Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2016/02/26 9:45 p.m.•80 views

USN-2908-4: Linux kernel regression

USN-2908-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 15.10 guests running within VMWare virtual machines. This update fixes the problem. We apologize for the inconvenience. Original advisory...

7.3AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2016/02/22 8:10 p.m.•80 views

USN-2907-2: Linux kernel (Trusty HWE) vulnerabilities

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. CVE-2016-1576 halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security...

7.8CVSS6.7AI score0.0123EPSS
Exploits4
Ubuntu
Ubuntu
•added 2015/11/04 9:1 p.m.•80 views

USN-2791-1: NSS vulnerabilities

Tyson Smith and David Keeler discovered that NSS incorrectly handled decoding certain ASN.1 data. An remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.9AI score0.10238EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/07/07 9:47 a.m.•80 views

USN-2666-1: Linux kernel vulnerabilities

A race condition was discovered in the Linux kernel's filehandle size verification. A local user could exploit this flaw to read potentially sensative memory locations. CVE-2015-1420 A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote...

9CVSS6.8AI score0.08339EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/07/07 9:39 a.m.•80 views

USN-2663-1: Linux kernel vulnerabilities

Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes xattrs. A local attacker could exploit this flaw to bypass ACLs and potentially escalate privileges. CVE-2014-9710 A race condition was discovered in the Linux kernel's filehandle size...

9CVSS6.8AI score0.08339EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/01/27 8:56 p.m.•80 views

USN-2486-1: OpenJDK 6 vulnerabilities

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. CVE-2014-3566, CVE-2014-6587, CVE-2014-6601, CVE-2015-0395,...

10CVSS6.5AI score0.99999EPSS
Exploits12
Ubuntu
Ubuntu
•added 2015/01/13 12:38 p.m.•80 views

USN-2468-1: Linux kernel vulnerabilities

A null pointer dereference flaw was discovered in the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service system crash via a malformed INIT chunk. CVE-2014-7841 A race condition with MMIO and PIO transactions in the KV...

6.1CVSS6.8AI score0.0523EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/12/19 12:43 p.m.•80 views

USN-2448-2: Linux kernel regression

USN-2448-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression TCP Throughput drops to zero for several drivers after upgrading. This update fixes the problem. We apologize for the inconvenience. Original advisory details: An information leak in the Linux kernel was discover...

6.8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2014/08/26 1:0 a.m.•80 views

USN-2319-2: OpenJDK 7 regression

USN-2319-1 fixed vulnerabilities in OpenJDK 7. Due to an upstream regression, verifying of the init method call would fail when it was done from inside a branch when stack frames are activated. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Several...

7AI score0.06118EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2014/06/27 8:53 a.m.•80 views

USN-2263-1: Linux kernel (OMAP4) vulnerabilities

Salva Peiró discovered an information leak in the Linux kernel's media- device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. CVE-2014-1739 A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user...

4.9CVSS6.8AI score0.01121EPSS
Exploits4
Ubuntu
Ubuntu
•added 2014/06/23 11:52 a.m.•80 views

USN-2232-3: OpenSSL regression

USN-2232-1 fixed vulnerabilities in OpenSSL. The upstream fix for CVE-2014-0224 caused a regression for certain applications that use renegotiation, such as PostgreSQL. This update fixes the problem. Original advisory details: Jüri Aedla discovered that OpenSSL incorrectly handled invalid DTLS...

7.6AI score0.95326EPSS
Exploits9References1
Ubuntu
Ubuntu
•added 2014/03/07 12:6 p.m.•80 views

USN-2141-1: Linux kernel (OMAP4) vulnerabilities

Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported a flaw in the Linux Kernel's kvmvmioctlcreatevcpu function ...

7.2CVSS7AI score0.10209EPSS
Exploits9
Ubuntu
Ubuntu
•added 2014/01/03 10:52 a.m.•80 views

USN-2069-1: Linux kernel (Raring HWE) vulnerabilities

Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload UFO. An unprivileged local user could exploit this flaw to cause a denial of service system crash or possibly gain administrative privileges. CVE-2013-4470 Multiple integer overflow flaws were discovered in the...

6.9CVSS7.1AI score0.01485EPSS
Exploits8
Ubuntu
Ubuntu
•added 2013/12/03 7:44 p.m.•80 views

USN-2046-1: Linux kernel (OMAP4) vulnerabilities

A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. CVE-2013-4299 Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload UFO. An unprivileged...

6.9CVSS7.3AI score0.0381EPSS
Exploits2
Ubuntu
Ubuntu
•added 2013/11/08 9:41 p.m.•80 views

USN-2018-1: Linux kernel (OMAP4) vulnerabilities

A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. CVE-2012-5374 A denial of service flaw was discovered in the Btrfs file system in...

4CVSS6.6AI score0.00858EPSS
Exploits2
Ubuntu
Ubuntu
•added 2013/08/20 12:23 p.m.•80 views

USN-1934-1: Linux kernel (OMAP4) vulnerabilities

Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2013-1059 An information leak was discovered in the Linux kernel's fanotify interface. A local user could exploit this flaw to obtai...

7.8CVSS6.9AI score0.04546EPSS
Exploits1
Ubuntu
Ubuntu
•added 2013/07/29 10:23 p.m.•80 views

USN-1919-1: Linux kernel vulnerability

Kees Cook discovered a format string vulnerability in the Broadcom B43 wireless driver for the Linux kernel. A local user could exploit this flaw to gain administrative privileges. CVE-2013-2852 Marcus Moeller and Ken Fallon discovered that the CIFS incorrectly built certain paths. A local attack...

7.8CVSS6.5AI score0.03644EPSS
Exploits2
Ubuntu
Ubuntu
•added 2013/05/16 1:44 a.m.•80 views

USN-1825-1: Linux kernel vulnerability

An flaw was discovered in the Linux kernel's perfevents interface. A local user could exploit this flaw to escalate privileges on the system...

8.4CVSS7.6AI score0.47709EPSS
Exploits15
Ubuntu
Ubuntu
•added 2013/05/15 5:17 p.m.•81 views

USN-1824-1: Linux kernel vulnerabilities

Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver. A local user could exploit this flaw to examine some of the kernel's heap memory. CVE-2012-6549 Mathias Krause discovered a flaw in xfrmuser in the Linux kernel. A local attacker with NETADMIN...

6.9CVSS6.9AI score0.0082EPSS
Exploits2
Ubuntu
Ubuntu
•added 2013/04/23 9:0 p.m.•80 views

USN-1806-1: OpenJDK 7 vulnerabilities

Ben Murphy discovered a vulnerability in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to execute arbitrary code. CVE-2013-0401 James Forshaw discovered a vulnerability in the OpenJDK JRE related to information disclosure, data integrity and...

10CVSS7.5AI score0.86963EPSS
Exploits21
Ubuntu
Ubuntu
•added 2013/01/18 4:20 a.m.•80 views

USN-1700-1: Linux kernel (OMAP4) vulnerabilities

A flaw was discovered in the Linux kernel's handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents. CVE-2012-4530 Florian Weimer discovered that hypervkvpd, which is distributed in the Linux kernel, was not...

4.9CVSS5.7AI score0.00882EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/10/12 10:12 a.m.•80 views

USN-1610-1: Linux kernel vulnerability

Pablo Neira Ayuso discovered a flaw in the credentials of netlink messages. An unprivileged local attacker could exploit this by getting a netlink based service, that relies on netlink credentials, to perform privileged actions. CVE-2012-3520 Mathias Krause discovered information leak in the Linu...

7.8CVSS6.6AI score0.0048EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/09/10 9:55 p.m.•80 views

USN-1562-1: Linux kernel (Natty backport) vulnerability

Some errors where discovered in the Linux kernel's UDF file system, which is used to mount some CD-ROMs and DVDs. An unprivileged local user could use these flaws to crash the system...

7.6CVSS7.8AI score0.08738EPSS
Exploits1
Ubuntu
Ubuntu
•added 2012/07/17 10:5 p.m.•80 views

USN-1509-1: Firefox vulnerabilities

Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smith, Gary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit...

10CVSS8.7AI score0.05488EPSS
Exploits1References2
Ubuntu
Ubuntu
•added 2012/03/23 3:48 a.m.•80 views

USN-1403-1: FreeType vulnerabilities

Mateusz Jurczyk discovered that FreeType did not correctly handle certain malformed BDF font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash. CVE-2012-1126 Mateusz Jurczyk discovered that FreeType did not correctly handle...

10CVSS5.8AI score0.05637EPSS
Exploits0
Ubuntu
Ubuntu
•added 2012/03/21 10:47 p.m.•80 views

USN-1400-3: Thunderbird vulnerabilities

USN-1400-1 fixed vulnerabilities in Firefox. This update provides the corresponding fixes for Thunderbird. Original advisory details: Soroush Dalili discovered that Firefox did not adequately protect against dropping JavaScript links onto a frame. A remote attacker could, through cross-site...

9.3CVSS8.8AI score0.0663EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2012/03/07 5:12 p.m.•80 views

USN-1394-1: linux-ti-omap4 vulnerabilities

Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's handling of IPv4 icmp packets. A remote user could exploit this to cause a denial of service. CVE-2011-1927 Vegard Nossum discovered a leak in the kernel's inotifyinit system call. A local, unprivileged user could exploit...

7.8CVSS6.7AI score0.02591EPSS
Exploits9
Ubuntu
Ubuntu
•added 2011/12/13 1:5 p.m.•80 views

USN-1302-1: Linux kernel (OMAP4) vulnerabilities

A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. CVE-2011-4077 Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions...

7.2CVSS6.2AI score0.03212EPSS
Exploits6
Ubuntu
Ubuntu
•added 2011/08/23 7:30 a.m.•80 views

USN-1195-1: WebKit vulnerabilities

A large number of security issues were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

10CVSS7.7AI score0.06513EPSS
Exploits20
Ubuntu
Ubuntu
•added 2011/04/29 11:52 p.m.•80 views

USN-1112-1: Firefox and Xulrunner vulnerabilities

It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Firefox. CVE-2011-0081 It was discovered that Firefox incorrectly handled certain JavaScript requests. An attacker...

10CVSS8.8AI score0.73655EPSS
Exploits20
Ubuntu
Ubuntu
•added 2011/03/25 3:39 p.m.•80 views

USN-1092-1: Linux Kernel vulnerabilities

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4075, CVE-2010-4077 Dan Rosenberg discovered that the socket filters did not...

4.7CVSS5.7AI score0.0104EPSS
Exploits11
Ubuntu
Ubuntu
•added 2010/10/28 1:36 a.m.•80 views

USN-1011-1: Firefox vulnerability

Morten Krakvik discovered a heap-based buffer overflow in Firefox. If a user were tricked into navigating to a malicious site, an attacker could cause a denial of service or possibly execute arbitrary code as the user invoking the program...

9.8CVSS9.2AI score0.83279EPSS
Exploits14
Ubuntu
Ubuntu
•added 2010/09/08 9:13 p.m.•80 views

USN-978-1: Thunderbird vulnerabilities

Several dangling pointer vulnerabilities were discovered in Thunderbird. An attacker could exploit this to crash Thunderbird or possibly run arbitrary code as the user invoking the program. CVE-2010-2760, CVE-2010-2767, CVE-2010-3167 It was discovered that the XPCSafeJSObjectWrapper SJOW security...

9.3CVSS8.9AI score0.06527EPSS
Exploits0
Ubuntu
Ubuntu
•added 2010/06/30 7:41 p.m.•80 views

USN-930-3: Firefox regression

USN-930-1 fixed vulnerabilities in Firefox. Due to a software packaging problem, the Firefox 3.6 update could not be installed when the firefox-2 package was also installed. This update fixes the problem and updates apturl for the change. Original advisory details: If was discovered that Firefox...

9.1AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2008/06/17 8:17 p.m.•80 views

USN-617-1: Samba vulnerabilities

Samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. When samba is configured as a Primary or Backup Domain Controller, a remote attacker could send malicious logon requests and possibly cause a denial of service...

9.3CVSS8.7AI score0.69085EPSS
Exploits3
Ubuntu
Ubuntu
•added 2008/01/09 11:42 p.m.•80 views

USN-566-1: OpenSSH vulnerability

Jan Pechanec discovered that ssh would forward trusted X11 cookies when untrusted cookie generation failed. This could lead to unintended privileges being forwarded to a remote host...

7.5CVSS7.5AI score0.02374EPSS
Exploits0
Ubuntu
Ubuntu
•added 2007/09/25 12:13 a.m.•80 views

USN-518-1: linux-source-2.6.15, linux-source-2.6.17, linux-source-2.6.20 vulnerabilities

Evan Teran discovered that the Linux kernel ptrace routines did not correctly handle certain requests robustly. Local attackers could exploit this to crash the system, causing a denial of service. CVE-2007-3731 It was discovered that hugetlb kernels on PowerPC systems did not prevent the stack fr...

7.2CVSS5.2AI score0.0082EPSS
Exploits2
Ubuntu
Ubuntu
•added 2007/06/06 5:25 a.m.•80 views

USN-469-1: Thunderbird vulnerabilities

Gaëtan Leurent showed a weakness in APOP authentication. An attacker posing as a trusted server could recover portions of the user's password via multiple authentication attempts. CVE-2007-1558 Various flaws were discovered in the layout and JavaScript engines. By tricking a user into opening a...

9.3CVSS8.3AI score0.04868EPSS
Exploits1
Ubuntu
Ubuntu
•added 2005/03/24 5:45 p.m.•80 views

USN-99-2: Fixed php4 packages for USN-99-1

USN-99-1 fixed a safe mode bypass which allowed malicious PHP scripts to circumvent path restrictions by creating a specially crafted directory whose length exceeded the capacity of the realpath function CAN-2004-1064. However, this caused severe regressions, some applications like SquirrelMail a...

10CVSS5.3AI score0.03735EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/07/17 3:48 p.m.•79 views

USN-6900-1: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the HugeTLB file syst...

7.8CVSS7.4AI score0.01287EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/05/23 1:0 p.m.•79 views

USN-6784-1: cJSON vulnerabilities

It was discovered that cJSON incorrectly handled certain input. An attacker could possibly use this issue to cause cJSON to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.10. CVE-2023-50471, CVE-2023-50472 Luo Jin discovered that cJSON incorrectly...

7.6CVSS6.3AI score0.01508EPSS
Exploits3
Ubuntu
Ubuntu
•added 2024/04/16 9:25 p.m.•79 views

USN-6726-2: Linux kernel (IoT) vulnerabilities

Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash...

7.8CVSS6.9AI score0.01177EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/03/18 4:6 a.m.•79 views

USN-6696-1: OpenJDK 8 vulnerabilities

Yi Yang discovered that the Hotspot component of OpenJDK 8 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. CVE-2024-20918 It was discovered that the Hotspot...

7.4CVSS7.2AI score0.01026EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/01/18 6:21 p.m.•79 views

USN-6590-1: Xerces-C++ vulnerabilities

It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML data containing external DTDs, which could trigger a use-after-free error. If a user or automated system were tricked into processing a specially crafted XML document, an attacker could...

8.8CVSS6.9AI score0.09503EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/15 9:38 a.m.•79 views

USN-6449-2: FFmpeg regression

USN-6449-1 fixed vulnerabilities in FFmpeg. Unfortunately that update could introduce a regression in tools using an FFmpeg library, like VLC. This updated fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that FFmpeg incorrectly managed memory...

7.1AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/10/30 3:32 a.m.•79 views

USN-6456-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-5722, CVE-2023-5724,...

9.8CVSS7.7AI score0.01585EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/19 11:18 p.m.•79 views

USN-6445-1: Linux kernel (Intel IoTG) vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Daniel Trujillo, Johannes Wikner, and Kaveh Razavi...

9.1CVSS8.2AI score0.54577EPSS
Exploits11
Ubuntu
Ubuntu
•added 2023/10/19 5:31 p.m.•79 views

USN-6439-1: Linux kernel vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Yu Hao and Weiteng Chen discovered that the Bluetooth HCI...

7.8CVSS7.5AI score0.00553EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/09/05 11:19 p.m.•79 views

USN-6339-1: Linux kernel vulnerabilities

It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service system crash. CVE-2022-48425...

9.8CVSS6.7AI score0.02975EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/04 12:5 p.m.•79 views

USN-6336-1: Docker Registry vulnerabilities

It was discovered that Docker Registry incorrectly handled certain crafted input, which allowed remote attackers to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2017-11468 It was discovered that Docker Registry incorrectly handled certain crafted input. An attacker...

7.5CVSS6.5AI score0.03192EPSS
Exploits0
Total number of security vulnerabilities5000