Lucene search
K
UbuntuMost viewed

10888 matches found

Ubuntu
Ubuntu
added 2014/12/12 7:32 a.m.85 views

USN-2442-1: Linux kernel (EC2) vulnerabilities

An information leak in the Linux kernel was discovered that could leak the high 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine KVM paravirt guests. A user in the guest OS could exploit this leak to obtain information that could potentially be used to aid in attacking the...

7.8CVSS6.6AI score0.08579EPSS
Exploits5
Ubuntu
Ubuntu
added 2014/09/27 9:5 a.m.85 views

USN-2364-1: Bash vulnerabilities

Florian Weimer and Todd Sabin discovered that the Bash parser incorrectly handled memory. An attacker could possibly use this issue to bypass certain environment restrictions and execute arbitrary code. CVE-2014-7186, CVE-2014-7187 In addition, this update introduces a hardening measure which add...

10CVSS7.7AI score0.64336EPSS
Exploits14
Ubuntu
Ubuntu
added 2014/08/13 10:56 a.m.85 views

USN-2314-1: Linux kernel vulnerability

An flaw was discovered in the Linux kernel's audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service OOPS...

3.3CVSS7.1AI score0.0036EPSS
Exploits0
Ubuntu
Ubuntu
added 2014/02/18 10:36 p.m.85 views

USN-2113-1: Linux kernel (Saucy HWE) vulnerabilities

Saran Neti reported a flaw in the ipv6 UDP Fragmentation Offload UFI in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service panic. CVE-2013-4563 Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker...

7.2CVSS6.8AI score0.10209EPSS
Exploits12
Ubuntu
Ubuntu
added 2013/05/24 9:39 a.m.85 views

USN-1837-1: Linux kernel vulnerabilities

An information leak was discovered in the Linux kernel's tkill and tgkill system calls when used from compat processes. A local user could exploit this flaw to examine potentially sensitive kernel memory. CVE-2013-2141 A flaw was discovered in the Linux kernel's perf events subsystem for Intel...

4.9CVSS6.2AI score0.00593EPSS
Exploits2
Ubuntu
Ubuntu
added 2013/05/02 11:31 a.m.85 views

USN-1814-1: Linux kernel (OMAP4) vulnerabilities

Mathias Krause discovered an information leak in the Linux kernel's UDF file system implementation. A local user could exploit this flaw to examine some of the kernel's heap memory. CVE-2012-6548 Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver...

7.2CVSS7.1AI score0.04707EPSS
Exploits4
Ubuntu
Ubuntu
added 2013/03/22 11:16 p.m.85 views

USN-1775-1: Linux kernel vulnerabilities

A flaw was reported in the permission checks done by the Linux kernel for /dev/cpu//msr. A local root user with all capabilities dropped could exploit this flaw to execute code with full root capabilities. CVE-2013-0268 A flaw was discovered in the Linux kernels handling of memory ranges with...

6.2CVSS6.9AI score0.01557EPSS
Exploits4
Ubuntu
Ubuntu
added 2012/11/30 9:25 a.m.85 views

USN-1648-1: Linux kernel vulnerabilities

Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. CVE-2012-0957 Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cau...

6.2CVSS6.7AI score0.00959EPSS
Exploits3
Ubuntu
Ubuntu
added 2012/03/16 9:8 p.m.85 views

USN-1400-2: ubufox update

USN-1400-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Original advisory details: Soroush Dalili discovered that Firefox did not adequately protect against dropping JavaScript links onto a frame. A remote attacker could, throug...

8.8AI score
Exploits0References1
Ubuntu
Ubuntu
added 2012/02/13 5:8 p.m.85 views

USN-1358-2: PHP regression

USN 1358-1 fixed multiple vulnerabilities in PHP. The fix for CVE-2012-0831 introduced a regression where the state of the magicquotesgpc setting was not correctly reflected when calling the iniget function. We apologize for the inconvenience. Original advisory details: It was discovered that PHP...

8.6AI score
Exploits0References1
Ubuntu
Ubuntu
added 2011/12/13 12:41 p.m.85 views

USN-1300-1: Linux kernel (FSL-IMX51) vulnerabilities

A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. CVE-2011-4077 A flaw was found in the Journaling Block Device JBD. A local attacker able to mount ext3 or ext4 file...

7.2CVSS7.8AI score0.00556EPSS
Exploits4
Ubuntu
Ubuntu
added 2011/10/25 1:6 p.m.85 views

USN-1244-1: Linux kernel (OMAP4) vulnerabilities

Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly parsed facilities. A remote attacker could exploit this to crash the kernel, leading to a denial of service. CVE-2010-3873 Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being...

7.2CVSS6.9AI score0.03739EPSS
Exploits3
Ubuntu
Ubuntu
added 2011/04/30 12:30 a.m.85 views

USN-1121-1: Firefox vulnerabilities

Boris Zbarsky, Gary Kwong, Jesse Ruderman, Michael Wu, and Ted Mielczarek discovered multiple memory vulnerabilities. An attacker could exploit these to possibly run arbitrary code as the user running Firefox. CVE-2011-0079 It was discovered that there was a vulnerability in the memory handling o...

10CVSS8.7AI score0.06858EPSS
Exploits4
Ubuntu
Ubuntu
added 2010/06/29 9:22 p.m.85 views

USN-930-2: apturl, Epiphany, gecko-sharp, gnome-python-extras, liferea, rhythmbox, totem, ubufox, yelp update

USN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This update provides updated packages for use with Firefox 3.6 and Xulrunner 1.9.2 on Ubuntu 8.04 LTS. Original advisory details: If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a...

9.1AI score
Exploits0References1
Ubuntu
Ubuntu
added 2009/11/26 8:4 p.m.85 views

USN-862-1: PHP vulnerabilities

Maksymilian Arciemowicz discovered that PHP did not properly validate arguments to the dbareplace function. If a script passed untrusted input to the dbareplace function, an attacker could truncate the database. This issue only applied to Ubuntu 6.06 LTS, 8.04 LTS, and 8.10. CVE-2008-7068 It was...

7.5CVSS5.3AI score0.12041EPSS
Exploits11
Ubuntu
Ubuntu
added 2009/11/19 6:33 a.m.85 views

USN-860-1: Apache vulnerabilities

Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a machine-in-the-middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. The flaw is with TLS renegotiation and...

9.8CVSS7.5AI score0.87264EPSS
Exploits16
Ubuntu
Ubuntu
added 2008/03/19 11:31 p.m.85 views

USN-588-1: MySQL vulnerabilities

Masaaki Hirose discovered that MySQL could be made to dereference a NULL pointer. An authenticated user could cause a denial of service application crash via an EXPLAIN SELECT FROM on the INFORMATIONSCHEMA table. This issue only affects Ubuntu 6.06 and 6.10. CVE-2006-7232 Alexander Nozdrin...

7.5CVSS8.3AI score0.91602EPSS
Exploits16
Ubuntu
Ubuntu
added 2008/01/19 2:54 a.m.85 views

USN-571-2: X.org regression

USN-571-1 fixed vulnerabilities in X.org. The upstream fixes were incomplete, and under certain situations, applications using the MIT-SHM extension e.g. Java, wxWidgets would crash with BadAlloc X errors. This update fixes the problem. We apologize for the inconvenience. Original advisory detail...

8.4AI score
Exploits0References1
Ubuntu
Ubuntu
added 2004/12/22 10:20 p.m.85 views

USN-46-1: TIFF library vulnerability

A buffer overflow was discovered in the TIFF library. A TIFF file includes a value indicating the number of "directory entry" header fields contained in the file. If this value is -1, an invalid memory allocation was performed. A malicious image could be constructed which, when decoded, would hav...

10CVSS5.9AI score0.14972EPSS
Exploits1
Ubuntu
Ubuntu
added 2004/10/23 2:11 a.m.85 views

USN-2-1: xpdf vulnerabilities

Chris Evans discovered several integer overflow vulnerabilities in xpdf, a viewer for PDF files. The Common UNIX Printing System CUPS also uses the same code to print PDF files. In either case, these vulnerabilities could be exploited by an attacker by providing a specially crafted PDF file which...

10CVSS5.9AI score0.06209EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/04/01 3:25 p.m.84 views

USN-7261-2: Vim vulnerability

USN-7261-1 fixed vulnerabilities in Vim. This update provides the corresponding updates for Ubuntu 24.04 LTS. Original advisory details: It was discovered that Vim incorrectly handled certain internal calls when scrolling a window. An attacker could possibly use this issue to cause a denial of...

5.5CVSS5.5AI score0.00261EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/03/31 11:38 a.m.84 views

USN-7395-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

10CVSS7.5AI score0.0424EPSS
Exploits4
Ubuntu
Ubuntu
added 2025/03/11 7:38 p.m.84 views

USN-7345-1: .NET vulnerability

Zahid TOKAT discovered that .NET suffered from a weak authentication vulnerability. An attacker could possibly use this issue to elevate privileges...

7CVSS7.2AI score0.00911EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/03/03 7:42 p.m.84 views

USN-7317-1: wpa_supplicant and hostapd vulnerabilities

George Chatzisofroniou and Panayiotis Kotzanikolaou discovered that wpasupplicant and hostapd reused encryption elements in the PKEX protocol. An attacker could possibly use this issue to impersonate a wireless access point, and obtain sensitive information. CVE-2022-37660 Daniel De Almeida Braga...

9.8CVSS7.9AI score0.02944EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/02/27 1:14 p.m.84 views

USN-7207-2: Git vulnerabilities

USN-7207-1 fixed vulnerabilities in Git. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that Git incorrectly handled certain URLs when asking for credentials. An attacker could possibly use this issue to mislead the user into typi...

7.5CVSS7.4AI score0.01019EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/02/26 1:22 p.m.84 views

USN-7306-1: GNU binutils vulnerabilities

It was discovered that GNU binutils in nm tool is affected by an incorrect access control. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. CVE-2024-57360 It was discovered that GNU binutils incorrectly...

7.5CVSS6.1AI score0.00732EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/02/24 12:32 p.m.84 views

USN-7287-1: libcap2 vulnerability

Tianjia Zhang discovered the libcap2 PAM module pamcap incorrectly handled parsing group names in the configuration file. This could result in certain users being granted capabilities, contrary to expectations...

6.1CVSS6.7AI score0.00149EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/18 11:49 a.m.84 views

USN-6902-1: Apache HTTP Server vulnerability

It was discovered that the Apache HTTP Server incorrectly handled certain handlers configured via AddType. A remote attacker could possibly use this issue to obtain source code...

5.3CVSS7.1AI score0.04134EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/07/16 11:47 a.m.84 views

USN-6896-2: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

9.1CVSS7.5AI score0.01635EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/03/19 9:0 p.m.84 views

USN-6702-1: Linux kernel vulnerabilities

It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service system crash. CVE-2023-23000 It was discovered that the ARM Mali Display Processor...

7.8CVSS7.5AI score0.28058EPSS
Exploits16
Ubuntu
Ubuntu
added 2024/03/04 11:9 a.m.85 views

USN-6672-1: Node.js vulnerabilities

Morgan Jones discovered that Node.js incorrectly handled certain inputs that leads to false positive errors during some cryptographic operations. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a...

7.5CVSS6.8AI score0.73461EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/12/12 8:36 p.m.84 views

USN-6548-2: Linux kernel vulnerabilities

It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. CVE-2023-3006 It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors i...

8.8CVSS7.2AI score0.09141EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/11/22 2:55 p.m.84 views

USN-6506-1: Apache HTTP Server vulnerabilities

David Shoon discovered that the Apache HTTP Server modmacro module incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. CVE-2023-31122 Prof. Sven Dietrich, Isa Jafarov, Prof. Heejo Lee, and...

7.5CVSS7.5AI score0.70595EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/09/19 4:45 p.m.84 views

USN-6383-1: Linux kernel vulnerabilities

Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. CVE-2023-20588 It was discovered...

7.8CVSS7.3AI score0.12405EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/09/14 3:30 a.m.84 views

USN-6368-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

8.8CVSS8AI score0.99739EPSS
Exploits9
Ubuntu
Ubuntu
added 2023/07/25 11:36 p.m.84 views

USN-6250-1: Linux kernel vulnerabilities

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 It was discovered that the IP-VLAN...

7.8CVSS7.6AI score0.15783EPSS
Exploits18
Ubuntu
Ubuntu
added 2023/06/21 8:42 a.m.84 views

USN-6181-1: Ruby vulnerabilities

Hiroshi Tokumaru discovered that Ruby did not properly handle certain user input for applications the generate HTTP responses using cgi gem. An attacker could possibly use this issue to maliciously modify the response a user would receive from a vulnerable application. This issue only affected...

8.8CVSS7.7AI score0.02637EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/05/24 8:57 a.m.84 views

USN-6101-1: GNU binutils vulnerabilities

It was discovered that GNU binutils incorrectly handled certain DWARF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 22.10. CVE-2023-1579 It was discovered that GNU binutils did not properly verify the version definitio...

7.8CVSS6.5AI score0.00895EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/04/25 1:25 p.m.84 views

USN-6040-1: Linux kernel (HWE) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 It was discovered that the OverlayFS...

7.8CVSS7.6AI score0.0788EPSS
Exploits15
Ubuntu
Ubuntu
added 2023/04/25 10:23 a.m.84 views

USN-6038-1: Go vulnerabilities

It was discovered that the Go net/http module incorrectly handled Transfer-Encoding headers in the HTTP/1 client. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. CVE-2022-1705 It was discovered that Go did not properly manage memory under certain...

9.8CVSS7.5AI score0.05623EPSS
Exploits7
Ubuntu
Ubuntu
added 2023/03/29 1:52 p.m.84 views

USN-5983-1: Nette vulnerability

Cyku Hong discovered that Nette was not properly handling and validating data used for code generation. A remote attacker could possibly use this issue to execute arbitrary code...

9.8CVSS8.8AI score0.35228EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/03/27 10:49 p.m.84 views

USN-5978-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 It was discovered that the KVM VMX...

8.8CVSS7.1AI score0.01016EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/03/27 3:18 a.m.84 views

USN-5972-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

8.8CVSS8.3AI score0.00713EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/03/16 2:21 p.m.84 views

USN-5960-1: Python vulnerability

Yebo Cao discovered that Python incorrectly handled certain URLs. An attacker could possibly use this issue to bypass blocklisting methods by supplying a URL that starts with blank characters...

7.5CVSS7.4AI score0.20459EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/03/03 3:54 p.m.84 views

USN-5918-1: Linux kernel (BlueField) vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.4AI score0.21314EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/01/10 9:58 p.m.84 views

USN-5793-3: Linux kernel vulnerabilities

It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-3910 ...

7.8CVSS7AI score0.01417EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/06/16 10:12 a.m.84 views

LSN-0087-1: Kernel Live Patch Security Notice

Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary...

7.2AI score
Exploits6
Ubuntu
Ubuntu
added 2022/05/30 3:29 p.m.84 views

USN-5446-2: dpkg vulnerability

USN-5446-1 fixed a vulnerability in dpkg. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Max Justicz discovered that dpkg incorrectly handled unpacking certain source packages. If a user or an automated system were tricked into unpacking a specially...

9.8CVSS8.3AI score0.02871EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/28 7:57 p.m.84 views

USN-5398-1: Simple DirectMedia Layer vulnerability

It was discovered that SDL Simple DirectMedia Layer incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code...

8.8CVSS7.4AI score0.01986EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/25 3:37 p.m.84 views

USN-5376-2: Git vulnerability

USN-5376-1 fixed vulnerabilities in Git. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: 俞晨东 discovered that Git incorrectly handled certain repository paths in platforms with multiple users support. An attacker could possibly use this issue to run...

7.8CVSS7.7AI score0.00782EPSS
Exploits0
Total number of security vulnerabilities5000