Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2018/07/24 5:58 p.m.•80 views

USN-3721-1: Apache Ant vulnerability

Danny Grander discovered that Apache Ant incorrectly handled certain compressed files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could use this issue to overwrite arbitrary files...

5.8AI score
Exploits0
Ubuntu
Ubuntu
•added 2018/06/12 11:21 a.m.•79 views

USN-3679-1: QEMU update

Ken Johnson and Jann Horn independently discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via sidechannel attacks. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This update...

5.5CVSS7.2AI score0.60631EPSS
Exploits2
Ubuntu
Ubuntu
•added 2018/05/11 4:17 p.m.•79 views

USN-3645-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, bypass same-origin restrictions, conduct cross-site scripting XSS attacks, install...

10CVSS7.4AI score0.21288EPSS
Exploits4
Ubuntu
Ubuntu
•added 2018/04/19 1:56 p.m.•79 views

USN-3628-1: OpenSSL vulnerability

Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia discovered that OpenSSL incorrectly handled RSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private RSA keys...

5.9CVSS6.2AI score0.12046EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/04/16 12:47 p.m.•79 views

USN-3625-1: Perl vulnerabilities

It was discovered that Perl incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause Perl to hang, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2015-8853 It was discovered that Perl incorrectly loaded libraries from th...

9.8CVSS7.4AI score0.10866EPSS
Exploits1
Ubuntu
Ubuntu
•added 2017/09/20 6:0 p.m.•79 views

USN-3414-2: QEMU regression

USN-3414-1 fixed vulnerabilities in QEMU. The patch backport for CVE-2017-9375 was incomplete and caused a regression in the USB xHCI controller emulation support. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Leo Gaspard discovered that QEMU...

6.8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2017/05/16 4:12 p.m.•79 views

USN-3289-1: QEMU vulnerabilities

Li Qiang discovered that QEMU incorrectly handled VirtFS directory sharing. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2017-7377, CVE-2017-8086 Jiangxin discovered that QEMU incorrectly handled the Cirrus VGA device. A...

7.8CVSS7.7AI score0.04544EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/02/22 7:49 a.m.•79 views

USN-3209-1: Linux kernel vulnerabilities

It was discovered that the generic SCSI block layer in the Linux kernel did not properly restrict write operations in certain situations. A local attacker could use this to cause a denial of service system crash or possibly gain administrative privileges. CVE-2016-10088 Jim Mattson discovered tha...

7.8CVSS6.8AI score0.0596EPSS
Exploits13
Ubuntu
Ubuntu
•added 2016/11/11 9:25 a.m.•79 views

USN-3126-2: Linux kernel (OMAP4) vulnerabilities

Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service system crash. CVE-2016-7042 Dmitry Vyukov discovered a use-after-free...

10CVSS7.3AI score0.24299EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/10/24 5:50 p.m.•79 views

USN-3107-2: Linux kernel (Raspberry Pi 2) vulnerability

It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges...

7.2CVSS7.6AI score0.83524EPSS
Exploits81
Ubuntu
Ubuntu
•added 2016/08/16 11:13 p.m.•79 views

USN-3062-1: OpenJDK 7 vulnerabilities

Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. CVE-2016-3598, CVE-2016-3606,...

9.6CVSS7.5AI score0.0669EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/07/14 10:10 p.m.•79 views

USN-3036-1: Linux kernel (Utopic HWE) vulnerability

Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving pages mapped by the asynchronous I/O AIO ring buffer to the other nodes. A local attacker could use this to cause a denial of service system crash...

7.8CVSS7.3AI score0.00419EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/06/10 5:40 a.m.•79 views

USN-3001-1: Linux kernel (Vivid HWE) vulnerabilities

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-2117 Jann Horn discovered that eCryptfs improperly attempted to use...

10CVSS6.8AI score0.2593EPSS
Exploits19
Ubuntu
Ubuntu
•added 2016/05/25 5:20 p.m.•79 views

USN-2950-5: Samba regression

USN-2950-1 fixed vulnerabilities in Samba. USN-2950-3 updated Samba to version 4.3.9, which introduced a regression when using the ntlmauth tool. This update fixes the problem. Original advisory details: Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation....

7.1AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2016/03/14 4:47 p.m.•79 views

USN-2931-1: Linux kernel (Utopic HWE) vulnerabilities

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPTSOSETREPLACE events. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges...

8.4CVSS7.2AI score0.03723EPSS
Exploits11
Ubuntu
Ubuntu
•added 2016/03/08 1:51 p.m.•79 views

USN-2922-1: Samba vulnerabilities

Jeremy Allison discovered that Samba incorrectly handled ACLs on symlink paths. A remote attacker could use this issue to overwrite the ownership of ACLs using symlinks. CVE-2015-7560 Garming Sam and Douglas Bagnall discovered that the Samba internal DNS server incorrectly handled certain DNS TXT...

6.5CVSS6.4AI score0.12938EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/02/02 1:57 a.m.•79 views

USN-2889-2: Linux kernel (Vivid HWE) vulnerabilities

It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollctl calls to cause a denial of service system crash or expose sensitive information. CVE-2013-7446 It was discovered that the KVM implementation ...

10CVSS6.4AI score0.09235EPSS
Exploits1
Ubuntu
Ubuntu
•added 2016/01/19 4:18 p.m.•79 views

USN-2870-1: Linux kernel vulnerability

Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

7.8CVSS7.9AI score0.03646EPSS
Exploits14
Ubuntu
Ubuntu
•added 2016/01/08 12:41 p.m.•79 views

USN-2865-1: GnuTLS vulnerability

Karthikeyan Bhargavan and Gaetan Leurent discovered that GnuTLS incorrectly allowed MD5 to be used for TLS 1.2 connections. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to view sensitive information...

5.9CVSS7.7AI score0.0288EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/12/19 11:42 a.m.•79 views

USN-2850-1: Linux kernel vulnerabilities

Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service crash the host or potentially execute arbitrary code on the host. CVE-2015-8550...

8.2CVSS7.2AI score0.0108EPSS
Exploits2
Ubuntu
Ubuntu
•added 2015/12/10 5:43 p.m.•79 views

USN-2825-1: Oxide vulnerabilities

Multiple use-after-free bugs were discovered in the application cache implementation in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the...

10CVSS8.4AI score0.08115EPSS
Exploits6
Ubuntu
Ubuntu
•added 2015/12/01 9:59 p.m.•79 views

USN-2824-1: Linux kernel (Utopic HWE) vulnerability

Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. A local unprivileged attacker could use this to cause a denial of service system crash...

2.1CVSS6.3AI score0.00508EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/07/23 11:50 p.m.•79 views

USN-2682-1: Linux kernel (Utopic HWE) vulnerabilities

A flaw was discovered in the kvm kernel virtual machine subsystem's kvmapichasevents function. A unprivileged local user could exploit this flaw to cause a denial of service system crash. CVE-2015-4692 A flaw was discovered in how the Linux kernel handles invalid UDP checksums. A remote attacker...

7.8CVSS7.1AI score0.06267EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/07/09 8:16 p.m.•79 views

USN-2656-1: Firefox vulnerabilities

Karthikeyan Bhargavan discovered that NSS incorrectly handled state transitions for the TLS state machine. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to skip the ServerKeyExchange message and remove the forward-secrecy property...

10CVSS8AI score0.9986EPSS
Exploits2
Ubuntu
Ubuntu
•added 2015/04/08 10:27 p.m.•79 views

USN-2563-1: Linux kernel vulnerabilities

Sun Baoliang discovered a use after free flaw in the Linux kernel's SCTP Stream Control Transmission Protocol subsystem during INIT collisions. A remote attacker could exploit this flaw to cause a denial of service system crash or potentially escalate their privileges on the system. CVE-2015-1421...

10CVSS6.7AI score0.09828EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/02/26 11:31 a.m.•79 views

USN-2518-1: Linux kernel vulnerabilities

A flaw was discovered in the Kernel Virtual Machine's KVM emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS crash or potentially gain privileges on the guest OS...

7.8CVSS6.8AI score0.05489EPSS
Exploits4
Ubuntu
Ubuntu
•added 2015/01/13 11:32 a.m.•79 views

USN-2462-1: Linux kernel vulnerabilities

Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment SS register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. CVE-2014-9322 Lars Bull reported a race condition in the PIT...

7.8CVSS6.9AI score0.01504EPSS
Exploits9
Ubuntu
Ubuntu
•added 2014/12/02 8:24 p.m.•79 views

USN-2424-1: Firefox vulnerabilities

Gary Kwong, Randell Jesup, Nils Ohlmeier, Jesse Ruderman, Max Jonas Werner, Christian Holler, Jon Coppeard, Eric Rahm, Byron Campen, Eric Rescorla, and Xidorn Quan discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker...

6.8CVSS8.4AI score0.04052EPSS
Exploits0
Ubuntu
Ubuntu
•added 2014/09/23 8:33 p.m.•79 views

USN-2356-1: Linux kernel vulnerabilities

Jack Morgenstein reported a flaw in the page handling of the KVM Kerenl Virtual Machine subsystem in the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service host OS memory corruption or possibly have other unspecified impact on the host OS. CVE-2014-3601 Chris Evans...

4.3CVSS6.8AI score0.01168EPSS
Exploits3
Ubuntu
Ubuntu
•added 2014/05/26 12:10 p.m.•79 views

USN-2219-1: Linux kernel vulnerabilities

Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. CVE-2014-1738 Matthew Daley reported a flaw in the handling of ioctl commands by the floppy...

7.2CVSS6.9AI score0.00524EPSS
Exploits3
Ubuntu
Ubuntu
•added 2014/04/26 1:48 p.m.•79 views

USN-2178-1: Linux kernel vulnerabilities

A flaw was discovered in the Kernel Virtual Machine KVM subsystem of the Linux kernel. A guest OS user could exploit this flaw to execute arbitrary code on the host OS. CVE-2014-0049 Al Viro discovered an error in how CIFS in the Linux kernel handles uncached write operations. An unprivileged loc...

7.4CVSS7.2AI score0.00775EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/02/04 7:47 p.m.•79 views

USN-2098-1: LibYAML vulnerability

Florian Weimer discovered that LibYAML incorrectly handled certain large yaml documents. An attacker could use this issue to cause LibYAML to crash, resulting in a denial of service, or possibly execute arbitrary code...

6.8CVSS6.6AI score0.09312EPSS
Exploits0
Ubuntu
Ubuntu
•added 2013/09/27 12:55 p.m.•79 views

USN-1975-1: Linux kernel (OMAP4) vulnerabilities

Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A failure to validate block numbers was discovered in the Linux kernel's implementation of th...

6.9CVSS6.5AI score0.0044EPSS
Exploits0
Ubuntu
Ubuntu
•added 2013/05/01 5:23 p.m.•79 views

USN-1809-1: Linux kernel vulnerabilities

Mathias Krause discovered an information leak in the Linux kernel's UDF file system implementation. A local user could exploit this flaw to examine some of the kernel's heap memory. CVE-2012-6548 Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver...

7.2CVSS7.3AI score0.04707EPSS
Exploits7
Ubuntu
Ubuntu
•added 2013/04/08 11:5 p.m.•79 views

USN-1795-1: Linux kernel (Quantal HWE) vulnerabilities

Andrew Jones discovered a flaw with the xeniret function in Linux kernel's Xen virtualizeation. In the 32-bit Xen paravirt platform an unprivileged guest OS user could exploit this flaw to cause a denial of service crash the system or gain guest OS privilege. CVE-2013-0228 Emese Revfy discovered...

6.2CVSS6.3AI score0.005EPSS
Exploits4
Ubuntu
Ubuntu
•added 2013/01/14 5:58 p.m.•79 views

USN-1686-1: FreeType vulnerabilities

Mateusz Jurczyk discovered that FreeType did not correctly handle certain malformed BDF font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges...

4.3CVSS8.8AI score0.03857EPSS
Exploits0
Ubuntu
Ubuntu
•added 2012/12/19 12:35 a.m.•79 views

USN-1671-1: Linux kernel vulnerability

Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. CVE-2012-4508 A flaw was discovered in the Linux kernel's handling of new hot-plugged memory. An unprivileged local user...

4.7CVSS6.6AI score0.00387EPSS
Exploits1
Ubuntu
Ubuntu
•added 2012/12/03 3:53 p.m.•79 views

USN-1638-3: Firefox regressions

USN-1638-1 fixed vulnerabilities in Firefox. The new packages introduced regressions in cookies handling and the User Agent string. This update fixes the problem. Original advisory details: Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky,...

8.8AI score
Exploits0References2
Ubuntu
Ubuntu
•added 2012/11/30 8:34 a.m.•79 views

USN-1645-1: Linux kernel (OMAP4) vulnerabilities

Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. CVE-2012-0957 Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit...

6.2CVSS7.2AI score0.00959EPSS
Exploits4
Ubuntu
Ubuntu
•added 2012/09/19 9:2 p.m.•79 views

USN-1574-1: Linux kernel (Natty backport) vulnerabilities

A flaw was found in how the Linux kernel passed the replacement session keyring to a child process. An unprivileged local user could exploit this flaw to cause a denial of service panic. CVE-2012-2745 Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO TCP...

7.8CVSS6.5AI score0.06158EPSS
Exploits5
Ubuntu
Ubuntu
•added 2012/07/02 9:13 p.m.•79 views

USN-1496-1: OpenOffice.org vulnerabilities

A stack-based buffer overflow was discovered in the Lotus Word Pro import filter in OpenOffice.org. The default compiler options for affected releases should reduce the vulnerability to a denial of service. CVE-2011-2685 Huzaifa Sidhpurwala discovered that OpenOffice.org could be made to crash if...

9.3CVSS6.2AI score0.13734EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/05/18 1:27 a.m.•79 views

USN-1446-1: Linux kernel (OMAP4) vulnerabilities

A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. CVE-2011-4086 A flaw was discovered in the Linux kernel's cifs file system. An unprivileged local user could exploit this flaw to...

7.8CVSS6.3AI score0.00607EPSS
Exploits4
Ubuntu
Ubuntu
•added 2012/05/01 3:41 a.m.•79 views

USN-1431-1: Linux kernel vulnerabilities

A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. CVE-2011-4086 Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the...

7.8CVSS6.3AI score0.01014EPSS
Exploits5
Ubuntu
Ubuntu
•added 2012/04/24 10:29 a.m.•79 views

USN-1426-1: Linux kernel (EC2) vulnerabilities

Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. CVE-2011-4347 Stephan Bärwolf discovered a flaw in the KVM kernel-based virtual machin...

7.8CVSS6.5AI score0.01014EPSS
Exploits4
Ubuntu
Ubuntu
•added 2012/03/23 9:57 a.m.•79 views

USN-1401-2: Thunderbird vulnerabilities

USN-1401-1 fixed vulnerabilities in Xulrunner. This update provides the corresponding fixes for Thunderbird. Original advisory details: It was discovered that a flaw in the Mozilla SVG implementation could result in an out-of-bounds memory access if SVG elements were removed during a...

9.3CVSS8.7AI score0.69882EPSS
Exploits11References1
Ubuntu
Ubuntu
•added 2012/03/06 7:2 p.m.•79 views

USN-1389-1: Linux kernel vulnerabilities

Paolo Bonzini discovered a flaw in Linux's handling of the SGIO ioctl command. A local user, or user in a VM could exploit this flaw to bypass restrictions and gain read/write access to all data on the affected block device. CVE-2011-4127 A flaw was found in KVM's Programmable Interval Timer PIT...

7.1CVSS6.8AI score0.02678EPSS
Exploits5
Ubuntu
Ubuntu
•added 2011/10/11 12:32 p.m.•79 views

USN-1227-1: Linux kernel vulnerabilities

Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. CVE-2011-1576 Timo Warns discovered that the EFI GUID partition table was not correctly...

8.8CVSS7.8AI score0.05573EPSS
Exploits8
Ubuntu
Ubuntu
•added 2011/09/13 8:12 p.m.•79 views

USN-1203-1: Linux kernel (Marvel DOVE) vulnerabilities

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 Alex Shi and Eric Dumazet discovered that the network stack...

7.8CVSS6.8AI score0.08793EPSS
Exploits21
Ubuntu
Ubuntu
•added 2011/07/15 4:29 p.m.•79 views

USN-1168-1: Linux kernel vulnerabilities

Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By inserting a specially crafted disk device, a local attacker could exploit this to gain root privileges. CVE-2011-1017 Neil Horman discovered that NFSv4 did not correctly handle certain orde...

7.8CVSS6.7AI score0.04364EPSS
Exploits8
Ubuntu
Ubuntu
•added 2010/11/30 2:23 a.m.•79 views

USN-1023-1: Linux kernel vulnerabilities

Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service via a NULL pointer dereference, escalate privileges by overflowing the kernel stack, and assign Econet addresses to arbitrary interfaces. CVE-2010-3848, CVE-2010-3849,...

6.9CVSS6.8AI score0.00801EPSS
Exploits13
Total number of security vulnerabilities5000