Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2025/03/03 7:42 p.m.•84 views

USN-7317-1: wpa_supplicant and hostapd vulnerabilities

George Chatzisofroniou and Panayiotis Kotzanikolaou discovered that wpasupplicant and hostapd reused encryption elements in the PKEX protocol. An attacker could possibly use this issue to impersonate a wireless access point, and obtain sensitive information. CVE-2022-37660 Daniel De Almeida Braga...

9.8CVSS7.9AI score0.02944EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/02/27 1:14 p.m.•84 views

USN-7207-2: Git vulnerabilities

USN-7207-1 fixed vulnerabilities in Git. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that Git incorrectly handled certain URLs when asking for credentials. An attacker could possibly use this issue to mislead the user into typi...

7.5CVSS7.4AI score0.01019EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/02/26 1:22 p.m.•84 views

USN-7306-1: GNU binutils vulnerabilities

It was discovered that GNU binutils in nm tool is affected by an incorrect access control. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. CVE-2024-57360 It was discovered that GNU binutils incorrectly...

7.5CVSS6.1AI score0.00732EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/07/18 11:49 a.m.•84 views

USN-6902-1: Apache HTTP Server vulnerability

It was discovered that the Apache HTTP Server incorrectly handled certain handlers configured via AddType. A remote attacker could possibly use this issue to obtain source code...

5.3CVSS7.1AI score0.04134EPSS
Exploits3
Ubuntu
Ubuntu
•added 2024/07/16 11:47 a.m.•84 views

USN-6896-2: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

9.1CVSS7.5AI score0.01635EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/03/19 9:0 p.m.•84 views

USN-6702-1: Linux kernel vulnerabilities

It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service system crash. CVE-2023-23000 It was discovered that the ARM Mali Display Processor...

7.8CVSS7.5AI score0.28058EPSS
Exploits16
Ubuntu
Ubuntu
•added 2024/03/04 11:9 a.m.•85 views

USN-6672-1: Node.js vulnerabilities

Morgan Jones discovered that Node.js incorrectly handled certain inputs that leads to false positive errors during some cryptographic operations. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a...

7.5CVSS6.8AI score0.73461EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/11/22 2:55 p.m.•84 views

USN-6506-1: Apache HTTP Server vulnerabilities

David Shoon discovered that the Apache HTTP Server modmacro module incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. CVE-2023-31122 Prof. Sven Dietrich, Isa Jafarov, Prof. Heejo Lee, and...

7.5CVSS7.5AI score0.70595EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/10/10 3:9 p.m.•84 views

USN-6426-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS8.2AI score0.29179EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/09/19 4:45 p.m.•84 views

USN-6383-1: Linux kernel vulnerabilities

Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. CVE-2023-20588 It was discovered...

7.8CVSS7.3AI score0.12405EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/14 3:30 a.m.•84 views

USN-6368-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

8.8CVSS8AI score0.99694EPSS
Exploits9
Ubuntu
Ubuntu
•added 2023/05/31 11:38 a.m.•84 views

USN-6126-1: libvirt vulnerabilities

It was discovered that libvirt incorrectly handled the nwfilter driver. A local attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS. CVE-2022-0897 It was discovered that libvirt incorrectly handled queries f...

5.5CVSS6.5AI score0.01024EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/30 2:32 p.m.•84 views

USN-6120-1: SpiderMonkey vulnerabilities

Several security issues were discovered in the SpiderMonkey JavaScript library. If a user were tricked into opening malicious JavaScript applications or processing malformed data, a remote attacker could exploit a variety of issues related to JavaScript security, including denial of service...

8.8CVSS7.7AI score0.00753EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/04/25 1:25 p.m.•84 views

USN-6040-1: Linux kernel (HWE) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 It was discovered that the OverlayFS...

7.8CVSS7.6AI score0.0788EPSS
Exploits15
Ubuntu
Ubuntu
•added 2023/04/11 7:56 p.m.•84 views

USN-6008-1: Exo vulnerability

It was discovered that Exo did not properly sanitized desktop files. A remote attacker could possibly use this issue to to cause a crash or arbitrary code execution...

8.8CVSS8AI score0.0151EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/03/29 1:52 p.m.•84 views

USN-5983-1: Nette vulnerability

Cyku Hong discovered that Nette was not properly handling and validating data used for code generation. A remote attacker could possibly use this issue to execute arbitrary code...

9.8CVSS8.8AI score0.35228EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/03/27 10:49 p.m.•84 views

USN-5978-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 It was discovered that the KVM VMX...

8.8CVSS7.1AI score0.01016EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/03/13 10:57 a.m.•84 views

USN-5946-1: XStream vulnerabilities

Lai Han discovered that XStream incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04...

8.8CVSS7.5AI score0.98124EPSS
Exploits17
Ubuntu
Ubuntu
•added 2023/03/03 3:54 p.m.•84 views

USN-5918-1: Linux kernel (BlueField) vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.4AI score0.21314EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/01/10 9:58 p.m.•84 views

USN-5793-3: Linux kernel vulnerabilities

It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-3910 ...

7.8CVSS7AI score0.01429EPSS
Exploits5
Ubuntu
Ubuntu
•added 2022/08/22 12:37 p.m.•84 views

USN-5575-1: Libxslt vulnerabilities

Nicolas Grégoire discovered that Libxslt incorrectly handled certain XML. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. CVE-2019-5815 Alexey Neyman incorrectly handled certain HTML pages. An attacker...

8.8CVSS7.7AI score0.21623EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/06/16 10:12 a.m.•84 views

LSN-0087-1: Kernel Live Patch Security Notice

Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary...

7.2AI score
Exploits6
Ubuntu
Ubuntu
•added 2022/05/30 3:29 p.m.•84 views

USN-5446-2: dpkg vulnerability

USN-5446-1 fixed a vulnerability in dpkg. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Max Justicz discovered that dpkg incorrectly handled unpacking certain source packages. If a user or an automated system were tricked into unpacking a specially...

9.8CVSS8.3AI score0.02871EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/04/25 3:37 p.m.•84 views

USN-5376-2: Git vulnerability

USN-5376-1 fixed vulnerabilities in Git. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: 俞晨东 discovered that Git incorrectly handled certain repository paths in platforms with multiple users support. An attacker could possibly use this issue to run...

7.8CVSS7.7AI score0.00782EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/02/08 9:1 p.m.•84 views

USN-5223-2: Apache Log4j 1.2 vulnerability

USN-5223-1 fixed a vulnerability in Apache Log4j 1.2. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Apache Log4j 1.2 was vulnerable to deserialization of untrusted data if the configuration file was editable. An attacker coul...

7.5CVSS8.1AI score0.81147EPSS
Exploits9
Ubuntu
Ubuntu
•added 2022/01/19 12:42 p.m.•84 views

USN-5233-2: ClamAV vulnerability

USN-5233-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that ClamAV incorrectly handled memory when the CLSCANGENERALCOLLECTMETADATA scan option was enabled. A remote attacker...

7.5CVSS7.2AI score0.03061EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/02/09 5:6 p.m.•84 views

USN-4726-1: OpenJDK vulnerability

It was discovered that OpenJDK incorrectly handled the direct buffering of characters. An attacker could use this issue to cause OpenJDK to crash, resulting in a denial of service, or cause other unspecified impact...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/10/05 1:32 p.m.•84 views

USN-4569-1: Yaws vulnerabilities

It was discovered that Yaws did not properly sanitize XML input. A remote attacker could use this vulnerability to execute an XML External Entity XXE injection attack. CVE-2020-24379 It was discovered that Yaws mishandled certain input when running CGI scripts. A remote attacker could use this...

10CVSS8.4AI score0.17374EPSS
Exploits4
Ubuntu
Ubuntu
•added 2020/08/19 5:1 p.m.•84 views

USN-4467-1: QEMU vulnerabilities

Ziming Zhang and VictorV discovered that the QEMU SLiRP networking implementation incorrectly handled replying to certain ICMP echo requests. An attacker inside a guest could possibly use this issue to leak host memory to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS...

6.8CVSS6.8AI score0.02409EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/08/10 7:10 p.m.•84 views

USN-4454-2: Samba vulnerability

USN-4454-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Martin von Wittich and Wilko Meyer discovered that Samba incorrectly handled certain empty UDP packets when being used as a AD DC NBT...

7.5CVSS7.9AI score0.03539EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/08/04 11:54 p.m.•84 views

USN-4432-2: GRUB2 regression

USN-4432-1 fixed vulnerabilities in GRUB2 affecting Secure Boot environments. Unfortunately, the update introduced regressions for some BIOS systems either pre-UEFI or UEFI configured in Legacy mode, preventing them from successfully booting. This update addresses the issue. Users with BIOS syste...

8.1AI score
Exploits0References2
Ubuntu
Ubuntu
•added 2020/06/09 6:42 p.m.•84 views

USN-4385-1: Intel Microcode vulnerabilities

It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use th...

5.5CVSS6.8AI score0.00587EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2020/06/05 5:9 p.m.•84 views

USN-4384-1: GnuTLS vulnerability

It was discovered that GnuTLS incorrectly handled session ticket encryption keys. A remote attacker could possibly use this issue to bypass authentication or recover sensitive information...

7.4CVSS7.4AI score0.17507EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/06/04 12:57 p.m.•84 views

USN-4381-2: Django vulnerabilities

USN-4381-1 fixed several vulnerabilities in Django. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Dan Palmer discovered that Django incorrectly validated memcached cache keys. A remote attacker could possibly use this issue to cause a denial of...

6.1CVSS6.7AI score0.0609EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/03/30 6:10 p.m.•84 views

USN-4313-1: Linux kernel vulnerability

Manfred Paul discovered that the bpf verifier in the Linux kernel did not properly calculate register bounds for certain operations. A local attacker could use this to expose sensitive information kernel memory or gain administrative privileges...

7.8CVSS7.1AI score0.0606EPSS
Exploits9
Ubuntu
Ubuntu
•added 2020/02/18 4:56 p.m.•84 views

USN-4283-1: QEMU vulnerabilities

Felipe Franciosi, Raphael Norwitz, and Peter Turschmid discovered that QEMU incorrectly handled iSCSI server responses. A remote attacker in control of the iSCSI server could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code. CVE-2020-1711 I...

7.7CVSS7.5AI score0.04018EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/12/09 10:54 p.m.•84 views

USN-4216-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code...

8.8CVSS7.7AI score0.02994EPSS
Exploits4
Ubuntu
Ubuntu
•added 2019/09/03 8:59 p.m.•84 views

USN-4121-1: Samba vulnerability

Stefan Metzmacher discovered that the Samba SMB server did not properly prevent clients from escaping outside the share root directory in some situations. An attacker could use this to gain access to files outside of the Samba share, where allowed by the permissions of the underlying filesystem...

9.1CVSS7.5AI score0.03182EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/08/24 12:46 a.m.•84 views

USN-3753-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3753-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the generic SCSI driver in the Linux kernel did not properly...

7.8CVSS7.3AI score0.02342EPSS
Exploits8
Ubuntu
Ubuntu
•added 2018/05/29 12:48 p.m.•84 views

USN-3661-1: Batik vulnerability

It was discovered that Batik incorrectly handled certain XML. An attacker could possibly use this to expose sensitive information...

9.8CVSS8.2AI score0.19523EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/05/23 2:38 p.m.•84 views

USN-3658-1: procps-ng vulnerabilities

It was discovered that the procps-ng top utility incorrectly read its configuration file from the current working directory. A local attacker could possibly use this issue to escalate privileges. CVE-2018-1122 It was discovered that the procps-ng ps tool incorrectly handled memory. A local user...

9.8CVSS7.3AI score0.09081EPSS
Exploits9
Ubuntu
Ubuntu
•added 2018/05/22 3:30 a.m.•84 views

USN-3652-1: Linux kernel vulnerability

Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memor...

5.5CVSS7.1AI score0.60631EPSS
Exploits2References1
Ubuntu
Ubuntu
•added 2018/04/05 1:23 a.m.•84 views

USN-3620-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3620-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jann Horn discovered that microprocessors utilizing speculative execution and branch...

10CVSS7.7AI score0.74041EPSS
Exploits9
Ubuntu
Ubuntu
•added 2017/11/08 7:48 a.m.•84 views

USN-3473-1: OpenJDK 8 vulnerabilities

It was discovered that the Smart Card IO subsystem in OpenJDK did not properly maintain state. An attacker could use this to specially construct an untrusted Java application or applet to gain access to a smart card, bypassing sandbox restrictions. CVE-2017-10274 Gaston Traberg discovered that th...

9.6CVSS6.5AI score0.16181EPSS
Exploits2
Ubuntu
Ubuntu
•added 2017/10/11 12:7 p.m.•84 views

USN-3452-1: Ceph vulnerabilities

It was discovered that Ceph incorrectly handled the handlecommand function. A remote authenticated user could use this issue to cause Ceph to crash, resulting in a denial of service. CVE-2016-5009 Rahul Aggarwal discovered that Ceph incorrectly handled the authenticated-read ACL. A remote attacke...

7.5CVSS6.2AI score0.04396EPSS
Exploits2
Ubuntu
Ubuntu
•added 2016/12/19 5:34 p.m.•84 views

USN-3158-1: Samba vulnerabilities

Frederic Besler and others discovered that the ndrpulldnspnam function in Samba contained an integer overflow. An authenticated attacker could use this to gain administrative privileges. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 16.10. CVE-2016-2123 Simo Sorce...

8.8CVSS6.7AI score0.09199EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/10/20 3:11 a.m.•84 views

USN-3106-3: Linux kernel (Raspberry Pi 2) vulnerability

It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges...

7.2CVSS7.6AI score0.83524EPSS
Exploits81
Ubuntu
Ubuntu
•added 2016/06/27 9:11 p.m.•84 views

USN-3018-1: Linux kernel vulnerabilities

Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPTSOSETREPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service system crash or execute...

7.8CVSS7AI score0.05676EPSS
Exploits15
Ubuntu
Ubuntu
•added 2016/06/06 3:26 p.m.•84 views

USN-2992-1: Oxide vulnerabilities

An unspecified security issue was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. CVE-2016-1673 An issue was discovered with Document reattachment in Blink in some circumstances. ...

8.8CVSS7.5AI score0.03094EPSS
Exploits3
Ubuntu
Ubuntu
•added 2016/05/16 7:1 p.m.•84 views

USN-2979-3: Linux kernel (Raspberry Pi 2) vulnerability

Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

7.8CVSS7.3AI score0.00397EPSS
Exploits0
Total number of security vulnerabilities5000