Lucene search
K
UbuntuMost viewed

10904 matches found

Ubuntu
Ubuntu
•added 2016/10/11 5:11 a.m.•87 views

USN-3098-1: Linux kernel vulnerabilities

Vladimír Beneš discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload GRO processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service system crash. CVE-2016-7039 Marco Grassi discovered a...

7.8CVSS6.7AI score0.07613EPSS
Exploits5
Ubuntu
Ubuntu
•added 2016/08/29 7:13 p.m.•87 views

USN-3071-1: Linux kernel vulnerabilities

Kangjie Lu discovered an information leak in the Reliable Datagram Sockets RDS implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-5244 Yue Cao et al discovered a flaw in the TCP implementation's handling of...

7.8CVSS7.5AI score0.15073EPSS
Exploits3
Ubuntu
Ubuntu
•added 2016/06/10 5:53 a.m.•87 views

USN-3004-1: Linux kernel (Raspberry Pi 2) vulnerabilities

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-2117 Jann Horn discovered that eCryptfs improperly attempted to use...

10CVSS6.8AI score0.2593EPSS
Exploits19
Ubuntu
Ubuntu
•added 2016/06/10 5:46 a.m.•87 views

USN-3003-1: Linux kernel vulnerabilities

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-2117 Jann Horn discovered that eCryptfs improperly attempted to use...

10CVSS6.8AI score0.2593EPSS
Exploits19
Ubuntu
Ubuntu
•added 2016/04/11 7:32 p.m.•87 views

USN-2948-2: Linux kernel (Utopic HWE) regression

USN-2948-1 fixed vulnerabilities in the Ubuntu 14.10 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect reference counting fix in the radeon driver introduced a regression that could cause a system crash. This update fixes the problem. We apologize for the inconvenience. Original advisory...

7.1AI score0.14281EPSS
Exploits11References1
Ubuntu
Ubuntu
•added 2016/04/04 6:5 p.m.•87 views

USN-2944-1: Libav vulnerabilities

It was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program...

8.8CVSS7.1AI score0.14621EPSS
Exploits3
Ubuntu
Ubuntu
•added 2015/11/12 5:50 p.m.•87 views

USN-2810-1: Kerberos vulnerabilities

It was discovered that the Kerberos kpasswd service incorrectly handled certain UDP packets. A remote attacker could possibly use this issue to cause resource consumption, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. CVE-2002-2443 It was discovered that Kerberos...

8.5CVSS7AI score0.06485EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/11/04 8:54 p.m.•87 views

USN-2790-1: NSPR vulnerability

Ryan Sleevi discovered that NSPR incorrectly handled memory allocation. A remote attacker could use this issue to cause NSPR to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS8.3AI score0.06792EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/07/30 4:48 p.m.•87 views

USN-2698-1: SQLite vulnerabilities

It was discovered that SQLite incorrectly handled skip-scan optimization. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. CVE-2013-7443 Michal Zalewski...

7.5CVSS7.6AI score0.05531EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/05/05 9:57 p.m.•87 views

USN-2596-1: Linux kernel vulnerability

A race condition between chown and execve was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to gain administrative privileges...

6.2CVSS6.8AI score0.00317EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/02/25 9:53 p.m.•87 views

USN-2505-1: Firefox vulnerabilities

Matthew Noorenberghe discovered that Mozilla domains in the allowlist could make UITour API calls from background tabs. If one of these domains were compromised and open in a background tab, an attacker could potentially exploit this to conduct clickjacking attacks. CVE-2015-0819 Jan de Mooij...

7.5CVSS8AI score0.06029EPSS
Exploits0
Ubuntu
Ubuntu
•added 2014/12/12 7:49 a.m.•87 views

USN-2448-1: Linux kernel vulnerabilities

Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment SS register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. CVE-2014-9322 An information leak in the Linux kernel was discovered...

7.8CVSS6.8AI score0.08579EPSS
Exploits17
Ubuntu
Ubuntu
•added 2014/12/12 7:40 a.m.•87 views

USN-2445-1: Linux kernel (Trusty HWE) vulnerabilities

Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment SS register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. CVE-2014-9322 An information leak in the Linux kernel was discovered...

7.8CVSS6.7AI score0.08579EPSS
Exploits15
Ubuntu
Ubuntu
•added 2014/07/05 5:54 p.m.•87 views

USN-2271-1: Linux kernel (Saucy HWE) vulnerability

Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on x8664 processors. An attacker could exploit this flaw to cause a denial of service System Crash or potential gain administrative privileges...

6.9CVSS6.7AI score0.02324EPSS
Exploits6
Ubuntu
Ubuntu
•added 2013/12/03 7:25 p.m.•87 views

USN-2041-1: Linux kernel (Raring HWE) vulnerabilities

A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. CVE-2013-4299 Alan Chester reported a flaw in the IPv6 Stream Control Transmission Protocol SCTP of the Linux kernel. A...

6.1CVSS6.8AI score0.04144EPSS
Exploits5
Ubuntu
Ubuntu
•added 2013/05/16 2:8 a.m.•87 views

USN-1827-1: Linux kernel vulnerability

An flaw was discovered in the Linux kernel's perfevents interface. A local user could exploit this flaw to escalate privileges on the system...

8.4CVSS7.6AI score0.47709EPSS
Exploits15
Ubuntu
Ubuntu
•added 2012/11/30 10:11 a.m.•87 views

USN-1652-1: Linux kernel (Oneiric backport) vulnerabilities

Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. CVE-2012-0957 Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cau...

6.2CVSS6.7AI score0.00959EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/10/09 7:57 a.m.•87 views

USN-1598-1: Linux kernel vulnerability

An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface which is not available to unprivileged users until granted by a root user could exploit this flaw to crash the system or potential gain administrative privileges...

7.2CVSS5.3AI score0.00583EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/02/03 10:30 p.m.•87 views

USN-1355-2: Mozvoikko update

USN-1355-1 fixed vulnerabilities in Firefox. This update provides an updated Mozvoikko package for use with the latest Firefox. Original advisory details: It was discovered that if a user chose to export their Firefox Sync key the "Firefox Recovery Key.html" file is saved with incorrect...

8.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2011/11/29 6:16 p.m.•87 views

USN-1285-1: Linux kernel vulnerabilities

Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. CVE-2011-2183 Vasily Averin discovered that the NFS Lock Manager NLM incorrectly handled unlock requests. A...

7.2CVSS7.6AI score0.00541EPSS
Exploits2
Ubuntu
Ubuntu
•added 2011/11/08 7:40 p.m.•87 views

USN-1253-1: Linux kernel vulnerabilities

Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. CVE-2011-1576 Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not correctly...

9.1CVSS7.9AI score0.05689EPSS
Exploits8
Ubuntu
Ubuntu
•added 2011/10/25 1:3 p.m.•87 views

USN-1243-1: Linux kernel vulnerabilities

It was discovered that the security fix for CVE-2010-4250 introduced a regression. A remote attacker could exploit this to crash the system, leading to a denial of service. CVE-2011-1479 Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit...

9.1CVSS7.8AI score0.05689EPSS
Exploits5
Ubuntu
Ubuntu
•added 2011/03/29 5:23 p.m.•87 views

USN-1098-1: vsftpd vulnerability

It was discovered that vsftpd incorrectly handled certain glob expressions. A remote authenticated user could use a crafted glob expression to cause vftpd to consume all resources, leading to a denial of service...

4CVSS6.4AI score0.7332EPSS
Exploits9
Ubuntu
Ubuntu
•added 2010/10/28 2:45 p.m.•87 views

USN-1010-1: OpenJDK vulnerabilities

Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a machine-in-the-middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. USN-923-1 disabled SSL/TLS renegotiation...

10CVSS8.4AI score0.87264EPSS
Exploits14
Ubuntu
Ubuntu
•added 2010/10/19 3:42 p.m.•87 views

USN-1005-1: poppler vulnerabilities

It was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the progra...

7.5CVSS7.1AI score0.03597EPSS
Exploits0
Ubuntu
Ubuntu
•added 2010/09/17 2:56 p.m.•87 views

USN-988-1: Linux kernel vulnerabilities

Ben Hawkes discovered that the Linux kernel did not correctly validate memory ranges on 64bit kernels when allocating memory on behalf of 32bit system calls. On a 64bit system, a local attacker could perform malicious multicast getsockopt calls to gain root privileges. CVE-2010-3081 Ben Hawkes...

7.8CVSS7.3AI score0.03818EPSS
Exploits4
Ubuntu
Ubuntu
•added 2010/08/04 9:59 p.m.•87 views

USN-966-1: Linux kernel vulnerabilities

Junjiro R. Okajima discovered that knfsd did not correctly handle strict overcommit. A local attacker could exploit this to crash knfsd, leading to a denial of service. Only Ubuntu 6.06 LTS and 8.04 LTS were affected. CVE-2008-7256, CVE-2010-1643 Chris Guo, Jukka Taimisto, and Olli Jarva discover...

7.8CVSS6.6AI score0.21312EPSS
Exploits14
Ubuntu
Ubuntu
•added 2010/04/07 2:59 a.m.•87 views

USN-923-1: OpenJDK vulnerabilities

Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a machine-in-the-middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. CVE-2009-3555 It was discovered that...

9.8CVSS8.6AI score0.96319EPSS
Exploits33
Ubuntu
Ubuntu
•added 2010/03/17 1:1 a.m.•87 views

USN-914-1: Linux kernel vulnerabilities

Mathias Krause discovered that the Linux kernel did not correctly handle missing ELF interpreters. A local attacker could exploit this to cause the system to crash, leading to a denial of service. CVE-2010-0307 Marcelo Tosatti discovered that the Linux kernel's hardware virtualization did not...

6.8CVSS7.2AI score0.02718EPSS
Exploits5
Ubuntu
Ubuntu
•added 2009/08/19 2:55 p.m.•87 views

USN-802-2: Apache regression

USN-802-1 fixed vulnerabilities in Apache. The upstream fix for CVE-2009-1891 introduced a regression that would cause Apache children to occasionally segfault when moddeflate is used. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered...

7.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2008/11/05 9:50 a.m.•87 views

USN-662-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel could be made to hang temporarily when mounting corrupted ext2/3 filesystems. If a user were tricked into mounting a specially crafted filesystem, a remote attacker could cause system hangs, leading to a denial of service. CVE-2008-3528 Anders Kaseorg...

8.3CVSS5.7AI score0.02403EPSS
Exploits2
Ubuntu
Ubuntu
•added 2008/01/16 8:38 p.m.•87 views

USN-570-1: boost vulnerabilities

Will Drewry and Tavis Ormandy discovered that the boost library did not properly perform input validation on regular expressions. An attacker could send a specially crafted regular expression to an application linked against boost and cause a denial of service via application crash...

5CVSS5.2AI score0.02686EPSS
Exploits1
Ubuntu
Ubuntu
•added 2007/12/03 10:6 p.m.•87 views

USN-549-2: PHP regression

USN-549-1 fixed vulnerabilities in PHP. However, some upstream changes were incomplete, which caused crashes in certain situations with Ubuntu 7.10. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the wordwrap function did not...

8.1AI score0.18162EPSS
Exploits2References1
Ubuntu
Ubuntu
•added 2006/07/28 12:27 a.m.•87 views

USN-324-1: freetype vulnerability

An integer overflow has been discovered in the FreeType library. By tricking a user into installing and/or opening a specially crafted font file, these could be exploited to execute arbitrary code with the privileges of that user...

7.5CVSS6AI score0.04304EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/24 11:18 a.m.•86 views

USN-7455-1: Linux kernel vulnerabilities

Jann Horn discovered that the watchqueue event notification subsystem in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service system crash or escalate their privileges. CVE-2022-0995 Several security issues were discovered i...

7.8CVSS7.3AI score0.06197EPSS
Exploits13
Ubuntu
Ubuntu
•added 2025/04/14 11:48 a.m.•86 views

USN-7434-1: Perl vulnerability

It was discovered that Perl incorrectly handled transliterating non-ASCII bytes. A remote attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.4CVSS7.8AI score0.0052EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/03/11 5:25 p.m.•86 views

USN-7343-1: Jinja2 vulnerabilities

Rafal Krupinski discovered that Jinja2 did not properly restrict the execution of code in situations where templates are used maliciously. An attacker with control over a template's filename and content could potentially use this issue to enable the execution of arbitrary code. This issue only...

8.8CVSS7.5AI score0.005EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/03/03 12:56 p.m.•86 views

USN-7315-1: PostgreSQL vulnerability

Stephen Fewer discovered that PostgreSQL incorrectly handled quoting syntax in certain scenarios. A remote attacker could possibly use this issue to perform SQL injection attacks...

8.1CVSS8AI score0.89472EPSS
Exploits10
Ubuntu
Ubuntu
•added 2024/02/19 2:0 p.m.•86 views

USN-6642-1: Bind vulnerabilities

Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. CVE-2023-4408 Elias Heftrig, Haya Schulmann,...

7.5CVSS6.9AI score0.99995EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/01/25 8:24 p.m.•86 views

USN-6603-1: Linux kernel (AWS) vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could...

7.8CVSS7.1AI score0.00715EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/09/04 6:36 p.m.•86 views

USN-6337-1: Linux kernel (Azure) vulnerabilities

It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service infinite recursion. CVE-2020-36691 Billy Jheng Bing Jhong discovered that the CIFS network...

7.8CVSS7AI score0.00491EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/21 8:42 a.m.•86 views

USN-6181-1: Ruby vulnerabilities

Hiroshi Tokumaru discovered that Ruby did not properly handle certain user input for applications the generate HTTP responses using cgi gem. An attacker could possibly use this issue to maliciously modify the response a user would receive from a vulnerable application. This issue only affected...

8.8CVSS7.7AI score0.02637EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/23 2:7 p.m.•86 views

USN-6088-2: runC vulnerabilities

USN-6088-1 fixed vulnerabilities in runC. This update provides the corresponding updates for Ubuntu 16.04 LTS. It was discovered that runC incorrectly performed access control when mounting /proc to non-directories. An attacker could possibly use this issue to escalate privileges. CVE-2019-19921...

7.8CVSS7.2AI score0.01663EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/05/10 3:11 p.m.•86 views

USN-6071-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS7.2AI score0.0788EPSS
Exploits18
Ubuntu
Ubuntu
•added 2023/04/06 12:13 a.m.•86 views

USN-6001-1: Linux kernel (AWS) vulnerabilities

Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service connection termination or inject forged data. CVE-2020-36516 Ke Sun, Alyssa Milburn,...

7.8CVSS7.2AI score0.01747EPSS
Exploits27
Ubuntu
Ubuntu
•added 2023/03/09 1:3 p.m.•86 views

USN-5941-1: Linux kernel (KVM) vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

7.8CVSS7.3AI score0.06346EPSS
Exploits8
Ubuntu
Ubuntu
•added 2023/02/09 9:29 p.m.•86 views

USN-5857-1: Linux kernel (OEM) vulnerability

Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS6.8AI score0.01944EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/02/02 4:34 p.m.•86 views

USN-5841-1: LibTIFF vulnerabilities

It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges...

8.8CVSS7.6AI score0.04204EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/01/24 6:20 p.m.•86 views

USN-5823-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.32 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.41. In addition to security fixes, t...

9.8CVSS6.9AI score0.43131EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/01/09 1:12 p.m.•86 views

USN-5795-1: Net-SNMP vulnerabilities

It was discovered that Net-SNMP incorrectly handled certain requests. A remote attacker could possibly use these issues to cause Net-SNMP to crash, resulting in a denial of service...

6.5CVSS6.7AI score0.5346EPSS
Exploits2
Total number of security vulnerabilities5000