Lucene search
K
UbuntuMost viewed

10868 matches found

Ubuntu
Ubuntu
•added 2022/09/09 9:31 a.m.•276 views

USN-5181-1: jQuery UI vulnerability

It was discovered that jQuery UI did not properly validate the values from untrusted sources. An attacker could use this vulnerability to cause a crash or possibly execute arbitrary code. This issue affected only Ubuntu 18.04 ESM and Ubuntu 20.4 ESM. CVE-2021-41184 It was discovered that jQuery U...

6.5CVSS7.3AI score0.42847EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/07/23 6:28 a.m.•275 views

USN-4069-1: Linux kernel vulnerabilities

It was discovered that an integer overflow existed in the Linux kernel when reference counting pages, leading to potential use-after-free issues. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2019-11487 Jann Horn discovered that ...

7.8CVSS6.8AI score0.00989EPSS
Exploits4
Ubuntu
Ubuntu
•added 2019/06/05 5:11 p.m.•273 views

USN-4009-2: PHP vulnerabilities

USN-4009-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that PHP incorrectly decoding certain MIME headers. A remote attacker could possibly use this issue to cause PHP t...

9.1CVSS7.6AI score0.04068EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/03/15 10:5 p.m.•273 views

USN-3910-1: Linux kernel vulnerabilities

It was discovered that the f2fs filesystem implementation in the Linux kernel did not handle the noflushmerge mount option correctly. An attacker could use this to cause a denial of service system crash. CVE-2017-18241 It was discovered that the procfs filesystem did not properly handle processes...

6.7CVSS6.4AI score0.07291EPSS
Exploits6
Ubuntu
Ubuntu
•added 2017/05/09 2:31 p.m.•272 views

USN-3281-1: Apache Fop vulnerability

Pierre Ernst discovered that Apache Fop incorrectly handled XML external entities. A remote attacker could possibly use this issue to obtain sensitive files from the filesystem, or cause a denial of service...

7.9CVSS7.2AI score0.0296EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/12/11 12:14 a.m.•271 views

USN-7149-1: Intel Microcode vulnerabilities

Avraham Shalev and Nagaraju N Kodalapura discovered that some IntelR XeonR processors did not properly restrict access to the memory controller when using IntelR SGX. This may allow a local privileged attacker to further escalate their privileges. CVE-2024-21820, CVE-2024-23918 It was discovered...

8.8CVSS6AI score0.00256EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/17 1:25 p.m.•271 views

USN-4059-2: Squid vulnerabilities

USN-4059-1 and USN-3557-1 fixed several vulnerabilities in Squid. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Louis Dion-Marcil discovered that Squid incorrectly handled certain Edge Side Includes ESI responses. A malicious remote server could...

7.5CVSS6.1AI score0.74477EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/03/18 1:0 p.m.•270 views

USN-6697-1: Bash vulnerability

It was discovered that Bash incorrectly handled certain memory operations when processing commands. If a user or automated system were tricked into running a specially crafted bash file, a remote attacker could use this issue to cause Bash to crash, resulting in a denial of service, or possibly...

7.8CVSS7.7AI score0.00356EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/12/19 1:2 p.m.•270 views

USN-6560-1: OpenSSH vulnerabilities

Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being...

9.8CVSS7.1AI score0.93305EPSS
Exploits4
Ubuntu
Ubuntu
•added 2022/06/15 8:28 a.m.•270 views

USN-4767-1: Zabbix vulnerabilities

Fu Chuang discovered that Zabbix did not properly parse IPs. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. CVE-2020-11800 It was discovered that Zabbix incorrectly handled certain...

9.8CVSS7.7AI score0.83284EPSS
Exploits40
Ubuntu
Ubuntu
•added 2022/01/19 5:37 p.m.•269 views

USN-5240-1: Linux kernel vulnerability

William Liu and Jamie Hill-Daniel discovered that the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

8.4CVSS7AI score0.25151EPSS
Exploits11
Ubuntu
Ubuntu
•added 2021/06/03 10:51 a.m.•269 views

USN-4980-1: polkit vulnerability

Kevin Backhouse discovered that polkit incorrectly handled errors in the polkitsystembusnamegetcredssync function. A local attacker could possibly use this issue to escalate privileges...

7.8CVSS7.7AI score0.22193EPSS
Exploits37
Ubuntu
Ubuntu
•added 2018/11/14 10:20 p.m.•269 views

USN-3821-1: Linux kernel vulnerabilities

Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly ensure that xattr information remained in inode bodies. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service system crash. CVE-2018-10880 It...

7.1CVSS7AI score0.02914EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/07/17 6:21 p.m.•268 views

USN-4063-1: LibreOffice vulnerabilities

Nils Emmerich discovered that LibreOffice incorrectly handled LibreLogo scripts. If a user were tricked into opening a specially crafted document, a remote attacker could cause LibreOffice to execute arbitrary code. CVE-2019-9848 Matei "Mal" Badanoiu discovered that LibreOffice incorrectly handle...

9.8CVSS7.9AI score0.30698EPSS
Exploits5
Ubuntu
Ubuntu
•added 2019/01/09 5:41 p.m.•268 views

USN-3850-1: NSS vulnerabilities

Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. CVE-2018-0495 It was discovered that NSS incorrectly handled certain v2-compatible ClientHello messages. A remo...

5.9CVSS6.2AI score0.44398EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/06/05 7:43 p.m.•266 views

USN-4008-2: AppArmor update

USN-4008-1 fixed multiple security issues in the Linux kernel. This update provides the corresponding changes to AppArmor policy for correctly operating under the Linux kernel with fixes for CVE-2019-11190. Without these changes, some profile transitions may be unintentionally denied due to missi...

4.7CVSS6.9AI score0.00485EPSS
Exploits1
Ubuntu
Ubuntu
•added 2016/08/15 4:39 p.m.•264 views

USN-3061-1: OpenSSH vulnerabilities

Eddie Harari discovered that OpenSSH incorrectly handled password hashing when authenticating non-existing users. A remote attacker could perform a timing attack and enumerate valid users. CVE-2016-6210 Tomas Kuthan, Andres Rojas, and Javier Nieto discovered that OpenSSH did not limit password...

7.8CVSS6.8AI score0.88944EPSS
Exploits17
Ubuntu
Ubuntu
•added 2024/11/11 3:11 p.m.•262 views

USN-7100-1: Linux kernel vulnerabilities

Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a deni...

8.8CVSS7.3AI score0.00879EPSS
Exploits8
Ubuntu
Ubuntu
•added 2024/03/11 12:34 p.m.•262 views

USN-6687-1: AccountsService vulnerability

It was discovered that AccountsService called a helper incorrectly when performing password change operations. A local attacker could possibly use this issue to obtain encrypted passwords...

3.3CVSS4.8AI score0.00448EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/06/08 2:5 a.m.•262 views

USN-4984-1: Linux kernel vulnerabilities

Jan Beulich discovered that the Xen netback backend in the Linux kernel did not properly handle certain error conditions under paravirtualization. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash. CVE-2021-28038 It was discovered that the Realtek...

8.8CVSS7.4AI score0.01316EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/06/05 5:15 p.m.•261 views

USN-3957-3: MariaDB vulnerabilities

USN-3957-1 fixed multiple vulnerabilities in MySQL. This update provides the corresponding fixes for CVE-2019-2614 and CVE-2019-2627 in MariaDB 10.1. Ubuntu 18.04 LTS has been updated to MariaDB 10.1.40. In addition to security fixes, the updated package contain bug fixes, new features, and...

4.9CVSS6.4AI score0.0301EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/11/12 12:34 p.m.•260 views

USN-7102-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.40 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. In addition to security fixes, the updated packages contain bug...

6.5CVSS5.8AI score0.01022EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/16 12:2 p.m.•260 views

USN-7014-1: nginx vulnerability

It was discovered that the nginx ngxhttpmp4 module incorrectly handled certain malformed mp4 files. In environments where the mp4 directive is in use, a remote attacker could possibly use this issue to cause nginx to crash, resulting in a denial of service...

5.7CVSS7.1AI score0.0032EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/25 10:21 p.m.•259 views

USN-7035-1: AppArmor vulnerability

It was discovered that the AppArmor policy compiler incorrectly generated looser restrictions than expected for rules allowing mount operations. A local attacker could possibly use this to bypass AppArmor restrictions in applications where some mount operations were permitted...

9.8CVSS5.7AI score0.01034EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2024/10/21 12:6 a.m.•258 views

USN-7077-1: AMD Microcode vulnerability

Enrique Nissim and Krzysztof Okupski discovered that some AMD processors did not properly restrict access to the System Management Mode SMM configuration when the SMM Lock was enabled. A privileged local attacker could possibly use this issue to further escalate their privileges and execute...

7.5CVSS7.8AI score0.00622EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/03/16 12:21 a.m.•258 views

USN-5958-1: FFmpeg vulnerabilities

It was discovered that FFmpeg could be made to dereference a null pointer. An attacker could possibly use this to cause a denial of service via application crash. These issues only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2022-3109, CVE-2022-3341 It...

8.1CVSS6.6AI score0.0347EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2020/12/01 1:57 p.m.•258 views

USN-4655-1: Werkzeug vulnerabilities

It was discovered that Werkzeug has insufficient debugger PIN randomness. An attacker could use this issue to access sensitive information. This issue only affected Ubuntu 18.04 LTS. CVE-2019-14806 It was discovered that Werkzeug incorrectly handled certain URLs. An attacker could possibly use th...

7.5CVSS6.5AI score0.02288EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/02/22 7:14 a.m.•257 views

USN-5295-2: Linux kernel vulnerabilities

It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-22600 Jann Horn discovered a race condition in the Un...

7.8CVSS7.3AI score0.05918EPSS
Exploits5
Ubuntu
Ubuntu
•added 2021/08/18 5:29 p.m.•257 views

USN-5046-1: Linux kernel vulnerabilities

It was discovered that the bluetooth subsystem in the Linux kernel did not properly perform access control. An authenticated attacker could possibly use this to expose sensitive information. CVE-2020-26558, CVE-2021-0129 Michael Brown discovered that the Xen netback driver in the Linux kernel did...

7.8CVSS7.4AI score0.00872EPSS
Exploits2
Ubuntu
Ubuntu
•added 2020/01/07 2:16 a.m.•257 views

USN-4226-1: Linux kernel vulnerabilities

Michael Hanselmann discovered that the CIFS implementation in the Linux kernel did not sanitize paths returned by an SMB server. An attacker controlling an SMB server could use this to overwrite arbitrary files. CVE-2019-10220 It was discovered that a heap-based buffer overflow existed in the...

10CVSS7.2AI score0.16908EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/10/01 5:28 p.m.•257 views

USN-3774-1: strongSwan vulnerability

It was discovered that strongSwan incorrectly handled signature validation in the gmp plugin. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.3AI score0.03511EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/12/13 4:59 p.m.•256 views

USN-7157-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain inputs when processed with convert.quoted-printable decode filters. An attacker could possibly use this issue to expose sensitive information or cause a crash. CVE-2024-11233 It was discovered that PHP incorrectly handled certain HTTP request...

9.8CVSS7.5AI score0.02286EPSS
Exploits4
Ubuntu
Ubuntu
•added 2024/12/12 5:9 p.m.•256 views

USN-7154-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; -...

8.8CVSS7.5AI score0.00879EPSS
Exploits12
Ubuntu
Ubuntu
•added 2024/11/26 9:29 a.m.•256 views

USN-7117-2: needrestart regression

USN-7117-1 fixed vulnerabilities in needrestart. The update introduced a regression in needrestart. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Qualys discovered that needrestart passed unsanitized data to a library libmodule-scandeps-perl which...

7.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2024/11/19 5:54 p.m.•256 views

USN-7117-1: needrestart and Module::ScanDeps vulnerabilities

Qualys discovered that needrestart passed unsanitized data to a library libmodule-scandeps-perl which expects safe input. A local attacker could possibly use this issue to execute arbitrary code as root. CVE-2024-11003 Qualys discovered that the library libmodule-scandeps-perl incorrectly parsed...

7.8CVSS7.7AI score0.19924EPSS
Exploits16
Ubuntu
Ubuntu
•added 2024/11/19 1:22 p.m.•256 views

USN-7116-1: Python vulnerability

It was discovered that Python incorrectly handled quoting path names when using the venv module. A local attacker able to control virtual environments could possibly use this issue to execute arbitrary code when the virtual environment is activated...

7.8CVSS7.6AI score0.00647EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/10/02 3:54 p.m.•255 views

USN-3779-1: Linux kernel vulnerabilities

It was discovered that an integer overflow vulnerability existed in the Linux kernel when loading an executable to run. A local attacker could use this to gain administrative privileges. CVE-2018-14634 It was discovered that a stack-based buffer overflow existed in the iSCSI target implementation...

8.3CVSS7.8AI score0.14806EPSS
Exploits6
Ubuntu
Ubuntu
•added 2024/12/12 8:26 p.m.•253 views

USN-7159-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - S390 architecture; - x86 architecture; - Power management core; - GPU...

7.8CVSS7AI score0.00289EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/11/05 12:59 a.m.•252 views

USN-7083-1: OpenJPEG vulnerabilities

It was discovered that OpenJPEG incorrectly handled certain memory operations when using the command line "-ImgDir" in a directory with a large number of files, leading to an integer overflow vulnerability. An attacker could potentially use this issue to cause a denial of service. This issue only...

7.8CVSS7.2AI score0.0156EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/09/16 12:15 p.m.•252 views

USN-7015-1: Python vulnerabilities

It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could possibly use this issue to bypass certain protection mechanisms. CVE-2023-27043 It was discovered that Python allowed excessive backtracking while parsing...

8.7CVSS6.8AI score0.02507EPSS
Exploits4
Ubuntu
Ubuntu
•added 2022/01/25 7:30 p.m.•252 views

USN-5252-2: PolicyKit vulnerability

USN-5252-1 fixed a vulnerability in policykit-1. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that the PolicyKit pkexec tool incorrectly handled command-line arguments. A local attacker could use this issue t...

7.8CVSS7.4AI score0.94921EPSS
Exploits151
Ubuntu
Ubuntu
•added 2024/11/27 12:38 a.m.•251 views

USN-7126-1: libsoup vulnerabilities

It was discovered that libsoup ignored certain characters at the end of header names. A remote attacker could possibly use this issue to perform a HTTP request smuggling attack. CVE-2024-52530 It was discovered that libsoup did not correctly handle memory while performing UTF-8 conversions. An...

8.4CVSS7.4AI score0.00933EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/11/08 1:42 a.m.•251 views

USN-7094-1: QEMU vulnerabilities

It was discovered that QEMU incorrectly handled memory during certain VNC operations. A remote attacker could possibly use this issue to cause QEMU to consume resources, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2019-20382 It was discovered that QEMU...

7.8CVSS7.5AI score0.03566EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2024/01/30 12:38 p.m.•251 views

USN-6615-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.36 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.10. In addition to security fixes, the updated packages contain bug fixes, new features...

6.5CVSS6AI score0.01539EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/06/09 6:37 p.m.•251 views

USN-4986-2: rpcbind vulnerability

USN-4986-1 fixed a vulnerability in rpcbind. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that rpcbind incorrectly handled certain large data sizes. A remote attacker could use this issue to cause rpcbind to...

7.8CVSS7.4AI score0.81921EPSS
Exploits4
Ubuntu
Ubuntu
•added 2020/09/24 10:41 p.m.•251 views

USN-4527-1: Linux kernel vulnerabilities

It was discovered that the Conexant 23885 TV card device driver for the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2019-19054 It was discovered that the Atheros HTC based wireless...

7.8CVSS7AI score0.04433EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/07 3:2 a.m.•251 views

USN-4228-1: Linux kernel vulnerabilities

It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2019-14895, CVE-2019-14901 It was discovered that a...

10CVSS7.3AI score0.16908EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/11/19 2:31 p.m.•250 views

USN-7015-5: Python vulnerabilities

USN-7015-1 fixed several vulnerabilities in Python. This update provides the corresponding update for CVE-2024-6232 and CVE-2024-6923 for python2.7 in Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Original advisory details: It was discovered that the...

7.5CVSS6.8AI score0.02203EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/11/18 4:25 p.m.•250 views

USN-7114-1: GLib vulnerability

It was discovered that Glib incorrectly handled certain trailing characters. An attacker could possibly use this issue to cause a crash or other undefined behavior...

9.8CVSS7.3AI score0.01263EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/12/20 8:33 p.m.•249 views

USN-7179-1: Linux kernel vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

8.8CVSS8.1AI score0.07693EPSS
Exploits7
Total number of security vulnerabilities5000