Lucene search
K
UbuntuMost viewed

10890 matches found

Ubuntu
Ubuntu
added 2019/03/28 1:24 p.m.81 views

USN-3924-1: mod_auth_mellon vulnerabilities

It was discovered that modauthmellon incorrectly handled certain requests. An attacker could possibly use this issue to redirect a user to a malicious URL. CVE-2019-3877 It was discovered that modauthmellon incorrectly handled certain requests. An attacker could possibly use this issue to access...

8.1CVSS6.9AI score0.02969EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/12/04 4:49 a.m.81 views

USN-3836-2: Linux kernel (HWE) vulnerabilities

USN-3836-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside...

7CVSS6.9AI score0.07611EPSS
Exploits25
Ubuntu
Ubuntu
added 2018/11/21 4:10 p.m.81 views

USN-3825-1: mod_perl vulnerability

Jan Ingvoldstad discovered that modperl incorrectly handled configuration options to disable being used by unprivileged users, contrary to the documentation. A local attacker could possibly use this issue to execute arbitrary Perl code...

10CVSS7.5AI score0.08946EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/07/02 8:5 p.m.81 views

USN-3697-2: Linux kernel (OEM) vulnerabilities

It was discovered that a null pointer dereference vulnerability existed in the DCCP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2018-1130 Jann Horn discovered that the 32 bit adjtimex syscall implementation for 64 bit...

7.8CVSS6.4AI score0.0172EPSS
Exploits5
Ubuntu
Ubuntu
added 2018/06/18 11:51 a.m.81 views

USN-3687-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS7.2AI score0.53772EPSS
Exploits22
Ubuntu
Ubuntu
added 2018/04/05 1:23 a.m.81 views

USN-3620-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3620-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jann Horn discovered that microprocessors utilizing speculative execution and branch...

10CVSS7.7AI score0.74041EPSS
Exploits8
Ubuntu
Ubuntu
added 2018/01/09 11:5 p.m.81 views

USN-3522-2: Linux (Xenial HWE) vulnerability

USN-3522-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn discovered that microprocessors utilizing speculative execution and indirect...

5.6CVSS7.1AI score0.84172EPSS
Exploits3
Ubuntu
Ubuntu
added 2018/01/03 12:53 p.m.81 views

USN-3477-4: Firefox regression

USN-3477-1 fixed vulnerabilities in Firefox. The update introduced a crash reporting issue where background tab crash reports were sent to Mozilla without user opt-in. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were...

7.7AI score
Exploits0References1
Ubuntu
Ubuntu
added 2017/12/15 8:27 a.m.81 views

USN-3509-3: Linux kernel regression

USN-3509-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. Unfortunately, it also introduced a regression that prevented the Ceph network filesystem from being used. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Mohamed Ghannam...

7AI score0.02841EPSS
Exploits12References1
Ubuntu
Ubuntu
added 2017/12/07 11:17 p.m.81 views

USN-3509-1: Linux kernel vulnerabilities

Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem XFRM in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-16939 It was discovered that the Linux kernel did not...

7.8CVSS6.8AI score0.02841EPSS
Exploits12
Ubuntu
Ubuntu
added 2017/11/21 5:59 p.m.81 views

USN-3487-1: Linux kernel vulnerabilities

It was discovered that the KVM subsystem in the Linux kernel did not properly keep track of nested levels in guest page tables. A local attacker in a guest VM could use this to cause a denial of service host OS crash or possibly execute arbitrary code in the host OS. CVE-2017-12188 It was...

7.8CVSS7.5AI score0.01155EPSS
Exploits8
Ubuntu
Ubuntu
added 2017/08/16 6:43 a.m.81 views

USN-3392-2: Linux kernel (Xenial HWE) regression

USN-3392-1 fixed a regression in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. USN-3378-2 fixed vulnerabilities in the Linux Hardware Enablement kernel. Unfortunately, ...

6.8AI score0.03763EPSS
Exploits3References2
Ubuntu
Ubuntu
added 2017/08/03 4:52 p.m.81 views

USN-3378-1: Linux kernel vulnerabilities

Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2017-7533 It was discovered that the Linux kernel did n...

7.8CVSS6.8AI score0.03763EPSS
Exploits3
Ubuntu
Ubuntu
added 2017/07/26 4:45 p.m.81 views

USN-3368-1: libiberty vulnerabilities

It was discovered that libiberty incorrectly handled certain string operations. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause libiberty to crash, resulting in a denial of service, or possibly execute arbitrar...

7.8CVSS6.2AI score0.07267EPSS
Exploits1
Ubuntu
Ubuntu
added 2017/02/10 12:44 a.m.81 views

USN-3190-2: Linux kernel (Raspberry Pi 2) vulnerabilities

Mikulas Patocka discovered that the asynchronous multibuffer cryptographic daemon mcryptd in the Linux kernel did not properly handle being invoked with incompatible algorithms. A local attacker could use this to cause a denial of service system crash. CVE-2016-10147 It was discovered that a...

10CVSS7.5AI score0.10177EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/10/13 10:26 p.m.81 views

USN-3097-2: Linux kernel (OMAP4) vulnerabilities

Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2016-6828 Pengfei Wang discovered a race condition in the...

5.5CVSS6.5AI score0.01181EPSS
Exploits5
Ubuntu
Ubuntu
added 2016/08/29 7:26 p.m.81 views

USN-3072-1: Linux kernel vulnerabilities

Kangjie Lu discovered an information leak in the Reliable Datagram Sockets RDS implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-5244 Yue Cao et al discovered a flaw in the TCP implementation's handling of...

7.8CVSS7.5AI score0.15073EPSS
Exploits3
Ubuntu
Ubuntu
added 2016/07/18 6:4 p.m.81 views

USN-3038-1: Apache HTTP Server vulnerability

It was discovered that the Apache HTTP Server would set the HTTPPROXY environment variable based on the contents of the Proxy header from HTTP requests. A remote attacker could possibly use this issue in combination with CGI scripts that honour the HTTPPROXY variable to redirect outgoing HTTP...

8.1CVSS6.9AI score0.55724EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/06/27 9:19 p.m.81 views

USN-3018-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3018-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not...

7.8CVSS7AI score0.05676EPSS
Exploits15
Ubuntu
Ubuntu
added 2016/05/04 6:34 p.m.81 views

USN-2950-2: libsoup update

USN-2950-1 fixed vulnerabilities in Samba. The updated Samba packages introduced a compatibility issue with NTLM authentication in libsoup. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jouni Knuutinen discovered that Samba contained multiple flaws ...

7.1AI score0.3693EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2016/03/17 8:37 p.m.81 views

USN-2935-3: PAM regression

USN-2935-1 fixed vulnerabilities in PAM. The updates contained a packaging change that prevented upgrades in certain multiarch environments. USN-2935-2 intended to fix the problem but was incomplete for Ubuntu 12.04 LTS. This update fixes the problem in Ubuntu 12.04 LTS. We apologize for the...

6.6AI score
Exploits0References2
Ubuntu
Ubuntu
added 2016/02/17 2:46 p.m.81 views

USN-2902-1: graphite2 vulnerabilities

Yves Younan discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially- crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute...

9.3CVSS7.6AI score0.0831EPSS
Exploits1
Ubuntu
Ubuntu
added 2015/11/05 12:14 a.m.81 views

USN-2792-1: Linux kernel vulnerabilities

Dmitry Vyukov discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their privileges, expose confidential information, or cause a denial of service system crash. CVE-2015-7613 It was discovered that the Lin...

6.9CVSS6.7AI score0.05059EPSS
Exploits1
Ubuntu
Ubuntu
added 2015/08/26 2:10 p.m.81 views

USN-2722-1: GDK-PixBuf vulnerability

Gustavo Grieco discovered that GDK-PixBuf incorrectly handled scaling bitmap images. If a user or automated system were tricked into opening a BMP image file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code...

6.8CVSS7.5AI score0.084EPSS
Exploits0
Ubuntu
Ubuntu
added 2015/07/23 11:12 p.m.81 views

USN-2678-1: Linux kernel vulnerabilities

A flaw was discovered in the user space memory copying for the pipe iovecs in the Linux kernel. An unprivileged local user could exploit this flaw to cause a denial of service system crash or potentially escalate their privileges. CVE-2015-1805 Daniel Borkmann reported a kernel crash in the Linux...

7.2CVSS7AI score0.01407EPSS
Exploits3
Ubuntu
Ubuntu
added 2015/06/15 9:47 p.m.81 views

USN-2643-1: Linux kernel vulnerability

Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system...

7.8CVSS7.4AI score0.37679EPSS
Exploits22
Ubuntu
Ubuntu
added 2015/06/10 9:51 p.m.81 views

USN-2636-1: Linux kernel (Vivid HWE) vulnerabilities

Xiong Zhou discovered a bug in the way the EXT4 filesystem handles fallocate zero range functionality when the page size is greater than the block size. A local attacker could exploit this flaw to cause a denial of service system crash. CVE-2015-0275 Wen Xu discovered a use-after-free flaw in the...

7.2CVSS7.1AI score0.02472EPSS
Exploits7
Ubuntu
Ubuntu
added 2015/05/05 10:20 p.m.81 views

USN-2599-1: Linux kernel (Utopic HWE) vulnerability

A race condition between chown and execve was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to gain administrative privileges...

6.2CVSS6.8AI score0.00317EPSS
Exploits0
Ubuntu
Ubuntu
added 2015/04/13 3:13 p.m.81 views

USN-2567-1: NTP vulnerabilities

Miroslav Lichvar discovered that NTP incorrectly validated MAC fields. A remote attacker could possibly use this issue to bypass authentication and spoof packets. CVE-2015-1798 Miroslav Lichvar discovered that NTP incorrectly handled certain invalid packets. A remote attacker could possibly use...

4.3CVSS6.5AI score0.02219EPSS
Exploits0
Ubuntu
Ubuntu
added 2015/04/09 10:32 a.m.81 views

USN-2564-1: Linux kernel (Utopic HWE) vulnerabilities

An integer overflow was discovered in the stack randomization feature of the Linux kernel on 64 bit platforms. A local attacker could exploit this flaw to bypass the Address Space Layout Randomization ASLR protection mechanism. CVE-2015-1593 An information leak was discovered in the Linux Kernel'...

7.2CVSS6.7AI score0.03742EPSS
Exploits2
Ubuntu
Ubuntu
added 2015/04/08 10:23 p.m.81 views

USN-2561-1: Linux kernel (OMAP4) vulnerabilities

It was discovered that the Linux kernel's Infiniband subsystem did not properly sanitize its input parameters while registering memory regions from userspace. A local user could exploit this flaw to cause a denial of service system crash or to potentially gain administrative privileges...

6.9CVSS6.6AI score0.03742EPSS
Exploits1
Ubuntu
Ubuntu
added 2015/03/24 12:44 p.m.81 views

USN-2547-1: Mono vulnerabilities

It was discovered that the Mono TLS implementation was vulnerable to the SKIP-TLS vulnerability. A remote attacker could possibly use this issue to perform client impersonation attacks. CVE-2015-2318 It was discovered that the Mono TLS implementation was vulnerable to the FREAK vulnerability. A...

9.8CVSS7.9AI score0.03539EPSS
Exploits1
Ubuntu
Ubuntu
added 2015/03/12 6:44 a.m.81 views

USN-2530-1: Linux kernel vulnerability

It was discovered that the Linux kernel's Infiniband subsystem did not properly sanitize its input parameters while registering memory regions from userspace. A local user could exploit this flaw to cause a denial of service system crash or to potentially gain administrative privileges...

6.9CVSS6.2AI score0.00441EPSS
Exploits0
Ubuntu
Ubuntu
added 2015/02/26 10:49 a.m.81 views

USN-2511-1: Linux kernel vulnerabilities

A race condition was discovered in the Linux kernel's key ring. A local user could cause a denial of service memory corruption or panic or possibly have unspecified impact via the keyctl commands. CVE-2014-9529 A memory leak was discovered in the ISO 9660 CDROM file system when parsing rock ridge...

6.9CVSS6.8AI score0.00465EPSS
Exploits0
Ubuntu
Ubuntu
added 2014/12/12 7:47 a.m.81 views

USN-2447-1: Linux kernel (Utopic HWE) vulnerabilities

Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment SS register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. CVE-2014-9322 An information leak in the Linux kernel was discovered...

7.8CVSS6.8AI score0.08579EPSS
Exploits17
Ubuntu
Ubuntu
added 2014/10/31 5:30 p.m.81 views

USN-2396-1: Linux kernel vulnerabilities

Nadav Amit reported that the KVM Kernel Virtual Machine mishandles noncanonical addresses when emulating instructions that change the rip Instruction Pointer. A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service system crash of the guest. CVE-2014-3647 A flaw...

5.5CVSS6.4AI score0.00595EPSS
Exploits1
Ubuntu
Ubuntu
added 2014/10/09 10:55 a.m.81 views

USN-2378-1: Linux kernel (Trusty HWE) vulnerabilities

Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service system crash or possibly execute arbitrary code via specially crafted devices. CVE-2014-3181 Ben Hawkes reported...

7.8CVSS7.1AI score0.06167EPSS
Exploits8
Ubuntu
Ubuntu
added 2014/09/23 8:23 p.m.81 views

USN-2355-1: Linux kernel (EC2) vulnerabilities

Chris Evans reported an flaw in the Linux kernel's handling of iso9660 compact disk filesystem images. An attacker who can mount a custom iso9660 image either via a CD/DVD drive or a loopback mount could cause a denial of service system crash or reboot. CVE-2014-5471 Chris Evans reported an flaw ...

4CVSS6.8AI score0.00505EPSS
Exploits2
Ubuntu
Ubuntu
added 2014/07/22 9:8 p.m.81 views

USN-2296-1: Thunderbird vulnerabilities

Christian Holler, David Keeler and Byron Campen discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application crash, or...

10CVSS8.3AI score0.06109EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2014/06/27 8:48 a.m.81 views

USN-2261-1: Linux kernel (Saucy HWE) vulnerabilities

Salva Peiró discovered an information leak in the Linux kernel's media- device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. CVE-2014-1739 A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user...

4.9CVSS6.8AI score0.01121EPSS
Exploits4
Ubuntu
Ubuntu
added 2014/06/27 8:37 a.m.81 views

USN-2259-1: Linux kernel vulnerabilities

Salva Peiró discovered an information leak in the Linux kernel's media- device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. CVE-2014-1739 A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user...

4.9CVSS6.8AI score0.01121EPSS
Exploits4
Ubuntu
Ubuntu
added 2014/06/25 7:31 p.m.81 views

USN-2254-2: PHP updates

USN-2254-1 fixed vulnerabilities in PHP. The fix for CVE-2014-0185 further restricted the permissions on the PHP FastCGI Process Manager FPM UNIX socket. This update grants socket access to the www-data user and group so installations and documentation relying on the previous socket permissions...

7.7AI score
Exploits0References1
Ubuntu
Ubuntu
added 2014/06/05 9:33 p.m.81 views

USN-2237-1: Linux kernel (Quantal HWE) vulnerability

Pinkie Pie discovered a flaw in the Linux kernel's futex subsystem. An unprivileged local user could exploit this flaw to cause a denial of service system crash or gain administrative privileges...

7.8CVSS7.5AI score0.37233EPSS
Exploits15
Ubuntu
Ubuntu
added 2014/06/04 1:58 p.m.81 views

USN-2230-1: chkrootkit vulnerability

Thomas Stangner discovered that chkrootkit incorrectly quoted certain values. A local attacker could use this issue to execute arbitrary code when chkrootkit is run and gain root privileges...

3.7CVSS6AI score0.03828EPSS
Exploits6
Ubuntu
Ubuntu
added 2014/05/06 2:38 a.m.81 views

USN-2203-1: Linux kernel vulnerability

A flaw was discovered in the Linux kernel's pseudo tty pty device. An unprivileged user could exploit this flaw to cause a denial of service system crash or potentially gain administrator privileges...

6.9CVSS7AI score0.22475EPSS
Exploits7
Ubuntu
Ubuntu
added 2014/03/07 11:41 a.m.81 views

USN-2136-1: Linux kernel (Raring HWE) vulnerabilities

Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported a flaw in the Linux Kernel's kvmvmioctlcreatevcpu function ...

7.2CVSS6.8AI score0.10209EPSS
Exploits10
Ubuntu
Ubuntu
added 2014/02/18 10:19 p.m.81 views

USN-2110-1: Linux kernel (OMAP4) vulnerabilities

Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. CVE-2013-2929 Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw...

7.2CVSS7.1AI score0.09408EPSS
Exploits5
Ubuntu
Ubuntu
added 2014/01/03 10:29 a.m.81 views

USN-2065-1: Linux kernel (EC2) vulnerabilities

Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. CVE-2013-4345 A flaw was discovered in the Linux kernel's IP Virtual Server IPVS support. A local user with the CAPNETADMI...

7CVSS6.7AI score0.03181EPSS
Exploits1
Ubuntu
Ubuntu
added 2013/11/08 10:4 p.m.81 views

USN-2022-1: Linux kernel (OMAP4) vulnerabilities

An information leak was discovered in the handling of ICMPv6 Router Advertisement RA messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service excessive retries and address-generation outage, and consequently obtain sensitive...

6.2CVSS7.1AI score0.04144EPSS
Exploits3
Ubuntu
Ubuntu
added 2013/10/01 3:2 p.m.81 views

USN-1983-1: Python 2.7 vulnerabilities

Florian Weimer discovered that Python incorrectly handled matching multiple wildcards in ssl certificate hostnames. An attacker could exploit this to cause Python to consume resources, resulting in a denial of service. This issue only affected Ubuntu 13.04. CVE-2013-2099 Ryan Sleevi discovered th...

4.3CVSS7.4AI score0.05347EPSS
Exploits1
Total number of security vulnerabilities5000