Lucene search
K
UbuntuMost viewed

10875 matches found

Ubuntu
Ubuntu
•added 2021/02/23 7:33 p.m.•249 views

USN-4745-1: OpenSSL vulnerabilities

David Benjamin discovered that OpenSSL incorrectly handled comparing certificates containing a EDIPartyName name type. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. CVE-2020-1971 Tavis Ormandy discovered that OpenSSL incorrectly handl...

5.9CVSS6.8AI score0.07471EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/07/12 5:1 p.m.•249 views

USN-4054-1: Firefox vulnerabilities

A sandbox escape was discovered in Firefox. If a user were tricked in to installing a malicious language pack, an attacker could exploit this to gain additional privileges. CVE-2019-9811 Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted...

9.8CVSS7.5AI score0.20271EPSS
Exploits4
Ubuntu
Ubuntu
•added 2024/12/09 12:16 p.m.•248 views

USN-7142-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS7.4AI score0.21044EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/11/18 3:10 p.m.•248 views

USN-7104-1: curl vulnerability

It was discovered that curl could overwrite the HSTS expiry of the parent domain with the subdomain's HSTS entry. This could lead to curl switching back to insecure HTTP earlier than otherwise intended, resulting in information exposure...

6.5CVSS6.7AI score0.0197EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/09/12 11:7 a.m.•248 views

USN-7002-1: Setuptools vulnerability

It was discovered that setuptools was vulnerable to remote code execution. An attacker could possibly use this issue to execute arbitrary code...

8.8CVSS7AI score0.01939EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/08/03 10:10 a.m.•248 views

USN-5221-1: Redis vulnerabilities

It was discovered that Redis incorrectly handled certain specially crafted Lua scripts. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2021-32626 It was discovered that Redis incorrectly handled some malformed requests when using Redis...

8.8CVSS7AI score0.31049EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/23 6:46 a.m.•246 views

USN-7082-1: libheif vulnerability

Gerrard Tai discovered that libheif did not properly validate certain images, leading to out-of-bounds read and write vulnerability. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or to obtai...

8.1CVSS7.8AI score0.00825EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/03/30 2:24 p.m.•246 views

USN-5355-1: zlib vulnerability

Danilo Ramos discovered that zlib incorrectly handled memory when performing certain deflating operations. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.2AI score0.51733EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/07/27 11:9 p.m.•246 views

USN-4427-1: Linux kernel vulnerabilities

It was discovered that the Kvaser CAN/USB driver in the Linux kernel did not properly initialize memory in certain situations. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2019-19947 Chuhong Yuan discovered that go7007 USB audio device driver in the...

7.8CVSS7.2AI score0.00617EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/11/05 3:39 a.m.•245 views

USN-7091-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML characters in an attribute value using REXML gem. An attacker could use this issue to cause Ruby to crash, resulting in a denial of service. This issue only affected in Ubuntu 22.04 LTS and Ubuntu 24....

8.7CVSS7.1AI score0.02064EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/10/16 4:36 a.m.•245 views

USN-7070-1: libarchive vulnerabilities

It was discovered that libarchive mishandled certain memory checks, which could result in a NULL pointer dereference. An attacker could potentially use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubun...

9.8CVSS6.5AI score0.01936EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/01/19 5:44 p.m.•245 views

USN-5813-1: Linux kernel vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/03/12 2:7 p.m.•245 views

USN-4754-3: Python vulnerabilities

USN-4754-1 fixed vulnerabilities in Python. This update provides the corresponding updates for Ubuntu 18.04 and Ubuntu 20.04. In the case of Python 2.7 for 20.04, these additional fixes are included: It was dicovered that Python allowed remote attackers to cause a denial of service resource...

9.8CVSS7.9AI score0.23293EPSS
Exploits4
Ubuntu
Ubuntu
•added 2018/10/03 11:33 a.m.•245 views

USN-3781-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS7.3AI score0.10593EPSS
Exploits18
Ubuntu
Ubuntu
•added 2024/11/26 1:43 p.m.•244 views

USN-7128-1: Pygments vulnerability

Sebastian Chnelik discovered that Pygments had an inefficient regex query for analyzing certain inputs. An attacker could possibly use this issue to cause a denial of service...

5.5CVSS6.3AI score0.00503EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/06/23 8:19 p.m.•244 views

USN-5487-3: Apache HTTP Server regression

USN-5487-1 fixed several vulnerabilities in Apache HTTP Server. Unfortunately it caused regressions. USN-5487-2 reverted the patches that caused the regression in Ubuntu 14.04 ESM for further investigation. This update re-adds the security fixes for Ubuntu 14.04 ESM and fixes two different...

9.8CVSS8.3AI score0.90407EPSS
Exploits2References2
Ubuntu
Ubuntu
•added 2021/05/25 5:0 p.m.•244 views

USN-4966-1: libx11 vulnerability

It was discovered that libx11 incorrectly validated certain parameter lengths. A remote attacker could possibly use this issue to trick libx11 into emitting extra X protocol requests...

9.8CVSS7.5AI score0.10634EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/02/25 6:43 a.m.•244 views

USN-4751-1: Linux kernel vulnerabilities

It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose sensitive information kernel memory. CVE-2020-25656 Minh Yuan discovered that the tty driver in the Linux kernel contained race conditions when handling...

8.8CVSS6.8AI score0.01129EPSS
Exploits10
Ubuntu
Ubuntu
•added 2019/02/06 2:7 p.m.•244 views

USN-3882-1: curl vulnerabilities

Wenxiang Qian discovered that curl incorrectly handled certain NTLM authentication messages. A remote attacker could possibly use this issue to cause curl to crash, resulting in a denial of service. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. CVE-2018-16890...

9.8CVSS6.6AI score0.12771EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/12/10 1:42 a.m.•242 views

USN-7145-1: Expat vulnerability

It was discovered that Expat did not properly handle its internal state when attempting to resume an unstarted parser. An attacker could use this issue to cause a denial of service application crash...

5.9CVSS7.1AI score0.0104EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/12/05 4:53 p.m.•242 views

USN-7117-3: needrestart regression

USN-7117-1 fixed vulnerabilities in needrestart. The update introduced a regression in needrestart. This update fixes the problem for LXC containers. We apologize for the inconvenience. Original advisory details: Qualys discovered that needrestart passed unsanitized data to a library...

7.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2024/12/02 12:30 p.m.•242 views

USN-7132-1: PostgreSQL vulnerabilities

It was discovered that PostgreSQL incorrectly tracked tables with row security. A remote attacker could possibly use this issue to perform forbidden reads and modifications. CVE-2024-10976 Jacob Champion discovered that PostgreSQL clients used untrusted server error messages. An attacker that is...

8.8CVSS7AI score0.04422EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/11/27 5:25 p.m.•242 views

USN-7131-1: Vim vulnerability

It was discovered that Vim incorrectly handled memory when closing a buffer, leading to use-after-free. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service...

4.7CVSS6.5AI score0.00291EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/30 6:14 p.m.•242 views

USN-7046-1: Flatpak and Bubblewrap vulnerability

It was discovered that Flatpak incorrectly handled certain persisted directories. An attacker could possibly use this issue to read and write files in locations it would not normally have access to. A patch was also needed to Bubblewrap in order to avoid race conditions caused by this fix...

10CVSS8.1AI score0.01283EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2024/09/09 1:42 p.m.•242 views

USN-6997-1: LibTIFF vulnerability

It was discovered that LibTIFF incorrectly handled memory. An attacker could possibly use this issue to cause the application to crash, resulting in a denial of service...

7.5CVSS6.9AI score0.01516EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/03/29 4:52 p.m.•242 views

USN-4883-1: Linux kernel vulnerabilities

Adam Nichols discovered that heap overflows existed in the iSCSI subsystem in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-27365 Adam Nichols discovered that the iSCSI subsystem in the Linux kernel did not...

7.8CVSS7AI score0.02079EPSS
Exploits3
Ubuntu
Ubuntu
•added 2018/10/01 7:15 p.m.•242 views

USN-3777-1: Linux kernel vulnerabilities

Jann Horn discovered that the vmacache subsystem did not properly handle sequence number overflows, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2018-17182 It was discovered that the...

8.3CVSS8AI score0.08743EPSS
Exploits4References1
Ubuntu
Ubuntu
•added 2024/11/05 12:59 p.m.•241 views

USN-7092-1: mpg123 vulnerability

It was discovered that mpg123 incorrectly handled certain mp3 files. If a user or automated system were tricked into opening a specially crafted mp3 file, a remote attacker could use this issue to cause mpg123 to crash, resulting in a denial of service, or possibly execute arbitrary code...

6.7CVSS6.9AI score0.00348EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/29 3:4 p.m.•241 views

USN-7084-1: urllib3 vulnerability

It was discovered that urllib3 didn't strip HTTP Proxy-Authorization header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information...

6.5CVSS6.8AI score0.01141EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/09/26 8:12 p.m.•241 views

USN-7041-1: CUPS vulnerability

Simone Margaritelli discovered that CUPS incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used...

9.8CVSS7.9AI score0.73062EPSS
Exploits5
Ubuntu
Ubuntu
•added 2024/01/03 6:0 p.m.•241 views

USN-6565-1: OpenSSH vulnerabilities

It was discovered that OpenSSH incorrectly handled supplemental groups when running helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand as a different user. An attacker could possibly use this issue to escalate privileges. This issue only affected Ubuntu 20.04 LTS...

7CVSS6.9AI score0.19753EPSS
Exploits9
Ubuntu
Ubuntu
•added 2024/11/26 6:25 p.m.•240 views

USN-6988-2: Twisted vulnerability

USN-6988-1 fixed CVE-2024-41671 in Twisted. The USN incorrectly stated that previous releases were unaffected. This update provides the equivalent fix for Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 18.04 LTS. Original advisory details: Ben Kallus discovered that Twisted incorrectly handled...

8.3CVSS7.9AI score0.00856EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/11/12 3:54 p.m.•240 views

USN-7103-1: Ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2024-46951, CVE-2024-46953, CVE-2024-46955, CVE-2024-46956 It was discovered...

8.4CVSS7AI score0.0055EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/31 8:55 a.m.•240 views

USN-7087-1: libarchive vulnerability

It was discovered that libarchive incorrectly handled certain RAR archive files. If a user or automated system were tricked into processing a specially crafted RAR archive, an attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitra...

7.3CVSS7.4AI score0.03154EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/30 11:55 a.m.•240 views

USN-7084-2: pip vulnerability

USN-7084-1 fixed vulnerability in urllib3. This update provides the corresponding update for the urllib3 module bundled into pip. Original advisory details: It was discovered that urllib3 didn't strip HTTP Proxy-Authorization header on cross-origin redirects. A remote attacker could possibly use...

6.5CVSS6.8AI score0.01141EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/10/22 1:9 p.m.•240 views

USN-7080-1: Unbound vulnerability

Toshifumi Sakaguchi discovered that Unbound incorrectly handled name compression for large RRsets, which could lead to excessive CPU usage. An attacker could potentially use this issue to cause a denial of service by sending specially crafted DNS responses...

5.3CVSS6.7AI score0.00806EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/15 12:29 p.m.•240 views

USN-7064-1: nano vulnerability

It was discovered that nano allowed a possible privilege escalation through an insecure temporary file. If nano was killed while editing, the permissions granted to the emergency save file could be used by an attacker to escalate privileges using a malicious symlink...

6.7CVSS7.2AI score0.00346EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/26 6:38 a.m.•240 views

USN-7037-1: OpenJPEG vulnerability

It was discovered that OpenJPEG could enter a large loop and continuously print warning messages when given specially crafted input. An attacker could potentially use this issue to cause a denial of service...

4.3CVSS5.7AI score0.00528EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/11/11 1:2 a.m.•239 views

USN-7097-1: OpenJDK 11 vulnerabilities

Andy Boothe discovered that the Networking component of OpenJDK 11 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. CVE-2024-21208 It was discovered that the Hotspot component of OpenJDK 11 did not...

7.4CVSS7.6AI score0.01257EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/06/15 7:38 p.m.•239 views

USN-6169-1: GNU SASL vulnerability

It was discovered that GNU SASL's GSSAPI server could make an out-of-bounds reads if given specially crafted GSS-API authentication data. A remote attacker could possibly use this issue to cause a denial of service or to expose sensitive information...

8.1CVSS7.3AI score0.01091EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/06/04 7:4 p.m.•239 views

USN-4979-1: Linux kernel vulnerabilities

Kiyin 尹亮 discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service system crash. CVE-2020-25670 Kiyin 尹亮 discovered that the NFC LLCP protocol implementation in the Linux kernel did n...

8.8CVSS7.6AI score0.03233EPSS
Exploits4
Ubuntu
Ubuntu
•added 2021/02/02 6:17 a.m.•239 views

USN-4713-1: Linux kernel vulnerability

It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data...

8.1CVSS6.7AI score0.06563EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/12/03 2:19 a.m.•239 views

USN-4660-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the perf subsystem of the Linux kernel, leading to a use-after-free vulnerability. An attacker with access to the perf subsystem could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-14351 It was...

7.8CVSS6.9AI score0.03252EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/10/28 5:19 p.m.•239 views

USN-4166-1: PHP vulnerability

It was discovered that PHP incorrectly handled certain paths when being used in FastCGI configurations. A remote attacker could possibly use this issue to execute arbitrary code...

9.8CVSS8AI score0.9947EPSS
Exploits54
Ubuntu
Ubuntu
•added 2019/06/17 5:58 p.m.•239 views

USN-4017-2: Linux kernel vulnerabilities

USN-4017-1 fixed vulnerabilities in the Linux kernel for Ubuntu. This update provides the corresponding updates for the Linux kernel for Ubuntu 16.04 ESM and Ubuntu 14.04 ESM. Jonathan Looney discovered that the TCP retransmission queue implementation in the Linux kernel could be fragmented when...

7.8CVSS6.8AI score0.98745EPSS
Exploits4References1
Ubuntu
Ubuntu
•added 2021/06/03 12:26 a.m.•238 views

USN-4977-1: Linux kernel vulnerabilities

Kiyin 尹亮 discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service system crash. CVE-2020-25670 Kiyin 尹亮 discovered that the NFC LLCP protocol implementation in the Linux kernel did n...

7.8CVSS6.8AI score0.03233EPSS
Exploits3
Ubuntu
Ubuntu
•added 2018/11/14 10:36 p.m.•238 views

USN-3821-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3821-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not...

7.1CVSS7.1AI score0.02914EPSS
Exploits3
Ubuntu
Ubuntu
•added 2024/11/11 1:0 a.m.•237 views

USN-7096-1: OpenJDK 8 vulnerabilities

Andy Boothe discovered that the Networking component of OpenJDK 8 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. CVE-2024-21208 It was discovered that the Hotspot component of OpenJDK 8 did not...

7.4CVSS7.8AI score0.01361EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/01 12:25 p.m.•237 views

USN-7048-1: Vim vulnerability

Suyue Guo discovered that Vim incorrectly handled memory when flushing the typeahead buffer, leading to heap-buffer-overflow. An attacker could possibly use this issue to cause a denial of service...

4.5CVSS5.6AI score0.00296EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/26 4:19 p.m.•237 views

USN-7040-1: ConfigObj vulnerability

It was discovered that ConfigObj contains regex that is susceptible to catastrophic backtracking. An attacker could possibly use this issue to cause a regular expression denial of service...

5.9CVSS5.5AI score0.01259EPSS
Exploits1
Total number of security vulnerabilities5000