Lucene search
K
UbuntuMost viewed

10923 matches found

Ubuntu
Ubuntu
added 2012/10/12 6:37 p.m.84 views

USN-1611-1: Thunderbird vulnerabilities

Henrik Skupin, Jesse Ruderman, Christian Holler, Soroush Dalili and others discovered several memory corruption flaws in Thunderbird. If a user were tricked into opening a malicious website and had JavaScript enabled, an attacker could exploit these to execute arbitrary JavaScript code within the...

10CVSS8.9AI score0.42609EPSS
Exploits8References2
Ubuntu
Ubuntu
added 2012/09/19 9:44 p.m.84 views

USN-1575-1: Linux kernel (Oneiric backport) vulnerabilities

Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO TCP segment offload. A local or peer user could exploit this flaw to to cause a denial of service. CVE-2012-3412 Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS...

7.8CVSS6.6AI score0.06158EPSS
Exploits3
Ubuntu
Ubuntu
added 2012/04/12 6:31 p.m.84 views

USN-1421-1: Linux kernel (Maverick backport) vulnerabilities

Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. CVE-2011-4347 Stephan Bärwolf discovered a flaw in the KVM kernel-based virtual machin...

7.8CVSS6.5AI score0.01014EPSS
Exploits4
Ubuntu
Ubuntu
added 2012/03/06 6:38 p.m.84 views

USN-1388-1: Linux kernel (EC2) vulnerabilities

Paolo Bonzini discovered a flaw in Linux's handling of the SGIO ioctl command. A local user, or user in a VM could exploit this flaw to bypass restrictions and gain read/write access to all data on the affected block device. CVE-2011-4127 A flaw was found in KVM's Programmable Interval Timer PIT...

7.1CVSS6.8AI score0.02678EPSS
Exploits5
Ubuntu
Ubuntu
added 2011/11/24 2:34 p.m.84 views

USN-1279-1: Linux (Natty backport) vulnerabilities

Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. CVE-2011-2183 Vasily Averin discovered that the NFS Lock Manager NLM incorrectly handled unlock requests. A...

7.2CVSS7.6AI score0.00541EPSS
Exploits2
Ubuntu
Ubuntu
added 2011/10/12 12:25 p.m.84 views

USN-1228-1: Linux kernel (OMAP4) vulnerabilities

Timo Warns discovered that the EFI GUID partition table was not correctly parsed. A physically local attacker that could insert mountable devices could exploit this to crash the system or possibly gain root privileges. CVE-2011-1776 Dan Rosenberg discovered that the IPv4 diagnostic routines did n...

9.1CVSS7.9AI score0.05798EPSS
Exploits5
Ubuntu
Ubuntu
added 2011/06/22 8:55 a.m.84 views

USN-1157-1: Firefox vulnerabilities

Bob Clary, Kevin Brosnan, Gary Kwong, Jesse Ruderman, Christian Biesinger, Bas Schouten, Igor Bukanov, Bill McCloskey, Olli Pettay, Daniel Veditz and Marcia Knous discovered multiple memory vulnerabilities in the browser rendering engine. An attacker could possibly execute arbitrary code with the...

10CVSS8.8AI score0.75691EPSS
Exploits22
Ubuntu
Ubuntu
added 2009/07/14 7:8 p.m.84 views

USN-803-1: dhcp vulnerability

It was discovered that the DHCP client as included in dhcp3 did not verify the length of certain option fields when processing a response from an IPv4 dhcp server. If a user running Ubuntu 6.06 LTS or 8.04 LTS connected to a malicious dhcp server, a remote attacker could cause a denial of service...

10CVSS7.6AI score0.2578EPSS
Exploits9
Ubuntu
Ubuntu
added 2008/07/22 4:32 p.m.84 views

USN-627-1: Dnsmasq vulnerability

Dan Kaminsky discovered weaknesses in the DNS protocol as implemented by Dnsmasq. A remote attacker could exploit this to spoof DNS entries and poison DNS caches. Among other things, this could lead to misdirected email and web traffic...

6.8CVSS6.8AI score0.95182EPSS
Exploits20
Ubuntu
Ubuntu
added 2008/06/03 6:17 p.m.84 views

USN-614-1: Linux kernel vulnerabilities

It was discovered that PowerPC kernels did not correctly handle reporting certain system details. By requesting a specific set of information, a local attacker could cause a system crash resulting in a denial of service. CVE-2007-6694 A race condition was discovered between dnotify fcntl and clos...

7.8CVSS5.5AI score0.02589EPSS
Exploits5
Ubuntu
Ubuntu
added 2008/03/19 12:7 a.m.84 views

USN-587-1: Kerberos vulnerabilities

It was discovered that krb5 did not correctly handle certain krb4 requests. An unauthenticated remote attacker could exploit this flaw by sending a specially crafted traffic, which could expose sensitive information, cause a crash, or execute arbitrary code. CVE-2008-0062, CVE-2008-0063 A flaw wa...

10CVSS8.3AI score0.10141EPSS
Exploits1
Ubuntu
Ubuntu
added 2008/02/08 2:4 a.m.84 views

USN-576-1: Firefox vulnerabilities

Various flaws were discovered in the browser and JavaScript engine. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user's privileges. CVE-2008-0412, CVE-2008-0413 Flaws were discovered in the file upload form control. A malicious website...

9.3CVSS8.4AI score0.08633EPSS
Exploits6
Ubuntu
Ubuntu
added 2007/03/08 7:4 a.m.84 views

USN-432-1: GnuPG vulnerability

Gerardo Richarte from Core Security Technologies discovered that when gnupg is used without --status-fd, there is no way to distinguish initial unsigned messages from a following signed message. An attacker could inject an unsigned message, which could fool the user into thinking the message was...

5CVSS5.4AI score0.05359EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/04/08 11:46 a.m.83 views

USN-7424-1: Expat vulnerability

It was discovered that Expat could crash due to stack overflow when processing XML documents with deeply nested entity references. If a user or automated system were tricked into processing specially crafted XML input, an attacker could use this issue to cause a denial of service...

7.5CVSS6.8AI score0.01569EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/04/03 12:17 p.m.83 views

USN-7412-1: GnuPG vulnerability

It was discovered that GnuPG incorrectly handled importing keys with certain crafted subkey data. If a user or automated system were tricked into importing a specially crafted key, a remote attacker may prevent users from importing other keys in the future...

4.7CVSS4.9AI score0.00179EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/03/24 7:24 p.m.83 views

USN-7369-1: elfutils vulnerabilities

It was discovered that readelf from elfutils could be made to read out of bounds. If a user or automated system were tricked into running readelf on a specially crafted file, an attacker could cause readelf to crash, resulting in a denial of service. This issue only affected Ubuntu 24.04 LTS...

7.8CVSS5.8AI score0.00327EPSS
Exploits4
Ubuntu
Ubuntu
added 2025/02/20 6:1 p.m.83 views

USN-7281-1: GnuTLS vulnerability

Bing Shi discovered that GnuTLS incorrectly handled decoding certain DER-encoded certificates. A remote attacker could possibly use this issue to cause GnuTLS to consume resources, leading to a denial of service...

5.3CVSS6.8AI score0.01245EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/02/20 5:46 p.m.83 views

USN-7279-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS7AI score0.02902EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/10 5:51 a.m.83 views

USN-6890-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2024-6601, CVE-2024-6604,...

9.8CVSS7.7AI score0.00977EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/02/08 12:9 a.m.83 views

USN-6626-1: Linux kernel vulnerabilities

Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-32250, CVE-2023-32252, CVE-2023-32257...

9CVSS7.2AI score0.0406EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/01/15 6:31 p.m.83 views

USN-6585-1: libssh2 vulnerability

Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being...

5.9CVSS7AI score0.93305EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/11/27 2:15 p.m.83 views

USN-6517-1: Perl vulnerabilities

It was discovered that Perl incorrectly handled printing certain warning messages. An attacker could possibly use this issue to cause Perl to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS. CVE-2022-48522 Nathan Mills discovered that Perl incorrectly...

9.8CVSS7AI score0.02046EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/10/26 12:36 p.m.83 views

USN-6454-1: Linux kernel vulnerabilities

Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service system crash. CVE-2023-42756 Alex Birnberg discovered that the netfilter subsystem in the Linux...

7.8CVSS6.8AI score0.00396EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/10/19 2:55 p.m.83 views

USN-6416-3: Linux kernel (Raspberry Pi) vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Daniel Trujillo, Johannes Wikner, and Kaveh Razavi...

9.1CVSS8AI score0.54577EPSS
Exploits6
Ubuntu
Ubuntu
added 2023/10/10 6:18 p.m.83 views

USN-6427-1: .NET vulnerability

It was discovered that the .NET Kestrel web server did not properly handle HTTP/2 requests. A remote attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.2AI score0.99999EPSS
Exploits19
Ubuntu
Ubuntu
added 2023/09/13 2:54 p.m.83 views

USN-6365-1: Open VM Tools vulnerability

It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker could possibly use this issue to bypass SAML token signature verification and perform VMware Tools Guest Operations...

7.5CVSS7AI score0.01193EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/07/28 1:46 p.m.83 views

USN-6261-1: Linux kernel (IoT) vulnerabilities

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-3090 Sh...

7.8CVSS7.7AI score0.08894EPSS
Exploits15
Ubuntu
Ubuntu
added 2023/07/26 3:15 p.m.83 views

USN-6252-1: Linux kernel vulnerabilities

It was discovered that the ext4 file system implementation in the Linux kernel contained a use-after-free vulnerability. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service system crash. CVE-2022-1184 It was discovered tha...

7.8CVSS7.1AI score0.01508EPSS
Exploits5
Ubuntu
Ubuntu
added 2023/07/25 10:0 p.m.83 views

USN-6249-1: Linux kernel (OEM) vulnerabilities

Ruihan Li discovered that the memory management subsystem in the Linux kernel contained a race condition when accessing VMAs in certain conditions, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service system crash or execute arbitrary...

7.8CVSS7.4AI score0.01484EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/06/22 2:53 p.m.83 views

USN-6188-1: OpenSSL vulnerability

Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1 object identifiers. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service...

6.5CVSS7.1AI score0.73461EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/06/07 10:7 a.m.83 views

USN-6028-2: libxml2 vulnerabilities

USN-6028-1 fixed vulnerabilities in libxml2. This update provides the corresponding updates for Ubuntu 23.04. Original advisory details: It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash. CVE-2022-2309 It was discovere...

7.5CVSS6.6AI score0.02462EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/04/13 3:49 a.m.83 views

USN-6015-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

8.8CVSS7.8AI score0.00901EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/04/04 8:58 a.m.83 views

USN-5995-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS...

8.4CVSS7AI score0.02098EPSS
Exploits30
Ubuntu
Ubuntu
added 2023/04/03 1:2 p.m.83 views

USN-5993-1: Samba vulnerabilities

Demi Marie Obenour discovered that the Samba LDAP server incorrectly handled certain confidential attribute values. A remote authenticated attacker could possibly use this issue to obtain certain sensitive information. CVE-2023-0614 Andrew Bartlett discovered that the Samba AD DC admin tool...

7.7CVSS6.8AI score0.00567EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/03/02 11:42 a.m.83 views

USN-5904-1: SoX vulnerabilities

Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ES...

10CVSS7.1AI score0.02211EPSS
Exploits8
Ubuntu
Ubuntu
added 2023/01/19 8:7 p.m.83 views

USN-5815-1: Linux kernel (BlueField) vulnerabilities

It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20421 David Leadbeater...

7.8CVSS7.2AI score0.01429EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/01/19 7:27 p.m.83 views

USN-5814-1: Linux kernel vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

8.8CVSS7.7AI score0.02014EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/10 8:10 p.m.84 views

USN-5791-3: Linux kernel (Azure) vulnerabilities

It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20421 David Leadbeater...

7.8CVSS7.2AI score0.01429EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/11/01 4:24 p.m.83 views

USN-5710-1: OpenSSL vulnerabilities

It was discovered that OpenSSL incorrectly handled certain X.509 Email Addresses. If a certificate authority were tricked into signing a specially-crafted certificate, a remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. The default compiler...

7.5CVSS7.1AI score0.92488EPSS
Exploits6
Ubuntu
Ubuntu
added 2022/08/30 5:7 p.m.83 views

USN-5589-1: Linux kernel vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 It was discovered that the virtual terminal driver in the...

6.8CVSS7.1AI score0.00537EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/08/24 4:32 p.m.83 views

USN-5578-2: Open VM Tools vulnerability

USN-5578-1 fixed a vulnerability in Open VM Tools. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Open VM Tools incorrectly handled certain requests. An attacker inside the guest could possibly use this issue to gain root...

7.8CVSS7.1AI score0.0054EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/08/04 3:24 p.m.83 views

USN-5546-1: OpenJDK vulnerabilities

Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17 and OpenJDK 18. CVE-2022-21449 It was discovered that OpenJDK incorrectly limited memo...

7.5CVSS7.2AI score0.48235EPSS
Exploits8
Ubuntu
Ubuntu
added 2022/06/08 11:54 a.m.83 views

USN-5472-1: FFmpeg vulnerabilities

It was discovered that FFmpeg would attempt to divide by zero when using Linear Predictive Coding LPC or AAC codecs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. CVE-2020-20445, CVE-2020-20446...

9.8CVSS7.4AI score0.0269EPSS
Exploits30
Ubuntu
Ubuntu
added 2020/11/17 1:35 p.m.83 views

USN-4635-1: Kerberos vulnerability

Demi Obenour discovered that Kerberos incorrectly handled certain ASN.1. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.5AI score0.04365EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/11/12 1:22 p.m.83 views

USN-4171-6: Apport regression

USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression when handling configuration files. This update fixes the problem, and also introduces further hardening measures. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings file as...

5.7AI score
Exploits0References1
Ubuntu
Ubuntu
added 2020/09/28 4:41 p.m.83 views

USN-4551-1: Squid vulnerabilities

Alex Rousskov and Amit Klein discovered that Squid incorrectly handled certain Content-Length headers. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. CVE-2020-15049 Amit Klein discovered that Squid incorrectly validated...

9.9CVSS6.9AI score0.05706EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/09/16 3:25 p.m.83 views

USN-4505-1: PHPMailer vulnerability

Elar Lang discovered that PHPMailer did not properly escape double quote characters in filenames. A remote attacker could possibly exploit this with a crafted filename to bypass attachment filters that are based on matching filename extensions. CVE-2020-13625...

7.5CVSS7AI score0.0378EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/09/10 9:49 a.m.83 views

LSN-0071-1: Kernel Live Patch Security Notice

Or Cohen discovered that the AFPACKET implementation in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-14386...

7.8CVSS6.8AI score0.01308EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/09/09 4:33 p.m.83 views

USN-4488-2: X.Org X Server vulnerabilities

USN-4488-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update and also the update from USN-4490-1 for Ubuntu 14.04 ESM. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the input extension protocol. A local attack...

7.8CVSS7AI score0.00629EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/08/27 3:45 p.m.83 views

USN-4476-1: NSS vulnerability

It was discovered that NSS incorrectly handled some inputs. An attacker could possibly use this issue to expose sensitive information...

9.1CVSS7.4AI score0.01541EPSS
Exploits0
Total number of security vulnerabilities5000