Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2008/01/16 8:38 p.m.•86 views

USN-570-1: boost vulnerabilities

Will Drewry and Tavis Ormandy discovered that the boost library did not properly perform input validation on regular expressions. An attacker could send a specially crafted regular expression to an application linked against boost and cause a denial of service via application crash...

5CVSS5.2AI score0.02686EPSS
Exploits1
Ubuntu
Ubuntu
•added 2007/12/03 10:6 p.m.•86 views

USN-549-2: PHP regression

USN-549-1 fixed vulnerabilities in PHP. However, some upstream changes were incomplete, which caused crashes in certain situations with Ubuntu 7.10. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the wordwrap function did not...

8.1AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2006/07/28 12:27 a.m.•86 views

USN-324-1: freetype vulnerability

An integer overflow has been discovered in the FreeType library. By tricking a user into installing and/or opening a specially crafted font file, these could be exploited to execute arbitrary code with the privileges of that user...

7.5CVSS6AI score0.04304EPSS
Exploits0
Ubuntu
Ubuntu
•added 2004/12/22 10:20 p.m.•86 views

USN-46-1: TIFF library vulnerability

A buffer overflow was discovered in the TIFF library. A TIFF file includes a value indicating the number of "directory entry" header fields contained in the file. If this value is -1, an invalid memory allocation was performed. A malicious image could be constructed which, when decoded, would hav...

10CVSS5.9AI score0.14972EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/04/10 8:38 p.m.•85 views

USN-7432-1: libsoup vulnerabilities

It was discovered that libsoup could be made to read out of bounds. An attacker could possibly use this issue to cause applications using libsoup to crash, resulting in a denial of service. CVE-2025-2784, CVE-2025-32050, CVE-2025-32052, CVE-2025-32053 It was discovered that libsoup could be made ...

7CVSS6.9AI score0.00786EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/04/07 7:29 p.m.•85 views

USN-7423-1: GNU binutils vulnerabilities

It was discovered that GNU binutils incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash, expose sensitive information or execute arbitrary code. CVE-2025-1153, CVE-2025-1182 It was discovered that ld in GNU binutils incorrectly handled certain files. An...

6.3CVSS5.8AI score0.01252EPSS
Exploits5
Ubuntu
Ubuntu
•added 2025/04/03 5:36 p.m.•85 views

USN-7414-1: XZ Utils vulnerability

Harri K. Koskinen discovered that XZ Utils incorrectly handled the threaded xz decoder. If a user or automated system were tricked into processing an xz file, a remote attacker could use this issue to cause XZ Utils to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.7CVSS7.2AI score0.00642EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/01 8:28 a.m.•85 views

USN-7285-2: nginx vulnerability

USN-7285-1 fixed vulnerabilities in nginx. This update provides the corresponding updates for Ubuntu 24.04 LTS. Original advisory details: It was discovered that nginx incorrectly handled when multiple server blocks are configured to share the same IP address and port. An attacker could use this...

5.3CVSS5.5AI score0.02646EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/02/25 3:13 p.m.•85 views

USN-7297-1: ProFTPD vulnerabilities

Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk discovered that the transport protocol implementation in ProFTPD had weak integrity checks. An attacker could use this vulnerability to bypass security features like encryption and integrity checks. CVE-2023-48795 Martin Mirchev discovered that...

7.5CVSS7.4AI score0.9378EPSS
Exploits5
Ubuntu
Ubuntu
•added 2025/02/24 12:32 p.m.•85 views

USN-7287-1: libcap2 vulnerability

Tianjia Zhang discovered the libcap2 PAM module pamcap incorrectly handled parsing group names in the configuration file. This could result in certain users being granted capabilities, contrary to expectations...

6.1CVSS6.7AI score0.00149EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/07/17 4:22 p.m.•85 views

USN-6896-3: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

9.1CVSS7.5AI score0.01635EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/03/11 8:17 p.m.•85 views

USN-6688-1: Linux kernel (OEM) vulnerabilities

Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash...

7.8CVSS7.5AI score0.78388EPSS
Exploits19
Ubuntu
Ubuntu
•added 2024/02/22 1:12 a.m.•85 views

USN-6648-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51781 Zhenghan Wang discover...

7.8CVSS7.2AI score0.01999EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/02/19 2:0 p.m.•85 views

USN-6642-1: Bind vulnerabilities

Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. CVE-2023-4408 Elias Heftrig, Haya Schulmann,...

7.5CVSS6.9AI score0.99995EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/02/14 8:1 a.m.•85 views

USN-6608-2: Linux kernel (NVIDIA) vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could...

7.8CVSS7.1AI score0.00843EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/12/12 8:36 p.m.•85 views

USN-6548-2: Linux kernel vulnerabilities

It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. CVE-2023-3006 It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors i...

8.8CVSS7.2AI score0.09141EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/10/19 3:57 p.m.•85 views

USN-6427-2: .NET vulnerability

USN-6427-1 fixed a vulnerability in .NET. This update provides the corresponding update for .NET 8. Original advisory details: It was discovered that the .NET Kestrel web server did not properly handle HTTP/2 requests. A remote attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.2AI score0.99999EPSS
Exploits19
Ubuntu
Ubuntu
•added 2023/07/25 11:36 p.m.•85 views

USN-6250-1: Linux kernel vulnerabilities

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 It was discovered that the IP-VLAN...

7.8CVSS7.6AI score0.15783EPSS
Exploits18
Ubuntu
Ubuntu
•added 2023/06/20 7:47 p.m.•85 views

USN-6180-1: VLC media player vulnerabilities

It was discovered that VLC could be made to read out of bounds when decoding image files. If a user were tricked into opening a crafted image file, a remote attacker could possibly use this issue to cause VLC to crash, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and...

7.8CVSS8.2AI score0.02391EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/05/24 8:57 a.m.•85 views

USN-6101-1: GNU binutils vulnerabilities

It was discovered that GNU binutils incorrectly handled certain DWARF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 22.10. CVE-2023-1579 It was discovered that GNU binutils did not properly verify the version definitio...

7.8CVSS6.5AI score0.00895EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/05/22 7:49 p.m.•85 views

USN-6095-1: Linux kernel vulnerabilities

Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information kernel memory. CVE-2023-0459 Xingyuan Mo discovered that the...

7.8CVSS7.1AI score0.00635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/04/25 10:23 a.m.•85 views

USN-6038-1: Go vulnerabilities

It was discovered that the Go net/http module incorrectly handled Transfer-Encoding headers in the HTTP/1 client. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. CVE-2022-1705 It was discovered that Go did not properly manage memory under certain...

9.8CVSS7.5AI score0.05623EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/03/29 4:44 p.m.•85 views

USN-5984-1: Linux kernel vulnerabilities

It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2021-3669 It was discovered that a use-after-free vulnerability existed in the SGI GRU...

7.9CVSS7.5AI score0.03702EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/03/27 3:18 a.m.•85 views

USN-5972-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

8.8CVSS8.3AI score0.00713EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/03/16 2:21 p.m.•85 views

USN-5960-1: Python vulnerability

Yebo Cao discovered that Python incorrectly handled certain URLs. An attacker could possibly use this issue to bypass blocklisting methods by supplying a URL that starts with blank characters...

7.5CVSS7.4AI score0.20459EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/02/02 4:34 p.m.•85 views

USN-5841-1: LibTIFF vulnerabilities

It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges...

8.8CVSS7.6AI score0.04204EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/01/06 10:55 p.m.•85 views

USN-5794-1: Linux kernel (AWS) vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/12/14 6:0 p.m.•85 views

USN-5780-1: Linux kernel (OEM) vulnerabilities

It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2022-3524 It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly deallocate memory...

8.8CVSS7.2AI score0.02014EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/10/19 9:24 p.m.•85 views

USN-5691-1: Linux kernel vulnerabilities

David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the iouring subsystem in the Linux kernel, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-2602...

8.1CVSS7.3AI score0.03763EPSS
Exploits5
Ubuntu
Ubuntu
•added 2022/09/22 4:49 p.m.•85 views

USN-5631-1: libjpeg-turbo vulnerabilities

It was discovered that libjpeg-turbo incorrectly handled certain EOF characters. An attacker could possibly use this issue to cause libjpeg-turbo to consume resource, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2018-11813 It was discovered that libjpeg-turbo...

8.8CVSS6.6AI score0.03162EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/07/15 1:48 p.m.•85 views

USN-5521-1: containerd vulnerabilities

It was discovered that containerd insufficiently restricted permissions on container root and plugin directories. If a user or automated system were tricked into launching a specially crafted container image, a remote attacker could traverse directory contents and modify files and execute program...

7.8CVSS7AI score0.27392EPSS
Exploits6
Ubuntu
Ubuntu
•added 2022/05/23 1:49 p.m.•85 views

USN-5434-1: Firefox vulnerabilities

It was discovered that the methods of an Array object could be corrupted as a result of prototype pollution by sending a message to the parent process. If a user were tricked into opening a specially crafted website, an attacker could exploit this to execute JavaScript in a privileged context...

8.8CVSS8.7AI score0.26709EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/12 3:44 p.m.•85 views

USN-5420-1: Vorbis vulnerabilities

It was discovered that Vorbis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. CVE-2017-14160, CVE-2018-10392, CVE-2018-10393...

8.8CVSS6.8AI score0.04575EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/04/28 7:57 p.m.•85 views

USN-5398-1: Simple DirectMedia Layer vulnerability

It was discovered that SDL Simple DirectMedia Layer incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code...

8.8CVSS7.4AI score0.01986EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/01/21 2:24 p.m.•85 views

USN-5249-1: USBView vulnerability

It was discovered that USBView allowed unprivileged users to run usbview as root. A local attacker could use this vulnerability to gain administrative privileges or cause a denial of service...

7.8CVSS7.2AI score0.00521EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/12/07 7:35 p.m.•85 views

USN-5168-4: NSS regression

USN-5168-3 fixed a vulnerability in NSS. Unfortunately that update introduced a regression that could break SSL connections. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Tavis Ormandy discovered that NSS incorrectly handled verifying DSA/RSA-PSS...

9.8CVSS7.7AI score0.17563EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/11/04 8:12 p.m.•85 views

USN-5133-1: ICU vulnerability

It was discovered that ICU contains a use after free issue. An attacker could use this issue to cause a denial of service with crafted input...

5.5CVSS6.7AI score0.01133EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/07/28 6:14 p.m.•85 views

USN-4944-2: MariaDB regression

USN-4944-1 fixed vulnerabilities in MariaDB. It caused a regression. This update fixes the problem. Original advisory details: Ubuntu 20.04 has been updated to MariaDB 10.3.30...

5.3AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2021/05/19 10:47 a.m.•85 views

USN-4961-1: pip vulnerability

It was discovered that pip incorrectly handled unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/11/19 8:12 p.m.•85 views

USN-4637-2: Firefox vulnerabilities

USN-4637-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Ubuntu 16.04 LTS. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit...

9.3CVSS7.5AI score0.0247EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/09/28 2:43 p.m.•85 views

USN-4548-1: libuv vulnerability

It was discovered that libuv incorrectly handled certain paths. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

7.8CVSS7AI score0.00714EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/09/16 1:7 p.m.•85 views

USN-4502-1: websocket-extensions vulnerability

It was discovered that websocket-extensions does not properly parse special headers. A remote attacker could use this issue to cause regex backtracking, resulting in a denial of service. CVE-2020-7663...

7.5CVSS7.4AI score0.04404EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/07/02 1:39 p.m.•85 views

USN-4408-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass permission prompts, or execute arbitrary code. CVE-2020-12415,...

9.3CVSS8AI score0.03034EPSS
Exploits4
Ubuntu
Ubuntu
•added 2020/06/17 3:11 p.m.•85 views

USN-4397-2: NSS vulnerability

USN-4397-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Cesar Pereida Garcia discovered that NSS incorrectly handled DSA key generation. A local attacker could possibly use this issue to perform a...

4.4CVSS7.3AI score0.00651EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/03/30 12:0 p.m.•85 views

USN-4308-2: Twisted vulnerabilities

USN-4308-1 fixed several vulnerabilities in Twisted. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: it was discovered that Twisted incorrectly validated or sanitized certain URIs or HTTP methods. A remote attacker could use this issue to inject...

9.8CVSS7.1AI score0.04083EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/11/26 11:47 p.m.•85 views

USN-4202-1: Thunderbird vulnerabilities

It was discovered that a specially crafted S/MIME message with an inner encryption layer could be displayed as having a valid signature in some circumstances, even if the signer had no access to the encrypted message. An attacker could potentially exploit this to spoof the message author...

8.8CVSS7.6AI score0.06643EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/11/26 12:49 a.m.•85 views

USN-4200-1: Redmine vulnerabilities

It was discovered that Redmine incorrectly handle certain inputs that could cause textile formatting errors. An attacker could possibly use this issue to cause a XSS attack. CVE-2019-17427 It was discovered that an SQL injection could allow users to access protected information via a crafted obje...

6.5CVSS6.6AI score0.04338EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/11/06 4:5 p.m.•85 views

USN-4176-1: GNU cpio vulnerability

Thomas Habets discovered that GNU cpio incorrectly handled certain inputs. An attacker could possibly use this issue to privilege escalation...

7.3CVSS6.6AI score0.00686EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/10/21 2:40 p.m.•85 views

USN-4159-1: Exiv2 vulnerability

It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service...

6.5CVSS7AI score0.01851EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/31 4:16 p.m.•85 views

USN-4081-1: Pango vulnerability

It was discovered that Pango incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code...

9.8CVSS8.4AI score0.06274EPSS
Exploits1
Total number of security vulnerabilities5000