Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2014/09/08 5:35 p.m.•83 views

USN-2342-1: QEMU vulnerabilities

Michael S. Tsirkin, Anthony Liguori, and Michael Roth discovered multiple issues with QEMU state loading after migration. An attacker able to modify the state data could use these issues to cause a denial of service, or possibly execute arbitrary code. CVE-2013-4148, CVE-2013-4149, CVE-2013-4150,...

8.8CVSS7.3AI score0.05412EPSS
Exploits4
Ubuntu
Ubuntu
•added 2014/06/23 12:5 p.m.•83 views

USN-2254-1: PHP vulnerabilities

Christian Hoffmann discovered that the PHP FastCGI Process Manager FPM set incorrect permissions on the UNIX socket. A local attacker could use this issue to possibly elevate their privileges. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. CVE-2014-0185 Francisco...

7.2CVSS7.6AI score0.20805EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/05/15 5:26 p.m.•83 views

USN-2214-1: libxml2 vulnerability

Daniel Berrange discovered that libxml2 would incorrectly perform entity substitution even when requested not to. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause resource consumption, resulting in a denial of service...

4.3CVSS7AI score0.081EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/04/01 5:21 a.m.•83 views

USN-2158-1: Linux kernel (Raring HWE) vulnerabilities

Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. CVE-2013-4345 Nico Golde and Fabian Yamaguchi reported buffer underflow errors in the implementation of the XFS filesystem...

5.8CVSS7.1AI score0.03849EPSS
Exploits2
Ubuntu
Ubuntu
•added 2014/02/19 5:22 p.m.•83 views

USN-2119-1: Thunderbird vulnerabilities

Christian Holler, Terrence Cole, Jesse Ruderman, Gary Kwong, Eric Rescorla, Jonathan Kew, Dan Gohman, Ryan VanderMeulen and Sotaro Ikeda discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker...

10CVSS8.2AI score0.07697EPSS
Exploits14References1
Ubuntu
Ubuntu
•added 2014/02/18 11:21 p.m.•83 views

USN-2116-1: Linux kernel (OMAP4) vulnerabilities

Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. CVE-2013-2929 A flaw in the handling of memory regions of the kernel virtual machine KVM subsystem was discovered. ...

4.7CVSS6.8AI score0.00654EPSS
Exploits2
Ubuntu
Ubuntu
•added 2013/10/22 12:37 a.m.•83 views

USN-1998-1: Linux kernel vulnerabilities

An information leak was discovered in the Linux kernel when reading broadcast messages from the notifypolicy interface of the IPSec keysocket. A local user could exploit this flaw to examine potentially sensitive information in kernel memory. CVE-2013-2237 Kees Cook discovered flaw in the Human...

7.2CVSS7.1AI score0.00557EPSS
Exploits2
Ubuntu
Ubuntu
•added 2013/08/20 12:8 p.m.•83 views

USN-1931-1: Linux kernel (Quantal HWE) vulnerabilities

Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2013-1059 An information leak was discovered in the Linux kernel's fanotify interface. A local user could exploit this flaw to obtai...

7.8CVSS6.9AI score0.04546EPSS
Exploits1
Ubuntu
Ubuntu
•added 2013/07/25 2:39 p.m.•83 views

USN-1909-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.70 in Ubuntu 10.04 LTS. Ubuntu 12.04 LTS, Ubuntu 12.10 and Ubuntu 13.04 have been updated to MySQL 5.5.32. In addition to security fixes, the...

5CVSS5.7AI score0.18675EPSS
Exploits4
Ubuntu
Ubuntu
•added 2012/08/30 6:10 p.m.•83 views

USN-1551-1: Thunderbird vulnerabilities

Gary Kwong, Christian Holler, Jesse Ruderman, Steve Fink, Bob Clary, Andrew Sutherland, Jason Smith, John Schoenick, Vladimir Vukicevic and Daniel Holbert discovered memory safety issues affecting Thunderbird. If the user were tricked into opening a specially crafted E-Mail, an attacker could...

10CVSS8.3AI score0.07762EPSS
Exploits2References1
Ubuntu
Ubuntu
•added 2012/08/10 6:21 p.m.•83 views

USN-1529-1: Linux kernel vulnerabilities

A flaw was discovered in the Linux kernel's macvtap device driver, which is used in KVM Kernel-based Virtual Machine to create a network bridge between host and guest. A privleged user in a guest could exploit this flaw to crash the host, if the vhostnet module is loaded with the...

7.8CVSS6.9AI score0.08738EPSS
Exploits11
Ubuntu
Ubuntu
•added 2012/06/12 9:12 p.m.•83 views

USN-1470-1: Linux kernel (Natty backport) vulnerabilities

Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server attacker could exploit this flaw to cause a denial of service. CVE-2011-4131 A flaw was found in the Linux kernel's KVM Kernel Virtual Machine virtual cpu setup. An unprivileged local user could exploit...

7.2CVSS6.7AI score0.00775EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/04/27 11:57 a.m.•83 views

USN-1430-1: Firefox vulnerabilities

Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cau...

10CVSS8.8AI score0.10098EPSS
Exploits3References1
Ubuntu
Ubuntu
•added 2012/01/11 10:56 a.m.•83 views

USN-1325-1: Linux kernel (OMAP4) vulnerabilities

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel...

7.8CVSS6.5AI score0.03255EPSS
Exploits4
Ubuntu
Ubuntu
•added 2011/09/29 5:17 p.m.•83 views

USN-1219-1: Linux kernel (Maverick backport) vulnerabilities

Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. CVE-2011-1576 Timo Warns discovered that the EFI GUID partition table was not correctly...

8.8CVSS7.8AI score0.05573EPSS
Exploits8
Ubuntu
Ubuntu
•added 2011/09/28 10:50 p.m.•83 views

USN-1213-1: Thunderbird vulnerabilities

Benjamin Smedberg, Bob Clary, Jesse Ruderman, and Josh Aas discovered multiple memory vulnerabilities in the Gecko rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Thunderbird. CVE-2011-2995, CVE-2011-2996 Boris Zbarsky...

10CVSS8.9AI score0.04379EPSS
Exploits2
Ubuntu
Ubuntu
•added 2011/09/28 6:56 p.m.•83 views

USN-1210-1: Firefox and Xulrunner vulnerabilities

Benjamin Smedberg, Bob Clary, Jesse Ruderman, and Josh Aas discovered multiple memory vulnerabilities in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Firefox. CVE-2011-2995, CVE-2011-2996 Boris Zbarsky...

10CVSS8.9AI score0.04379EPSS
Exploits2
Ubuntu
Ubuntu
•added 2011/09/14 7:37 p.m.•83 views

USN-1208-1: Linux kernel (Marvel DOVE) vulnerabilities

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 Alex Shi and Eric Dumazet discovered that the network stack...

7.8CVSS6.8AI score0.08793EPSS
Exploits21
Ubuntu
Ubuntu
•added 2011/06/22 8:55 a.m.•83 views

USN-1157-1: Firefox vulnerabilities

Bob Clary, Kevin Brosnan, Gary Kwong, Jesse Ruderman, Christian Biesinger, Bas Schouten, Igor Bukanov, Bill McCloskey, Olli Pettay, Daniel Veditz and Marcia Knous discovered multiple memory vulnerabilities in the browser rendering engine. An attacker could possibly execute arbitrary code with the...

10CVSS8.8AI score0.75691EPSS
Exploits22
Ubuntu
Ubuntu
•added 2011/05/24 4:43 p.m.•83 views

USN-1133-1: Linux kernel vulnerabilities

Nelson Elhage discovered that Econet did not correctly handle AUN packets over UDP. A local attacker could send specially crafted traffic to crash the system, leading to a denial of service. CVE-2010-4342 Dan Rosenberg discovered that the OSS subsystem did not handle name termination correctly. A...

7.2CVSS5.7AI score0.03521EPSS
Exploits3
Ubuntu
Ubuntu
•added 2011/05/03 2:19 p.m.•83 views

USN-1129-1: Perl vulnerabilities

It was discovered that the Safe.pm Perl module incorrectly handled Safe::reval and Safe::rdo access restrictions. An attacker could use this flaw to bypass intended restrictions and possibly execute arbitrary code. CVE-2010-1168, CVE-2010-1447 It was discovered that the CGI.pm Perl module...

8.5CVSS8.4AI score0.08712EPSS
Exploits4
Ubuntu
Ubuntu
•added 2010/06/29 7:37 p.m.•83 views

USN-927-5: nspr update

USN-927-4 fixed vulnerabilities in NSS. This update provides the NSPR needed to use the new NSS. Original advisory details: Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a machine-in-the-middle attack at the start of a TLS connection,...

5.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2009/11/05 7:13 p.m.•83 views

USN-854-1: GD library vulnerabilities

Tomas Hoger discovered that the GD library did not properly handle the number of colors in certain malformed GD images. If a user or automated system were tricked into processing a specially crafted GD image, an attacker could cause a denial of service or possibly execute arbitrary code...

9.3CVSS7.2AI score0.1021EPSS
Exploits2
Ubuntu
Ubuntu
•added 2009/07/22 3:25 p.m.•83 views

USN-798-1: Firefox and Xulrunner vulnerabilities

Several flaws were discovered in the Firefox browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2009-2462,...

10CVSS8.7AI score0.1323EPSS
Exploits3
Ubuntu
Ubuntu
•added 2009/07/14 7:8 p.m.•83 views

USN-803-1: dhcp vulnerability

It was discovered that the DHCP client as included in dhcp3 did not verify the length of certain option fields when processing a response from an IPv4 dhcp server. If a user running Ubuntu 6.06 LTS or 8.04 LTS connected to a malicious dhcp server, a remote attacker could cause a denial of service...

10CVSS7.6AI score0.2578EPSS
Exploits9
Ubuntu
Ubuntu
•added 2008/06/03 6:17 p.m.•83 views

USN-614-1: Linux kernel vulnerabilities

It was discovered that PowerPC kernels did not correctly handle reporting certain system details. By requesting a specific set of information, a local attacker could cause a system crash resulting in a denial of service. CVE-2007-6694 A race condition was discovered between dnotify fcntl and clos...

7.8CVSS5.5AI score0.02589EPSS
Exploits5
Ubuntu
Ubuntu
•added 2008/05/20 1:0 p.m.•83 views

USN-612-7: OpenSSH update

USN-612-2 introduced protections for OpenSSH, related to the OpenSSL vulnerabilities addressed by USN-612-1. This update provides the corresponding updates for OpenSSH in Ubuntu 6.06 LTS. While the OpenSSL in Ubuntu 6.06 is not vulnerable, this update will block weak keys generated on systems tha...

7.8CVSS6.7AI score0.70721EPSS
Exploits7
Ubuntu
Ubuntu
•added 2008/03/19 12:7 a.m.•83 views

USN-587-1: Kerberos vulnerabilities

It was discovered that krb5 did not correctly handle certain krb4 requests. An unauthenticated remote attacker could exploit this flaw by sending a specially crafted traffic, which could expose sensitive information, cause a crash, or execute arbitrary code. CVE-2008-0062, CVE-2008-0063 A flaw wa...

10CVSS8.3AI score0.10141EPSS
Exploits1
Ubuntu
Ubuntu
•added 2007/08/30 11:55 p.m.•83 views

USN-509-1: Linux kernel vulnerabilities

A flaw in the sysfsreaddir function allowed a local user to cause a denial of service by dereferencing a NULL pointer. CVE-2007-3104 A buffer overflow was discovered in the random number generator. In environments with granular assignment of root privileges, a local attacker could gain additional...

6CVSS5.9AI score0.00454EPSS
Exploits0
Ubuntu
Ubuntu
•added 2007/07/18 10:57 p.m.•83 views

USN-486-1: Linux kernel vulnerabilities

The compatsysmount function allowed local users to cause a denial of service when mounting a smbfs filesystem in compatibility mode. CVE-2006-7203 The Omnikey CardMan 4040 driver cm4040cs did not limit the size of buffers passed to read and write. A local attacker could exploit this to execute...

7.8CVSS5.8AI score0.05035EPSS
Exploits16
Ubuntu
Ubuntu
•added 2007/02/10 3:17 a.m.•83 views

USN-416-1: Linux kernel vulnerabilities

Mark Dowd discovered that the netfilter iptables module did not correcly handle fragmented IPv6 packets. By sending specially crafted packets, a remote attacker could exploit this to bypass firewall rules. This has has already been fixed for Ubuntu 6.10 in USN-395-1; this is the corresponding fix...

7.5CVSS5.7AI score0.05605EPSS
Exploits5
Ubuntu
Ubuntu
•added 2006/10/05 2:18 a.m.•83 views

USN-353-2: OpenSSL vulnerability

USN-353-1 fixed several vulnerabilities in OpenSSL. However, Mark J Cox noticed that the applied patch for CVE-2006-2940 was flawed. This update corrects that patch. For reference, this is the relevant part of the original advisory: Certain types of public key could take disproportionate amounts ...

7.8CVSS7.3AI score0.04903EPSS
Exploits1
Ubuntu
Ubuntu
•added 2005/03/15 11:12 p.m.•83 views

USN-95-1: Linux kernel vulnerabilities

A remote Denial of Service vulnerability was discovered in the Netfilter IP packet handler. This allowed a remote attacker to crash the machine by sending specially crafted IP packet fragments. CAN-2005-0209 The Netfilter code also contained a memory leak. Certain locally generated packet fragmen...

7.8CVSS6.8AI score0.03966EPSS
Exploits6
Ubuntu
Ubuntu
•added 2024/07/10 5:51 a.m.•82 views

USN-6890-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2024-6601, CVE-2024-6604,...

9.8CVSS7.7AI score0.00977EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/06/25 11:7 a.m.•82 views

USN-6846-1: Ansible vulnerabilities

It was discovered that Ansible incorrectly handled certain inputs when using towercallback parameter. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. This issue only affecte...

7.8CVSS7.4AI score0.00712EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/04/29 2:19 p.m.•82 views

USN-6757-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled PHPCLISERVERWORKERS variable. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. CVE-2022-4900 It was discovered that PHP incorrectly handled certain...

6.5CVSS7.1AI score0.3786EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/04/09 12:17 p.m.•82 views

USN-6724-1: Linux kernel vulnerabilities

Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash...

8CVSS7.1AI score0.01177EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/03/20 2:23 p.m.•82 views

USN-6704-1: Linux kernel vulnerabilities

It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service system crash. CVE-2023-23000 Quentin Minster discovered that the KSMBD...

7.8CVSS7.6AI score0.28058EPSS
Exploits16
Ubuntu
Ubuntu
•added 2024/02/08 12:9 a.m.•82 views

USN-6626-1: Linux kernel vulnerabilities

Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-32250, CVE-2023-32252, CVE-2023-32257...

9CVSS7.2AI score0.0406EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/26 12:36 p.m.•82 views

USN-6454-1: Linux kernel vulnerabilities

Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service system crash. CVE-2023-42756 Alex Birnberg discovered that the netfilter subsystem in the Linux...

7.8CVSS6.8AI score0.00396EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/10/19 2:55 p.m.•82 views

USN-6416-3: Linux kernel (Raspberry Pi) vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Daniel Trujillo, Johannes Wikner, and Kaveh Razavi...

9.1CVSS8AI score0.54577EPSS
Exploits6
Ubuntu
Ubuntu
•added 2023/10/09 11:15 a.m.•82 views

USN-6421-1: Bind vulnerability

It was discovered that Bind incorrectly handled certain control channel messages. A remote attacker with access to the control channel could possibly use this issue to cause Bind to crash, resulting in a denial of service...

7.5CVSS6.8AI score0.02626EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/03 6:4 p.m.•82 views

USN-6409-1: GNU C Library vulnerabilities

It was discovered that the GNU C Library incorrectly handled the GLIBCTUNABLES environment variable. An attacker could possibly use this issue to perform a privilege escalation attack. CVE-2023-4911 It was discovered that the GNU C Library incorrectly handled certain DNS responses when the system...

7.8CVSS7AI score0.81422EPSS
Exploits27
Ubuntu
Ubuntu
•added 2023/09/14 2:44 a.m.•82 views

USN-6367-1: Firefox vulnerability

It was discovered that Firefox did not properly manage memory when handling WebP images. If a user were tricked into opening a webpage containing malicious WebP image file, an attacker could potentially exploit these to cause a denial of service or execute arbitrary code. CVE-2023-4863...

8.8CVSS8.1AI score0.99694EPSS
Exploits9
Ubuntu
Ubuntu
•added 2023/09/05 11:35 p.m.•82 views

USN-6340-1: Linux kernel vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 Zi Fan Tan discovered that the binder IPC...

10CVSS7.7AI score0.03546EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/07/26 3:15 p.m.•82 views

USN-6252-1: Linux kernel vulnerabilities

It was discovered that the ext4 file system implementation in the Linux kernel contained a use-after-free vulnerability. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service system crash. CVE-2022-1184 It was discovered tha...

7.8CVSS7.1AI score0.02154EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/06/22 2:53 p.m.•82 views

USN-6188-1: OpenSSL vulnerability

Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1 object identifiers. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service...

6.5CVSS7.1AI score0.73461EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/06/13 2:7 p.m.•82 views

USN-6158-1: Node Fetch vulnerability

It was discovered that Node Fetch incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information...

8.8CVSS7.3AI score0.01646EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/03/27 10:38 p.m.•82 views

USN-5977-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 It was discovered that the KVM VMX...

8.8CVSS7.1AI score0.00305EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/03/27 10:26 p.m.•82 views

USN-5976-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

8.8CVSS7.2AI score0.01016EPSS
Exploits1
Total number of security vulnerabilities5000