Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2018/08/30 7:14 p.m.•78 views

USN-3758-2: libx11 vulnerabilities

USN-3758-1 fixed several vulnerabilities in libx11. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Tobias Stoeckmann discovered that libx11 incorrectly handled certain images. An attacker could possibly use this issue to access sensitive information...

9.8CVSS7.5AI score0.09341EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/08/06 8:4 p.m.•78 views

USN-3731-2: LFTP vulnerability

USN-3731-1 fixed a vulnerability in LFTP. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that LFTP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service...

7.8CVSS6.1AI score0.04782EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/07/24 5:58 p.m.•79 views

USN-3721-1: Apache Ant vulnerability

Danny Grander discovered that Apache Ant incorrectly handled certain compressed files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could use this issue to overwrite arbitrary files...

5.8AI score
Exploits0
Ubuntu
Ubuntu
•added 2018/07/02 7:45 p.m.•78 views

USN-3696-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3696-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that an integer overflow existed in the perf subsystem of the Linux...

7.8CVSS7.1AI score0.01912EPSS
Exploits4
Ubuntu
Ubuntu
•added 2018/06/20 10:11 p.m.•78 views

USN-3690-1: AMD Microcode update

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provide...

5.6CVSS7.1AI score0.74041EPSS
Exploits9
Ubuntu
Ubuntu
•added 2018/04/16 12:47 p.m.•78 views

USN-3625-1: Perl vulnerabilities

It was discovered that Perl incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause Perl to hang, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2015-8853 It was discovered that Perl incorrectly loaded libraries from th...

9.8CVSS7.4AI score0.10866EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/03/01 5:47 p.m.•78 views

USN-3586-1: DHCP vulnerabilities

Konstantin Orekhov discovered that the DHCP server incorrectly handled a large number of concurrent TCP sessions. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-2774 It was discovered that the...

7.5CVSS6.8AI score0.73622EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/02/23 9:22 a.m.•78 views

USN-3583-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3583-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that an out-of-bounds write vulnerability existed in the...

10CVSS7.2AI score0.52189EPSS
Exploits14
Ubuntu
Ubuntu
•added 2018/02/22 8:46 a.m.•78 views

USN-3581-2: Linux kernel (HWE) vulnerabilities

USN-3581-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contain...

7.8CVSS7.4AI score0.74041EPSS
Exploits14
Ubuntu
Ubuntu
•added 2017/10/10 5:19 p.m.•78 views

USN-3443-1: Linux kernel vulnerabilities

It was discovered that on the PowerPC architecture, the kernel did not properly sanitize the signal stack when handling sigreturn. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-1000255 Andrey Konovalov discovered that a...

6.6CVSS7AI score0.00445EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/09/19 12:47 a.m.•78 views

USN-3424-1: libxml2 vulnerabilities

It was discovered that a type confusion error existed in libxml2. An attacker could use this to specially construct XML data that could cause a denial of service or possibly execute arbitrary code. CVE-2017-0663 It was discovered that libxml2 did not properly validate parsed entity references. An...

10CVSS7.4AI score0.23694EPSS
Exploits5
Ubuntu
Ubuntu
•added 2017/07/31 11:24 p.m.•78 views

USN-3366-2: OpenJDK 8 regression

USN-3366-1 fixed vulnerabilities in OpenJDK 8. Unfortunately, that update introduced a regression that caused some valid JAR files to fail validation. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the JPEGImageReader class in...

7.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2017/07/19 4:53 p.m.•78 views

USN-3212-3: LibTIFF vulnerabilities

USN-3212-1 and USN-3212-2 fixed a vulnerabilitiy in LibTIFF. This update provides a subset of corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening ...

9.8CVSS8AI score0.13722EPSS
Exploits8
Ubuntu
Ubuntu
•added 2017/06/22 2:59 a.m.•78 views

USN-3331-1: Linux kernel (AWS) vulnerability

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges...

7.4CVSS7.8AI score0.05186EPSS
Exploits3
Ubuntu
Ubuntu
•added 2017/05/17 5:6 p.m.•78 views

USN-3294-1: Bash vulnerabilities

Bernd Dietzel discovered that Bash incorrectly expanded the hostname when displaying the prompt. If a remote attacker were able to modify a hostname, this flaw could be exploited to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. CVE-2016-0634...

8.4CVSS7.2AI score0.06019EPSS
Exploits2
Ubuntu
Ubuntu
•added 2017/04/25 2:2 a.m.•78 views

USN-3266-1: Linux kernel vulnerability

Alexander Popov discovered that a race condition existed in the Stream Control Transmission Protocol SCTP implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash...

7.1CVSS6.6AI score0.01162EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/03/30 12:2 a.m.•78 views

USN-3249-2: Linux kernel (Xenial HWE) vulnerability

USN-3249-1 fixed a vulnerability in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the xfrm framework for transforming packets in the Linux kernel...

7.8CVSS7.2AI score0.01902EPSS
Exploits4
Ubuntu
Ubuntu
•added 2017/03/29 11:49 p.m.•78 views

USN-3250-2: Linux kernel (Trusty HWE) vulnerability

USN-3250-1 fixed a vulnerability in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that the xfrm framework for transforming packets in the Linux kernel...

7.8CVSS7.2AI score0.01902EPSS
Exploits4
Ubuntu
Ubuntu
•added 2017/03/29 11:26 p.m.•78 views

USN-3251-1: Linux kernel vulnerability

It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service system crash or execute arbitrary code with administrative privileges...

7.8CVSS7.3AI score0.01902EPSS
Exploits4
Ubuntu
Ubuntu
•added 2016/12/05 12:44 p.m.•78 views

USN-3152-1: Linux kernel vulnerability

Philip Pettersson discovered a race condition in the afpacket implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service system crash or run arbitrary code with administrative privileges...

7.8CVSS7.5AI score0.11127EPSS
Exploits16
Ubuntu
Ubuntu
•added 2016/11/30 7:28 p.m.•78 views

USN-3145-1: Linux kernel vulnerabilities

Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service system crash or possibly gain privileges. CVE-2016-7425 Daxing Guo discovered a stack-based buffer overfl...

7.8CVSS6.8AI score0.00647EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/11/11 7:34 a.m.•78 views

USN-3128-1: Linux kernel vulnerability

Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service system crash...

6.2CVSS7.1AI score0.00395EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/11/11 7:14 a.m.•78 views

USN-3127-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3127-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that the compression handling code in the Advanced Linux Sound...

7.8CVSS7.3AI score0.0051EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/11/09 6:30 p.m.•78 views

USN-3125-1: QEMU vulnerabilities

Zhenhao Hong discovered that QEMU incorrectly handled the Virtio module. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources, resulting in a denial of service. CVE-2016-5403 Li Qiang discovered that QEMU incorrectly handled VMWARE VMXNET3 network card...

10CVSS7.1AI score0.06063EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/10/11 6:33 a.m.•78 views

USN-3099-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3099-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Vladimír Beneš discovered an unbounded recursion in the VLAN and TEB Generic Receive...

7.8CVSS6.9AI score0.07613EPSS
Exploits5
Ubuntu
Ubuntu
•added 2016/05/25 5:20 p.m.•78 views

USN-2950-5: Samba regression

USN-2950-1 fixed vulnerabilities in Samba. USN-2950-3 updated Samba to version 4.3.9, which introduced a regression when using the ntlmauth tool. This update fixes the problem. Original advisory details: Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation....

7.1AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2016/05/09 9:16 p.m.•78 views

USN-2967-2: Linux kernel (OMAP4) vulnerabilities

It was discovered that the Linux kernel did not properly enforce rlimits for file descriptors sent over UNIX domain sockets. A local attacker could use this to cause a denial of service. CVE-2013-4312 Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not...

10CVSS7.6AI score0.14281EPSS
Exploits15
Ubuntu
Ubuntu
•added 2016/03/09 3:55 p.m.•78 views

USN-2924-1: NSS vulnerability

Francis Gabriel discovered that NSS incorrectly handled decoding certain ASN.1 data. An remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.8CVSS8.8AI score0.04192EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/03/02 1:37 p.m.•78 views

USN-2916-1: Perl vulnerabilities

It was discovered that Perl incorrectly handled certain regular expressions with an invalid backreference. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2013-7422 Markus Vervier discovered that Perl incorrectly...

7.5CVSS7AI score0.09007EPSS
Exploits3
Ubuntu
Ubuntu
•added 2016/02/03 1:7 p.m.•78 views

USN-2891-1: QEMU vulnerabilities

Qinghao Tang discovered that QEMU incorrectly handled PCI MSI-X support. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.10. CVE-2015-7549 Lian Yihan discovered that QEMU incorrectl...

8.8CVSS7.4AI score0.06085EPSS
Exploits4
Ubuntu
Ubuntu
•added 2015/12/17 7:24 p.m.•78 views

USN-2843-2: Linux kernel (Wily HWE) vulnerabilities

Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS. CVE-2015-8104 郭永刚 discovered that the pp...

10CVSS6.3AI score0.02501EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/12/03 12:34 p.m.•78 views

USN-2828-1: QEMU vulnerabilities

Jason Wang discovered that QEMU incorrectly handled the virtio-net device. A remote attacker could use this issue to cause guest network consumption, resulting in a denial of service. CVE-2015-7295 Qinghao Tang and Ling Liu discovered that QEMU incorrectly handled the pcnet driver when used in...

9CVSS7.8AI score0.0773EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/08/25 10:2 a.m.•78 views

USN-2712-1: Thunderbird vulnerabilities

Gary Kwong, Christian Holler, and Byron Campen discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with...

10CVSS7.8AI score0.084EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/05/20 11:25 a.m.•78 views

USN-2613-1: Linux kernel (Trusty HWE) vulnerabilities

Vincent Tondellier discovered an integer overflow in the Linux kernel's netfilter connection tracking accounting of loaded extensions. An attacker on the local area network LAN could potential exploit this flaw to cause a denial of service system crash of targeted system. CVE-2014-9715 Jan Beulic...

9.3CVSS7AI score0.10108EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/04/08 10:27 p.m.•78 views

USN-2563-1: Linux kernel vulnerabilities

Sun Baoliang discovered a use after free flaw in the Linux kernel's SCTP Stream Control Transmission Protocol subsystem during INIT collisions. A remote attacker could exploit this flaw to cause a denial of service system crash or potentially escalate their privileges on the system. CVE-2015-1421...

10CVSS6.7AI score0.09828EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/03/04 8:47 a.m.•78 views

USN-2516-3: Linux kernel vulnerabilities regression

USN-2516-1 fixed vulnerabilities in the Linux kernel, and the fix in USN-2516-2 was incomplete. There was an unrelated regression in the use of the virtual counter CNTVCT on arm64 architectures. This update fixes the problem. We apologize for the inconvenience. Original advisory details: A flaw w...

6.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2015/01/13 11:32 a.m.•78 views

USN-2462-1: Linux kernel vulnerabilities

Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment SS register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. CVE-2014-9322 Lars Bull reported a race condition in the PIT...

7.8CVSS6.9AI score0.01504EPSS
Exploits9
Ubuntu
Ubuntu
•added 2014/10/30 7:37 p.m.•78 views

USN-2394-1: Linux kernel (Trusty HWE) vulnerabilities

Nadav Amit reported that the KVM Kernel Virtual Machine mishandles noncanonical addresses when emulating instructions that change the rip Instruction Pointer. A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service system crash of the guest. CVE-2014-3647 A flaw...

7.8CVSS6.7AI score0.03725EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/08/20 2:53 a.m.•78 views

USN-2319-1: OpenJDK 7 vulnerabilities

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. CVE-2014-2483, CVE-2014-2490, CVE-2014-4216, CVE-2014-4219,...

9.3CVSS7AI score0.06118EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/06/12 6:47 p.m.•78 views

USN-2232-2: OpenSSL regression

USN-2232-1 fixed vulnerabilities in OpenSSL. The upstream fix for CVE-2014-0224 caused a regression for certain applications that use tlssessionsecretcb, such as wpasupplicant. This update fixes the problem. Original advisory details: Jüri Aedla discovered that OpenSSL incorrectly handled invalid...

7.6AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2014/06/05 9:30 p.m.•78 views

USN-2236-1: Linux kernel (OMAP4) vulnerabilities

Pinkie Pie discovered a flaw in the Linux kernel's futex subsystem. An unprivileged local user could exploit this flaw to cause a denial of service system crash or gain administrative privileges. CVE-2014-3153 A flaw was discovered in the vhost-net subsystem of the Linux kernel. Guest OS users...

7.8CVSS7.5AI score0.37233EPSS
Exploits16
Ubuntu
Ubuntu
•added 2014/04/26 1:48 p.m.•78 views

USN-2178-1: Linux kernel vulnerabilities

A flaw was discovered in the Kernel Virtual Machine KVM subsystem of the Linux kernel. A guest OS user could exploit this flaw to execute arbitrary code on the host OS. CVE-2014-0049 Al Viro discovered an error in how CIFS in the Linux kernel handles uncached write operations. An unprivileged loc...

7.4CVSS7.2AI score0.00775EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/02/18 10:59 p.m.•78 views

USN-2115-1: Linux kernel (OMAP4) vulnerabilities

Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. CVE-2013-2929 A flaw in the handling of memory regions of the kernel virtual machine KVM subsystem was discovered. ...

4.7CVSS6.8AI score0.00654EPSS
Exploits2
Ubuntu
Ubuntu
•added 2013/11/08 9:17 p.m.•78 views

USN-2016-1: Linux kernel (EC2) vulnerabilities

Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. CVE-2013-2147 Kees Cook discovered flaw in the Human Interface Device HID subsystem...

6CVSS6.5AI score0.0381EPSS
Exploits1
Ubuntu
Ubuntu
•added 2013/09/27 12:45 p.m.•78 views

USN-1973-1: Linux kernel (OMAP4) vulnerabilities

Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A failure to validate block numbers was discovered in the Linux kernel's implementation of th...

6.9CVSS6.5AI score0.00557EPSS
Exploits1
Ubuntu
Ubuntu
•added 2013/07/29 9:59 p.m.•78 views

USN-1912-1: Linux kernel vulnerabilities

Jonathan Salwan discovered an information leak in the Linux kernel's cdrom driver. A local user can exploit this leak to obtain sensitive information from kernel memory if the CD-ROM drive is malfunctioning. CVE-2013-2164 A flaw was discovered in the Linux kernel when an IPv6 socket is used to...

6CVSS6.7AI score0.00557EPSS
Exploits4
Ubuntu
Ubuntu
•added 2013/05/16 2:15 a.m.•78 views

USN-1828-1: Linux kernel (Quantal HWE) vulnerability

An flaw was discovered in the Linux kernel's perfevents interface. A local user could exploit this flaw to escalate privileges on the system...

8.4CVSS7.6AI score0.47709EPSS
Exploits15
Ubuntu
Ubuntu
•added 2013/05/02 10:14 p.m.•78 views

USN-1815-1: Linux kernel vulnerabilities

Andy Lutomirski discover an error in the Linux kernel's credential handling on unix sockets. A local user could exploit this flaw to gain administrative privileges. CVE-2013-1979 Andy Lutomirski discovered a privilege escalation in the Linux kernel's user namespaces. A local user could exploit th...

6.9CVSS6.6AI score0.01255EPSS
Exploits2
Ubuntu
Ubuntu
•added 2013/02/01 3:15 p.m.•78 views

USN-1700-2: Linux kernel (OMAP4) regression

USN-1700-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression inotify/fanotify stopped working after upgrading. This update fixes the problem. We apologize for the inconvenience. Original advisory details: A flaw was discovered in the Linux kernel's handling of script...

5.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2012/10/11 7:20 p.m.•78 views

USN-1607-1: Linux kernel vulnerabilities

Vadim Ponomarev discovered a flaw in the Linux kernel causing a reference leak when PID namespaces are used. A remote attacker could exploit this flaw causing a denial of service. CVE-2012-2127 A flaw was found in how the Linux kernel's KVM Kernel-based Virtual Machine subsystem handled MSI Messa...

6.9CVSS6.5AI score0.04309EPSS
Exploits3
Total number of security vulnerabilities5000