Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2012/08/29 4:41 p.m.•82 views

USN-1548-1: Firefox vulnerabilities

Gary Kwong, Christian Holler, Jesse Ruderman, Steve Fink, Bob Clary, Andrew Sutherland, Jason Smith, John Schoenick, Vladimir Vukicevic and Daniel Holbert discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could exploit...

10CVSS8.7AI score0.07762EPSS
Exploits3References1
Ubuntu
Ubuntu
•added 2012/08/14 9:54 p.m.•82 views

USN-1539-1: Linux kernel (Oneiric backport) vulnerabilities

An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface which is not available to unprivileged users until granted by a root user could exploit this flaw to crash the system or potential gain administrative privileges...

7.6CVSS6.8AI score0.08738EPSS
Exploits9
Ubuntu
Ubuntu
•added 2012/05/08 5:59 a.m.•82 views

USN-1432-1: Linux kernel vulnerabilities

A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. CVE-2011-4086 A flaw was discovered in the Linux kernel's cifs file system. An unprivileged local user could exploit this flaw to...

7.1CVSS6.1AI score0.02678EPSS
Exploits1
Ubuntu
Ubuntu
•added 2012/01/13 5:52 a.m.•82 views

USN-1332-1: Linux kernel (Maverick backport) vulnerabilities

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 Dan Rosenberg reported an error in the old ABI compatibility layer of ARM kernels. A local attacker could...

7.2CVSS7.4AI score0.00489EPSS
Exploits4
Ubuntu
Ubuntu
•added 2011/07/15 4:30 p.m.•82 views

USN-1170-1: Linux kernel vulnerabilities

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 It was discovered that Xen did not correctly handle certain...

7.1CVSS6.5AI score0.02523EPSS
Exploits10
Ubuntu
Ubuntu
•added 2011/07/13 10:18 p.m.•82 views

USN-1167-1: Linux kernel vulnerabilities

Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's handling of IPv4 icmp packets. A remote user could exploit this to cause a denial of service. CVE-2011-1927 Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly clear memory when writing certain file...

9.8CVSS7.1AI score0.04364EPSS
Exploits23
Ubuntu
Ubuntu
•added 2011/06/29 10:57 p.m.•82 views

USN-1149-2: Firefox regression

USN-1149-1 fixed vulnerabilities in Firefox. Unfortunately, a regression was introduced that prevented cookies from being stored properly when the hostname was a single character. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple memory...

9AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2011/05/05 7:19 a.m.•82 views

USN-1122-1: Thunderbird vulnerabilities

It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. CVE-2011-0081 It was discovered that Thunderbird incorrectly handled certain JavaScript requests. If...

10CVSS8.8AI score0.73655EPSS
Exploits20
Ubuntu
Ubuntu
•added 2010/10/22 6:6 p.m.•82 views

USN-1009-1: GNU C Library vulnerabilities

Tavis Ormandy discovered multiple flaws in the GNU C Library's handling of the LDAUDIT environment variable when running a privileged binary. A local attacker could exploit this to gain root privileges. CVE-2010-3847, CVE-2010-3856...

7.2CVSS8AI score0.09454EPSS
Exploits35
Ubuntu
Ubuntu
•added 2010/09/20 6:22 p.m.•82 views

USN-989-1: PHP vulnerabilities

Auke van Slooten discovered that PHP incorrectly handled certain xmlrpc requests. An attacker could exploit this issue to cause the PHP server to crash, resulting in a denial of service. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10. CVE-2010-0397 It was discovered that the...

9.8CVSS8.9AI score0.12652EPSS
Exploits11
Ubuntu
Ubuntu
•added 2010/05/27 9:6 p.m.•82 views

USN-945-1: ClamAV vulnerabilities

It was discovered that ClamAV did not properly reallocate memory when processing certain PDF files. A remote attacker could send a specially crafted PDF and crash ClamAV. CVE-2010-1639 An out of bounds memory access flaw was discovered in ClamAV. A remote attacker could send a specially crafted...

4.3CVSS5.3AI score0.02889EPSS
Exploits0
Ubuntu
Ubuntu
•added 2010/02/10 2:56 p.m.•82 views

USN-897-1: MySQL vulnerabilities

It was discovered that MySQL could be made to overwrite existing table files in the data directory. An authenticated user could use the DATA DIRECTORY and INDEX DIRECTORY options to possibly bypass privilege checks. This update alters table creation behaviour by disallowing the use of the MySQL...

8.5CVSS7.6AI score0.69552EPSS
Exploits11
Ubuntu
Ubuntu
•added 2010/01/28 7:1 p.m.•82 views

USN-892-1: FUSE vulnerability

Dan Rosenberg discovered that FUSE did not correctly check mount locations. A local attacker, with access to use FUSE, could unmount arbitrary locations, leading to a denial of service...

3.3CVSS5.2AI score0.00398EPSS
Exploits1
Ubuntu
Ubuntu
•added 2010/01/28 6:38 p.m.•82 views

USN-893-1: Samba vulnerability

Ronald Volgers discovered that the mount.cifs utility, when installed as a setuid program, suffered from a race condition when verifying user permissions. A local attacker could trick samba into mounting over arbitrary locations, leading to a root privilege escalation...

4.4CVSS7.2AI score0.00522EPSS
Exploits1
Ubuntu
Ubuntu
•added 2010/01/13 2:46 p.m.•82 views

USN-882-1: PHP vulnerabilities

Maksymilian Arciemowicz discovered that PHP did not properly handle the inirestore function. An attacker could exploit this issue to obtain random memory contents or to cause the PHP server to crash, resulting in a denial of service. CVE-2009-2626 It was discovered that the htmlspecialchars...

10CVSS4.8AI score0.08306EPSS
Exploits6
Ubuntu
Ubuntu
•added 2009/07/14 7:8 p.m.•82 views

USN-803-1: dhcp vulnerability

It was discovered that the DHCP client as included in dhcp3 did not verify the length of certain option fields when processing a response from an IPv4 dhcp server. If a user running Ubuntu 6.06 LTS or 8.04 LTS connected to a malicious dhcp server, a remote attacker could cause a denial of service...

10CVSS7.6AI score0.2578EPSS
Exploits9
Ubuntu
Ubuntu
•added 2009/06/25 5:52 p.m.•82 views

USN-792-1: OpenSSL vulnerabilities

It was discovered that OpenSSL did not limit the number of DTLS records it would buffer when they arrived with a future epoch. A remote attacker could cause a denial of service via memory resource consumption by sending a large number of crafted requests. CVE-2009-1377 It was discovered that...

5CVSS7.3AI score0.80134EPSS
Exploits20
Ubuntu
Ubuntu
•added 2009/06/15 2:36 p.m.•82 views

USN-788-1: Tomcat vulnerabilities

Iida Minehiko discovered that Tomcat did not properly normalise paths. A remote attacker could send specially crafted requests to the server and bypass security restrictions, gaining access to sensitive content. CVE-2008-5515 Yoshihito Fukuyama discovered that Tomcat did not properly handle error...

5CVSS5.3AI score0.9444EPSS
Exploits8
Ubuntu
Ubuntu
•added 2009/06/10 8:5 p.m.•82 views

USN-786-1: apr-util vulnerabilities

Matthew Palmer discovered an underflow flaw in apr-util. An attacker could cause a denial of service via application crash in Apache using a crafted SVNMasterURI directive, .htaccess file, or when using modapreq2. Applications using libapreq2 are also affected. CVE-2009-0023 It was discovered tha...

7.5CVSS7.2AI score0.52988EPSS
Exploits5
Ubuntu
Ubuntu
•added 2006/10/05 2:18 a.m.•82 views

USN-353-2: OpenSSL vulnerability

USN-353-1 fixed several vulnerabilities in OpenSSL. However, Mark J Cox noticed that the applied patch for CVE-2006-2940 was flawed. This update corrects that patch. For reference, this is the relevant part of the original advisory: Certain types of public key could take disproportionate amounts ...

7.8CVSS7.3AI score0.04903EPSS
Exploits1
Ubuntu
Ubuntu
•added 2006/08/16 4:47 p.m.•82 views

USN-334-1: krb5 vulnerabilities

Michael Calmer and Marcus Meissner discovered that several krb5 tools did not check the return values from setuid system calls. On systems that have configured user process limits, it may be possible for an attacker to cause setuid to fail via resource starvation. In that situation, the tools wil...

7.2CVSS8AI score0.00512EPSS
Exploits0
Ubuntu
Ubuntu
•added 2006/06/15 11:29 p.m.•82 views

USN-302-1: Linux kernel vulnerabilities

An integer overflow was discovered in the doreplace function. A local user process with the CAPNETADMIN capability could exploit this to execute arbitrary commands with full root privileges. However, none of Ubuntu's supported packages use this capability with any non-root user, so this only...

9CVSS8.2AI score0.20561EPSS
Exploits6
Ubuntu
Ubuntu
•added 2004/11/18 12:51 a.m.•82 views

USN-27-1: libxpm4 vulnerability

Chris Evans discovered several stack overflows in the versions of libXpm shipped by X.Org, XFree86, and LessTif. These overflows were fixed in the Warty development tree before its release. Mathieu Herrb of OpenBSD subsequently discovered that the original patch was insufficient to address these...

7.5CVSS7.8AI score0.08052EPSS
Exploits2
Ubuntu
Ubuntu
•added 2004/11/12 6:56 a.m.•82 views

USN-23-1: apache2 vulnerability

Chintan Trivedi discovered a Denial of Service vulnerability in apache2. The field length limit was not enforced for certain malicious requests. This could allow a remote attacker who is able to send large amounts of data to a server to cause HTTP server instances to consume proportional amounts ...

5CVSS5.5AI score0.55105EPSS
Exploits7
Ubuntu
Ubuntu
•added 2025/04/07 1:55 p.m.•81 views

USN-7418-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML characters in an attribute value using REXML gem. An attacker could use this issue to cause Ruby to crash, resulting in a denial of service. This issue only affected in Ubuntu 22.04 LTS, Ubuntu 24.04...

7.5CVSS7.1AI score0.02064EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/02/10 2:20 p.m.•81 views

USN-7261-1: Vim vulnerability

It was discovered that Vim incorrectly handled certain internal calls when scrolling a window. An attacker could possibly use this issue to cause a denial of service...

5.5CVSS5.4AI score0.00261EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/30 8:52 a.m.•81 views

USN-7085-1: X.Org X Server vulnerability

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations in the X Keyboard Extension. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code...

7.8CVSS7.8AI score0.00894EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/05/14 9:0 a.m.•81 views

USN-6767-2: Linux kernel (BlueField) vulnerabilities

Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service system crash. CVE-2024-23849 Several security issues were discovered in the Linux kernel. An attacker...

7.8CVSS6.9AI score0.00316EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/01/09 6:41 p.m.•81 views

USN-6548-4: Linux kernel (GKE) vulnerabilities

It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. CVE-2023-3006 It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors i...

8.8CVSS7.2AI score0.09141EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/12/06 12:11 p.m.•81 views

USN-6535-1: curl vulnerabilities

Harry Sintonen discovered that curl incorrectly handled mixed case cookie domains. A remote attacker could possibly use this issue to set cookies that get sent to different and unrelated sites and domains. CVE-2023-46218 Maksymilian Arciemowicz discovered that curl incorrectly handled long file...

6.5CVSS6.5AI score0.01685EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/11/17 12:12 a.m.•81 views

USN-6485-1: Intel Microcode vulnerability

Benoit Morgan, Paul Grosen, Thais Moreira Hamasaki, Ke Sun, Alyssa Milburn, Hisham Shafi, Nir Shlomovich, Tavis Ormandy, Daniel Moghimi, Josh Eads, Salman Qazi, Alexandra Sandulescu, Andy Nguyen, Eduardo Vela, Doug Kwan, and Kostik Shtoyk discovered that some IntelR Processors did not properly...

8.8CVSS7.7AI score0.01728EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/19 8:17 p.m.•81 views

USN-6442-1: Linux kernel (BlueField) vulnerabilities

Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...

7.8CVSS7.5AI score0.0095EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/10/04 10:1 p.m.•81 views

USN-6414-2: Django vulnerabilities

USN-6414-1 and USN-6378-1 fixed CVE-2023-43665 and CVE-2023-41164 in Django, respectively. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Wenchao Li discovered that the Django Truncator function incorrectly handled very long HTML input. A remote...

7.5CVSS6.8AI score0.01284EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/08/11 2:36 p.m.•81 views

USN-6283-1: Linux kernel vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 Zheng Zhang discovered that the...

9.8CVSS7.4AI score0.0406EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/08/09 11:9 a.m.•81 views

USN-4336-3: GNU binutils vulnerabilities

USN-4336-1 fixed several vulnerabilities in GNU. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: It was discovered that GNU binutils contained a large number of security issues. If a user or automated system were tricked into processing a...

7.8CVSS6.7AI score0.08111EPSS
Exploits10
Ubuntu
Ubuntu
•added 2023/07/27 12:26 p.m.•81 views

USN-6260-1: Linux kernel vulnerabilities

It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2022-48502...

7.8CVSS7.5AI score0.15783EPSS
Exploits18
Ubuntu
Ubuntu
•added 2023/07/06 6:6 p.m.•81 views

USN-6206-1: Linux kernel (OEM) vulnerabilities

Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-35788, LP: 2023577 It was discovered that the NTFS...

7.8CVSS6.8AI score0.00532EPSS
Exploits2References2
Ubuntu
Ubuntu
•added 2023/06/02 3:52 p.m.•81 views

USN-6135-1: Linux kernel (Azure CVM) vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS7.4AI score0.16642EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/06/01 9:39 p.m.•81 views

USN-6133-1: Linux kernel (Intel IoTG) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

8.1CVSS7.1AI score0.01029EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/05/18 8:38 p.m.•81 views

USN-6090-1: Linux kernel vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Zheng Wang discovered that the Intel i915 graphics...

8.1CVSS7.1AI score0.00635EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/03/15 4:20 p.m.•81 views

USN-5957-1: LibreCAD vulnerabilities

Cody Sixteen discovered that LibreCAD incorrectly handled memory when parsing DXF files. An attacker could use this issue to cause LibreCAD to crash, leading to a denial of service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. CVE-2018-19105 Lilith of Cisco Talos discovered tha...

9.3CVSS7.4AI score0.06617EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/03/13 6:7 a.m.•81 views

USN-5945-1: Protocol Buffers vulnerabilities

It was discovered that Protocol Buffers did not properly validate field com.google.protobuf.UnknownFieldSet in protobuf-java. An attacker could possibly use this issue to perform a denial of service attack. This issue only affected protobuf Ubuntu 22.04 LTS and Ubuntu 22.10. CVE-2021-22569 It was...

7.5CVSS6.7AI score0.0266EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/01/30 10:12 p.m.•81 views

USN-5832-1: Linux kernel (Raspberry Pi) vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

8.8CVSS7.7AI score0.02014EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/12/08 9:40 a.m.•81 views

USN-5759-2: LibBPF vulnerabilities

USN-5759-1 fixed vulnerabilities in LibBPF. This update provides the corresponding updates for Ubuntu 20.04 ESM. Original advisory details: It was discovered that LibBPF incorrectly handled certain memory operations under certain circumstances. An attacker could possibly use this issue to cause...

8CVSS7.2AI score0.00535EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/11/07 5:4 p.m.•81 views

USN-5716-1: SQLite vulnerability

It was discovered that SQLite incorrectly handled certain long string arguments. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS8AI score0.19193EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/09/19 4:56 p.m.•81 views

USN-5617-1: Xen vulnerabilities

It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use th...

8.8CVSS7AI score0.0054EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/08/24 11:25 a.m.•81 views

USN-5578-1: Open VM Tools vulnerability

It was discovered that Open VM Tools incorrectly handled certain requests. An attacker inside the guest could possibly use this issue to gain root privileges inside the virtual machine...

7.8CVSS7AI score0.0054EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/06/30 12:54 p.m.•81 views

USN-5497-1: Libjpeg6b vulnerabilities

It was discovered that Libjpeg6b was not properly performing bounds checks when compressing PPM and Targa image files. An attacker could possibly use this issue to cause a denial of service. CVE-2018-11212 Chijin Zhou discovered that Libjpeg6b was incorrectly handling the EOF character in input...

7.5CVSS6.7AI score0.05074EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/12/01 12:38 p.m.•81 views

USN-4654-1: PEAR vulnerabilities

It was discovered that PEAR incorrectly sanitized filenames. A remote attacker could possibly use this issue to execute arbitrary code...

7.8CVSS7.9AI score0.84554EPSS
Exploits5
Ubuntu
Ubuntu
•added 2020/11/12 1:22 p.m.•81 views

USN-4171-6: Apport regression

USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression when handling configuration files. This update fixes the problem, and also introduces further hardening measures. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings file as...

5.7AI score
Exploits0References1
Total number of security vulnerabilities5000