Lucene search
K
UbuntuMost viewed

10890 matches found

Ubuntu
Ubuntu
added 2023/11/17 12:12 a.m.81 views

USN-6485-1: Intel Microcode vulnerability

Benoit Morgan, Paul Grosen, Thais Moreira Hamasaki, Ke Sun, Alyssa Milburn, Hisham Shafi, Nir Shlomovich, Tavis Ormandy, Daniel Moghimi, Josh Eads, Salman Qazi, Alexandra Sandulescu, Andy Nguyen, Eduardo Vela, Doug Kwan, and Kostik Shtoyk discovered that some IntelR Processors did not properly...

8.8CVSS7.7AI score0.01728EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/10/19 8:17 p.m.81 views

USN-6442-1: Linux kernel (BlueField) vulnerabilities

Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...

7.8CVSS7.5AI score0.00958EPSS
Exploits5
Ubuntu
Ubuntu
added 2023/10/04 10:1 p.m.81 views

USN-6414-2: Django vulnerabilities

USN-6414-1 and USN-6378-1 fixed CVE-2023-43665 and CVE-2023-41164 in Django, respectively. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Wenchao Li discovered that the Django Truncator function incorrectly handled very long HTML input. A remote...

7.5CVSS6.8AI score0.01284EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/08/11 2:36 p.m.81 views

USN-6283-1: Linux kernel vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 Zheng Zhang discovered that the...

9.8CVSS7.4AI score0.0406EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/08/09 11:9 a.m.81 views

USN-4336-3: GNU binutils vulnerabilities

USN-4336-1 fixed several vulnerabilities in GNU. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: It was discovered that GNU binutils contained a large number of security issues. If a user or automated system were tricked into processing a...

7.8CVSS6.7AI score0.08111EPSS
Exploits10
Ubuntu
Ubuntu
added 2023/07/27 12:26 p.m.81 views

USN-6260-1: Linux kernel vulnerabilities

It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2022-48502...

7.8CVSS7.5AI score0.15783EPSS
Exploits18
Ubuntu
Ubuntu
added 2023/07/06 6:6 p.m.81 views

USN-6206-1: Linux kernel (OEM) vulnerabilities

Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-35788, LP: 2023577 It was discovered that the NTFS...

7.8CVSS6.8AI score0.00532EPSS
Exploits2References2
Ubuntu
Ubuntu
added 2023/06/01 9:39 p.m.81 views

USN-6133-1: Linux kernel (Intel IoTG) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

8.1CVSS7.1AI score0.01029EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/05/18 8:38 p.m.81 views

USN-6090-1: Linux kernel vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Zheng Wang discovered that the Intel i915 graphics...

8.1CVSS7.1AI score0.00635EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/04/13 3:49 a.m.81 views

USN-6015-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

8.8CVSS7.8AI score0.00901EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/04/04 8:58 a.m.81 views

USN-5995-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS...

8.4CVSS7AI score0.02098EPSS
Exploits30
Ubuntu
Ubuntu
added 2023/01/30 10:12 p.m.81 views

USN-5832-1: Linux kernel (Raspberry Pi) vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

8.8CVSS7.7AI score0.02014EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/12/08 9:40 a.m.81 views

USN-5759-2: LibBPF vulnerabilities

USN-5759-1 fixed vulnerabilities in LibBPF. This update provides the corresponding updates for Ubuntu 20.04 ESM. Original advisory details: It was discovered that LibBPF incorrectly handled certain memory operations under certain circumstances. An attacker could possibly use this issue to cause...

8CVSS7.2AI score0.0053EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/09/19 4:56 p.m.81 views

USN-5617-1: Xen vulnerabilities

It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use th...

8.8CVSS7AI score0.0054EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/08/24 4:32 p.m.81 views

USN-5578-2: Open VM Tools vulnerability

USN-5578-1 fixed a vulnerability in Open VM Tools. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Open VM Tools incorrectly handled certain requests. An attacker inside the guest could possibly use this issue to gain root...

7.8CVSS7.1AI score0.0054EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/08/24 11:25 a.m.81 views

USN-5578-1: Open VM Tools vulnerability

It was discovered that Open VM Tools incorrectly handled certain requests. An attacker inside the guest could possibly use this issue to gain root privileges inside the virtual machine...

7.8CVSS7AI score0.0054EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/06/30 12:54 p.m.81 views

USN-5497-1: Libjpeg6b vulnerabilities

It was discovered that Libjpeg6b was not properly performing bounds checks when compressing PPM and Targa image files. An attacker could possibly use this issue to cause a denial of service. CVE-2018-11212 Chijin Zhou discovered that Libjpeg6b was incorrectly handling the EOF character in input...

7.5CVSS6.7AI score0.04898EPSS
Exploits3
Ubuntu
Ubuntu
added 2020/11/12 1:22 p.m.81 views

USN-4171-6: Apport regression

USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression when handling configuration files. This update fixes the problem, and also introduces further hardening measures. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings file as...

5.7AI score
Exploits0References1
Ubuntu
Ubuntu
added 2020/10/07 7:32 p.m.81 views

USN-4574-1: libseccomp-golang vulnerability

It was discovered that libseccomp-golang did not properly generate BPFs. If a process were running under a restrictive seccomp filter that specified multiple syscall arguments, the application could potentially bypass the intended restrictions put in place by seccomp...

7.5CVSS7AI score0.0245EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/10/01 9:4 p.m.81 views

USN-4563-1: NTP vulnerability

It was discovered that the fix for CVE-2018-7182 introduced a NULL pointer dereference into NTP. An attacker could use this vulnerability to cause a denial of service crash...

7.5CVSS7.3AI score0.05726EPSS
Exploits2
Ubuntu
Ubuntu
added 2020/09/02 1:17 p.m.81 views

USN-4488-1: X.Org X Server vulnerabilities

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the input extension protocol. A local attacker could possibly use this issue to escalate privileges. CVE-2020-14346 Jan-Niklas Sohn discovered that the X.Org X Server incorrectly initialized memory. A local attacker could...

7.8CVSS7AI score0.00629EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/08/03 1:7 p.m.81 views

USN-4445-1: Ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code,...

9.8CVSS8.6AI score0.05186EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/04/30 5:52 p.m.81 views

USN-4342-1: Linux kernel vulnerabilities

Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondary address mode. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2020-11884 It was discovered that t...

7.5CVSS7.3AI score0.0415EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/10/21 8:16 p.m.81 views

USN-4161-1: Linux kernel vulnerability

It was discovered that the IPv6 routing implementation in the Linux kernel contained a reference counting error leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.9AI score0.00455EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/04/08 4:58 p.m.81 views

USN-3941-1: Lua vulnerability

Fady Othman discovered that Lua incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS6.7AI score0.17224EPSS
Exploits5
Ubuntu
Ubuntu
added 2019/03/28 1:24 p.m.81 views

USN-3924-1: mod_auth_mellon vulnerabilities

It was discovered that modauthmellon incorrectly handled certain requests. An attacker could possibly use this issue to redirect a user to a malicious URL. CVE-2019-3877 It was discovered that modauthmellon incorrectly handled certain requests. An attacker could possibly use this issue to access...

8.1CVSS6.9AI score0.02969EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/12/04 4:49 a.m.81 views

USN-3836-2: Linux kernel (HWE) vulnerabilities

USN-3836-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside...

7CVSS6.9AI score0.07611EPSS
Exploits25
Ubuntu
Ubuntu
added 2018/11/21 4:10 p.m.81 views

USN-3825-1: mod_perl vulnerability

Jan Ingvoldstad discovered that modperl incorrectly handled configuration options to disable being used by unprivileged users, contrary to the documentation. A local attacker could possibly use this issue to execute arbitrary Perl code...

10CVSS7.5AI score0.08946EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/08/14 10:9 p.m.81 views

USN-3741-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3741-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that memory present in the L1 data cache of an Intel CPU core may be...

7.8CVSS6.9AI score0.7354EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2018/07/02 8:5 p.m.81 views

USN-3697-2: Linux kernel (OEM) vulnerabilities

It was discovered that a null pointer dereference vulnerability existed in the DCCP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2018-1130 Jann Horn discovered that the 32 bit adjtimex syscall implementation for 64 bit...

7.8CVSS6.4AI score0.0172EPSS
Exploits5
Ubuntu
Ubuntu
added 2018/06/18 11:51 a.m.81 views

USN-3687-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS7.2AI score0.53772EPSS
Exploits22
Ubuntu
Ubuntu
added 2018/04/05 1:23 a.m.81 views

USN-3620-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3620-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jann Horn discovered that microprocessors utilizing speculative execution and branch...

10CVSS7.7AI score0.74041EPSS
Exploits8
Ubuntu
Ubuntu
added 2018/01/09 11:5 p.m.81 views

USN-3522-2: Linux (Xenial HWE) vulnerability

USN-3522-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn discovered that microprocessors utilizing speculative execution and indirect...

5.6CVSS7.1AI score0.84172EPSS
Exploits3
Ubuntu
Ubuntu
added 2018/01/03 12:53 p.m.81 views

USN-3477-4: Firefox regression

USN-3477-1 fixed vulnerabilities in Firefox. The update introduced a crash reporting issue where background tab crash reports were sent to Mozilla without user opt-in. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were...

7.7AI score
Exploits0References1
Ubuntu
Ubuntu
added 2017/12/15 8:27 a.m.81 views

USN-3509-3: Linux kernel regression

USN-3509-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. Unfortunately, it also introduced a regression that prevented the Ceph network filesystem from being used. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Mohamed Ghannam...

7AI score0.02841EPSS
Exploits12References1
Ubuntu
Ubuntu
added 2017/11/21 5:59 p.m.81 views

USN-3487-1: Linux kernel vulnerabilities

It was discovered that the KVM subsystem in the Linux kernel did not properly keep track of nested levels in guest page tables. A local attacker in a guest VM could use this to cause a denial of service host OS crash or possibly execute arbitrary code in the host OS. CVE-2017-12188 It was...

7.8CVSS7.5AI score0.01155EPSS
Exploits8
Ubuntu
Ubuntu
added 2017/08/17 4:58 p.m.81 views

USN-3393-1: ClamAV vulnerabilities

It was discovered that ClamAV incorrectly handled parsing certain e-mail messages. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. CVE-2017-6418 It was discovered that ClamAV incorrectly handled certain malformed CHM files. A remote...

7.8CVSS7.2AI score0.01976EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/08/16 6:43 a.m.81 views

USN-3392-2: Linux kernel (Xenial HWE) regression

USN-3392-1 fixed a regression in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. USN-3378-2 fixed vulnerabilities in the Linux Hardware Enablement kernel. Unfortunately, ...

6.8AI score0.03763EPSS
Exploits3References2
Ubuntu
Ubuntu
added 2017/07/26 4:45 p.m.81 views

USN-3368-1: libiberty vulnerabilities

It was discovered that libiberty incorrectly handled certain string operations. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause libiberty to crash, resulting in a denial of service, or possibly execute arbitrar...

7.8CVSS6.2AI score0.07267EPSS
Exploits1
Ubuntu
Ubuntu
added 2017/07/21 9:59 a.m.81 views

USN-3361-1: Linux kernel (HWE) vulnerabilities

USN-3358-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Please note that this update changes the Linux HWE kernel to the 4.10 based kernel from Ubuntu...

10CVSS7.4AI score0.1081EPSS
Exploits7
Ubuntu
Ubuntu
added 2017/02/10 12:44 a.m.81 views

USN-3190-2: Linux kernel (Raspberry Pi 2) vulnerabilities

Mikulas Patocka discovered that the asynchronous multibuffer cryptographic daemon mcryptd in the Linux kernel did not properly handle being invoked with incompatible algorithms. A local attacker could use this to cause a denial of service system crash. CVE-2016-10147 It was discovered that a...

10CVSS7.5AI score0.10177EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/08/29 7:26 p.m.81 views

USN-3072-1: Linux kernel vulnerabilities

Kangjie Lu discovered an information leak in the Reliable Datagram Sockets RDS implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-5244 Yue Cao et al discovered a flaw in the TCP implementation's handling of...

7.8CVSS7.5AI score0.15073EPSS
Exploits3
Ubuntu
Ubuntu
added 2016/07/18 6:4 p.m.81 views

USN-3038-1: Apache HTTP Server vulnerability

It was discovered that the Apache HTTP Server would set the HTTPPROXY environment variable based on the contents of the Proxy header from HTTP requests. A remote attacker could possibly use this issue in combination with CGI scripts that honour the HTTPPROXY variable to redirect outgoing HTTP...

8.1CVSS6.9AI score0.55724EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/06/27 9:19 p.m.81 views

USN-3018-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3018-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not...

7.8CVSS7AI score0.05676EPSS
Exploits15
Ubuntu
Ubuntu
added 2016/04/06 7:10 a.m.81 views

USN-2947-3: Linux kernel (Raspberry Pi 2) vulnerabilities

Ralf Spenneberg discovered that the usbvision driver in the Linux kernel did not properly validate the interfaces and endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7833 Venkatesh Pottem discovered a use-after-free...

10CVSS7.1AI score0.14281EPSS
Exploits1
Ubuntu
Ubuntu
added 2016/03/17 8:37 p.m.81 views

USN-2935-3: PAM regression

USN-2935-1 fixed vulnerabilities in PAM. The updates contained a packaging change that prevented upgrades in certain multiarch environments. USN-2935-2 intended to fix the problem but was incomplete for Ubuntu 12.04 LTS. This update fixes the problem in Ubuntu 12.04 LTS. We apologize for the...

6.6AI score
Exploits0References2
Ubuntu
Ubuntu
added 2016/02/17 2:46 p.m.81 views

USN-2902-1: graphite2 vulnerabilities

Yves Younan discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially- crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute...

9.3CVSS7.6AI score0.0831EPSS
Exploits1
Ubuntu
Ubuntu
added 2015/11/05 12:14 a.m.81 views

USN-2792-1: Linux kernel vulnerabilities

Dmitry Vyukov discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their privileges, expose confidential information, or cause a denial of service system crash. CVE-2015-7613 It was discovered that the Lin...

6.9CVSS6.7AI score0.05059EPSS
Exploits1
Ubuntu
Ubuntu
added 2015/08/26 2:10 p.m.81 views

USN-2722-1: GDK-PixBuf vulnerability

Gustavo Grieco discovered that GDK-PixBuf incorrectly handled scaling bitmap images. If a user or automated system were tricked into opening a BMP image file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code...

6.8CVSS7.5AI score0.084EPSS
Exploits0
Ubuntu
Ubuntu
added 2015/08/18 12:43 a.m.81 views

USN-2714-1: Linux kernel (OMAP4) vulnerabilities

Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change ASCONF options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service system crash. CVE-2015-3212 A flaw was...

7.8CVSS7.1AI score0.06267EPSS
Exploits0
Total number of security vulnerabilities5000