Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
added 2023/01/26 9:36 p.m.80 views

USN-5822-2: Samba regression

USN-5822-1 fixed vulnerabilities in Samba. The update for Ubuntu 20.04 LTS introduced regressions in certain environments. Pending investigation of these regressions, this update temporarily reverts the security fixes. We apologize for the inconvenience. Original advisory details: It was discover...

7.7AI score
Exploits0References2
Ubuntu
Ubuntu
added 2023/01/25 10:46 p.m.80 views

USN-5829-1: Linux kernel (Raspberry Pi) vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/19 7:27 p.m.80 views

USN-5814-1: Linux kernel vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

8.8CVSS7.7AI score0.02014EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/12 8:28 p.m.80 views

USN-5802-1: Linux kernel vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/10 11:28 p.m.80 views

USN-5793-4: Linux kernel (IBM) vulnerabilities

It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-3910 ...

7.8CVSS7AI score0.01417EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/09/22 5:27 p.m.80 views

USN-5633-1: Linux kernel vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Duoming...

7.8CVSS7.1AI score0.05542EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/08/24 4:14 a.m.80 views

USN-5577-1: Linux kernel (OEM) vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 It was discovered that the framebuffer driver on the Linux...

6.7CVSS7.1AI score0.00305EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/13 6:39 p.m.80 views

USN-5513-1: Linux kernel (AWS) vulnerabilities

Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. CVE-2021-3609 Likang Luo discovered that a race condition existed in the Bluetoo...

7.9CVSS6.9AI score0.06451EPSS
Exploits9
Ubuntu
Ubuntu
added 2022/07/01 5:45 p.m.80 views

USN-5485-2: Linux kernel (OEM) vulnerabilities

It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. CVE-2022-21123 It was discovered that some Intel processors did not completely perform cleanup actions on...

5.5CVSS6.5AI score0.06451EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/06/15 11:25 a.m.80 views

USN-5479-1: PHP vulnerabilities

Charles Fol discovered that PHP incorrectly handled initializing certain arrays when handling the pgqueryparams function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2022-31625 Charles Fol discovered that...

8.8CVSS8.7AI score0.5838EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/06/06 5:23 p.m.80 views

USN-5462-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. 2022-28738 It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use th...

9.8CVSS7.7AI score0.04127EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/07 1:30 p.m.80 views

USN-5369-1: oslo.utils vulnerability

It was discovered that oslo.utils incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information...

4.9CVSS5.8AI score0.01335EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/12/08 6:16 p.m.80 views

USN-5183-1: BlueZ vulnerability

Julian Rauchberger discovered that BlueZ incorrectly handled memory when processing SDP attribute requests. A remote attacker could use this issue to cause BlueZ to crash, leading to a denial of service, or possibly execute arbitrary code...

8.8CVSS6.8AI score0.0143EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/11/22 1:11 p.m.80 views

USN-5153-1: LibreOffice vulnerabilities

It was discovered that LibreOffice incorrectly handled digital signatures. An attacker could possibly use this issue to create a specially crafted document that would display a validly signed indicator, contrary to expectations...

7.5CVSS6.9AI score0.00709EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/11/11 4:7 p.m.80 views

USN-5144-1: OpenEXR vulnerability

It was discovered that OpenEXR incorrectly handled certain EXR image files. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

5.5CVSS7AI score0.00849EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/10/25 10:56 a.m.80 views

USN-5122-1: Apport vulnerability

It was discovered that Apport could be tricked into writing core files as root into arbitrary directories in certain scenarios. A local attacker could possibly use this issue to escalate privileges. This update will cause Apport to generate all core files in the /var/lib/apport/coredump directory...

5.6AI score
Exploits0References1
Ubuntu
Ubuntu
added 2021/06/10 7:12 p.m.80 views

USN-4986-3: rpcbind regression

USN-4986-1 fixed a vulnerability in rpcbind. The update caused a regression resulting in rpcbind crashing in certain environments. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that rpcbind incorrectly handled certain large data...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2021/03/15 9:47 p.m.80 views

USN-4813-1: Jackson Databind vulnerabilities

It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could possibly use this issue to obtain sensitive information. CVE-2018-11307, CVE-2019-12086, CVE-2019-12814 It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could...

10CVSS7.4AI score0.45205EPSS
Exploits10
Ubuntu
Ubuntu
added 2020/11/26 6:10 p.m.80 views

USN-4646-2: poppler regression

USN-4646-1 fixed vulnerabilities in poppler. The fix for CVE-2019-10871 introduced a regression causing certain applications linked against poppler to fail. This update backs out the fix pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovere...

6.7AI score
Exploits0References1
Ubuntu
Ubuntu
added 2020/11/23 12:4 p.m.80 views

USN-4634-2: OpenLDAP vulnerabilities

USN-4634-1 fixed several vulnerabilities in OpenLDAP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that OpenLDAP incorrectly handled certain malformed inputs. A remote attacker could possibly use this issue t...

7.5CVSS7.4AI score0.02858EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/10/27 5:43 p.m.80 views

USN-3081-2: Tomcat vulnerability

Dawid Golunski discovered that the Tomcat init script incorrectly handled creating log files. A remote attacker could possibly use this issue to obtain root privileges...

7.8CVSS7.5AI score0.09783EPSS
Exploits8
Ubuntu
Ubuntu
added 2020/09/22 11:17 a.m.80 views

USN-4528-1: Ceph vulnerabilities

Adam Mohammed discovered that Ceph incorrectly handled certain CORS ExposeHeader tags. A remote attacker could possibly use this issue to preform an HTTP header injection attack. CVE-2020-10753 Lei Cao discovered that Ceph incorrectly handled certain POST requests with invalid tagging XML. A remo...

7.5CVSS7.1AI score0.02654EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/08/18 11:25 a.m.80 views

USN-4464-1: GNOME Shell vulnerability

It was discovered that GNOME Shell incorrectly handled the login screen password dialog. Sensitive information could possibly be exposed during user logout...

4.3CVSS6.5AI score0.00553EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/08/03 12:44 p.m.80 views

USN-4444-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

9.8CVSS6.7AI score0.04138EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/07/29 4:40 p.m.80 views

USN-4443-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass iframe sandbox restrictions, confuse the user, or execute arbitrary...

9.3CVSS7.9AI score0.0779EPSS
Exploits6
Ubuntu
Ubuntu
added 2020/07/27 2:26 p.m.80 views

USN-4437-1: libslirp vulnerability

Ziming Zhang and VictorV discovered that libslirp incorrectly handled replying to certain ICMP echo requests. A remote attacker could possibly use this issue to cause libslirp to crash, resulting in a denial of service...

6.5CVSS7.1AI score0.0051EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/03/30 12:22 p.m.80 views

USN-4310-1: WebKitGTK+ vulnerability

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

9.8CVSS6.9AI score0.04987EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/12/10 8:33 p.m.80 views

USN-4202-2: Thunderbird regression

USN-4202-1 fixed vulnerabilities in Thunderbird. After upgrading, Thunderbird created a new profile for some users. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that a specially crafted S/MIME message with an inner encryption laye...

7.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2019/11/07 10:48 p.m.80 views

USN-4179-1: FriBidi vulnerability

Alex Murray discovered a stack-based buffer overflow when handling a large number of unicode isolate directives. An attacker could use this to cause a denial of service or possibly execute arbitrary code...

7.8CVSS8.2AI score0.02182EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/11/05 3:43 a.m.80 views

USN-4170-3: Whoopsie regression

USN-4170-1 fixed a vulnerability in Whoopsie and USN-4170-2 fixed a subsequent regression. That update was incomplete and could still result in Whoopsie potentially crashing when uploading crash reports on some architectures. This update fixes the problem. We apologize for the inconvenience...

5.8AI score
Exploits0References1
Ubuntu
Ubuntu
added 2018/11/26 2:23 p.m.80 views

USN-3826-1: QEMU vulnerabilities

Daniel Shapira and Arash Tohidi discovered that QEMU incorrectly handled NE2000 device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2018-10839 It was discovered that QEMU incorrectly handled the Slirp networking back-en...

9.8CVSS6.9AI score0.25348EPSS
Exploits7
Ubuntu
Ubuntu
added 2018/07/10 4:6 p.m.80 views

USN-3705-2: Firefox regressions

USN-3705-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafte...

7.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2018/06/11 10:47 p.m.80 views

USN-3677-1: Linux kernel vulnerabilities

It was discovered that the netfilter subsystem of the Linux kernel did not properly validate ebtables offsets. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2018-1068 Wen Xu discovered that the ext4 filesystem implementation in t...

7.8CVSS6.8AI score0.01999EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/05/18 8:55 p.m.80 views

USN-3645-2: Firefox regression

USN-3645-1 fixed vulnerabilities in Firefox. The update caused an issue where users experienced long UI pauses in some circumsances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were...

7.4AI score
Exploits0References1
Ubuntu
Ubuntu
added 2018/02/22 8:25 a.m.80 views

USN-3581-1: Linux kernel vulnerabilities

Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contained a race condition leading to uninitialized pointer usage. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2017-17712 ChunYu Wang discovered that a...

7.8CVSS7.4AI score0.74041EPSS
Exploits14
Ubuntu
Ubuntu
added 2018/02/20 7:20 p.m.80 views

USN-3576-1: libvirt vulnerabilities

Vivian Zhang and Christoph Anton Mitterer discovered that libvirt incorrectly disabled password authentication when the VNC password was set to an empty string. A remote attacker could possibly use this issue to bypass authentication, contrary to expectations. This issue only affected Ubuntu 14.0...

9.8CVSS7AI score0.03623EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/01/10 6:56 a.m.80 views

USN-3525-1: Linux kernel vulnerability

Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory...

5.6CVSS7.1AI score0.84172EPSS
Exploits3
Ubuntu
Ubuntu
added 2018/01/10 4:46 a.m.80 views

USN-3524-2: Linux kernel (Trusty HWE) vulnerability

USN-3524-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jann Horn discovered that microprocessors utilizing speculative execution and indirect...

5.6CVSS7.1AI score0.84172EPSS
Exploits3
Ubuntu
Ubuntu
added 2017/12/07 10:13 p.m.80 views

USN-3508-1: Linux kernel vulnerabilities

Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem XFRM in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-16939 It was discovered that the Linux kernel did not...

7.8CVSS6.4AI score0.02841EPSS
Exploits12
Ubuntu
Ubuntu
added 2017/09/18 10:42 p.m.80 views

USN-3420-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3420-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux...

10CVSS7.6AI score0.16181EPSS
Exploits12
Ubuntu
Ubuntu
added 2017/08/03 5:38 p.m.80 views

USN-3378-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3378-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs...

7.8CVSS6.8AI score0.03763EPSS
Exploits3
Ubuntu
Ubuntu
added 2017/06/22 2:19 a.m.80 views

USN-3327-1: Linux kernel (Raspberry Pi 2) vulnerability

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges...

7.4CVSS7.8AI score0.05186EPSS
Exploits3
Ubuntu
Ubuntu
added 2017/06/06 11:56 p.m.80 views

USN-3313-1: Linux kernel vulnerability

It was discovered that a buffer overflow existed in the trace subsystem in the Linux kernel. A privileged local attacker could use this to execute arbitrary code...

7AI score
Exploits0
Ubuntu
Ubuntu
added 2017/05/17 6:25 p.m.80 views

USN-3291-3: Linux kernel (Xenial HWE) vulnerabilities

USN-3291-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Dmitry Vyukov discovered that the generic SCSI sg subsystem in the Linux kernel...

7.8CVSS7.4AI score0.00414EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/04/25 12:1 p.m.80 views

USN-3268-1: QEMU vulnerabilities

Zhenhao Hong discovered that QEMU incorrectly handled the Virtio GPU device. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2016-10028 It was discovered that QEMU incorrectly handled the JAZZ RC4030 device. A privileged attacker...

9.9CVSS7.7AI score0.04448EPSS
Exploits1
Ubuntu
Ubuntu
added 2017/04/24 11:22 p.m.80 views

USN-3264-1: Linux kernel vulnerability

Alexander Popov discovered that a race condition existed in the Stream Control Transmission Protocol SCTP implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash...

7.1CVSS6.6AI score0.01162EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/11/29 12:21 a.m.80 views

USN-3139-1: Vim vulnerability

Florian Larysch discovered that the Vim text editor did not properly validate values for the 'filetype', 'syntax', and 'keymap' options. An attacker could trick a user into opening a file with specially crafted modelines and possibly execute arbitrary code with the user's privileges...

7.8CVSS7.1AI score0.25314EPSS
Exploits2
Ubuntu
Ubuntu
added 2016/08/10 9:52 a.m.80 views

USN-3051-1: Linux kernel (Trusty HWE) vulnerabilities

It was discovered that the keyring implementation in the Linux kernel did not ensure a data structure was initialized before referencing it after an error condition occurred. A local attacker could use this to cause a denial of service system crash. CVE-2016-4470 Kangjie Lu discovered an...

5.5CVSS6.6AI score0.00582EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/08/08 5:5 p.m.80 views

USN-3048-1: curl vulnerabilities

Bru Rom discovered that curl incorrectly handled client certificates when resuming a TLS session. CVE-2016-5419 It was discovered that curl incorrectly handled client certificates when reusing TLS connections. CVE-2016-5420 Marcelo Echeverria and Fernando Muñoz discovered that curl incorrectly...

8.1CVSS6.5AI score0.15063EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/04/06 6:39 a.m.80 views

USN-2946-2: Linux kernel (Trusty HWE) vulnerabilities

Venkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2015-8812 Xiaofei Rex Guo discovered a timing side channel vulnerability in the Linux...

10CVSS7.4AI score0.14281EPSS
Exploits0
Total number of security vulnerabilities5000