Lucene search
K
UbuntuMost viewed

10890 matches found

Ubuntu
Ubuntu
•added 2023/02/07 6:56 p.m.•78 views

USN-5847-1: Grunt vulnerabilities

It was discovered that Grunt was not properly loading YAML files before parsing them. An attacker could possibly use this issue to execute arbitrary code. CVE-2020-7729 It was discovered that Grunt was not properly handling symbolic links when performing file copy operations. An attacker could...

7.8CVSS7.1AI score0.02285EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/01/30 1:51 p.m.•78 views

USN-5811-3: Sudo vulnerability

USN-5811-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly handled user-specified editors when using the sudoedit command. A local attacker that has...

7.8CVSS8.1AI score0.55367EPSS
Exploits20
Ubuntu
Ubuntu
•added 2023/01/19 1:52 p.m.•78 views

USN-5812-1: urllib3 vulnerability

It was discovered that urllib3 incorrectly handled certain characters in URLs. A remote attacker could possibly use this issue to cause urllib3 to consume resources, leading to a denial of service...

7.5CVSS7.3AI score0.03273EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/11/17 1:39 a.m.•78 views

USN-5729-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service system crash. CVE-2022-20422 Hsin-Wei Hung discovered that the BPF subsystem in the Linux kernel contained an...

7.8CVSS6.9AI score0.00405EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/10/14 6:46 p.m.•78 views

USN-5682-1: Linux kernel (AWS) vulnerabilities

It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information kernel memory. CVE-2021-4159 It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2...

7.8CVSS7.2AI score0.00419EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/10/07 9:44 p.m.•78 views

USN-5664-1: OpenJPEG vulnerabilities

It was discovered that OpenJPEG did not properly handle PNM headers, resulting in a null pointer dereference. A remote attacker could possibly use this issue to cause a denial of service DoS. CVE-2016-7445 It was discovered that OpenJPEG incorrectly handled certain image files resulting in divisi...

9.8CVSS7AI score0.04191EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/09/30 9:51 p.m.•78 views

USN-5650-1: Linux kernel vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 It was...

7.8CVSS6.8AI score0.05542EPSS
Exploits8
Ubuntu
Ubuntu
•added 2022/09/21 9:25 a.m.•78 views

USN-5622-1: Linux kernel vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Moshe Ko...

8.2CVSS6.8AI score0.05542EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/07/01 5:53 p.m.•78 views

USN-5493-2: Linux kernel (HWE) vulnerability

It was discovered that the 8 Devices USB2CAN interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service system crash...

5.5CVSS6.6AI score0.00395EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/31 7:35 p.m.•78 views

USN-5454-2: CUPS vulnerabilities

USN-5454-1 fixed several vulnerabilities in CUPS. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Joshua Mason discovered that CUPS incorrectly handled the secret key used to access the administrative web interface. A remote attacker could possibly u...

7.2CVSS6.6AI score0.02006EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/04/26 2:5 p.m.•78 views

USN-5389-1: Libcroco vulnerabilities

It was discovered that Libcroco was incorrectly accessing data structures when reading bytes from memory, which could cause a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service. CVE-2017-7960 It was discovered that Libcroco was incorrectly handling invali...

7.1CVSS7AI score0.12996EPSS
Exploits7
Ubuntu
Ubuntu
•added 2021/03/17 5:2 p.m.•78 views

USN-4774-1: Spring Framework vulnerabilities

Toshiaki Maki discovered that Spring Framework incorrectly handled certain XML files. A remote attacker could exploit this with a crafted XML file to cause a denial of service. CVE-2015-3192 Alvaro Muñoz discovered that Spring Framework incorrectly handled certain URLs. A remote attacker could...

9.6CVSS7AI score0.1005EPSS
Exploits6
Ubuntu
Ubuntu
•added 2020/11/05 4:9 p.m.•78 views

USN-4619-1: dom4j vulnerability

Mário Areias discovered that dom4j did not properly validate XML document elements. An attacker could exploit this with a crafted XML file to cause dom4j to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2018-1000632...

7.5CVSS6.8AI score0.0657EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/09/01 12:47 p.m.•78 views

USN-4471-2: Net-SNMP regression

USN-4471-1 fixed a vulnerability in Net-SNMP. The updated introduced a regression making nsExtendCacheTime not settable. This update fixes the problem adding the cacheTime feature flag. Original advisory details: Tobias Neitzel discovered that Net-SNMP incorrectly handled certain symlinks. An...

7.3AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/08/03 1:25 p.m.•78 views

USN-4446-1: Squid vulnerabilities

Jeriko One discovered that Squid incorrectly handled caching certain requests. A remote attacker could possibly use this issue to perform cache-injection attacks or gain access to reverse proxy features such as ESI. CVE-2019-12520 Jeriko One and Kristoffer Danielsson discovered that Squid...

9.8CVSS6.7AI score0.0918EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/07/22 1:13 p.m.•78 views

USN-4430-1: Pillow vulnerabilities

It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted image file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service...

8.1CVSS7.1AI score0.02514EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/05/11 12:54 p.m.•78 views

USN-4354-1: Mailman vulnerability

It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this issue to inject arbitrary content in the login page...

6.5CVSS7AI score0.02698EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/04/30 10:54 p.m.•78 views

USN-4349-1: EDK II vulnerabilities

A buffer overflow was discovered in the network stack. An unprivileged user could potentially enable escalation of privilege and/or denial of service. This issue was already fixed in a previous release for 18.04 LTS and 19.10. CVE-2018-12178 A buffer overflow was discovered in BlockIo service. An...

9.1CVSS7.3AI score0.02271EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/04/08 2:33 p.m.•78 views

USN-4326-1: libiberty vulnerabilities

It was discovered that libiberty incorrectly handled parsing certain binaries. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause libiberty to crash, resulting in a denial of service, or possibly execute arbitrary...

7.8CVSS6.6AI score0.0669EPSS
Exploits11
Ubuntu
Ubuntu
•added 2020/03/17 7:12 p.m.•78 views

USN-4306-1: Dino vulnerabilities

It was discovered that Dino incorrectly validated inputs. An attacker could use this issue to possibly obtain, inject or remove sensitive information. This update also includes a fix to the encryption implementation in Dino to support 12 byte IVs, in addition to 16 byte IVs...

7.5CVSS7.2AI score0.02385EPSS
Exploits2References1
Ubuntu
Ubuntu
•added 2020/02/04 2:43 p.m.•78 views

USN-4265-1: SpamAssassin vulnerabilities

It was discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially-crafted CF file, a remote attacker could possibly run arbitrary code...

9.3CVSS7AI score0.07053EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/21 12:59 p.m.•78 views

USN-4244-1: Samba vulnerabilities

It was discovered that Samba did not automatically replicate ACLs set to inherit down a subtree on AD Directory, contrary to expectations. This issue was only addressed in Ubuntu 18.04 LTS, Ubuntu 19.04 and Ubuntu 19.10. CVE-2019-14902 Robert Święcki discovered that Samba incorrectly handled...

6.5CVSS6.8AI score0.03151EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/09 6:44 p.m.•78 views

USN-4229-1: NTP vulnerability

It was discovered that ntpq and ntpdc incorrectly handled some arguments. An attacker could possibly use this issue to cause ntpq or ntpdc to crash, execute arbitrary code, or escalate to higher privileges...

9.8CVSS7.2AI score0.29037EPSS
Exploits5
Ubuntu
Ubuntu
•added 2019/11/26 2:48 p.m.•78 views

USN-4201-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled certain files. An attacker could possibly use this issue to pass path matching what can lead to an unauthorized access. CVE-2019-15845 It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could use this issue to...

8.1CVSS7.2AI score0.05128EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/08/12 11:35 a.m.•78 views

USN-4091-1: poppler vulnerability

It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.2AI score0.02679EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/04/29 12:11 p.m.•78 views

USN-3958-1: GStreamer Base Plugins vulnerability

It was discovered that GStreamer Base Plugins did not correctly handle certain malformed RTSP streams. If a user were tricked into opening a crafted RTSP stream with a GStreamer application, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code...

8.8CVSS8AI score0.05962EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/01/31 7:9 p.m.•78 views

USN-3877-1: LibVNCServer vulnerabilities

It was discovered that LibVNCServer incorrectly handled certain operations. A remote attacker able to connect to applications using LibVNCServer could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code...

9.8CVSS7.4AI score0.26543EPSS
Exploits3
Ubuntu
Ubuntu
•added 2018/12/20 11:8 p.m.•78 views

USN-3847-3: Linux kernel (Azure) vulnerabilities

USN-3847-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 LTS. It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leadi...

7.8CVSS6.8AI score0.00683EPSS
Exploits2
Ubuntu
Ubuntu
•added 2018/09/19 7:21 a.m.•78 views

USN-3768-1: Ghostscript vulnerabilities

Tavis Ormandy discovered multiple security issues in Ghostscript. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service...

9.3CVSS7AI score0.92499EPSS
Exploits5
Ubuntu
Ubuntu
•added 2018/09/17 8:37 a.m.•78 views

USN-3765-2: curl vulnerability

USN-3765-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that curl incorrectly handled certain inputs. An attacker could possibly use this to execute arbitrary code...

10CVSS7.5AI score0.10823EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/08/30 7:14 p.m.•78 views

USN-3758-2: libx11 vulnerabilities

USN-3758-1 fixed several vulnerabilities in libx11. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Tobias Stoeckmann discovered that libx11 incorrectly handled certain images. An attacker could possibly use this issue to access sensitive information...

9.8CVSS7.5AI score0.09341EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/08/14 7:58 p.m.•78 views

USN-3739-2: libxml2 vulnerabilities

USN-3739-1 fixed a vulnerability in libxml2. This update provides the corresponding update for Ubuntu 12.04. Original advisory details: Matias Brutti discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information...

7.5CVSS7AI score0.03681EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/08/06 8:4 p.m.•78 views

USN-3731-2: LFTP vulnerability

USN-3731-1 fixed a vulnerability in LFTP. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that LFTP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service...

7.8CVSS6.1AI score0.04782EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/07/02 7:45 p.m.•78 views

USN-3696-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3696-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that an integer overflow existed in the perf subsystem of the Linux...

7.8CVSS7.1AI score0.01912EPSS
Exploits4
Ubuntu
Ubuntu
•added 2018/06/20 10:11 p.m.•78 views

USN-3690-1: AMD Microcode update

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provide...

5.6CVSS7.1AI score0.74041EPSS
Exploits8
Ubuntu
Ubuntu
•added 2018/04/16 12:47 p.m.•78 views

USN-3625-1: Perl vulnerabilities

It was discovered that Perl incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause Perl to hang, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2015-8853 It was discovered that Perl incorrectly loaded libraries from th...

9.8CVSS7.4AI score0.10866EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/02/23 9:22 a.m.•78 views

USN-3583-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3583-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that an out-of-bounds write vulnerability existed in the...

10CVSS7.2AI score0.52189EPSS
Exploits14
Ubuntu
Ubuntu
•added 2018/02/22 8:46 a.m.•78 views

USN-3581-2: Linux kernel (HWE) vulnerabilities

USN-3581-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contain...

7.8CVSS7.4AI score0.74041EPSS
Exploits13
Ubuntu
Ubuntu
•added 2017/07/31 11:24 p.m.•78 views

USN-3366-2: OpenJDK 8 regression

USN-3366-1 fixed vulnerabilities in OpenJDK 8. Unfortunately, that update introduced a regression that caused some valid JAR files to fail validation. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the JPEGImageReader class in...

7.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2017/06/22 2:59 a.m.•78 views

USN-3331-1: Linux kernel (AWS) vulnerability

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges...

7.4CVSS7.8AI score0.05186EPSS
Exploits3
Ubuntu
Ubuntu
•added 2017/05/17 5:6 p.m.•78 views

USN-3294-1: Bash vulnerabilities

Bernd Dietzel discovered that Bash incorrectly expanded the hostname when displaying the prompt. If a remote attacker were able to modify a hostname, this flaw could be exploited to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. CVE-2016-0634...

8.4CVSS7.2AI score0.06019EPSS
Exploits2
Ubuntu
Ubuntu
•added 2017/05/16 4:12 p.m.•78 views

USN-3289-1: QEMU vulnerabilities

Li Qiang discovered that QEMU incorrectly handled VirtFS directory sharing. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2017-7377, CVE-2017-8086 Jiangxin discovered that QEMU incorrectly handled the Cirrus VGA device. A...

7.8CVSS7.7AI score0.04544EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/04/25 2:2 a.m.•78 views

USN-3266-1: Linux kernel vulnerability

Alexander Popov discovered that a race condition existed in the Stream Control Transmission Protocol SCTP implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash...

7.1CVSS6.6AI score0.01162EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/03/30 12:2 a.m.•78 views

USN-3249-2: Linux kernel (Xenial HWE) vulnerability

USN-3249-1 fixed a vulnerability in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the xfrm framework for transforming packets in the Linux kernel...

7.8CVSS7.2AI score0.01902EPSS
Exploits4
Ubuntu
Ubuntu
•added 2017/03/29 11:49 p.m.•78 views

USN-3250-2: Linux kernel (Trusty HWE) vulnerability

USN-3250-1 fixed a vulnerability in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that the xfrm framework for transforming packets in the Linux kernel...

7.8CVSS7.2AI score0.01902EPSS
Exploits4
Ubuntu
Ubuntu
•added 2017/03/29 11:26 p.m.•78 views

USN-3251-1: Linux kernel vulnerability

It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service system crash or execute arbitrary code with administrative privileges...

7.8CVSS7.3AI score0.01902EPSS
Exploits4
Ubuntu
Ubuntu
•added 2016/12/05 12:44 p.m.•78 views

USN-3152-1: Linux kernel vulnerability

Philip Pettersson discovered a race condition in the afpacket implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service system crash or run arbitrary code with administrative privileges...

7.8CVSS7.5AI score0.11127EPSS
Exploits16
Ubuntu
Ubuntu
•added 2016/11/30 7:28 p.m.•78 views

USN-3145-1: Linux kernel vulnerabilities

Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service system crash or possibly gain privileges. CVE-2016-7425 Daxing Guo discovered a stack-based buffer overfl...

7.8CVSS6.8AI score0.00647EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/11/11 7:34 a.m.•78 views

USN-3128-1: Linux kernel vulnerability

Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service system crash...

6.2CVSS7.1AI score0.00395EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/11/11 7:14 a.m.•78 views

USN-3127-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3127-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that the compression handling code in the Advanced Linux Sound...

7.8CVSS7.3AI score0.0051EPSS
Exploits0
Total number of security vulnerabilities5000