Lucene search
K
UbuntuMost viewed

10904 matches found

Ubuntu
Ubuntu
•added 2015/03/04 8:47 a.m.•78 views

USN-2516-3: Linux kernel vulnerabilities regression

USN-2516-1 fixed vulnerabilities in the Linux kernel, and the fix in USN-2516-2 was incomplete. There was an unrelated regression in the use of the virtual counter CNTVCT on arm64 architectures. This update fixes the problem. We apologize for the inconvenience. Original advisory details: A flaw w...

6.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2014/10/30 7:37 p.m.•78 views

USN-2394-1: Linux kernel (Trusty HWE) vulnerabilities

Nadav Amit reported that the KVM Kernel Virtual Machine mishandles noncanonical addresses when emulating instructions that change the rip Instruction Pointer. A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service system crash of the guest. CVE-2014-3647 A flaw...

7.8CVSS6.7AI score0.03725EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/08/20 2:53 a.m.•78 views

USN-2319-1: OpenJDK 7 vulnerabilities

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. CVE-2014-2483, CVE-2014-2490, CVE-2014-4216, CVE-2014-4219,...

9.3CVSS7AI score0.06118EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/06/12 6:47 p.m.•78 views

USN-2232-2: OpenSSL regression

USN-2232-1 fixed vulnerabilities in OpenSSL. The upstream fix for CVE-2014-0224 caused a regression for certain applications that use tlssessionsecretcb, such as wpasupplicant. This update fixes the problem. Original advisory details: Jüri Aedla discovered that OpenSSL incorrectly handled invalid...

7.6AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2014/06/05 9:30 p.m.•78 views

USN-2236-1: Linux kernel (OMAP4) vulnerabilities

Pinkie Pie discovered a flaw in the Linux kernel's futex subsystem. An unprivileged local user could exploit this flaw to cause a denial of service system crash or gain administrative privileges. CVE-2014-3153 A flaw was discovered in the vhost-net subsystem of the Linux kernel. Guest OS users...

7.8CVSS7.5AI score0.37233EPSS
Exploits16
Ubuntu
Ubuntu
•added 2014/05/27 6:32 a.m.•78 views

USN-2224-1: Linux kernel (Raring HWE) vulnerabilities

Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. CVE-2014-1738 Matthew Daley reported a flaw in the handling of ioctl commands by the floppy...

10CVSS7.5AI score0.10385EPSS
Exploits15
Ubuntu
Ubuntu
•added 2014/02/18 10:59 p.m.•78 views

USN-2115-1: Linux kernel (OMAP4) vulnerabilities

Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. CVE-2013-2929 A flaw in the handling of memory regions of the kernel virtual machine KVM subsystem was discovered. ...

4.7CVSS6.8AI score0.00654EPSS
Exploits2
Ubuntu
Ubuntu
•added 2014/01/03 10:39 a.m.•78 views

USN-2066-1: Linux kernel vulnerabilities

A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. CVE-2013-4299 Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload UFO. An unprivileged...

6.9CVSS7.1AI score0.0381EPSS
Exploits9
Ubuntu
Ubuntu
•added 2013/11/08 9:17 p.m.•78 views

USN-2016-1: Linux kernel (EC2) vulnerabilities

Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. CVE-2013-2147 Kees Cook discovered flaw in the Human Interface Device HID subsystem...

6CVSS6.5AI score0.0381EPSS
Exploits1
Ubuntu
Ubuntu
•added 2013/09/27 12:45 p.m.•78 views

USN-1973-1: Linux kernel (OMAP4) vulnerabilities

Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A failure to validate block numbers was discovered in the Linux kernel's implementation of th...

6.9CVSS6.5AI score0.00557EPSS
Exploits1
Ubuntu
Ubuntu
•added 2013/07/29 9:59 p.m.•78 views

USN-1912-1: Linux kernel vulnerabilities

Jonathan Salwan discovered an information leak in the Linux kernel's cdrom driver. A local user can exploit this leak to obtain sensitive information from kernel memory if the CD-ROM drive is malfunctioning. CVE-2013-2164 A flaw was discovered in the Linux kernel when an IPv6 socket is used to...

6CVSS6.7AI score0.00557EPSS
Exploits4
Ubuntu
Ubuntu
•added 2013/05/16 2:15 a.m.•78 views

USN-1828-1: Linux kernel (Quantal HWE) vulnerability

An flaw was discovered in the Linux kernel's perfevents interface. A local user could exploit this flaw to escalate privileges on the system...

8.4CVSS7.6AI score0.47709EPSS
Exploits15
Ubuntu
Ubuntu
•added 2013/05/02 10:14 p.m.•78 views

USN-1815-1: Linux kernel vulnerabilities

Andy Lutomirski discover an error in the Linux kernel's credential handling on unix sockets. A local user could exploit this flaw to gain administrative privileges. CVE-2013-1979 Andy Lutomirski discovered a privilege escalation in the Linux kernel's user namespaces. A local user could exploit th...

6.9CVSS6.6AI score0.01255EPSS
Exploits2
Ubuntu
Ubuntu
•added 2013/02/01 3:15 p.m.•78 views

USN-1700-2: Linux kernel (OMAP4) regression

USN-1700-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression inotify/fanotify stopped working after upgrading. This update fixes the problem. We apologize for the inconvenience. Original advisory details: A flaw was discovered in the Linux kernel's handling of script...

5.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2012/10/11 7:20 p.m.•78 views

USN-1607-1: Linux kernel vulnerabilities

Vadim Ponomarev discovered a flaw in the Linux kernel causing a reference leak when PID namespaces are used. A remote attacker could exploit this flaw causing a denial of service. CVE-2012-2127 A flaw was found in how the Linux kernel's KVM Kernel-based Virtual Machine subsystem handled MSI Messa...

6.9CVSS6.5AI score0.04309EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/10/09 8:19 a.m.•78 views

USN-1599-1: Linux kernel (OMAP4) vulnerability

Pablo Neira Ayuso discovered a flaw in the credentials of netlink messages. An unprivileged local attacker could exploit this by getting a netlink based service, that relies on netlink credentials, to perform privileged actions. CVE-2012-3520 Mathias Krause discovered information leak in the Linu...

7.8CVSS6.6AI score0.0048EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/05/21 11:6 p.m.•78 views

USN-1448-1: Linux kernel vulnerabilities

A flaw was found in the Linux kernel's KVM Kernel Virtual Machine virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. CVE-2012-1601 Steve Grubb reported a flaw with Linux fscaps file system base capabilities when used to increa...

7.2CVSS6.6AI score0.00418EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/05/18 12:24 a.m.•78 views

USN-1445-1: Linux kernel vulnerabilities

A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. CVE-2011-4086 A flaw was found in the Linux kernel's KVM Kernel Virtual Machine virtual cpu setup. An unprivileged local user coul...

7.2CVSS6.6AI score0.00418EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/03/29 3:39 p.m.•78 views

USN-1412-1: Linux kernel vulnerability

Somnath Kotur discovered an error in the Linux kernel's VLAN virtual lan and be2net drivers. An attacker on the local network could exploit this flaw to cause a denial of service...

4.6CVSS5.4AI score0.00816EPSS
Exploits0
Ubuntu
Ubuntu
•added 2011/12/09 3:25 a.m.•78 views

USN-1297-1: Django vulnerabilities

Pall McMillan discovered that Django used the root namespace when storing cached session data. A remote attacker could exploit this to modify sessions. CVE-2011-4136 Paul McMillan discovered that Django would not timeout on arbitrary URLs when the application used URLFields. This could be exploit...

5.8CVSS5.7AI score0.03024EPSS
Exploits0
Ubuntu
Ubuntu
•added 2011/12/08 11:36 a.m.•78 views

USN-1293-1: Linux kernel vulnerabilities

A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. CVE-2011-4077 Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions...

7.2CVSS6.2AI score0.03212EPSS
Exploits6
Ubuntu
Ubuntu
•added 2010/11/11 3:9 p.m.•78 views

USN-1017-1: MySQL vulnerabilities

It was discovered that MySQL incorrectly handled certain requests with the UPGRADE DATA DIRECTORY NAME command. An authenticated user could exploit this to make MySQL crash, causing a denial of service. This issue only affected Ubuntu 9.10 and 10.04 LTS. CVE-2010-2008 It was discovered that MySQL...

5CVSS5.3AI score0.12229EPSS
Exploits8
Ubuntu
Ubuntu
•added 2010/07/26 4:15 p.m.•78 views

USN-957-2: Firefox and Xulrunner vulnerability

USN-957-1 fixed vulnerabilities in Firefox and Xulrunner. Daniel Holbert discovered that the fix for CVE-2010-1214 introduced a regression which did not properly initialize a plugin pointer. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browse...

10CVSS7.8AI score0.0413EPSS
Exploits1
Ubuntu
Ubuntu
•added 2010/05/21 5:3 p.m.•78 views

USN-942-1: PostgreSQL vulnerabilities

It was discovered that the Safe.pm module as used by PostgreSQL did not properly restrict PL/perl procedures. If PostgreSQL was configured to use Perl stored procedures, a remote authenticated attacker could exploit this to execute arbitrary Perl code. CVE-2010-1169 It was discovered that...

8.5CVSS8.5AI score0.04081EPSS
Exploits2
Ubuntu
Ubuntu
•added 2010/01/26 6:29 p.m.•78 views

USN-890-4: PyXML vulnerabilities

USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for PyXML. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked in...

5CVSS6.5AI score0.27924EPSS
Exploits3
Ubuntu
Ubuntu
•added 2009/05/12 10:23 p.m.•78 views

USN-776-1: KVM vulnerabilities

Avi Kivity discovered that KVM did not correctly handle certain disk formats. A local attacker could attach a malicious partition that would allow the guest VM to read files on the VM host. CVE-2008-1945, CVE-2008-2004 Alfredo Ortega discovered that KVM's VNC protocol handler did not correctly...

7.8CVSS7.8AI score0.06619EPSS
Exploits3
Ubuntu
Ubuntu
•added 2009/02/11 1:44 a.m.•78 views

USN-717-3: Firefox vulnerabilities

Kojima Hajime discovered that Firefox did not properly handle an escaped null character. An attacker may be able to exploit this flaw to bypass script sanitization. CVE-2008-5510 Wladimir Palant discovered that Firefox did not restrict access to cookies in HTTP response headers. If a user were...

5CVSS8.4AI score0.02212EPSS
Exploits0
Ubuntu
Ubuntu
•added 2008/11/27 5:43 p.m.•78 views

USN-679-1: Linux kernel vulnerabilities

It was discovered that the Xen hypervisor block driver did not correctly validate requests. A user with root privileges in a guest OS could make a malicious IO request with a large number of blocks that would crash the host OS, leading to a denial of service. This only affected Ubuntu 7.10...

7.8CVSS7.1AI score0.0368EPSS
Exploits7
Ubuntu
Ubuntu
•added 2008/10/01 10:18 p.m.•78 views

USN-649-1: OpenSSH vulnerabilities

It was discovered that the ForceCommand directive could be bypassed. If a local user created a malicious /.ssh/rc file, they could execute arbitrary commands as their user id. This only affected Ubuntu 7.10. CVE-2008-1657 USN-355-1 fixed vulnerabilities in OpenSSH. It was discovered that the fixe...

6.5CVSS8AI score0.28601EPSS
Exploits9
Ubuntu
Ubuntu
•added 2008/09/24 10:20 a.m.•78 views

USN-645-1: Firefox and xulrunner vulnerabilities

Justin Schuh, Tom Cross and Peter Williams discovered errors in the Firefox URL parsing routines. If a user were tricked into opening a crafted hyperlink, an attacker could overflow a stack buffer and execute arbitrary code. CVE-2008-0016 It was discovered that the same-origin check in Firefox...

10CVSS8.9AI score0.43921EPSS
Exploits15
Ubuntu
Ubuntu
•added 2006/07/11 6:53 p.m.•78 views

USN-311-1: Linux kernel vulnerabilities

A race condition was discovered in the doaddcounters functions. Processes which do not run with full root privileges, but have the CAPNETADMIN capability can exploit this to crash the machine or read a random piece of kernel memory. In Ubuntu there are no packages that are affected by this, so th...

5.6CVSS6.1AI score0.04387EPSS
Exploits17
Ubuntu
Ubuntu
•added 2024/07/26 1:52 p.m.•77 views

USN-6917-1: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Gui-Dong Han discovered that the...

9.8CVSS7.1AI score0.01401EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/03/28 8:44 p.m.•77 views

USN-6707-4: Linux kernel (Azure) vulnerabilities

Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.7AI score0.28058EPSS
Exploits16
Ubuntu
Ubuntu
•added 2023/12/06 3:11 p.m.•77 views

USN-6538-1: PostgreSQL vulnerabilities

Jingzhou Fu discovered that PostgreSQL incorrectly handled certain unknown arguments in aggregate function calls. A remote attacker could possibly use this issue to obtain sensitive information. CVE-2023-5868 Pedro Gallegos discovered that PostgreSQL incorrectly handled modifying certain SQL arra...

8.8CVSS7.2AI score0.04322EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/02 3:30 a.m.•77 views

USN-6468-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

9.8CVSS7.7AI score0.01585EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/17 11:22 a.m.•77 views

USN-6429-3: curl vulnerabilities

USN-6429-1 fixed vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 23.10. Original advisory details: Jay Satiro discovered that curl incorrectly handled hostnames when using a SOCKS5 proxy. In environments where curl is configured to use a SOCKS5 proxy, a remote...

9.8CVSS7.8AI score0.78483EPSS
Exploits6
Ubuntu
Ubuntu
•added 2023/09/19 5:42 p.m.•77 views

USN-6384-1: Linux kernel (OEM) vulnerabilities

Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. CVE-2023-20588 Lonial Con discover...

5.5CVSS6.9AI score0.12405EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/06 12:31 a.m.•77 views

USN-6342-1: Linux kernel vulnerabilities

Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. CVE-2023-20593 Zheng Zhang discovered that the device-mapper implementation in the Linux kernel...

7.8CVSS7.7AI score0.05794EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/08/30 4:21 a.m.•77 views

USN-6320-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-4573, CVE-2023-4574,...

8.8CVSS7.7AI score0.00693EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/08/28 10:17 p.m.•77 views

USN-6311-1: Linux kernel vulnerabilities

William Zhao discovered that the Traffic Control TC subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service kernel deadlock. CVE-2022-4269 It was discovered that the NTFS file system...

10CVSS7.4AI score0.0406EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/08/11 4:7 p.m.•77 views

USN-6284-1: Linux kernel vulnerabilities

It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service infinite recursion. CVE-2020-36691 Billy Jheng Bing Jhong discovered that the CIFS network...

7.8CVSS7AI score0.00491EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/07/19 5:34 p.m.•77 views

USN-6237-2: curl regression

USN-6237-1 fixed vulnerabilities in curl. The update caused a certificate wildcard handling regression on Ubuntu 22.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Hiroki Kurosawa discovered that curl incorrectly handled validating certain...

6.6AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/07/10 1:6 p.m.•77 views

USN-6213-1: Ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled pipe devices. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to execute arbitrary code...

7.8CVSS8.1AI score0.03236EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/05/04 8:10 a.m.•77 views

USN-6055-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. CVE-2023-28755 It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a...

5.3CVSS7.6AI score0.02637EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/04/26 4:15 a.m.•77 views

USN-6010-3: Firefox regressions

USN-6010-1 fixed vulnerabilities and USN-6010-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were...

7.8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/04/19 1:17 a.m.•77 views

USN-6024-1: Linux kernel vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 Lin Ma discovered a race condition in t...

7.8CVSS7.2AI score0.00964EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/03/29 6:22 p.m.•77 views

USN-5987-1: Linux kernel vulnerabilities

It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. CVE-2022-2196 It was discovered...

8.8CVSS7.7AI score0.71737EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/03/20 5:28 p.m.•77 views

USN-5904-2: SoX regression

USN-5904-1 fixed vulnerabilities in SoX. It was discovered that the fix for CVE-2021-33844 was incomplete. This update fixes the problem. Original advisory details: Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a...

5.5CVSS7.1AI score0.00457EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/03/03 2:58 p.m.•77 views

USN-5917-1: Linux kernel vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

8.1CVSS7.7AI score0.03702EPSS
Exploits6
Ubuntu
Ubuntu
•added 2023/02/06 3:30 a.m.•77 views

USN-5816-2: Firefox regressions

USN-5816-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Niklas Baumstark discovered that a compromised web child process of Firefox could disable web security openin...

8.2AI score
Exploits0References1
Total number of security vulnerabilities5000