Lucene search
K
UbuntuMost viewed

10890 matches found

Ubuntu
Ubuntu
added 2012/04/27 12:38 p.m.81 views

USN-1430-2: ubufox update

USN-1430-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Original advisory details: Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay...

8.8AI score0.10098EPSS
Exploits3References1
Ubuntu
Ubuntu
added 2011/12/13 1:18 p.m.81 views

USN-1304-1: Linux kernel (OMAP4) vulnerabilities

A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. CVE-2011-4077 Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions...

7.5CVSS6.5AI score0.03212EPSS
Exploits7
Ubuntu
Ubuntu
added 2011/10/18 3:49 p.m.81 views

USN-1232-1: X.Org X server vulnerabilities

It was discovered that the X server incorrectly handled certain malformed input. An authorized attacker could exploit this to cause the X server to crash, leading to a denial or service, or possibly execute arbitrary code with root privileges. This issue only affected Ubuntu 10.04 LTS and 10.10...

8.5CVSS5.8AI score0.05347EPSS
Exploits6
Ubuntu
Ubuntu
added 2011/08/03 6:42 a.m.81 views

USN-1183-1: Linux kernel vulnerabilities

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 Neil Horman discovered that NFSv4 did not correctly handle...

6.9CVSS6.4AI score0.0104EPSS
Exploits9
Ubuntu
Ubuntu
added 2011/07/15 4:30 p.m.81 views

USN-1170-1: Linux kernel vulnerabilities

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 It was discovered that Xen did not correctly handle certain...

7.1CVSS6.5AI score0.02523EPSS
Exploits10
Ubuntu
Ubuntu
added 2011/06/29 10:57 p.m.81 views

USN-1149-2: Firefox regression

USN-1149-1 fixed vulnerabilities in Firefox. Unfortunately, a regression was introduced that prevented cookies from being stored properly when the hostname was a single character. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple memory...

9AI score0.75691EPSS
Exploits19References1
Ubuntu
Ubuntu
added 2011/06/17 8:16 a.m.81 views

USN-1154-1: OpenJDK 6 vulnerabilities

It was discovered that a heap overflow in the AWT FileDialog.show method could allow an attacker to cause a denial of service through an application crash or possibly execute arbitrary code. CVE-2011-0815 It was dicovered that integer overflows in the JPEGImageReader readImage function and the...

10CVSS9AI score0.06277EPSS
Exploits0
Ubuntu
Ubuntu
added 2011/05/05 7:19 a.m.81 views

USN-1122-1: Thunderbird vulnerabilities

It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. CVE-2011-0081 It was discovered that Thunderbird incorrectly handled certain JavaScript requests. If...

10CVSS8.8AI score0.73655EPSS
Exploits20
Ubuntu
Ubuntu
added 2011/01/12 4:58 a.m.81 views

USN-1009-2: GNU C Library vulnerability

USN-1009-1 fixed vulnerabilities in the GNU C library. Colin Watson discovered that the fixes were incomplete and introduced flaws with setuid programs loading libraries that used dynamic string tokens in their RPATH. If the "man" program was installed setuid, a local attacker could exploit this ...

8AI score0.09454EPSS
Exploits35References1
Ubuntu
Ubuntu
added 2010/10/28 12:32 p.m.81 views

USN-1011-2: Thunderbird vulnerability

USN-1011-1 fixed a vulnerability in Firefox. This update provides the corresponding update for Thunderbird. Original advisory details: Morten Krakvik discovered a heap-based buffer overflow in Firefox. If a user were tricked into navigating to a malicious site, an attacker could cause a denial of...

9.8CVSS9.1AI score0.83279EPSS
Exploits14
Ubuntu
Ubuntu
added 2010/10/22 6:6 p.m.81 views

USN-1009-1: GNU C Library vulnerabilities

Tavis Ormandy discovered multiple flaws in the GNU C Library's handling of the LDAUDIT environment variable when running a privileged binary. A local attacker could exploit this to gain root privileges. CVE-2010-3847, CVE-2010-3856...

7.2CVSS8AI score0.09454EPSS
Exploits35
Ubuntu
Ubuntu
added 2010/08/26 5:36 p.m.81 views

USN-974-2: Linux kernel regression

USN-974-1 fixed vulnerabilities in the Linux kernel. The fixes for CVE-2010-2240 caused failures for Xen hosts. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memory manager did not...

6.9AI score
Exploits0References1
Ubuntu
Ubuntu
added 2009/12/10 12:56 a.m.81 views

USN-869-1: Linux kernel vulnerabilities

David Ford discovered that the IPv4 defragmentation routine did not correctly handle oversized packets. A remote attacker could send specially crafted traffic that would cause a system to crash, leading to a denial of service. The fix was included in the earlier kernels from USN-864-1...

7.8CVSS7.9AI score0.03872EPSS
Exploits2
Ubuntu
Ubuntu
added 2009/08/11 5:28 p.m.81 views

USN-815-1: libxml2 vulnerabilities

It was discovered that libxml2 did not correctly handle root XML document element DTD definitions. If a user were tricked into processing a specially crafted XML document, a remote attacker could cause the application linked against libxml2 to crash, leading to a denial of service. CVE-2009-2414 ...

10CVSS7AI score0.23373EPSS
Exploits11
Ubuntu
Ubuntu
added 2009/06/15 2:36 p.m.81 views

USN-788-1: Tomcat vulnerabilities

Iida Minehiko discovered that Tomcat did not properly normalise paths. A remote attacker could send specially crafted requests to the server and bypass security restrictions, gaining access to sensitive content. CVE-2008-5515 Yoshihito Fukuyama discovered that Tomcat did not properly handle error...

5CVSS5.3AI score0.9444EPSS
Exploits8
Ubuntu
Ubuntu
added 2009/06/10 8:5 p.m.81 views

USN-786-1: apr-util vulnerabilities

Matthew Palmer discovered an underflow flaw in apr-util. An attacker could cause a denial of service via application crash in Apache using a crafted SVNMasterURI directive, .htaccess file, or when using modapreq2. Applications using libapreq2 are also affected. CVE-2009-0023 It was discovered tha...

7.5CVSS7.2AI score0.52988EPSS
Exploits5
Ubuntu
Ubuntu
added 2009/04/16 9:18 p.m.81 views

USN-760-1: CUPS vulnerability

It was discovered that CUPS did not properly check the height of TIFF images. If a user or automated system were tricked into opening a crafted TIFF image file, a remote attacker could cause a denial of service or possibly execute arbitrary code with user privileges. In Ubuntu 7.10, 8.04 LTS, and...

6.8CVSS7.8AI score0.04246EPSS
Exploits2
Ubuntu
Ubuntu
added 2009/01/06 11:31 p.m.81 views

USN-701-2: Thunderbird vulnerabilities

Several flaws were discovered in the browser engine. If a user had Javascript enabled, these problems could allow an attacker to crash Thunderbird and possibly execute arbitrary code with user privileges. CVE-2008-5500 Boris Zbarsky discovered that the same-origin check in Thunderbird could be...

10CVSS8.6AI score0.03201EPSS
Exploits0
Ubuntu
Ubuntu
added 2008/03/06 6:11 p.m.81 views

USN-582-2: Thunderbird regression

USN-582-1 fixed several vulnerabilities in Thunderbird. The upstream fixes were incomplete, and after performing certain actions Thunderbird would crash due to memory errors. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that...

8.8AI score0.08633EPSS
Exploits3References1
Ubuntu
Ubuntu
added 2007/02/06 7:12 p.m.81 views

USN-419-1: Samba vulnerabilities

A flaw was discovered in Samba's file opening code, which in certain situations could lead to an endless loop, resulting in a denial of service. CVE-2007-0452 A format string overflow was discovered in Samba's ACL handling on AFS shares. Remote users with access to an AFS share could create craft...

7.5CVSS8.6AI score0.06412EPSS
Exploits2
Ubuntu
Ubuntu
added 2006/08/16 4:47 p.m.81 views

USN-334-1: krb5 vulnerabilities

Michael Calmer and Marcus Meissner discovered that several krb5 tools did not check the return values from setuid system calls. On systems that have configured user process limits, it may be possible for an attacker to cause setuid to fail via resource starvation. In that situation, the tools wil...

7.2CVSS8AI score0.00512EPSS
Exploits0
Ubuntu
Ubuntu
added 2006/08/03 6:19 p.m.81 views

USN-331-1: Linux kernel vulnerabilities

A Denial of service vulnerability was reported in iptables' SCTP conntrack module. On computers which use this iptables module, a remote attacker could expoit this to trigger a kernel crash. CVE-2006-2934 A buffer overflow has been discovered in the dvdreadbca function. By inserting a specially...

7.8CVSS6.1AI score0.05102EPSS
Exploits0
Ubuntu
Ubuntu
added 2006/07/28 9:7 a.m.81 views

USN-328-1: Apache vulnerability

Mark Dowd discovered an off-by-one buffer overflow in the modrewrite module's ldap scheme handling. On systems which activate "RewriteEngine on", a remote attacker could exploit certain rewrite rules to crash Apache, or potentially even execute arbitrary code this has not been verified...

7.6CVSS8AI score0.96436EPSS
Exploits20
Ubuntu
Ubuntu
added 2006/06/27 10:52 p.m.81 views

USN-306-1: MySQL 4.1 vulnerability

MySQL did not correctly handle NULL as the second argument to the strtodate function. An authenticated user could exploit this to crash the server...

4CVSS5.2AI score0.22165EPSS
Exploits1
Ubuntu
Ubuntu
added 2005/10/17 10:17 p.m.81 views

USN-208-1: graphviz vulnerability

Javier Fernández-Sanguino Peña discovered that the "dotty" tool created and used temporary files in an insecure way. A local attacker could exploit this with a symlink attack to create or overwrite arbitrary files with the privileges of the user running dotty...

5.3AI score
Exploits0
Ubuntu
Ubuntu
added 2004/11/12 6:56 a.m.81 views

USN-23-1: apache2 vulnerability

Chintan Trivedi discovered a Denial of Service vulnerability in apache2. The field length limit was not enforced for certain malicious requests. This could allow a remote attacker who is able to send large amounts of data to a server to cause HTTP server instances to consume proportional amounts ...

5CVSS5.5AI score0.55105EPSS
Exploits7
Ubuntu
Ubuntu
added 2025/04/29 12:50 p.m.80 views

USN-7469-3: Node.js vulnerability

USN-7469-1 fixed a vulnerability in Apache Traffic Server. This update provides the corresponding updates for Node.js. Original advisory details: It was discovered that Apache Traffic Server exhibited poor server resource management in its HTTP/2 protocol. An attacker could possibly use this issu...

7.5CVSS7.2AI score0.99999EPSS
Exploits19
Ubuntu
Ubuntu
added 2025/02/18 4:37 p.m.80 views

USN-7273-1: libsndfile vulnerabilities

It was discovered that libsndfile incorrectly handled memory when executing its FLAC codec. If a user or automated system were tricked into processing a specially crafted sound file, an attacker could possibly use this issue to cause a denial of service or obtain sensitive information...

7.1CVSS6.7AI score0.01754EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/04/17 1:6 p.m.80 views

USN-6726-3: Linux kernel (Xilinx ZynqMP) vulnerabilities

Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash...

7.8CVSS6.9AI score0.01177EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/21 3:42 p.m.80 views

USN-6500-1: Squid vulnerabilities

Joshua Rogers discovered that Squid incorrectly handled validating certain SSL certificates. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. CVE-2023-46724 Joshua...

9.3CVSS6.9AI score0.85944EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/21 3:17 p.m.80 views

USN-6497-1: Linux kernel (OEM) vulnerabilities

Maxim Levitsky discovered that the KVM nested virtualization SVM implementation for AMD processors in the Linux kernel did not properly handle x2AVIC MSRs. An attacker in a guest VM could use this to cause a denial of service host kernel crash. CVE-2023-5090 Alon Zahavi discovered that the...

8.8CVSS7.4AI score0.09141EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/10/30 8:42 p.m.80 views

USN-6460-1: Linux kernel vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 It was discovered that the Broadcom FullMAC USB WiFi drive...

7.8CVSS7.2AI score0.16642EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/10/30 4:13 p.m.80 views

USN-6454-2: Linux kernel vulnerabilities

Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service system crash. CVE-2023-42756 Alex Birnberg discovered that the netfilter subsystem in the Linux...

7.8CVSS6.8AI score0.00396EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/10/05 12:36 p.m.80 views

USN-6419-1: jQuery UI vulnerabilities

Hong Phat Ly discovered that jQuery UI did not properly manage parameters from untrusted sources, which could lead to arbitrary web script or HTML code injection. A remote attacker could possibly use this issue to perform a cross-site scripting XSS attack. This issue only affected Ubuntu 14.04 LT...

6.5CVSS7AI score0.42847EPSS
Exploits6
Ubuntu
Ubuntu
added 2023/10/04 10:42 p.m.80 views

USN-6417-1: Linux kernel vulnerabilities

It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps. CVE-2021-4001 It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash...

6.5CVSS7.1AI score0.08091EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/10/04 10:38 p.m.80 views

USN-6416-1: Linux kernel vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Daniel Trujillo, Johannes Wikner, and Kaveh Razavi...

9.1CVSS8AI score0.54577EPSS
Exploits6
Ubuntu
Ubuntu
added 2023/06/02 3:52 p.m.80 views

USN-6135-1: Linux kernel (Azure CVM) vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS7.4AI score0.16642EPSS
Exploits7
Ubuntu
Ubuntu
added 2023/06/01 6:54 p.m.80 views

USN-6132-1: Linux kernel vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS7.3AI score0.16642EPSS
Exploits7
Ubuntu
Ubuntu
added 2023/03/07 3:26 p.m.80 views

USN-5933-1: Libtpms vulnerabilities

Francisco Falcon discovered that Libtpms did not properly manage memory when performing certain cryptographic operations. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. CVE-2023-1017, CVE-2023-1018 It was discovered that Libtpms did not...

7.8CVSS7.1AI score0.05552EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2023/03/07 12:14 p.m.80 views

USN-5931-1: Python vulnerability

It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2022-37454...

9.8CVSS7.4AI score0.05193EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/02/27 11:46 a.m.80 views

USN-5889-1: ZoneMinder vulnerabilities

It was discovered that ZoneMinder was not properly sanitizing URL parameters for certain views. An attacker could possibly use this issue to perform a cross-site scripting XSS attack. This issue was only fixed in Ubuntu 16.04 ESM. CVE-2019-6777 It was discovered that ZoneMinder was not properly...

9.8CVSS7.2AI score0.66317EPSS
Exploits18
Ubuntu
Ubuntu
added 2023/01/26 9:36 p.m.80 views

USN-5822-2: Samba regression

USN-5822-1 fixed vulnerabilities in Samba. The update for Ubuntu 20.04 LTS introduced regressions in certain environments. Pending investigation of these regressions, this update temporarily reverts the security fixes. We apologize for the inconvenience. Original advisory details: It was discover...

7.7AI score
Exploits0References2
Ubuntu
Ubuntu
added 2023/01/25 10:46 p.m.80 views

USN-5829-1: Linux kernel (Raspberry Pi) vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/19 7:27 p.m.80 views

USN-5814-1: Linux kernel vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

8.8CVSS7.7AI score0.02014EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/12 8:28 p.m.80 views

USN-5802-1: Linux kernel vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/10 11:28 p.m.80 views

USN-5793-4: Linux kernel (IBM) vulnerabilities

It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-3910 ...

7.8CVSS7AI score0.01417EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/09/22 5:27 p.m.80 views

USN-5633-1: Linux kernel vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Duoming...

7.8CVSS7.1AI score0.05542EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/08/24 4:14 a.m.80 views

USN-5577-1: Linux kernel (OEM) vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 It was discovered that the framebuffer driver on the Linux...

6.7CVSS7.1AI score0.00305EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/13 6:39 p.m.80 views

USN-5513-1: Linux kernel (AWS) vulnerabilities

Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. CVE-2021-3609 Likang Luo discovered that a race condition existed in the Bluetoo...

7.9CVSS6.9AI score0.06451EPSS
Exploits9
Ubuntu
Ubuntu
added 2022/07/01 5:45 p.m.80 views

USN-5485-2: Linux kernel (OEM) vulnerabilities

It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. CVE-2022-21123 It was discovered that some Intel processors did not completely perform cleanup actions on...

5.5CVSS6.5AI score0.06451EPSS
Exploits0
Total number of security vulnerabilities5000