Lucene search
K
UbuntuMost viewed

10890 matches found

Ubuntu
Ubuntu
added 2011/12/13 1:5 p.m.80 views

USN-1302-1: Linux kernel (OMAP4) vulnerabilities

A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. CVE-2011-4077 Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions...

7.2CVSS6.2AI score0.03212EPSS
Exploits6
Ubuntu
Ubuntu
added 2011/08/23 7:30 a.m.80 views

USN-1195-1: WebKit vulnerabilities

A large number of security issues were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

10CVSS7.7AI score0.06513EPSS
Exploits20
Ubuntu
Ubuntu
added 2011/06/17 8:16 a.m.80 views

USN-1154-1: OpenJDK 6 vulnerabilities

It was discovered that a heap overflow in the AWT FileDialog.show method could allow an attacker to cause a denial of service through an application crash or possibly execute arbitrary code. CVE-2011-0815 It was dicovered that integer overflows in the JPEGImageReader readImage function and the...

10CVSS9AI score0.06277EPSS
Exploits0
Ubuntu
Ubuntu
added 2011/04/29 11:52 p.m.80 views

USN-1112-1: Firefox and Xulrunner vulnerabilities

It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Firefox. CVE-2011-0081 It was discovered that Firefox incorrectly handled certain JavaScript requests. An attacker...

10CVSS8.8AI score0.73655EPSS
Exploits20
Ubuntu
Ubuntu
added 2010/10/28 1:36 a.m.80 views

USN-1011-1: Firefox vulnerability

Morten Krakvik discovered a heap-based buffer overflow in Firefox. If a user were tricked into navigating to a malicious site, an attacker could cause a denial of service or possibly execute arbitrary code as the user invoking the program...

9.8CVSS9.2AI score0.83279EPSS
Exploits14
Ubuntu
Ubuntu
added 2010/09/08 9:13 p.m.80 views

USN-978-1: Thunderbird vulnerabilities

Several dangling pointer vulnerabilities were discovered in Thunderbird. An attacker could exploit this to crash Thunderbird or possibly run arbitrary code as the user invoking the program. CVE-2010-2760, CVE-2010-2767, CVE-2010-3167 It was discovered that the XPCSafeJSObjectWrapper SJOW security...

9.3CVSS8.9AI score0.06527EPSS
Exploits0
Ubuntu
Ubuntu
added 2010/08/26 5:36 p.m.80 views

USN-974-2: Linux kernel regression

USN-974-1 fixed vulnerabilities in the Linux kernel. The fixes for CVE-2010-2240 caused failures for Xen hosts. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memory manager did not...

6.9AI score
Exploits0References1
Ubuntu
Ubuntu
added 2010/06/30 7:41 p.m.80 views

USN-930-3: Firefox regression

USN-930-1 fixed vulnerabilities in Firefox. Due to a software packaging problem, the Firefox 3.6 update could not be installed when the firefox-2 package was also installed. This update fixes the problem and updates apturl for the change. Original advisory details: If was discovered that Firefox...

9.1AI score
Exploits0References1
Ubuntu
Ubuntu
added 2009/12/10 12:56 a.m.80 views

USN-869-1: Linux kernel vulnerabilities

David Ford discovered that the IPv4 defragmentation routine did not correctly handle oversized packets. A remote attacker could send specially crafted traffic that would cause a system to crash, leading to a denial of service. The fix was included in the earlier kernels from USN-864-1...

7.8CVSS7.9AI score0.03872EPSS
Exploits2
Ubuntu
Ubuntu
added 2009/01/06 11:31 p.m.80 views

USN-701-2: Thunderbird vulnerabilities

Several flaws were discovered in the browser engine. If a user had Javascript enabled, these problems could allow an attacker to crash Thunderbird and possibly execute arbitrary code with user privileges. CVE-2008-5500 Boris Zbarsky discovered that the same-origin check in Thunderbird could be...

10CVSS8.6AI score0.03201EPSS
Exploits0
Ubuntu
Ubuntu
added 2008/06/17 8:17 p.m.80 views

USN-617-1: Samba vulnerabilities

Samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. When samba is configured as a Primary or Backup Domain Controller, a remote attacker could send malicious logon requests and possibly cause a denial of service...

9.3CVSS8.7AI score0.69085EPSS
Exploits3
Ubuntu
Ubuntu
added 2006/07/28 9:7 a.m.80 views

USN-328-1: Apache vulnerability

Mark Dowd discovered an off-by-one buffer overflow in the modrewrite module's ldap scheme handling. On systems which activate "RewriteEngine on", a remote attacker could exploit certain rewrite rules to crash Apache, or potentially even execute arbitrary code this has not been verified...

7.6CVSS8AI score0.96436EPSS
Exploits20
Ubuntu
Ubuntu
added 2005/10/17 10:17 p.m.80 views

USN-208-1: graphviz vulnerability

Javier Fernández-Sanguino Peña discovered that the "dotty" tool created and used temporary files in an insecure way. A local attacker could exploit this with a symlink attack to create or overwrite arbitrary files with the privileges of the user running dotty...

5.3AI score
Exploits0
Ubuntu
Ubuntu
added 2005/03/24 5:45 p.m.80 views

USN-99-2: Fixed php4 packages for USN-99-1

USN-99-1 fixed a safe mode bypass which allowed malicious PHP scripts to circumvent path restrictions by creating a specially crafted directory whose length exceeded the capacity of the realpath function CAN-2004-1064. However, this caused severe regressions, some applications like SquirrelMail a...

10CVSS5.3AI score0.03735EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/17 3:48 p.m.79 views

USN-6900-1: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the HugeTLB file syst...

7.8CVSS7.4AI score0.01287EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/05/23 1:0 p.m.79 views

USN-6784-1: cJSON vulnerabilities

It was discovered that cJSON incorrectly handled certain input. An attacker could possibly use this issue to cause cJSON to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.10. CVE-2023-50471, CVE-2023-50472 Luo Jin discovered that cJSON incorrectly...

7.6CVSS6.3AI score0.01508EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/04/16 9:25 p.m.79 views

USN-6726-2: Linux kernel (IoT) vulnerabilities

Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash...

7.8CVSS6.9AI score0.01177EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/18 4:6 a.m.79 views

USN-6696-1: OpenJDK 8 vulnerabilities

Yi Yang discovered that the Hotspot component of OpenJDK 8 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. CVE-2024-20918 It was discovered that the Hotspot...

7.4CVSS7.2AI score0.01026EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/01/18 6:21 p.m.79 views

USN-6590-1: Xerces-C++ vulnerabilities

It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML data containing external DTDs, which could trigger a use-after-free error. If a user or automated system were tricked into processing a specially crafted XML document, an attacker could...

8.8CVSS6.9AI score0.09503EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/27 6:11 p.m.79 views

USN-6513-2: Python vulnerability

USN-6513-1 fixed vulnerabilities in Python. This update provides the corresponding updates for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. Original advisory details: It was discovered that Python incorrectly handled certain plist files. If a user or an automated system were tricked into...

5.3CVSS7.1AI score0.01447EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/11/15 9:38 a.m.79 views

USN-6449-2: FFmpeg regression

USN-6449-1 fixed vulnerabilities in FFmpeg. Unfortunately that update could introduce a regression in tools using an FFmpeg library, like VLC. This updated fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that FFmpeg incorrectly managed memory...

7.1AI score
Exploits0References1
Ubuntu
Ubuntu
added 2023/10/30 3:32 a.m.79 views

USN-6456-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-5722, CVE-2023-5724,...

9.8CVSS7.7AI score0.01585EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/10/19 5:31 p.m.79 views

USN-6439-1: Linux kernel vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Yu Hao and Weiteng Chen discovered that the Bluetooth HCI...

7.8CVSS7.5AI score0.00553EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/10/17 2:6 p.m.79 views

USN-6396-3: Linux kernel (Azure) vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Daniel Moghimi discovered that some IntelR Processors...

7.8CVSS7.7AI score0.03882EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/09/05 11:19 p.m.79 views

USN-6339-1: Linux kernel vulnerabilities

It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service system crash. CVE-2022-48425...

9.8CVSS6.7AI score0.02975EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/09/04 12:5 p.m.79 views

USN-6336-1: Docker Registry vulnerabilities

It was discovered that Docker Registry incorrectly handled certain crafted input, which allowed remote attackers to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2017-11468 It was discovered that Docker Registry incorrectly handled certain crafted input. An attacker...

7.5CVSS6.5AI score0.03192EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/08/31 10:19 p.m.79 views

USN-6330-1: Linux kernel (GCP) vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

7.8CVSS7.9AI score0.05794EPSS
Exploits5
Ubuntu
Ubuntu
added 2023/08/30 2:17 p.m.79 views

USN-6321-1: Linux kernel vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

7.8CVSS7.9AI score0.05794EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/08/24 5:34 p.m.79 views

USN-6306-1: Fast DDS vulnerabilities

It was discovered that Fast DDS incorrectly handled certain inputs. A remote attacker could possibly use this issue to cause a denial of service and information exposure. This issue only affected Ubuntu 22.04 LTS. CVE-2021-38425 It was discovered that Fast DDS incorrectly handled certain inputs. ...

9.1CVSS7.4AI score0.05237EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/05/30 1:55 p.m.79 views

USN-6118-1: Linux kernel (Oracle) vulnerabilities

Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service system crash. CVE-2022-3707 Jordy Zomer and Alexandra Sandulescu discover...

7.8CVSS7.1AI score0.00635EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/05/08 11:55 a.m.79 views

USN-6061-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS7.5AI score0.27076EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/05/05 10:14 a.m.79 views

USN-6057-1: Linux kernel (Intel IoTG) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 It was discovered that the OverlayFS...

7.8CVSS7.6AI score0.0788EPSS
Exploits15
Ubuntu
Ubuntu
added 2023/04/26 4:32 p.m.79 views

USN-6045-1: Linux kernel vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS7.2AI score0.05095EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/04/19 4:43 p.m.79 views

USN-6031-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 It was discovered that the Integrity...

7.8CVSS6.9AI score0.00608EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/03/27 3:5 a.m.79 views

USN-5954-2: Firefox regressions

USN-5954-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...

7.9AI score
Exploits0References1
Ubuntu
Ubuntu
added 2023/03/15 12:47 p.m.79 views

USN-5955-1: Emacs vulnerability

It was discovered that Emacs did not properly manage certain files when using htmlfontify functionality. A local attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary commands...

7.8CVSS7.8AI score0.01132EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/03/13 4:0 a.m.79 views

USN-5943-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

8.8CVSS7.8AI score0.00817EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/03/08 8:14 p.m.79 views

USN-5939-1: Linux kernel (GCP) vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

8.1CVSS7.7AI score0.03702EPSS
Exploits6
Ubuntu
Ubuntu
added 2023/03/07 3:26 p.m.79 views

USN-5933-1: Libtpms vulnerabilities

Francisco Falcon discovered that Libtpms did not properly manage memory when performing certain cryptographic operations. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. CVE-2023-1017, CVE-2023-1018 It was discovered that Libtpms did not...

7.8CVSS7.1AI score0.05552EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2023/03/07 12:14 p.m.79 views

USN-5931-1: Python vulnerability

It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2022-37454...

9.8CVSS7.4AI score0.05193EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/02/28 3:19 p.m.79 views

USN-5638-4: Expat vulnerabilities

USN-5638-1 fixed several vulnerabilities in Expat. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Rhodri James discovered that Expat incorrectly handled memory when processing certain malformed XML files. An attacker could possibly use this issue to...

8.1CVSS7.9AI score0.02241EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/01/09 11:24 a.m.79 views

USN-5787-2: Libksba vulnerability

USN-5787-1 fixed vulnerabilities in Libksba. This update provides the corresponding updates for Ubuntu 16.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that Libksba incorrectly handled parsing CRL signatures. A remote attacker could use this issue to cause Libksba to...

9.8CVSS8AI score0.0155EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/11/07 5:4 p.m.79 views

USN-5716-1: SQLite vulnerability

It was discovered that SQLite incorrectly handled certain long string arguments. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS8AI score0.19193EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/09/21 11:39 a.m.80 views

USN-5626-1: Bind vulnerabilities

Yehuda Afek, Anat Bremler-Barr, and Shani Stajnrod discovered that Bind incorrectly handled large delegations. A remote attacker could possibly use this issue to reduce performance, leading to a denial of service. CVE-2022-2795 It was discovered that Bind incorrectly handled statistics requests. ...

8.2CVSS6.8AI score0.02299EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/08/30 9:14 p.m.79 views

USN-5590-1: Linux kernel (OEM) vulnerability

Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service system crash...

7.5CVSS6.6AI score0.05542EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/07/26 3:20 p.m.79 views

USN-5534-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain values. If a user were tricked into processing a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. CVE-2022-32545, CVE-2022-32546 It was discovered th...

7.8CVSS6.8AI score0.01339EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/06/15 11:25 a.m.79 views

USN-5479-1: PHP vulnerabilities

Charles Fol discovered that PHP incorrectly handled initializing certain arrays when handling the pgqueryparams function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2022-31625 Charles Fol discovered that...

8.8CVSS8.7AI score0.5838EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/06/08 3:2 a.m.79 views

USN-5466-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

7.8CVSS7.1AI score0.0124EPSS
Exploits9
Ubuntu
Ubuntu
added 2022/05/31 5:43 p.m.79 views

USN-5451-1: InfluxDB vulnerability

Ilya Averyanov discovered that an InfluxDB vulnerability allowed attackers to bypass authentication and gain access to any known database user...

9.8CVSS8AI score0.30921EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/04/07 1:30 p.m.79 views

USN-5369-1: oslo.utils vulnerability

It was discovered that oslo.utils incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information...

4.9CVSS5.8AI score0.01335EPSS
Exploits1
Total number of security vulnerabilities5000