Lucene search
K
UbuntuMost viewed

10890 matches found

Ubuntu
Ubuntu
•added 2007/07/18 10:57 p.m.•83 views

USN-486-1: Linux kernel vulnerabilities

The compatsysmount function allowed local users to cause a denial of service when mounting a smbfs filesystem in compatibility mode. CVE-2006-7203 The Omnikey CardMan 4040 driver cm4040cs did not limit the size of buffers passed to read and write. A local attacker could exploit this to execute...

7.8CVSS5.8AI score0.05035EPSS
Exploits16
Ubuntu
Ubuntu
•added 2007/02/10 3:17 a.m.•83 views

USN-416-1: Linux kernel vulnerabilities

Mark Dowd discovered that the netfilter iptables module did not correcly handle fragmented IPv6 packets. By sending specially crafted packets, a remote attacker could exploit this to bypass firewall rules. This has has already been fixed for Ubuntu 6.10 in USN-395-1; this is the corresponding fix...

7.5CVSS5.7AI score0.05605EPSS
Exploits5
Ubuntu
Ubuntu
•added 2005/03/15 11:12 p.m.•83 views

USN-95-1: Linux kernel vulnerabilities

A remote Denial of Service vulnerability was discovered in the Netfilter IP packet handler. This allowed a remote attacker to crash the machine by sending specially crafted IP packet fragments. CAN-2005-0209 The Netfilter code also contained a memory leak. Certain locally generated packet fragmen...

7.8CVSS6.8AI score0.03966EPSS
Exploits6
Ubuntu
Ubuntu
•added 2024/07/10 5:51 a.m.•82 views

USN-6890-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2024-6601, CVE-2024-6604,...

9.8CVSS7.7AI score0.00977EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/04/29 2:19 p.m.•82 views

USN-6757-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled PHPCLISERVERWORKERS variable. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. CVE-2022-4900 It was discovered that PHP incorrectly handled certain...

6.5CVSS7.1AI score0.3786EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/04/09 12:17 p.m.•82 views

USN-6724-1: Linux kernel vulnerabilities

Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash...

8CVSS7.1AI score0.01177EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/03/20 2:23 p.m.•82 views

USN-6704-1: Linux kernel vulnerabilities

It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service system crash. CVE-2023-23000 Quentin Minster discovered that the KSMBD...

7.8CVSS7.6AI score0.28058EPSS
Exploits16
Ubuntu
Ubuntu
•added 2024/02/08 12:9 a.m.•82 views

USN-6626-1: Linux kernel vulnerabilities

Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-32250, CVE-2023-32252, CVE-2023-32257...

9CVSS7.2AI score0.0406EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/26 12:36 p.m.•82 views

USN-6454-1: Linux kernel vulnerabilities

Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service system crash. CVE-2023-42756 Alex Birnberg discovered that the netfilter subsystem in the Linux...

7.8CVSS6.8AI score0.00396EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/10/19 2:55 p.m.•82 views

USN-6416-3: Linux kernel (Raspberry Pi) vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Daniel Trujillo, Johannes Wikner, and Kaveh Razavi...

9.1CVSS8AI score0.54577EPSS
Exploits6
Ubuntu
Ubuntu
•added 2023/10/09 11:15 a.m.•82 views

USN-6421-1: Bind vulnerability

It was discovered that Bind incorrectly handled certain control channel messages. A remote attacker with access to the control channel could possibly use this issue to cause Bind to crash, resulting in a denial of service...

7.5CVSS6.8AI score0.02626EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/03 6:4 p.m.•82 views

USN-6409-1: GNU C Library vulnerabilities

It was discovered that the GNU C Library incorrectly handled the GLIBCTUNABLES environment variable. An attacker could possibly use this issue to perform a privilege escalation attack. CVE-2023-4911 It was discovered that the GNU C Library incorrectly handled certain DNS responses when the system...

7.8CVSS7AI score0.81422EPSS
Exploits27
Ubuntu
Ubuntu
•added 2023/09/14 2:44 a.m.•82 views

USN-6367-1: Firefox vulnerability

It was discovered that Firefox did not properly manage memory when handling WebP images. If a user were tricked into opening a webpage containing malicious WebP image file, an attacker could potentially exploit these to cause a denial of service or execute arbitrary code. CVE-2023-4863...

8.8CVSS8.1AI score0.99694EPSS
Exploits9
Ubuntu
Ubuntu
•added 2023/09/05 11:35 p.m.•82 views

USN-6340-1: Linux kernel vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 Zi Fan Tan discovered that the binder IPC...

10CVSS7.7AI score0.03546EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/07/26 3:15 p.m.•82 views

USN-6252-1: Linux kernel vulnerabilities

It was discovered that the ext4 file system implementation in the Linux kernel contained a use-after-free vulnerability. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service system crash. CVE-2022-1184 It was discovered tha...

7.8CVSS7.1AI score0.02154EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/06/22 2:53 p.m.•82 views

USN-6188-1: OpenSSL vulnerability

Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1 object identifiers. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service...

6.5CVSS7.1AI score0.73461EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/04/11 7:56 p.m.•82 views

USN-6008-1: Exo vulnerability

It was discovered that Exo did not properly sanitized desktop files. A remote attacker could possibly use this issue to to cause a crash or arbitrary code execution...

8.8CVSS8AI score0.0151EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/04/03 1:2 p.m.•82 views

USN-5993-1: Samba vulnerabilities

Demi Marie Obenour discovered that the Samba LDAP server incorrectly handled certain confidential attribute values. A remote authenticated attacker could possibly use this issue to obtain certain sensitive information. CVE-2023-0614 Andrew Bartlett discovered that the Samba AD DC admin tool...

7.7CVSS6.8AI score0.00567EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/03/27 10:38 p.m.•82 views

USN-5977-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 It was discovered that the KVM VMX...

8.8CVSS7.1AI score0.00305EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/03/27 10:26 p.m.•82 views

USN-5976-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

8.8CVSS7.2AI score0.01016EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/11/14 7:34 p.m.•82 views

USN-5723-1: Vim vulnerabilities

It was discovered that Vim could be made to crash when searching specially crafted patterns. An attacker could possibly use this to crash Vim and cause denial of service. CVE-2022-1674 It was discovered that there existed a NULL pointer dereference in Vim. An attacker could possibly use this to...

7.8CVSS7.5AI score0.01554EPSS
Exploits9
Ubuntu
Ubuntu
•added 2022/08/30 5:7 p.m.•82 views

USN-5589-1: Linux kernel vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 It was discovered that the virtual terminal driver in the...

6.8CVSS7.1AI score0.00537EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/08/24 4:32 p.m.•82 views

USN-5578-2: Open VM Tools vulnerability

USN-5578-1 fixed a vulnerability in Open VM Tools. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Open VM Tools incorrectly handled certain requests. An attacker inside the guest could possibly use this issue to gain root...

7.8CVSS7.1AI score0.0054EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/06/08 11:54 a.m.•82 views

USN-5472-1: FFmpeg vulnerabilities

It was discovered that FFmpeg would attempt to divide by zero when using Linear Predictive Coding LPC or AAC codecs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. CVE-2020-20445, CVE-2020-20446...

9.8CVSS7.4AI score0.31591EPSS
Exploits30
Ubuntu
Ubuntu
•added 2022/05/04 12:17 p.m.•82 views

USN-5401-1: DPDK vulnerabilities

Wenxiang Qian discovered that DPDK incorrectly checked certain payloads. An attacker could use this issue to cause DPDK to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2021-3839 It was discovered that DPDK incorrectly handled inflight type messages. An attacker...

7.5CVSS7.2AI score0.01259EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/11/17 1:35 p.m.•82 views

USN-4635-1: Kerberos vulnerability

Demi Obenour discovered that Kerberos incorrectly handled certain ASN.1. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.5AI score0.04365EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/09/28 4:41 p.m.•82 views

USN-4551-1: Squid vulnerabilities

Alex Rousskov and Amit Klein discovered that Squid incorrectly handled certain Content-Length headers. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. CVE-2020-15049 Amit Klein discovered that Squid incorrectly validated...

9.9CVSS6.9AI score0.05706EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/09/16 3:25 p.m.•82 views

USN-4505-1: PHPMailer vulnerability

Elar Lang discovered that PHPMailer did not properly escape double quote characters in filenames. A remote attacker could possibly exploit this with a crafted filename to bypass attachment filters that are based on matching filename extensions. CVE-2020-13625...

7.5CVSS7AI score0.0378EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/09/10 9:49 a.m.•82 views

LSN-0071-1: Kernel Live Patch Security Notice

Or Cohen discovered that the AFPACKET implementation in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-14386...

7.8CVSS6.8AI score0.01308EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/09/09 4:33 p.m.•82 views

USN-4488-2: X.Org X Server vulnerabilities

USN-4488-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update and also the update from USN-4490-1 for Ubuntu 14.04 ESM. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the input extension protocol. A local attack...

7.8CVSS7AI score0.00629EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/09/02 1:5 p.m.•82 views

USN-4487-1: libx11 vulnerabilities

Todd Carson discovered that libx11 incorrectly handled certain memory operations. A local attacker could possibly use this issue to escalate privileges. CVE-2020-14344 Jayden Rivers discovered that libx11 incorrectly handled locales. A local attacker could possibly use this issue to escalate...

7.8CVSS7.2AI score0.00575EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/07/27 4:29 p.m.•82 views

USN-4435-2: ClamAV vulnerabilities

USN-4435-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause...

7.5CVSS7.7AI score0.05063EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/06/05 5:9 p.m.•82 views

USN-4384-1: GnuTLS vulnerability

It was discovered that GnuTLS incorrectly handled session ticket encryption keys. A remote attacker could possibly use this issue to bypass authentication or recover sensitive information...

7.4CVSS7.4AI score0.17507EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/06/01 8:8 p.m.•82 views

USN-4380-1: Apache Ant vulnerability

It was discovered that Apache Ant created temporary files with insecure permissions. An attacker could use this vulnerability to read sensitive information leaked into /tmp, or potentially inject malicious code into a project that is built with Apache Ant...

6.3CVSS7.4AI score0.01793EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/28 1:0 p.m.•82 views

USN-4256-1: Cyrus SASL vulnerability

It was discovered that Cyrus SASL incorrectly handled certain LDAP packets. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service...

7.5CVSS8AI score0.08036EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/01/23 3:11 p.m.•82 views

USN-4247-3: python-apt vulnerabilities

USN-4247-1 fixed several vulnerabilities in python-apt. This update provides the corresponding updates for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker...

4.7CVSS5.1AI score0.00496EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/01 11:2 a.m.•82 views

USN-4043-1: Django vulnerabilities

It was discovered that Django incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10 and Ubuntu 19.04. CVE-2019-12308 Gavin Wahl discovered that Django incorrectly handled HTTP detection when...

6.1CVSS7.2AI score0.02563EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/04/23 4:17 p.m.•82 views

USN-3936-2: AdvanceCOMP vulnerability

USN-3936-1 fixed a vulnerability in AdvanceCOMP. This update provides the corresponding update for Ubuntu 19.04. Original advisory details: It was discovered that AdvanceCOMP incorrectly handled certain PNG files. An attacker could possibly use this issue to execute arbitrary code...

7.8CVSS5.9AI score0.01424EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/08/14 10:9 p.m.•82 views

USN-3741-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3741-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that memory present in the L1 data cache of an Intel CPU core may be...

7.8CVSS6.9AI score0.7354EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2018/05/22 10:42 p.m.•82 views

USN-3656-1: Linux kernel (Raspberry Pi 2, Snapdragon) vulnerabilities

Tuba Yavuz discovered that a double-free error existed in the USBTV007 driver of the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-17975 It was discovered that a race condition existed in the F2FS implementatio...

7.8CVSS7.1AI score0.00559EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/05/22 3:31 a.m.•82 views

USN-3653-1: Linux kernel vulnerabilities

Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memor...

7.8CVSS7.7AI score0.60631EPSS
Exploits2References1
Ubuntu
Ubuntu
•added 2018/04/23 11:30 p.m.•82 views

USN-3630-1: Linux kernel vulnerability

It was discovered that the Broadcom UniMAC MDIO bus controller driver in the Linux kernel did not properly validate device resources. A local attacker could use this to cause a denial of service system crash...

5.5CVSS6.4AI score0.00412EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/10/10 11:39 p.m.•82 views

USN-3444-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3444-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jan H. Schönherr discovered that the Xen subsystem did not properly handle block IO...

8.8CVSS6.6AI score0.00497EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/03/08 2:11 a.m.•82 views

USN-3220-1: Linux kernel vulnerability

Alexander Popov discovered that the NHDLC line discipline implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly gain administrative privileges...

7CVSS6.7AI score0.01029EPSS
Exploits2
Ubuntu
Ubuntu
•added 2017/02/22 12:33 a.m.•82 views

USN-3207-1: Linux kernel vulnerabilities

It was discovered that a use-after-free vulnerability existed in the block device layer of the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly gain administrative privileges. CVE-2016-7910 Dmitry Vyukov discovered a use-after-free vulnerability ...

9.3CVSS6.8AI score0.0596EPSS
Exploits14
Ubuntu
Ubuntu
•added 2017/02/16 11:52 p.m.•82 views

USN-3199-1: Python Crypto vulnerability

It was discovered that the ALGnew function in blocktemplace.c in the Python Cryptography Toolkit contained a heap-based buffer overflow vulnerability. A remote attacker could use this flaw to execute arbitrary code by using a crafted initialization vector parameter...

9.8CVSS9.1AI score0.09501EPSS
Exploits1
Ubuntu
Ubuntu
•added 2017/02/06 6:42 p.m.•82 views

USN-3192-1: Squid vulnerabilities

Saulius Lapinskas discovered that Squid incorrectly handled processing HTTP conditional requests. A remote attacker could possibly use this issue to obtain sensitive information related to other clients' browsing sessions. CVE-2016-10002 Felix Hassert discovered that Squid incorrectly handled...

7.5CVSS6.6AI score0.06766EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/01/11 8:7 a.m.•82 views

USN-3169-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3169-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not...

7.8CVSS6.5AI score0.01566EPSS
Exploits8
Ubuntu
Ubuntu
•added 2016/12/05 1:6 p.m.•82 views

USN-3151-3: Linux kernel (Qualcomm Snapdragon) vulnerability

Philip Pettersson discovered a race condition in the afpacket implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service system crash or run arbitrary code with administrative privileges...

7.8CVSS7.5AI score0.11127EPSS
Exploits16
Ubuntu
Ubuntu
•added 2016/11/30 7:46 p.m.•82 views

USN-3145-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3145-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel...

7.8CVSS6.8AI score0.00647EPSS
Exploits0
Total number of security vulnerabilities5000