Lucene search
K
UbuntuMost viewed

10890 matches found

Ubuntu
Ubuntu
added 2023/03/13 4:0 a.m.79 views

USN-5943-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

8.8CVSS7.8AI score0.00817EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/03/08 8:14 p.m.79 views

USN-5939-1: Linux kernel (GCP) vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

8.1CVSS7.7AI score0.03702EPSS
Exploits6
Ubuntu
Ubuntu
added 2023/02/28 3:19 p.m.79 views

USN-5638-4: Expat vulnerabilities

USN-5638-1 fixed several vulnerabilities in Expat. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Rhodri James discovered that Expat incorrectly handled memory when processing certain malformed XML files. An attacker could possibly use this issue to...

8.1CVSS7.9AI score0.02241EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/02/07 6:56 p.m.79 views

USN-5847-1: Grunt vulnerabilities

It was discovered that Grunt was not properly loading YAML files before parsing them. An attacker could possibly use this issue to execute arbitrary code. CVE-2020-7729 It was discovered that Grunt was not properly handling symbolic links when performing file copy operations. An attacker could...

7.8CVSS7.1AI score0.02285EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/01/30 1:51 p.m.79 views

USN-5811-3: Sudo vulnerability

USN-5811-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly handled user-specified editors when using the sudoedit command. A local attacker that has...

7.8CVSS8.1AI score0.55367EPSS
Exploits20
Ubuntu
Ubuntu
added 2023/01/19 1:52 p.m.79 views

USN-5812-1: urllib3 vulnerability

It was discovered that urllib3 incorrectly handled certain characters in URLs. A remote attacker could possibly use this issue to cause urllib3 to consume resources, leading to a denial of service...

7.5CVSS7.3AI score0.03273EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/09 11:24 a.m.79 views

USN-5787-2: Libksba vulnerability

USN-5787-1 fixed vulnerabilities in Libksba. This update provides the corresponding updates for Ubuntu 16.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that Libksba incorrectly handled parsing CRL signatures. A remote attacker could use this issue to cause Libksba to...

9.8CVSS8AI score0.0155EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/10/07 9:44 p.m.79 views

USN-5664-1: OpenJPEG vulnerabilities

It was discovered that OpenJPEG did not properly handle PNM headers, resulting in a null pointer dereference. A remote attacker could possibly use this issue to cause a denial of service DoS. CVE-2016-7445 It was discovered that OpenJPEG incorrectly handled certain image files resulting in divisi...

9.8CVSS7AI score0.04191EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/09/21 11:39 a.m.80 views

USN-5626-1: Bind vulnerabilities

Yehuda Afek, Anat Bremler-Barr, and Shani Stajnrod discovered that Bind incorrectly handled large delegations. A remote attacker could possibly use this issue to reduce performance, leading to a denial of service. CVE-2022-2795 It was discovered that Bind incorrectly handled statistics requests. ...

8.2CVSS6.8AI score0.02299EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/08/30 9:14 p.m.79 views

USN-5590-1: Linux kernel (OEM) vulnerability

Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service system crash...

7.5CVSS6.6AI score0.05542EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/07/26 3:20 p.m.79 views

USN-5534-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain values. If a user were tricked into processing a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. CVE-2022-32545, CVE-2022-32546 It was discovered th...

7.8CVSS6.8AI score0.01339EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/06/08 3:2 a.m.79 views

USN-5466-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

7.8CVSS7.1AI score0.0124EPSS
Exploits9
Ubuntu
Ubuntu
added 2022/05/31 5:43 p.m.79 views

USN-5451-1: InfluxDB vulnerability

Ilya Averyanov discovered that an InfluxDB vulnerability allowed attackers to bypass authentication and gain access to any known database user...

9.8CVSS8AI score0.30921EPSS
Exploits3
Ubuntu
Ubuntu
added 2021/10/25 10:56 a.m.79 views

USN-5122-1: Apport vulnerability

It was discovered that Apport could be tricked into writing core files as root into arbitrary directories in certain scenarios. A local attacker could possibly use this issue to escalate privileges. This update will cause Apport to generate all core files in the /var/lib/apport/coredump directory...

5.6AI score
Exploits0References1
Ubuntu
Ubuntu
added 2021/06/10 8:52 p.m.79 views

USN-4986-4: rpcbind regression

USN-4986-1 fixed a vulnerability in rpcbind. The update caused a regression resulting in rpcbind crashing in certain environments. This update fixes the problem for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that rpcbind incorrectly handled certain large...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2021/03/15 9:11 p.m.79 views

USN-4791-1: Apache Tomcat 7 vulnerabilities

It was discovered that Apache Tomcat 7 did not protect applications from the presence of untrusted client data in an environment variable. A remote attacker could possible use this vulnerability to redirect the traffic to an arbitrary proxy and obtain sensitive information. CVE-2016-5388 It was...

8.1CVSS7.2AI score0.50896EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/12/09 4:30 p.m.79 views

USN-4667-1: APT vulnerability

Kevin Backhouse discovered that APT incorrectly handled certain packages. A local attacker could possibly use this issue to cause APT to crash or stop responding, resulting in a denial of service...

5.7CVSS6.5AI score0.00377EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/11/24 12:22 a.m.79 views

USN-4642-1: PDFResurrect vulnerability

It was discovered that PDFResurrect incorrectly handled certain memory operations during PDF summary generation. An attacker could use this to cause out-of-bounds writes, resulting in a denial of service system crash or arbitrary code execution...

7.8CVSS7.6AI score0.01337EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/11/10 3:23 p.m.79 views

USN-4625-1: Firefox vulnerability

A use-after-free was discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to execute arbitrary code...

9.3CVSS8.7AI score0.42327EPSS
Exploits4
Ubuntu
Ubuntu
added 2020/11/05 4:9 p.m.79 views

USN-4619-1: dom4j vulnerability

Mário Areias discovered that dom4j did not properly validate XML document elements. An attacker could exploit this with a crafted XML file to cause dom4j to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2018-1000632...

7.5CVSS6.8AI score0.0657EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/10/27 5:43 p.m.79 views

USN-3081-2: Tomcat vulnerability

Dawid Golunski discovered that the Tomcat init script incorrectly handled creating log files. A remote attacker could possibly use this issue to obtain root privileges...

7.8CVSS7.5AI score0.09783EPSS
Exploits8
Ubuntu
Ubuntu
added 2020/10/15 8:30 p.m.79 views

USN-4584-1: HtmlUnit vulnerability

It was discovered that HtmlUnit incorrectly initialized Rhino engine. An Attacker could possibly use this issue to execute arbitrary Java code...

8.1CVSS7.3AI score0.04719EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/09/28 3:11 p.m.79 views

USN-4549-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain specially crafted image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or other unspecified impact. CVE-2019-1994...

9.8CVSS8.2AI score0.03678EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/09/22 11:17 a.m.79 views

USN-4528-1: Ceph vulnerabilities

Adam Mohammed discovered that Ceph incorrectly handled certain CORS ExposeHeader tags. A remote attacker could possibly use this issue to preform an HTTP header injection attack. CVE-2020-10753 Lei Cao discovered that Ceph incorrectly handled certain POST requests with invalid tagging XML. A remo...

7.5CVSS7.1AI score0.02654EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/08/10 5:28 p.m.79 views

USN-4455-1: NSS vulnerabilities

It was discovered that NSS incorrectly handled certain signatures. An attacker could possibly use this issue to expose sensitive information. CVE-2020-12400, CVE-2020-12401, CVE-2020-6829...

5.3CVSS7.3AI score0.01449EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/08/10 1:42 p.m.79 views

USN-4454-1: Samba vulnerability

Martin von Wittich and Wilko Meyer discovered that Samba incorrectly handled certain empty UDP packets when being used as a AD DC NBT server. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service...

7.5CVSS7.9AI score0.03539EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/07/15 2:54 p.m.79 views

USN-4199-2: libvpx vulnerabilities

USN-4199-1 fixed several vulnerabilities in libvpx. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that libvpx did not properly handle certain malformed WebM media files. If an application using libvpx opened a specially crafted We...

7.8CVSS7.2AI score0.05092EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/06/29 1:10 p.m.79 views

USN-4406-1: Mailman vulnerability

It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this issue to inject arbitrary content in the login page...

4.3CVSS6.5AI score0.01888EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/06/22 1:35 p.m.79 views

USN-4400-1: nfs-utils vulnerability

It was discovered that the nfs-utils package set incorrect permissions on the /var/lib/nfs directory. An attacker could possibly use this issue to escalate privileges...

10CVSS7.7AI score0.01499EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/06/03 11:32 a.m.79 views

USN-4381-1: Django vulnerabilities

Dan Palmer discovered that Django incorrectly validated memcached cache keys. A remote attacker could possibly use this issue to cause a denial of service and obtain sensitive information. CVE-2020-13254 Jon Dufresne discovered that Django incorrectly encoded query parameters for the admin...

6.1CVSS6.7AI score0.06041EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/04/30 10:54 p.m.79 views

USN-4349-1: EDK II vulnerabilities

A buffer overflow was discovered in the network stack. An unprivileged user could potentially enable escalation of privilege and/or denial of service. This issue was already fixed in a previous release for 18.04 LTS and 19.10. CVE-2018-12178 A buffer overflow was discovered in BlockIo service. An...

9.1CVSS7.3AI score0.02271EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/03/30 12:22 p.m.79 views

USN-4310-1: WebKitGTK+ vulnerability

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

9.8CVSS6.9AI score0.04987EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/01/09 6:44 p.m.79 views

USN-4229-1: NTP vulnerability

It was discovered that ntpq and ntpdc incorrectly handled some arguments. An attacker could possibly use this issue to cause ntpq or ntpdc to crash, execute arbitrary code, or escalate to higher privileges...

9.8CVSS7.2AI score0.29037EPSS
Exploits5
Ubuntu
Ubuntu
added 2018/09/05 4:29 p.m.79 views

USN-3759-2: libtirpc vulnerabilities

USN-3759-1 fixed a vulnerability in libtirpc. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Aldy Hernandez discovered that libtirpc incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service...

7.8CVSS6.8AI score0.81921EPSS
Exploits4
Ubuntu
Ubuntu
added 2018/08/14 7:58 p.m.79 views

USN-3739-2: libxml2 vulnerabilities

USN-3739-1 fixed a vulnerability in libxml2. This update provides the corresponding update for Ubuntu 12.04. Original advisory details: Matias Brutti discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information...

7.5CVSS7AI score0.03681EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/07/10 4:6 p.m.79 views

USN-3705-2: Firefox regressions

USN-3705-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafte...

7.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2018/06/12 11:21 a.m.79 views

USN-3679-1: QEMU update

Ken Johnson and Jann Horn independently discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via sidechannel attacks. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This update...

5.5CVSS7.2AI score0.60631EPSS
Exploits2
Ubuntu
Ubuntu
added 2018/05/11 4:17 p.m.79 views

USN-3645-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, bypass same-origin restrictions, conduct cross-site scripting XSS attacks, install...

10CVSS7.4AI score0.21288EPSS
Exploits4
Ubuntu
Ubuntu
added 2018/04/19 1:56 p.m.79 views

USN-3628-1: OpenSSL vulnerability

Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia discovered that OpenSSL incorrectly handled RSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private RSA keys...

5.9CVSS6.2AI score0.12046EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/12/07 10:13 p.m.79 views

USN-3508-1: Linux kernel vulnerabilities

Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem XFRM in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-16939 It was discovered that the Linux kernel did not...

7.8CVSS6.4AI score0.02841EPSS
Exploits12
Ubuntu
Ubuntu
added 2017/09/20 6:0 p.m.79 views

USN-3414-2: QEMU regression

USN-3414-1 fixed vulnerabilities in QEMU. The patch backport for CVE-2017-9375 was incomplete and caused a regression in the USB xHCI controller emulation support. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Leo Gaspard discovered that QEMU...

6.8AI score0.04093EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2017/06/22 2:19 a.m.79 views

USN-3327-1: Linux kernel (Raspberry Pi 2) vulnerability

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges...

7.4CVSS7.8AI score0.05186EPSS
Exploits3
Ubuntu
Ubuntu
added 2017/06/06 11:56 p.m.79 views

USN-3313-1: Linux kernel vulnerability

It was discovered that a buffer overflow existed in the trace subsystem in the Linux kernel. A privileged local attacker could use this to execute arbitrary code...

7AI score
Exploits0
Ubuntu
Ubuntu
added 2017/02/22 7:49 a.m.79 views

USN-3209-1: Linux kernel vulnerabilities

It was discovered that the generic SCSI block layer in the Linux kernel did not properly restrict write operations in certain situations. A local attacker could use this to cause a denial of service system crash or possibly gain administrative privileges. CVE-2016-10088 Jim Mattson discovered tha...

7.8CVSS6.8AI score0.0596EPSS
Exploits13
Ubuntu
Ubuntu
added 2016/11/11 9:25 a.m.79 views

USN-3126-2: Linux kernel (OMAP4) vulnerabilities

Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service system crash. CVE-2016-7042 Dmitry Vyukov discovered a use-after-free...

10CVSS7.3AI score0.24299EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/10/24 5:50 p.m.79 views

USN-3107-2: Linux kernel (Raspberry Pi 2) vulnerability

It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges...

7.2CVSS7.6AI score0.83524EPSS
Exploits81
Ubuntu
Ubuntu
added 2016/08/16 11:13 p.m.79 views

USN-3062-1: OpenJDK 7 vulnerabilities

Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. CVE-2016-3598, CVE-2016-3606,...

9.6CVSS7.5AI score0.0669EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/07/14 10:10 p.m.79 views

USN-3036-1: Linux kernel (Utopic HWE) vulnerability

Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving pages mapped by the asynchronous I/O AIO ring buffer to the other nodes. A local attacker could use this to cause a denial of service system crash...

7.8CVSS7.3AI score0.00419EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/03/14 4:47 p.m.79 views

USN-2931-1: Linux kernel (Utopic HWE) vulnerabilities

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPTSOSETREPLACE events. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges...

8.4CVSS7.2AI score0.03723EPSS
Exploits11
Ubuntu
Ubuntu
added 2016/03/08 1:51 p.m.79 views

USN-2922-1: Samba vulnerabilities

Jeremy Allison discovered that Samba incorrectly handled ACLs on symlink paths. A remote attacker could use this issue to overwrite the ownership of ACLs using symlinks. CVE-2015-7560 Garming Sam and Douglas Bagnall discovered that the Samba internal DNS server incorrectly handled certain DNS TXT...

6.5CVSS6.4AI score0.12938EPSS
Exploits0
Total number of security vulnerabilities5000