1: Ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service...

7.8CVSS7.6AI score0.01088EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/04/05 9:28 a.m.•86 views

USN-5364-1: Waitress vulnerability

It was discovered that Waitress incorrectly handled certain requests. An attacker could possibly use this issue to expose sensitive information...

7.5CVSS7.4AI score0.01738EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/03/28 12:48 p.m.•86 views

USN-5349-1: GNU binutils vulnerability

It was discovered that GNU binutils gold incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service...

5.5CVSS6.5AI score0.01115EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/12/15 7:3 p.m.•86 views

USN-4670-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain specially crafted image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or other unspecified impact. This issue on...

9.8CVSS7AI score0.03678EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/04 11:53 a.m.•86 views

USN-4617-1: SPICE vdagent vulnerabilities

Matthias Gerstner discovered that SPICE vdagent incorrectly handled the activexfers hash table. A local attacker could possibly use this issue to cause SPICE vdagent to consume memory, resulting in a denial of service. CVE-2020-25650 Matthias Gerstner discovered that SPICE vdagent incorrectly...

6.4CVSS5.9AI score0.0049EPSS
Exploits4
Ubuntu
Ubuntu
•added 2020/10/15 7:58 p.m.•86 views

USN-4589-1: containerd vulnerability

It was discovered that containerd could be made to expose sensitive information when processing URLs in container image manifests. A remote attacker could use this to trick the user and obtain the user's registry credentials...

6.1CVSS6.5AI score0.02209EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/07/27 2:15 p.m.•86 views

USN-4436-1: librsvg vulnerabilities

It was discovered that librsvg incorrectly handled parsing certain SVG files. A remote attacker could possibly use this issue to cause librsvg to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2017-11464 It was discovered that librsvg incorrectly handled...

7.8CVSS6.5AI score0.02125EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/06/16 4:56 p.m.•86 views

USN-4397-1: NSS vulnerabilities

It was discovered that NSS incorrectly handled the TLS State Machine. A remote attacker could possibly use this issue to cause NSS to hang, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.10. CVE-2019-17023 Cesar Pereida Garcia discovered that NSS...

6.5CVSS7.3AI score0.0134EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/04/20 12:58 p.m.•86 views

USN-4332-1: File Roller vulnerability

It was discovered that File Roller incorrectly handled symlinks. An attacker could possibly use this issue to expose sensitive information...

3.9CVSS5.6AI score0.00768EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/09/09 7:6 p.m.•86 views

USN-4126-2: FreeType vulnerabilities

USN-4126-1 fixed a vulnerability in FreeType. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that FreeType incorrectly handled certain font files. An attacker could possibly use this issue to access sensitive information. CVE-2015-9381,...

8.8CVSS6.8AI score0.02281EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/04/25 1:53 p.m.•86 views

USN-3956-1: Bind vulnerability

It was discovered that Bind incorrectly handled limiting the number of simultaneous TCP clients. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service...

7.5CVSS7.4AI score0.06404EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/08/10 1:17 a.m.•86 views

USN-3734-1: OpenJDK 8 vulnerability

It was discovered that the PatternSyntaxException class in OpenJDK did not properly validate arguments passed to it. An attacker could use this to possibly construct a class that caused a denial of service excessive memory consumption...

4.3CVSS6.5AI score0.04184EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/07/11 4:42 p.m.•86 views

USN-3713-1: CUPS vulnerabilities

It was discovered that CUPS incorrectly handled certain print jobs with invalid usernames. A remote attacker could possibly use this issue to cause CUPS to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 17.10 and Ubuntu 18.04 LTS. CVE-2017-18248 Dan...

8.8CVSS6.7AI score0.02255EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/04/17 4:25 p.m.•86 views

USN-3611-2: OpenSSL vulnerabilities

USN-3611-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that OpenSSL incorrectly parsed the IPAddressFamily extension in X.509 certificates, resulting in an erroneous display of the certificate i...

6.5CVSS6.7AI score0.19295EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/01/23 1:20 a.m.•86 views

USN-3542-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3542-1 addressed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jann Horn discovered that microprocessors utilizing speculative execution and bran...

5.6CVSS7.2AI score0.93838EPSS
Exploits12References1
Ubuntu
Ubuntu
•added 2018/01/23 12:40 a.m.•86 views

USN-3541-1: Linux kernel vulnerabilities

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provide...

5.6CVSS7.5AI score0.93838EPSS
Exploits13References1
Ubuntu
Ubuntu
•added 2018/01/22 4:9 p.m.•86 views

USN-3531-2: Intel Microcode regression

USN-3531-1 updated Intel microcode to the 20180108 release. Regressions were discovered in the microcode updates which could cause system instability on certain hardware platforms. At the request of Intel, we have reverted to the previous packaged microcode version, the 20170707 release. Original...

7.2AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2017/10/02 10:55 p.m.•86 views

USN-3435-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, obtain sensitive information, bypass phishing and malware protection, spoof the origin in modal dialogs,...

10CVSS7.8AI score0.03641EPSS
Exploits12
Ubuntu
Ubuntu
•added 2017/08/17 5:3 p.m.•86 views

USN-3394-1: libmspack vulnerabilities

It was discovered that libmspack incorrectly handled certain malformed CHM files. A remote attacker could use this issue to cause libmspack to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2017-6419 It was discovered that libmspack incorrectly handled certain...

7.8CVSS7.2AI score0.02067EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/06/29 9:25 a.m.•86 views

USN-3345-1: Linux kernel vulnerabilities

USN 3324-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. We apologize for the inconvenience. Roee Hay discovered that the parallel port printer driver in the Linux kernel did not properly bounds che...

7.8CVSS6.8AI score0.01372EPSS
Exploits7References2
Total number of security vulnerabilities5000