Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2018/09/19 9:49 a.m.•85 views

USN-3766-2: PHP vulnerabilities

USN-3766-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that PHP incorrectly handled certain exif tags in JPEG images. A remote attacker could possibly use this issue to cause PHP to crash, resulting...

7.5CVSS6.6AI score0.08975EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/09/17 7:30 a.m.•85 views

USN-3765-1: curl vulnerability

It was discovered that curl incorrectly handled certain inputs. An attacker could possibly use this to execute arbitrary code...

10CVSS7.5AI score0.11115EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/07/30 8:7 p.m.•85 views

USN-3725-2: MySQL vulnerabilities

USN-3725-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to...

6.5CVSS6.9AI score0.03637EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/06/28 6:26 p.m.•85 views

USN-3694-1: NASM vulnerabilities

It was discovered that NASM incorrectly handled certain source files. If a user or automated system were tricked into processing a specially crafted source file, a remote attacker could use these issues to cause NASM to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS6.7AI score0.02946EPSS
Exploits13
Ubuntu
Ubuntu
•added 2017/10/31 10:29 a.m.•85 views

USN-3469-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3469-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Anthony Perard discovered that the Xen virtual block driver did not properly initializ...

7.8CVSS6.5AI score0.01155EPSS
Exploits4
Ubuntu
Ubuntu
•added 2017/10/26 4:54 p.m.•85 views

USN-3464-1: Wget vulnerabilities

Antti Levomäki, Christian Jalio, and Joonas Pihlaja discovered that Wget incorrectly handled certain HTTP responses. A remote attacker could use this issue to cause Wget to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2017-13089, CVE-2017-13090 Dawid Golunski...

9.3CVSS7.6AI score0.79855EPSS
Exploits9
Ubuntu
Ubuntu
•added 2017/10/11 6:14 a.m.•85 views

USN-3445-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3445-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Eyal Itkin discovered that the IP over IEEE 1394 FireWire implementation in the Linux...

6.8CVSS7.1AI score0.01765EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/10/10 11:32 p.m.•85 views

USN-3445-1: Linux kernel vulnerabilities

Eyal Itkin discovered that the IP over IEEE 1394 FireWire implementation in the Linux kernel contained a buffer overflow when handling fragmented packets. A remote attacker could use this to possibly execute arbitrary code with administrative privileges. CVE-2016-8633 Andrey Konovalov discovered...

6.8CVSS7.1AI score0.01765EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/09/14 1:42 a.m.•85 views

USN-3415-2: tcpdump vulnerabilities

USN-3415-1 fixed vulnerabilities in tcpdump for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 17.04. This update provides the corresponding tcpdump update for Ubuntu 12.04 ESM. Original advisory details: Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attack...

9.8CVSS8.1AI score0.06196EPSS
Exploits3
Ubuntu
Ubuntu
•added 2017/07/24 11:16 p.m.•85 views

USN-3364-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3364-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan dat...

5.5CVSS6.3AI score0.01261EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/06/29 6:19 p.m.•85 views

USN-3323-2: GNU C Library vulnerability

USN-3323-1 fixed a vulnerability in the GNU C Library. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that the GNU C library did not properly handle memory when processing environment variables for setuid programs. A local attacker...

7.8CVSS7.1AI score0.02733EPSS
Exploits14
Ubuntu
Ubuntu
•added 2017/06/22 12:5 a.m.•85 views

USN-3324-1: Linux kernel vulnerability

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges...

7.4CVSS7.8AI score0.05186EPSS
Exploits3
Ubuntu
Ubuntu
•added 2017/05/15 11:50 p.m.•85 views

USN-3275-2: OpenJDK 7 vulnerabilities

USN-3275-1 fixed vulnerabilities in OpenJDK 8. This update provides the corresponding updates for OpenJDK 7. Original advisory details: It was discovered that OpenJDK improperly re-used cached NTLM connections in some situations. A remote attacker could possibly use this to cause a Java applicati...

7.7CVSS6.9AI score0.03311EPSS
Exploits2
Ubuntu
Ubuntu
•added 2017/03/30 9:55 p.m.•85 views

USN-3216-2: Firefox regression

USN-3216-1 fixed vulnerabilities in Firefox. The update resulted in a startup crash when Firefox is used with XRDP. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to openi...

7.8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2017/03/21 11:34 p.m.•85 views

USN-3239-2: GNU C Library Regression

USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately, the fix for CVE-2015-5180 introduced an internal ABI change within the resolver library. This update reverts the change. We apologize for the inconvenience. Please note that long-running services that were restarted to compensa...

7.8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2017/02/22 7:34 a.m.•85 views

USN-3208-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3208-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the generic SCSI block layer in the Linux kernel did not proper...

8.4CVSS6.9AI score0.0596EPSS
Exploits13
Ubuntu
Ubuntu
•added 2017/02/16 2:22 a.m.•85 views

USN-3198-1: OpenJDK 6 vulnerabilities

Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update moves those algorithms to the legacy algorithm set and causes...

9.6CVSS7.5AI score0.95707EPSS
Exploits12
Ubuntu
Ubuntu
•added 2016/11/30 6:59 p.m.•85 views

USN-3144-2: Linux kernel (OMAP4) vulnerability

Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service system crash or possibly gain privileges...

7.8CVSS6.5AI score0.0043EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/10/11 4:37 a.m.•85 views

USN-3097-1: Linux kernel vulnerabilities

Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2016-6828 Pengfei Wang discovered a race condition in the...

5.5CVSS6.5AI score0.01181EPSS
Exploits5
Ubuntu
Ubuntu
•added 2016/08/10 10:52 a.m.•85 views

USN-3055-1: Linux kernel vulnerabilities

Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges. CVE-2016-3135 It was...

7.8CVSS7.3AI score0.01009EPSS
Exploits2
Ubuntu
Ubuntu
•added 2016/06/27 9:30 p.m.•85 views

USN-3020-1: Linux kernel (Vivid HWE) vulnerabilities

Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPTSOSETREPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service system crash or execute...

7.8CVSS7.1AI score0.05676EPSS
Exploits15
Ubuntu
Ubuntu
•added 2016/05/19 12:25 a.m.•85 views

USN-2973-1: Thunderbird vulnerabilities

Christian Holler, Tyson Smith, and Phil Ringalda discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code...

10CVSS8.1AI score0.04692EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/05/16 5:31 p.m.•85 views

USN-2978-1: Linux kernel vulnerabilities

David Matlack discovered that the Kernel-based Virtual Machine KVM implementation in the Linux kernel did not properly restrict variable Memory Type Range Registers MTRR in KVM guests. A privileged user in a guest VM could use this to cause a denial of service system crash in the host, expose...

7.8CVSS7.2AI score0.00397EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/03/14 5:20 p.m.•85 views

USN-2932-1: Linux kernel (Vivid HWE) vulnerabilities

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPTSOSETREPLACE events. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges...

8.4CVSS7.2AI score0.03723EPSS
Exploits22
Ubuntu
Ubuntu
•added 2016/02/02 1:53 a.m.•85 views

USN-2889-1: Linux kernel vulnerabilities

It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollctl calls to cause a denial of service system crash or expose sensitive information. CVE-2013-7446 It was discovered that the KVM implementation ...

10CVSS6.4AI score0.09235EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/05/05 10:1 p.m.•85 views

USN-2597-1: Linux kernel (Trusty HWE) vulnerability

A race condition between chown and execve was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to gain administrative privileges...

6.2CVSS6.8AI score0.00317EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/04/30 8:12 a.m.•85 views

USN-2587-1: Linux kernel (Trusty HWE) vulnerabilities

A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of service kernel crash or to potentially execute code with kernel privileges. CVE-2015-2666 It was discovered that the Linux kernel's IPv6 networking...

6.9CVSS6.9AI score0.03052EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/03/10 6:22 p.m.•85 views

USN-2522-3: ICU vulnerabilities

USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font patches caused a regression when using LibreOffice Calc. The patches have now been updated to fix the regression. We apologize for the inconvenience. Original advisory details: It was discovered that ICU incorrectly handled...

10CVSS7.6AI score0.22753EPSS
Exploits5
Ubuntu
Ubuntu
•added 2014/12/12 7:32 a.m.•85 views

USN-2442-1: Linux kernel (EC2) vulnerabilities

An information leak in the Linux kernel was discovered that could leak the high 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine KVM paravirt guests. A user in the guest OS could exploit this leak to obtain information that could potentially be used to aid in attacking the...

7.8CVSS6.6AI score0.08579EPSS
Exploits5
Ubuntu
Ubuntu
•added 2014/08/13 10:56 a.m.•85 views

USN-2314-1: Linux kernel vulnerability

An flaw was discovered in the Linux kernel's audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service OOPS...

3.3CVSS7.1AI score0.0036EPSS
Exploits0
Ubuntu
Ubuntu
•added 2014/02/18 10:36 p.m.•85 views

USN-2113-1: Linux kernel (Saucy HWE) vulnerabilities

Saran Neti reported a flaw in the ipv6 UDP Fragmentation Offload UFI in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service panic. CVE-2013-4563 Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker...

7.2CVSS6.8AI score0.10209EPSS
Exploits12
Ubuntu
Ubuntu
•added 2013/08/20 12:37 p.m.•85 views

USN-1935-1: Linux kernel vulnerabilities

Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2013-1059 An information leak was discovered in the Linux kernel's fanotify interface. A local user could exploit this flaw to obtai...

7.8CVSS6.8AI score0.04672EPSS
Exploits3
Ubuntu
Ubuntu
•added 2013/05/24 9:39 a.m.•85 views

USN-1837-1: Linux kernel vulnerabilities

An information leak was discovered in the Linux kernel's tkill and tgkill system calls when used from compat processes. A local user could exploit this flaw to examine potentially sensitive kernel memory. CVE-2013-2141 A flaw was discovered in the Linux kernel's perf events subsystem for Intel...

4.9CVSS6.2AI score0.00593EPSS
Exploits2
Ubuntu
Ubuntu
•added 2013/05/02 11:31 a.m.•85 views

USN-1814-1: Linux kernel (OMAP4) vulnerabilities

Mathias Krause discovered an information leak in the Linux kernel's UDF file system implementation. A local user could exploit this flaw to examine some of the kernel's heap memory. CVE-2012-6548 Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver...

7.2CVSS7.1AI score0.04707EPSS
Exploits4
Ubuntu
Ubuntu
•added 2013/03/22 11:16 p.m.•85 views

USN-1775-1: Linux kernel vulnerabilities

A flaw was reported in the permission checks done by the Linux kernel for /dev/cpu//msr. A local root user with all capabilities dropped could exploit this flaw to execute code with full root capabilities. CVE-2013-0268 A flaw was discovered in the Linux kernels handling of memory ranges with...

6.2CVSS6.9AI score0.01557EPSS
Exploits4
Ubuntu
Ubuntu
•added 2012/11/30 9:25 a.m.•85 views

USN-1648-1: Linux kernel vulnerabilities

Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. CVE-2012-0957 Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cau...

6.2CVSS6.7AI score0.00959EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/02/13 5:8 p.m.•85 views

USN-1358-2: PHP regression

USN 1358-1 fixed multiple vulnerabilities in PHP. The fix for CVE-2012-0831 introduced a regression where the state of the magicquotesgpc setting was not correctly reflected when calling the iniget function. We apologize for the inconvenience. Original advisory details: It was discovered that PHP...

8.6AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2011/10/25 1:1 p.m.•85 views

USN-1242-1: Linux kernel (Maverick backport) vulnerabilities

It was discovered that the security fix for CVE-2010-4250 introduced a regression. A remote attacker could exploit this to crash the system, leading to a denial of service. CVE-2011-1479 Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit...

9.1CVSS7.8AI score0.05689EPSS
Exploits5
Ubuntu
Ubuntu
•added 2011/07/13 8:31 p.m.•85 views

USN-1161-1: Linux kernel vulnerabilities (EC2)

Vasiliy Kulikov discovered that kvm did not correctly clear memory. A local attacker could exploit this to read portions of the kernel stack, leading to a loss of privacy. CVE-2010-3881 Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By...

7.8CVSS6.7AI score0.04364EPSS
Exploits8
Ubuntu
Ubuntu
•added 2011/06/23 7:36 p.m.•85 views

USN-1157-3: Firefox regression

USN-1157-1 fixed vulnerabilities in Firefox. Unfortunately, this update produced the side effect of pulling in Firefox on some systems that did not have it installed during a dist-upgrade due to changes in the Ubuntu language packs. This update fixes the problem. We apologize for the inconvenienc...

8.8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2011/03/07 10:33 p.m.•85 views

USN-1049-2: Firefox and Xulrunner regression

USN-1049-1 fixed vulnerabilities in Firefox and Xulrunner. That update introduced a regression where some Java applets would fail to load. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff...

9.2AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2011/01/19 5:40 p.m.•85 views

USN-1045-2: util-linux update

USN-1045-1 fixed vulnerabilities in FUSE. This update to util-linux adds support for new options required by the FUSE update. Original advisory details: It was discovered that FUSE could be tricked into incorrectly updating the mtab file when mounting filesystems. A local attacker, with access to...

5.8CVSS5.5AI score0.09848EPSS
Exploits1
Ubuntu
Ubuntu
•added 2010/06/29 9:22 p.m.•85 views

USN-930-2: apturl, Epiphany, gecko-sharp, gnome-python-extras, liferea, rhythmbox, totem, ubufox, yelp update

USN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This update provides updated packages for use with Firefox 3.6 and Xulrunner 1.9.2 on Ubuntu 8.04 LTS. Original advisory details: If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a...

9.1AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2009/11/26 8:4 p.m.•85 views

USN-862-1: PHP vulnerabilities

Maksymilian Arciemowicz discovered that PHP did not properly validate arguments to the dbareplace function. If a script passed untrusted input to the dbareplace function, an attacker could truncate the database. This issue only applied to Ubuntu 6.06 LTS, 8.04 LTS, and 8.10. CVE-2008-7068 It was...

7.5CVSS5.3AI score0.12041EPSS
Exploits11
Ubuntu
Ubuntu
•added 2009/11/19 6:33 a.m.•85 views

USN-860-1: Apache vulnerabilities

Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a machine-in-the-middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. The flaw is with TLS renegotiation and...

9.8CVSS7.5AI score0.87264EPSS
Exploits16
Ubuntu
Ubuntu
•added 2009/03/19 10:26 p.m.•85 views

USN-741-1: Thunderbird vulnerabilities

Several flaws were discovered in the browser engine. If Javascript were enabled, an attacker could exploit these flaws to crash Thunderbird and possibly execute arbitrary code with user privileges. CVE-2009-0352 Jesse Ruderman and Gary Kwong discovered flaws in the browser engine. If a user had...

10CVSS9AI score0.04331EPSS
Exploits0
Ubuntu
Ubuntu
•added 2004/10/23 2:11 a.m.•85 views

USN-2-1: xpdf vulnerabilities

Chris Evans discovered several integer overflow vulnerabilities in xpdf, a viewer for PDF files. The Common UNIX Printing System CUPS also uses the same code to print PDF files. In either case, these vulnerabilities could be exploited by an attacker by providing a specially crafted PDF file which...

10CVSS5.9AI score0.06209EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/01 3:25 p.m.•84 views

USN-7261-2: Vim vulnerability

USN-7261-1 fixed vulnerabilities in Vim. This update provides the corresponding updates for Ubuntu 24.04 LTS. Original advisory details: It was discovered that Vim incorrectly handled certain internal calls when scrolling a window. An attacker could possibly use this issue to cause a denial of...

5.5CVSS5.5AI score0.00261EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/03/31 11:38 a.m.•84 views

USN-7395-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

10CVSS7.5AI score0.0424EPSS
Exploits4
Ubuntu
Ubuntu
•added 2025/03/11 7:38 p.m.•84 views

USN-7345-1: .NET vulnerability

Zahid TOKAT discovered that .NET suffered from a weak authentication vulnerability. An attacker could possibly use this issue to elevate privileges...

7CVSS7.2AI score0.00911EPSS
Exploits1
Total number of security vulnerabilities5000