Lucene search
K
UbuntuMost viewed

10890 matches found

Ubuntu
Ubuntu
added 2012/10/12 6:37 p.m.84 views

USN-1611-1: Thunderbird vulnerabilities

Henrik Skupin, Jesse Ruderman, Christian Holler, Soroush Dalili and others discovered several memory corruption flaws in Thunderbird. If a user were tricked into opening a malicious website and had JavaScript enabled, an attacker could exploit these to execute arbitrary JavaScript code within the...

10CVSS8.9AI score0.42609EPSS
Exploits8References2
Ubuntu
Ubuntu
added 2012/09/19 9:44 p.m.84 views

USN-1575-1: Linux kernel (Oneiric backport) vulnerabilities

Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO TCP segment offload. A local or peer user could exploit this flaw to to cause a denial of service. CVE-2012-3412 Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS...

7.8CVSS6.6AI score0.06158EPSS
Exploits3
Ubuntu
Ubuntu
added 2012/04/12 6:31 p.m.84 views

USN-1421-1: Linux kernel (Maverick backport) vulnerabilities

Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. CVE-2011-4347 Stephan Bärwolf discovered a flaw in the KVM kernel-based virtual machin...

7.8CVSS6.5AI score0.01014EPSS
Exploits4
Ubuntu
Ubuntu
added 2012/03/06 6:38 p.m.84 views

USN-1388-1: Linux kernel (EC2) vulnerabilities

Paolo Bonzini discovered a flaw in Linux's handling of the SGIO ioctl command. A local user, or user in a VM could exploit this flaw to bypass restrictions and gain read/write access to all data on the affected block device. CVE-2011-4127 A flaw was found in KVM's Programmable Interval Timer PIT...

7.1CVSS6.8AI score0.02678EPSS
Exploits5
Ubuntu
Ubuntu
added 2011/11/24 2:34 p.m.84 views

USN-1279-1: Linux (Natty backport) vulnerabilities

Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. CVE-2011-2183 Vasily Averin discovered that the NFS Lock Manager NLM incorrectly handled unlock requests. A...

7.2CVSS7.6AI score0.00541EPSS
Exploits2
Ubuntu
Ubuntu
added 2011/10/25 1:1 p.m.84 views

USN-1242-1: Linux kernel (Maverick backport) vulnerabilities

It was discovered that the security fix for CVE-2010-4250 introduced a regression. A remote attacker could exploit this to crash the system, leading to a denial of service. CVE-2011-1479 Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit...

9.1CVSS7.8AI score0.05689EPSS
Exploits5
Ubuntu
Ubuntu
added 2011/10/12 12:25 p.m.84 views

USN-1228-1: Linux kernel (OMAP4) vulnerabilities

Timo Warns discovered that the EFI GUID partition table was not correctly parsed. A physically local attacker that could insert mountable devices could exploit this to crash the system or possibly gain root privileges. CVE-2011-1776 Dan Rosenberg discovered that the IPv4 diagnostic routines did n...

9.1CVSS7.9AI score0.05689EPSS
Exploits5
Ubuntu
Ubuntu
added 2011/07/13 8:31 p.m.84 views

USN-1161-1: Linux kernel vulnerabilities (EC2)

Vasiliy Kulikov discovered that kvm did not correctly clear memory. A local attacker could exploit this to read portions of the kernel stack, leading to a loss of privacy. CVE-2010-3881 Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By...

7.8CVSS6.7AI score0.04364EPSS
Exploits8
Ubuntu
Ubuntu
added 2011/06/23 7:36 p.m.84 views

USN-1157-3: Firefox regression

USN-1157-1 fixed vulnerabilities in Firefox. Unfortunately, this update produced the side effect of pulling in Firefox on some systems that did not have it installed during a dist-upgrade due to changes in the Ubuntu language packs. This update fixes the problem. We apologize for the inconvenienc...

8.8AI score0.75691EPSS
Exploits21References1
Ubuntu
Ubuntu
added 2011/03/07 10:33 p.m.84 views

USN-1049-2: Firefox and Xulrunner regression

USN-1049-1 fixed vulnerabilities in Firefox and Xulrunner. That update introduced a regression where some Java applets would fail to load. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff...

9.2AI score
Exploits0References1
Ubuntu
Ubuntu
added 2010/04/15 4:15 p.m.84 views

USN-928-1: Sudo vulnerability

Valerio Costamagna discovered that sudo did not properly validate the path for the 'sudoedit' pseudo-command when the PATH contained only a dot '.'. If securepath and ignoredot were disabled, a local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the...

8AI score
Exploits0References1
Ubuntu
Ubuntu
added 2009/03/19 10:26 p.m.84 views

USN-741-1: Thunderbird vulnerabilities

Several flaws were discovered in the browser engine. If Javascript were enabled, an attacker could exploit these flaws to crash Thunderbird and possibly execute arbitrary code with user privileges. CVE-2009-0352 Jesse Ruderman and Gary Kwong discovered flaws in the browser engine. If a user had...

10CVSS9AI score0.04331EPSS
Exploits0
Ubuntu
Ubuntu
added 2008/02/08 2:4 a.m.84 views

USN-576-1: Firefox vulnerabilities

Various flaws were discovered in the browser and JavaScript engine. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user's privileges. CVE-2008-0412, CVE-2008-0413 Flaws were discovered in the file upload form control. A malicious website...

9.3CVSS8.4AI score0.08633EPSS
Exploits6
Ubuntu
Ubuntu
added 2007/03/08 7:4 a.m.84 views

USN-432-1: GnuPG vulnerability

Gerardo Richarte from Core Security Technologies discovered that when gnupg is used without --status-fd, there is no way to distinguish initial unsigned messages from a following signed message. An attacker could inject an unsigned message, which could fool the user into thinking the message was...

5CVSS5.4AI score0.05359EPSS
Exploits0
Ubuntu
Ubuntu
added 2006/10/10 11:15 p.m.84 views

USN-361-1: Mozilla vulnerabilities

Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious URL. CVE-2006-2788, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3809, CVE-2006-3811, CVE-2006-4565, CVE-2006-4568, CVE-2006-4571 A bug was...

10CVSS7.9AI score0.0747EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/04/08 11:46 a.m.83 views

USN-7424-1: Expat vulnerability

It was discovered that Expat could crash due to stack overflow when processing XML documents with deeply nested entity references. If a user or automated system were tricked into processing specially crafted XML input, an attacker could use this issue to cause a denial of service...

7.5CVSS6.8AI score0.01569EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/04/03 12:17 p.m.83 views

USN-7412-1: GnuPG vulnerability

It was discovered that GnuPG incorrectly handled importing keys with certain crafted subkey data. If a user or automated system were tricked into importing a specially crafted key, a remote attacker may prevent users from importing other keys in the future...

4.7CVSS4.9AI score0.00179EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/03/24 7:24 p.m.83 views

USN-7369-1: elfutils vulnerabilities

It was discovered that readelf from elfutils could be made to read out of bounds. If a user or automated system were tricked into running readelf on a specially crafted file, an attacker could cause readelf to crash, resulting in a denial of service. This issue only affected Ubuntu 24.04 LTS...

7.8CVSS5.8AI score0.00327EPSS
Exploits4
Ubuntu
Ubuntu
added 2025/02/20 6:1 p.m.83 views

USN-7281-1: GnuTLS vulnerability

Bing Shi discovered that GnuTLS incorrectly handled decoding certain DER-encoded certificates. A remote attacker could possibly use this issue to cause GnuTLS to consume resources, leading to a denial of service...

5.3CVSS6.8AI score0.01193EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/02/20 5:46 p.m.83 views

USN-7279-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS7AI score0.02902EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/31 4:1 p.m.83 views

USN-6938-1: Linux kernel vulnerabilities

It was discovered that the device input subsystem in the Linux kernel did not properly handle the case when an event code falls outside of a bitmap. A local attacker could use this to cause a denial of service system crash. CVE-2022-48619 黄思聪 discovered that the NFC Controller Interface NCI...

7.8CVSS7.2AI score0.00829EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/01/15 6:31 p.m.83 views

USN-6585-1: libssh2 vulnerability

Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being...

5.9CVSS7AI score0.9378EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/11/27 2:15 p.m.83 views

USN-6517-1: Perl vulnerabilities

It was discovered that Perl incorrectly handled printing certain warning messages. An attacker could possibly use this issue to cause Perl to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS. CVE-2022-48522 Nathan Mills discovered that Perl incorrectly...

9.8CVSS7AI score0.02046EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/10/10 6:18 p.m.83 views

USN-6427-1: .NET vulnerability

It was discovered that the .NET Kestrel web server did not properly handle HTTP/2 requests. A remote attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.2AI score0.99999EPSS
Exploits19
Ubuntu
Ubuntu
added 2023/09/13 2:54 p.m.83 views

USN-6365-1: Open VM Tools vulnerability

It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker could possibly use this issue to bypass SAML token signature verification and perform VMware Tools Guest Operations...

7.5CVSS7AI score0.01193EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/07/28 1:46 p.m.83 views

USN-6261-1: Linux kernel (IoT) vulnerabilities

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-3090 Sh...

7.8CVSS7.7AI score0.08894EPSS
Exploits15
Ubuntu
Ubuntu
added 2023/07/25 10:0 p.m.83 views

USN-6249-1: Linux kernel (OEM) vulnerabilities

Ruihan Li discovered that the memory management subsystem in the Linux kernel contained a race condition when accessing VMAs in certain conditions, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service system crash or execute arbitrary...

7.8CVSS7.4AI score0.01564EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/06/07 10:7 a.m.83 views

USN-6028-2: libxml2 vulnerabilities

USN-6028-1 fixed vulnerabilities in libxml2. This update provides the corresponding updates for Ubuntu 23.04. Original advisory details: It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash. CVE-2022-2309 It was discovere...

7.5CVSS6.6AI score0.02462EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/05/30 5:40 p.m.83 views

USN-6124-1: Linux kernel (OEM) vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS7.2AI score0.12966EPSS
Exploits7
Ubuntu
Ubuntu
added 2023/04/03 1:2 p.m.83 views

USN-5993-1: Samba vulnerabilities

Demi Marie Obenour discovered that the Samba LDAP server incorrectly handled certain confidential attribute values. A remote authenticated attacker could possibly use this issue to obtain certain sensitive information. CVE-2023-0614 Andrew Bartlett discovered that the Samba AD DC admin tool...

7.7CVSS6.8AI score0.00567EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/03/13 10:57 a.m.83 views

USN-5946-1: XStream vulnerabilities

Lai Han discovered that XStream incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04...

8.8CVSS7.5AI score0.98124EPSS
Exploits17
Ubuntu
Ubuntu
added 2023/03/08 5:41 p.m.83 views

USN-5938-1: Linux kernel (GKE) vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

7.8CVSS7.3AI score0.06346EPSS
Exploits8
Ubuntu
Ubuntu
added 2023/03/02 11:42 a.m.83 views

USN-5904-1: SoX vulnerabilities

Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ES...

10CVSS7.1AI score0.02211EPSS
Exploits8
Ubuntu
Ubuntu
added 2023/02/07 8:6 p.m.83 views

USN-5845-2: OpenSSL vulnerabilities

USN-5845-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this...

7.5CVSS8.1AI score0.59501EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/25 5:56 p.m.83 views

USN-5827-1: Bind vulnerabilities

Rob Schulhof discovered that Bind incorrectly handled a large number of UPDATE messages. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service. CVE-2022-3094 Borja Marcos discovered that Bind incorrectly handled certain RRSIG queries....

7.5CVSS7.4AI score0.5017EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/19 8:7 p.m.83 views

USN-5815-1: Linux kernel (BlueField) vulnerabilities

It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20421 David Leadbeater...

7.8CVSS7.2AI score0.01417EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/01/10 8:10 p.m.84 views

USN-5791-3: Linux kernel (Azure) vulnerabilities

It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20421 David Leadbeater...

7.8CVSS7.2AI score0.01417EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/12/12 4:34 p.m.83 views

USN-5774-1: Linux kernel (Azure) vulnerabilities

Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-427...

7.8CVSS6.7AI score0.02211EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/11/17 1:14 p.m.83 views

USN-5731-1: multipath-tools vulnerabilities

It was discovered that multipath-tools incorrectly handled symlinks. A local attacker could possibly use this issue, in combination with other issues, to escalate privileges. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. CVE-2022-41973 It was discovered that...

7.8CVSS7.5AI score0.00658EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/11/01 4:24 p.m.83 views

USN-5710-1: OpenSSL vulnerabilities

It was discovered that OpenSSL incorrectly handled certain X.509 Email Addresses. If a certificate authority were tricked into signing a specially-crafted certificate, a remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. The default compiler...

7.5CVSS7.1AI score0.91153EPSS
Exploits6
Ubuntu
Ubuntu
added 2022/08/22 12:37 p.m.84 views

USN-5575-1: Libxslt vulnerabilities

Nicolas Grégoire discovered that Libxslt incorrectly handled certain XML. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. CVE-2019-5815 Alexey Neyman incorrectly handled certain HTML pages. An attacker...

8.8CVSS7.7AI score0.21623EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/08/17 10:44 p.m.83 views

USN-5570-1: zlib vulnerability

Evgeny Legerov discovered that zlib incorrectly handled memory when performing certain inflate operations. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.2AI score0.1593EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/08/04 3:24 p.m.83 views

USN-5546-1: OpenJDK vulnerabilities

Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17 and OpenJDK 18. CVE-2022-21449 It was discovered that OpenJDK incorrectly limited memo...

7.5CVSS7.2AI score0.46677EPSS
Exploits8
Ubuntu
Ubuntu
added 2021/12/09 6:55 p.m.83 views

USN-5186-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct spoofing attacks, bypass CSP restrictions, or execute arbitrary cod...

8.8CVSS7.5AI score0.0202EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/11/15 1:47 p.m.83 views

USN-5147-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled permissions on the .swp file. A local attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 14.04 ESM. CVE-2017-17087 It was discovered that Vim incorrectly handled restricted mode. A local attacker...

7.8CVSS7.1AI score0.01589EPSS
Exploits4
Ubuntu
Ubuntu
added 2021/03/15 10:6 p.m.83 views

USN-4825-1: Coin3D vulnerability

USN-3356-1 fix a vulnerability in Expat. This update provides the corresponding update for Coin3D for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM...

7.5CVSS8AI score0.08739EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/03/08 6:6 p.m.83 views

USN-4733-2: GNOME Autoar regression

USN-4733-1 fixed a vulnerability in GNOME Autoar. The upstream fix introduced a regression when extracting archives containing directories. This update fixes the problem. Original advisory details: Yiğit Can Yılmaz discovered that GNOME Autoar could extract files outside of the intended directory...

5.8AI score
Exploits0References1
Ubuntu
Ubuntu
added 2020/08/27 3:45 p.m.83 views

USN-4476-1: NSS vulnerability

It was discovered that NSS incorrectly handled some inputs. An attacker could possibly use this issue to expose sensitive information...

9.1CVSS7.4AI score0.01541EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/08/19 5:1 p.m.83 views

USN-4467-1: QEMU vulnerabilities

Ziming Zhang and VictorV discovered that the QEMU SLiRP networking implementation incorrectly handled replying to certain ICMP echo requests. An attacker inside a guest could possibly use this issue to leak host memory to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS...

6.8CVSS6.8AI score0.02409EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/06/09 6:42 p.m.83 views

USN-4385-1: Intel Microcode vulnerabilities

It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use th...

5.5CVSS6.8AI score0.00587EPSS
Exploits0References1
Total number of security vulnerabilities5000