Lucene search
K
UbuntuMost viewed

10905 matches found

Ubuntu
Ubuntu
added 2024/07/31 4:1 p.m.83 views

USN-6938-1: Linux kernel vulnerabilities

It was discovered that the device input subsystem in the Linux kernel did not properly handle the case when an event code falls outside of a bitmap. A local attacker could use this to cause a denial of service system crash. CVE-2022-48619 黄思聪 discovered that the NFC Controller Interface NCI...

7.8CVSS7.2AI score0.00829EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/10 5:51 a.m.83 views

USN-6890-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2024-6601, CVE-2024-6604,...

9.8CVSS7.7AI score0.00977EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/02/08 12:9 a.m.83 views

USN-6626-1: Linux kernel vulnerabilities

Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-32250, CVE-2023-32252, CVE-2023-32257...

9CVSS7.2AI score0.0406EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/01/15 6:31 p.m.83 views

USN-6585-1: libssh2 vulnerability

Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being...

5.9CVSS7AI score0.9378EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/11/27 2:15 p.m.83 views

USN-6517-1: Perl vulnerabilities

It was discovered that Perl incorrectly handled printing certain warning messages. An attacker could possibly use this issue to cause Perl to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS. CVE-2022-48522 Nathan Mills discovered that Perl incorrectly...

9.8CVSS7AI score0.02046EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/10/10 6:18 p.m.83 views

USN-6427-1: .NET vulnerability

It was discovered that the .NET Kestrel web server did not properly handle HTTP/2 requests. A remote attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.2AI score0.99999EPSS
Exploits19
Ubuntu
Ubuntu
added 2023/09/13 2:54 p.m.83 views

USN-6365-1: Open VM Tools vulnerability

It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker could possibly use this issue to bypass SAML token signature verification and perform VMware Tools Guest Operations...

7.5CVSS7AI score0.01193EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/07/28 1:46 p.m.83 views

USN-6261-1: Linux kernel (IoT) vulnerabilities

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-3090 Sh...

7.8CVSS7.7AI score0.08894EPSS
Exploits15
Ubuntu
Ubuntu
added 2023/07/26 3:15 p.m.83 views

USN-6252-1: Linux kernel vulnerabilities

It was discovered that the ext4 file system implementation in the Linux kernel contained a use-after-free vulnerability. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service system crash. CVE-2022-1184 It was discovered tha...

7.8CVSS7.1AI score0.01508EPSS
Exploits5
Ubuntu
Ubuntu
added 2023/07/25 10:0 p.m.83 views

USN-6249-1: Linux kernel (OEM) vulnerabilities

Ruihan Li discovered that the memory management subsystem in the Linux kernel contained a race condition when accessing VMAs in certain conditions, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service system crash or execute arbitrary...

7.8CVSS7.4AI score0.01484EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/06/07 10:7 a.m.83 views

USN-6028-2: libxml2 vulnerabilities

USN-6028-1 fixed vulnerabilities in libxml2. This update provides the corresponding updates for Ubuntu 23.04. Original advisory details: It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash. CVE-2022-2309 It was discovere...

7.5CVSS6.6AI score0.02462EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/04/13 3:49 a.m.83 views

USN-6015-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

8.8CVSS7.8AI score0.00901EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/04/04 8:58 a.m.83 views

USN-5995-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS...

8.4CVSS7AI score0.02098EPSS
Exploits30
Ubuntu
Ubuntu
added 2023/04/03 1:2 p.m.83 views

USN-5993-1: Samba vulnerabilities

Demi Marie Obenour discovered that the Samba LDAP server incorrectly handled certain confidential attribute values. A remote authenticated attacker could possibly use this issue to obtain certain sensitive information. CVE-2023-0614 Andrew Bartlett discovered that the Samba AD DC admin tool...

7.7CVSS6.8AI score0.00567EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/03/08 5:41 p.m.83 views

USN-5938-1: Linux kernel (GKE) vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

7.8CVSS7.3AI score0.06346EPSS
Exploits8
Ubuntu
Ubuntu
added 2023/03/02 11:42 a.m.83 views

USN-5904-1: SoX vulnerabilities

Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ES...

10CVSS7.1AI score0.02211EPSS
Exploits8
Ubuntu
Ubuntu
added 2023/02/07 8:6 p.m.83 views

USN-5845-2: OpenSSL vulnerabilities

USN-5845-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this...

7.5CVSS8.1AI score0.59501EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/25 5:56 p.m.83 views

USN-5827-1: Bind vulnerabilities

Rob Schulhof discovered that Bind incorrectly handled a large number of UPDATE messages. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service. CVE-2022-3094 Borja Marcos discovered that Bind incorrectly handled certain RRSIG queries....

7.5CVSS7.4AI score0.5017EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/19 8:7 p.m.83 views

USN-5815-1: Linux kernel (BlueField) vulnerabilities

It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20421 David Leadbeater...

7.8CVSS7.2AI score0.01429EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/01/10 8:10 p.m.84 views

USN-5791-3: Linux kernel (Azure) vulnerabilities

It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20421 David Leadbeater...

7.8CVSS7.2AI score0.01429EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/12/12 4:34 p.m.83 views

USN-5774-1: Linux kernel (Azure) vulnerabilities

Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-427...

7.8CVSS6.7AI score0.02211EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/11/17 1:14 p.m.83 views

USN-5731-1: multipath-tools vulnerabilities

It was discovered that multipath-tools incorrectly handled symlinks. A local attacker could possibly use this issue, in combination with other issues, to escalate privileges. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. CVE-2022-41973 It was discovered that...

7.8CVSS7.5AI score0.00658EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/11/01 4:24 p.m.83 views

USN-5710-1: OpenSSL vulnerabilities

It was discovered that OpenSSL incorrectly handled certain X.509 Email Addresses. If a certificate authority were tricked into signing a specially-crafted certificate, a remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. The default compiler...

7.5CVSS7.1AI score0.92488EPSS
Exploits6
Ubuntu
Ubuntu
added 2022/08/17 10:44 p.m.83 views

USN-5570-1: zlib vulnerability

Evgeny Legerov discovered that zlib incorrectly handled memory when performing certain inflate operations. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.2AI score0.1593EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/08/04 3:24 p.m.83 views

USN-5546-1: OpenJDK vulnerabilities

Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17 and OpenJDK 18. CVE-2022-21449 It was discovered that OpenJDK incorrectly limited memo...

7.5CVSS7.2AI score0.48235EPSS
Exploits8
Ubuntu
Ubuntu
added 2022/06/08 11:54 a.m.83 views

USN-5472-1: FFmpeg vulnerabilities

It was discovered that FFmpeg would attempt to divide by zero when using Linear Predictive Coding LPC or AAC codecs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. CVE-2020-20445, CVE-2020-20446...

9.8CVSS7.4AI score0.0269EPSS
Exploits30
Ubuntu
Ubuntu
added 2021/12/09 6:55 p.m.83 views

USN-5186-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct spoofing attacks, bypass CSP restrictions, or execute arbitrary cod...

8.8CVSS7.5AI score0.0202EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/11/15 1:47 p.m.83 views

USN-5147-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled permissions on the .swp file. A local attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 14.04 ESM. CVE-2017-17087 It was discovered that Vim incorrectly handled restricted mode. A local attacker...

7.8CVSS7.1AI score0.01589EPSS
Exploits4
Ubuntu
Ubuntu
added 2021/03/15 10:6 p.m.83 views

USN-4825-1: Coin3D vulnerability

USN-3356-1 fix a vulnerability in Expat. This update provides the corresponding update for Coin3D for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM...

7.5CVSS8AI score0.08739EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/11/12 1:22 p.m.83 views

USN-4171-6: Apport regression

USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression when handling configuration files. This update fixes the problem, and also introduces further hardening measures. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings file as...

5.7AI score
Exploits0References1
Ubuntu
Ubuntu
added 2020/09/09 4:33 p.m.83 views

USN-4488-2: X.Org X Server vulnerabilities

USN-4488-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update and also the update from USN-4490-1 for Ubuntu 14.04 ESM. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the input extension protocol. A local attack...

7.8CVSS7AI score0.00629EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/08/27 3:45 p.m.83 views

USN-4476-1: NSS vulnerability

It was discovered that NSS incorrectly handled some inputs. An attacker could possibly use this issue to expose sensitive information...

9.1CVSS7.4AI score0.01541EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/01/23 3:11 p.m.83 views

USN-4247-3: python-apt vulnerabilities

USN-4247-1 fixed several vulnerabilities in python-apt. This update provides the corresponding updates for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker...

4.7CVSS5.1AI score0.00496EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/01/13 3:46 p.m.83 views

USN-4237-1: SpamAssassin vulnerabilities

It was discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially-crafted CF file, a remote attacker could possibly run arbitrary code. CVE-2018-11805 It was discovered that SpamAssassin incorrectly handled certain messages...

7.5CVSS6.9AI score0.07234EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/11/12 10:4 p.m.83 views

USN-4182-2: Intel Microcode update

USN-4182-2 provided updates for Intel Microcode. This update provides the corresponding update for Ubuntu 14.04 ESM. Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss...

6.5CVSS7.2AI score0.03133EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2019/07/01 11:2 a.m.83 views

USN-4043-1: Django vulnerabilities

It was discovered that Django incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10 and Ubuntu 19.04. CVE-2019-12308 Gavin Wahl discovered that Django incorrectly handled HTTP detection when...

6.1CVSS7.2AI score0.02563EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/06/26 12:1 p.m.83 views

USN-4038-1: bzip2 vulnerabilities

Aladdin Mubaied discovered that bzip2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2016-3189 It was discovered that bzip2 incorrectly handled certain files. An attacker could possibly use...

9.8CVSS7.4AI score0.15685EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/01/17 12:47 p.m.83 views

USN-3862-1: Irssi vulnerability

It was discovered that Irssi incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service or to execute arbitrary code...

9.8CVSS8.6AI score0.02543EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/09/20 9:18 a.m.83 views

USN-3770-1: Little CMS vulnerabilities

Ibrahim El-Sayed discovered that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. CVE-2016-10165 Quang Nguyen discovered that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to execute...

7.1CVSS6.5AI score0.02772EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/07/02 8:25 p.m.83 views

USN-3698-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3698-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that the nested KVM implementation in the Linux kernel in some...

7.8CVSS7.2AI score0.00694EPSS
Exploits2
Ubuntu
Ubuntu
added 2018/06/11 6:35 p.m.83 views

USN-3674-1: Linux kernel vulnerabilities

It was discovered that the netfilter subsystem of the Linux kernel did not properly validate ebtables offsets. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2018-1068 It was discovered that a NULL pointer dereference existed in t...

7.8CVSS6.8AI score0.01489EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/05/22 10:42 p.m.83 views

USN-3656-1: Linux kernel (Raspberry Pi 2, Snapdragon) vulnerabilities

Tuba Yavuz discovered that a double-free error existed in the USBTV007 driver of the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-17975 It was discovered that a race condition existed in the F2FS implementatio...

7.8CVSS7.1AI score0.00559EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/04/23 11:30 p.m.83 views

USN-3630-1: Linux kernel vulnerability

It was discovered that the Broadcom UniMAC MDIO bus controller driver in the Linux kernel did not properly validate device resources. A local attacker could use this to cause a denial of service system crash...

5.5CVSS6.4AI score0.00412EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/01/29 10:37 p.m.83 views

USN-3529-1: Thunderbird vulnerabilities

It was discovered that a From address encoded with a null character is cut off in the message header display. An attacker could potentially exploit this to spoof the sender address. CVE-2017-7829 It was discovered that it is possible to execute JavaScript in RSS feeds in some circumstances. If a...

9.8CVSS7.7AI score0.07262EPSS
Exploits1
Ubuntu
Ubuntu
added 2017/09/18 10:21 p.m.83 views

USN-3420-1: Linux kernel vulnerabilities

It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2017-1000251 It was discovered that the Flash-Friendly File System...

10CVSS7.5AI score0.16181EPSS
Exploits12
Ubuntu
Ubuntu
added 2017/08/03 5:14 p.m.83 views

USN-3377-2: Linux kernel (HWE) vulnerabilities

USN-3377-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename...

7.8CVSS6.8AI score0.03763EPSS
Exploits3
Ubuntu
Ubuntu
added 2017/06/07 4:52 p.m.83 views

USN-3253-2: Nagios regression

USN-3253-1 fixed vulnerabilities in Nagios. The update prevented log files from being displayed in the web interface. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Nagios incorrectly handled certain long strings. A remote...

7.4AI score
Exploits0References1
Ubuntu
Ubuntu
added 2017/05/17 12:22 a.m.83 views

USN-3291-1: Linux kernel vulnerabilities

Dmitry Vyukov discovered that the generic SCSI sg subsystem in the Linux kernel contained a stack-based buffer overflow. A local attacker with access to an sg device could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-7187 It was discovered that a...

7.8CVSS7.4AI score0.00414EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/02/03 9:34 a.m.83 views

USN-3189-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3189-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Mikulas Patocka discovered that the asynchronous multibuffer cryptographic daemon...

7.6CVSS6.7AI score0.02341EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/02/01 5:56 p.m.83 views

USN-3183-1: GnuTLS vulnerabilities

Stefan Buehler discovered that GnuTLS incorrectly verified the serial length of OCSP responses. A remote attacker could possibly use this issue to bypass certain certificate validation measures. This issue only applied to Ubuntu 16.04 LTS. CVE-2016-7444 Shi Lei discovered that GnuTLS incorrectly...

9.8CVSS7.5AI score0.39657EPSS
Exploits1
Total number of security vulnerabilities5000