Lucene search
K
UbuntuMost viewed

10890 matches found

Ubuntu
Ubuntu
added 2006/06/15 11:29 p.m.81 views

USN-302-1: Linux kernel vulnerabilities

An integer overflow was discovered in the doreplace function. A local user process with the CAPNETADMIN capability could exploit this to execute arbitrary commands with full root privileges. However, none of Ubuntu's supported packages use this capability with any non-root user, so this only...

9CVSS8.2AI score0.20561EPSS
Exploits7
Ubuntu
Ubuntu
added 2004/11/18 12:51 a.m.81 views

USN-27-1: libxpm4 vulnerability

Chris Evans discovered several stack overflows in the versions of libXpm shipped by X.Org, XFree86, and LessTif. These overflows were fixed in the Warty development tree before its release. Mathieu Herrb of OpenBSD subsequently discovered that the original patch was insufficient to address these...

7.5CVSS7.8AI score0.08052EPSS
Exploits2
Ubuntu
Ubuntu
added 2004/11/12 6:56 a.m.81 views

USN-23-1: apache2 vulnerability

Chintan Trivedi discovered a Denial of Service vulnerability in apache2. The field length limit was not enforced for certain malicious requests. This could allow a remote attacker who is able to send large amounts of data to a server to cause HTTP server instances to consume proportional amounts ...

5CVSS5.5AI score0.55105EPSS
Exploits7
Ubuntu
Ubuntu
added 2025/04/29 12:50 p.m.80 views

USN-7469-3: Node.js vulnerability

USN-7469-1 fixed a vulnerability in Apache Traffic Server. This update provides the corresponding updates for Node.js. Original advisory details: It was discovered that Apache Traffic Server exhibited poor server resource management in its HTTP/2 protocol. An attacker could possibly use this issu...

7.5CVSS7.2AI score0.99999EPSS
Exploits19
Ubuntu
Ubuntu
added 2025/02/18 4:37 p.m.80 views

USN-7273-1: libsndfile vulnerabilities

It was discovered that libsndfile incorrectly handled memory when executing its FLAC codec. If a user or automated system were tricked into processing a specially crafted sound file, an attacker could possibly use this issue to cause a denial of service or obtain sensitive information...

7.1CVSS6.7AI score0.01754EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/04/17 1:6 p.m.80 views

USN-6726-3: Linux kernel (Xilinx ZynqMP) vulnerabilities

Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash...

7.8CVSS6.9AI score0.01177EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/21 3:42 p.m.80 views

USN-6500-1: Squid vulnerabilities

Joshua Rogers discovered that Squid incorrectly handled validating certain SSL certificates. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. CVE-2023-46724 Joshua...

9.3CVSS6.9AI score0.85944EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/21 3:17 p.m.80 views

USN-6497-1: Linux kernel (OEM) vulnerabilities

Maxim Levitsky discovered that the KVM nested virtualization SVM implementation for AMD processors in the Linux kernel did not properly handle x2AVIC MSRs. An attacker in a guest VM could use this to cause a denial of service host kernel crash. CVE-2023-5090 Alon Zahavi discovered that the...

8.8CVSS7.4AI score0.09141EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/10/30 8:42 p.m.80 views

USN-6460-1: Linux kernel vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 It was discovered that the Broadcom FullMAC USB WiFi drive...

7.8CVSS7.2AI score0.16642EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/10/30 4:13 p.m.80 views

USN-6454-2: Linux kernel vulnerabilities

Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service system crash. CVE-2023-42756 Alex Birnberg discovered that the netfilter subsystem in the Linux...

7.8CVSS6.8AI score0.00396EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/10/05 12:36 p.m.80 views

USN-6419-1: jQuery UI vulnerabilities

Hong Phat Ly discovered that jQuery UI did not properly manage parameters from untrusted sources, which could lead to arbitrary web script or HTML code injection. A remote attacker could possibly use this issue to perform a cross-site scripting XSS attack. This issue only affected Ubuntu 14.04 LT...

6.5CVSS7AI score0.42847EPSS
Exploits6
Ubuntu
Ubuntu
added 2023/10/04 10:42 p.m.80 views

USN-6417-1: Linux kernel vulnerabilities

It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps. CVE-2021-4001 It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash...

6.5CVSS7.1AI score0.08091EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/10/04 10:38 p.m.80 views

USN-6416-1: Linux kernel vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Daniel Trujillo, Johannes Wikner, and Kaveh Razavi...

9.1CVSS8AI score0.54577EPSS
Exploits6
Ubuntu
Ubuntu
added 2023/06/02 3:52 p.m.80 views

USN-6135-1: Linux kernel (Azure CVM) vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS7.4AI score0.16642EPSS
Exploits7
Ubuntu
Ubuntu
added 2023/06/01 6:54 p.m.80 views

USN-6132-1: Linux kernel vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS7.3AI score0.16642EPSS
Exploits7
Ubuntu
Ubuntu
added 2023/03/15 4:20 p.m.80 views

USN-5957-1: LibreCAD vulnerabilities

Cody Sixteen discovered that LibreCAD incorrectly handled memory when parsing DXF files. An attacker could use this issue to cause LibreCAD to crash, leading to a denial of service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. CVE-2018-19105 Lilith of Cisco Talos discovered tha...

9.3CVSS7.4AI score0.06617EPSS
Exploits7
Ubuntu
Ubuntu
added 2023/02/27 11:46 a.m.80 views

USN-5889-1: ZoneMinder vulnerabilities

It was discovered that ZoneMinder was not properly sanitizing URL parameters for certain views. An attacker could possibly use this issue to perform a cross-site scripting XSS attack. This issue was only fixed in Ubuntu 16.04 ESM. CVE-2019-6777 It was discovered that ZoneMinder was not properly...

9.8CVSS7.2AI score0.66317EPSS
Exploits18
Ubuntu
Ubuntu
added 2023/01/26 9:36 p.m.80 views

USN-5822-2: Samba regression

USN-5822-1 fixed vulnerabilities in Samba. The update for Ubuntu 20.04 LTS introduced regressions in certain environments. Pending investigation of these regressions, this update temporarily reverts the security fixes. We apologize for the inconvenience. Original advisory details: It was discover...

7.7AI score
Exploits0References2
Ubuntu
Ubuntu
added 2023/01/25 10:46 p.m.80 views

USN-5829-1: Linux kernel (Raspberry Pi) vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/19 7:27 p.m.80 views

USN-5814-1: Linux kernel vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

8.8CVSS7.7AI score0.02014EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/12 8:28 p.m.80 views

USN-5802-1: Linux kernel vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/10 11:28 p.m.80 views

USN-5793-4: Linux kernel (IBM) vulnerabilities

It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-3910 ...

7.8CVSS7AI score0.01417EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/09/22 5:27 p.m.80 views

USN-5633-1: Linux kernel vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Duoming...

7.8CVSS7.1AI score0.05542EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/08/24 4:14 a.m.80 views

USN-5577-1: Linux kernel (OEM) vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 It was discovered that the framebuffer driver on the Linux...

6.7CVSS7.1AI score0.00305EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/08/04 3:56 p.m.80 views

USN-5549-1: Django vulnerability

It was discovered that Django incorrectly handled certain FileResponse. An attacker could possibly use this issue to expose sensitive information or gain access over user machine...

8.8CVSS8AI score0.00654EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/13 6:39 p.m.80 views

USN-5513-1: Linux kernel (AWS) vulnerabilities

Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. CVE-2021-3609 Likang Luo discovered that a race condition existed in the Bluetoo...

7.9CVSS6.9AI score0.06451EPSS
Exploits9
Ubuntu
Ubuntu
added 2022/07/01 5:45 p.m.80 views

USN-5485-2: Linux kernel (OEM) vulnerabilities

It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. CVE-2022-21123 It was discovered that some Intel processors did not completely perform cleanup actions on...

5.5CVSS6.5AI score0.06451EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/06/06 5:23 p.m.80 views

USN-5462-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. 2022-28738 It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use th...

9.8CVSS7.7AI score0.04127EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/12/08 6:16 p.m.80 views

USN-5183-1: BlueZ vulnerability

Julian Rauchberger discovered that BlueZ incorrectly handled memory when processing SDP attribute requests. A remote attacker could use this issue to cause BlueZ to crash, leading to a denial of service, or possibly execute arbitrary code...

8.8CVSS6.8AI score0.0143EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/11/22 1:11 p.m.80 views

USN-5153-1: LibreOffice vulnerabilities

It was discovered that LibreOffice incorrectly handled digital signatures. An attacker could possibly use this issue to create a specially crafted document that would display a validly signed indicator, contrary to expectations...

7.5CVSS6.9AI score0.00709EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/11/11 4:7 p.m.80 views

USN-5144-1: OpenEXR vulnerability

It was discovered that OpenEXR incorrectly handled certain EXR image files. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

5.5CVSS7AI score0.00849EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/06/10 7:12 p.m.80 views

USN-4986-3: rpcbind regression

USN-4986-1 fixed a vulnerability in rpcbind. The update caused a regression resulting in rpcbind crashing in certain environments. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that rpcbind incorrectly handled certain large data...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2021/03/15 9:47 p.m.80 views

USN-4813-1: Jackson Databind vulnerabilities

It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could possibly use this issue to obtain sensitive information. CVE-2018-11307, CVE-2019-12086, CVE-2019-12814 It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could...

10CVSS7.4AI score0.45205EPSS
Exploits10
Ubuntu
Ubuntu
added 2020/12/01 12:38 p.m.80 views

USN-4654-1: PEAR vulnerabilities

It was discovered that PEAR incorrectly sanitized filenames. A remote attacker could possibly use this issue to execute arbitrary code...

7.8CVSS7.9AI score0.84554EPSS
Exploits5
Ubuntu
Ubuntu
added 2020/11/26 6:10 p.m.80 views

USN-4646-2: poppler regression

USN-4646-1 fixed vulnerabilities in poppler. The fix for CVE-2019-10871 introduced a regression causing certain applications linked against poppler to fail. This update backs out the fix pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovere...

6.7AI score0.02486EPSS
Exploits1References1
Ubuntu
Ubuntu
added 2020/11/23 12:4 p.m.80 views

USN-4634-2: OpenLDAP vulnerabilities

USN-4634-1 fixed several vulnerabilities in OpenLDAP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that OpenLDAP incorrectly handled certain malformed inputs. A remote attacker could possibly use this issue t...

7.5CVSS7.4AI score0.02858EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/10/07 1:50 p.m.80 views

USN-4572-2: Spice vulnerability

USN-4572-1 fixed a vulnerability in Spice. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Frediano Ziglio discovered that Spice incorrectly handled QUIC image decoding. A remote attacker could use this to cause Spice to crash, resulting in a denial ...

6.6CVSS7.7AI score0.02656EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/08/18 11:25 a.m.80 views

USN-4464-1: GNOME Shell vulnerability

It was discovered that GNOME Shell incorrectly handled the login screen password dialog. Sensitive information could possibly be exposed during user logout...

4.3CVSS6.5AI score0.00553EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/08/03 12:44 p.m.80 views

USN-4444-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

9.8CVSS6.7AI score0.04138EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/07/29 4:40 p.m.80 views

USN-4443-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass iframe sandbox restrictions, confuse the user, or execute arbitrary...

9.3CVSS7.9AI score0.0779EPSS
Exploits6
Ubuntu
Ubuntu
added 2020/07/27 2:26 p.m.80 views

USN-4437-1: libslirp vulnerability

Ziming Zhang and VictorV discovered that libslirp incorrectly handled replying to certain ICMP echo requests. A remote attacker could possibly use this issue to cause libslirp to crash, resulting in a denial of service...

6.5CVSS7.1AI score0.0051EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/12/10 8:33 p.m.80 views

USN-4202-2: Thunderbird regression

USN-4202-1 fixed vulnerabilities in Thunderbird. After upgrading, Thunderbird created a new profile for some users. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that a specially crafted S/MIME message with an inner encryption laye...

7.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2019/11/07 10:48 p.m.80 views

USN-4179-1: FriBidi vulnerability

Alex Murray discovered a stack-based buffer overflow when handling a large number of unicode isolate directives. An attacker could use this to cause a denial of service or possibly execute arbitrary code...

7.8CVSS8.2AI score0.02182EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/11/05 3:43 a.m.80 views

USN-4170-3: Whoopsie regression

USN-4170-1 fixed a vulnerability in Whoopsie and USN-4170-2 fixed a subsequent regression. That update was incomplete and could still result in Whoopsie potentially crashing when uploading crash reports on some architectures. This update fixes the problem. We apologize for the inconvenience...

5.8AI score
Exploits0References1
Ubuntu
Ubuntu
added 2019/03/28 7:50 p.m.80 views

USN-3918-3: Firefox regression

USN-3918-1 fixed vulnerabilities in Firefox. The update caused web compatibility issues with some websites. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a...

7.8AI score
Exploits0References1
Ubuntu
Ubuntu
added 2018/11/26 2:23 p.m.80 views

USN-3826-1: QEMU vulnerabilities

Daniel Shapira and Arash Tohidi discovered that QEMU incorrectly handled NE2000 device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2018-10839 It was discovered that QEMU incorrectly handled the Slirp networking back-en...

9.8CVSS6.9AI score0.25348EPSS
Exploits7
Ubuntu
Ubuntu
added 2018/06/11 10:47 p.m.80 views

USN-3677-1: Linux kernel vulnerabilities

It was discovered that the netfilter subsystem of the Linux kernel did not properly validate ebtables offsets. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2018-1068 Wen Xu discovered that the ext4 filesystem implementation in t...

7.8CVSS6.8AI score0.01999EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/05/18 8:55 p.m.80 views

USN-3645-2: Firefox regression

USN-3645-1 fixed vulnerabilities in Firefox. The update caused an issue where users experienced long UI pauses in some circumsances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were...

7.4AI score
Exploits0References1
Ubuntu
Ubuntu
added 2018/02/22 8:25 a.m.80 views

USN-3581-1: Linux kernel vulnerabilities

Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contained a race condition leading to uninitialized pointer usage. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2017-17712 ChunYu Wang discovered that a...

7.8CVSS7.4AI score0.74041EPSS
Exploits13
Ubuntu
Ubuntu
added 2018/02/20 7:20 p.m.80 views

USN-3576-1: libvirt vulnerabilities

Vivian Zhang and Christoph Anton Mitterer discovered that libvirt incorrectly disabled password authentication when the VNC password was set to an empty string. A remote attacker could possibly use this issue to bypass authentication, contrary to expectations. This issue only affected Ubuntu 14.0...

9.8CVSS7AI score0.03623EPSS
Exploits0
Total number of security vulnerabilities5000