Lucene search
K
UbuntuMost viewed

10905 matches found

Ubuntu
Ubuntu
•added 2020/10/14 12:8 p.m.•76 views

LSN-0072-1: Kernel Live Patch Security Notice

It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2020-0067 It was discovered that the Serial CAN interfa...

7.8CVSS6.9AI score0.01308EPSS
Exploits2
Ubuntu
Ubuntu
•added 2020/07/27 2:9 p.m.•76 views

USN-4435-1: ClamAV vulnerabilities

It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. CVE-2020-3327 It was discovered that ClamAV incorrectly handled scanning malicious files. A local attacker could...

7.5CVSS7.6AI score0.05063EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/06/25 8:58 p.m.•76 views

USN-4404-2: Linux kernel vulnerabilities

USN-4404-1 fixed vulnerabilities in the NVIDIA graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules. Original advisory details: Thomas E. Carroll discovered that the NVIDIA Cuda grpahics driver did not properly perform access control when...

7.8CVSS6.7AI score0.00471EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/02/18 12:40 p.m.•76 views

USN-4282-1: PostgreSQL vulnerability

It was discovered that PostgreSQL incorrectly performed authorization checks when handling the "ALTER ... DEPENDS ON EXTENSION" sub-commands. A remote attacker could possibly use this issue to drop any function, procedure, materialized view, index, or trigger under certain conditions...

6.5CVSS6.8AI score0.01183EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/02/06 6:44 p.m.•76 views

USN-4273-1: ReportLab vulnerability

It was discovered that ReportLab incorrectly handled certain XML documents. If a user or automated system were tricked into processing a specially crafted document, a remote attacker could possibly use this issue to execute arbitrary code...

9.8CVSS8.4AI score0.10231EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/11/25 12:17 p.m.•76 views

USN-4189-2: DPDK regression

USN-4189-1 fixed a vulnerability in DPDK. The new version introduced a regression in certain environments. This update fixes the problem. Original advisory details: Jason Wang discovered that DPDK incorrectly handled certain messages. An attacker in a malicious container could possibly use this...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2019/11/21 7:29 p.m.•76 views

USN-4198-1: DjVuLibre vulnerabilities

It was discovered that DjVuLibre incorrectly handled certain memory operations. If a user or automated system were tricked into processing a specially crafted DjVu file, a remote attacker could cause applications to hang or crash, resulting in a denial of service, or possibly execute arbitrary co...

7.5CVSS6AI score0.03667EPSS
Exploits5
Ubuntu
Ubuntu
•added 2019/06/25 11:26 a.m.•76 views

USN-4034-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of th...

8.8CVSS6.9AI score0.49324EPSS
Exploits26
Ubuntu
Ubuntu
•added 2019/06/19 8:0 p.m.•76 views

USN-4024-1: Evince update

As a security improvement, this update adjusts the AppArmor profile for the Evince thumbnailer to reduce access to the system and adjusts the AppArmor profile for Evince and Evince previewer to limit access to the DBus system bus. Additionally adjust the evince abstraction to disallow writes on...

5.4AI score
Exploits0References2
Ubuntu
Ubuntu
•added 2019/01/30 11:24 p.m.•76 views

USN-3875-1: OpenJDK vulnerability

It was discovered that a memory disclosure issue existed in the OpenJDK Library subsystem. An attacker could use this to expose sensitive information and possibly bypass Java sandbox restrictions. CVE-2019-2422...

3.1CVSS6.8AI score0.03374EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/12/20 10:57 p.m.•76 views

USN-3847-2: Linux kernel (HWE) vulnerabilities

USN-3847-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that a race condition existed in the raw MIDI driver for the Linux...

7.8CVSS6.7AI score0.00683EPSS
Exploits2
Ubuntu
Ubuntu
•added 2018/05/25 8:41 p.m.•76 views

USN-3660-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service via application crash, install lightweight themes without user interaction, or...

9.8CVSS7.8AI score0.21288EPSS
Exploits4
Ubuntu
Ubuntu
•added 2018/03/05 3:2 p.m.•76 views

USN-3588-1: Memcached vulnerabilities

Daniel Shapira discovered an integer overflow issue in Memcached. A remote attacker could use this to cause a denial of service daemon crash. CVE-2017-9951 It was discovered that Memcached listened to UDP by default. A remote attacker could use this as part of a distributed denial of service...

7.5CVSS7AI score0.8864EPSS
Exploits4
Ubuntu
Ubuntu
•added 2018/01/08 3:27 p.m.•76 views

USN-3518-1: AWStats vulnerability

It was discovered that AWStats incorrectly filtered certain parameters. A remote attacker could possibly use this issue to execute arbitrary code...

9.8CVSS7.7AI score0.04352EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/12/07 11:34 p.m.•76 views

USN-3509-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3509-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink...

7.8CVSS6.8AI score0.02841EPSS
Exploits12
Ubuntu
Ubuntu
•added 2017/08/28 10:15 p.m.•76 views

USN-3404-2: Linux kernel (HWE) vulnerability

USN-3404-1 fixed a vulnerability in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. A reference count bug was discovered in the Linux kernel ipx protocol stack. A local attacker...

7.8CVSS6.7AI score0.00395EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/07/05 6:19 p.m.•76 views

USN-3349-1: NTP vulnerabilities

Yihan Lian discovered that NTP incorrectly handled certain large request data values. A remote attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2016-2519 Miroslav Lichvar discovered that NTP incorrectly...

8.8CVSS6.8AI score0.52935EPSS
Exploits13
Ubuntu
Ubuntu
•added 2017/06/22 2:55 a.m.•76 views

USN-3330-1: Linux kernel (Qualcomm Snapdragon) vulnerability

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges...

7.4CVSS7.8AI score0.05186EPSS
Exploits3
Ubuntu
Ubuntu
•added 2017/05/17 1:20 a.m.•76 views

USN-3292-2: Linux kernel (HWE) vulnerability

USN-3292-1 fixed a vulnerability in the Linux kernel for Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS. Jason Donenfeld discovered a heap overflow in the MACsec module in the Linux kernel. An attack...

7CVSS6.9AI score0.00387EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/03/13 5:4 p.m.•76 views

USN-3230-1: Pillow vulnerabilities

It was discovered that Pillow incorrectly handled certain compressed text chunks in PNG images. A remote attacker could possibly use this issue to cause Pillow to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2014-9601 Cris Neckar discovered that Pillow...

7.8CVSS7.2AI score0.05426EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/03/07 11:56 p.m.•76 views

USN-3216-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to bypass same origin restrictions, obtain sensitive information, spoof the addressbar, spoof the print dialog, cause a denial of...

10CVSS7.6AI score0.17484EPSS
Exploits19
Ubuntu
Ubuntu
•added 2016/12/20 9:55 p.m.•76 views

USN-3162-2: Linux kernel (Raspberry Pi 2) vulnerabilities

CAI Qian discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel's mount table. A local attacker could use this to cause a denial of service system crash. CVE-2016-6213 Andreas Gruenbacher and Jan Kara discovered that the...

10CVSS6.7AI score0.09144EPSS
Exploits1
Ubuntu
Ubuntu
•added 2016/12/14 10:15 p.m.•76 views

USN-3157-1: Apport vulnerabilities

Donncha O Cearbhaill discovered that the crash file parser in Apport improperly treated the CrashDB field as python code. An attacker could use this to convince a user to open a maliciously crafted crash file and execute arbitrary code with the privileges of that user. This issue only affected...

9.3CVSS7.7AI score0.17726EPSS
Exploits8
Ubuntu
Ubuntu
•added 2016/12/05 11:6 a.m.•76 views

USN-3149-1: Linux kernel vulnerability

Philip Pettersson discovered a race condition in the afpacket implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service system crash or run arbitrary code with administrative privileges...

7.8CVSS7.5AI score0.11127EPSS
Exploits16
Ubuntu
Ubuntu
•added 2016/11/30 8:45 p.m.•76 views

USN-3147-1: Linux kernel vulnerabilities

Andreas Gruenbacher and Jan Kara discovered that the filesystem implementation in the Linux kernel did not clear the setgid bit during a setxattr call. A local attacker could use this to possibly elevate group privileges. CVE-2016-7097 Marco Grassi discovered that the driver for Areca RAID...

7.8CVSS6.4AI score0.0043EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/11/30 8:27 p.m.•76 views

USN-3146-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3146-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the getuserasmex implementation in the Linux kernel for x86/x86...

9.3CVSS6.8AI score0.01454EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/10/25 7:19 p.m.•76 views

USN-3114-1: nginx vulnerability

Dawid Golunski discovered that the nginx package incorrectly handled log file permissions. A remote attacker could possibly use this issue to obtain root privileges...

7.8CVSS7.5AI score0.04863EPSS
Exploits6
Ubuntu
Ubuntu
•added 2016/10/20 3:7 a.m.•76 views

USN-3104-2: Linux kernel (OMAP4) vulnerability

It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges...

7.2CVSS7.6AI score0.83524EPSS
Exploits81
Ubuntu
Ubuntu
•added 2016/10/13 1:54 p.m.•76 views

USN-3103-1: DBD::mysql vulnerabilities

It was discovered that DBD::mysql incorrectly handled certain memory operations. A remote attacker could use this issue to cause DBD::mysql to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2014-9906 Hanno Böck discovered that DBD::mysql incorrectly handled certa...

10CVSS8.1AI score0.06026EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/09/28 5:0 p.m.•76 views

USN-3093-1: ClamAV vulnerabilities

It was discovered that ClamAV incorrectly handled certain malformed files. A remote attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, attackers would be isolated by the ClamAV AppArmor profile...

7.5CVSS7.2AI score0.03406EPSS
Exploits2
Ubuntu
Ubuntu
•added 2016/08/17 4:53 p.m.•76 views

USN-3063-1: Fontconfig vulnerability

Tobias Stoeckmann discovered that Fontconfig incorrectly handled cache files. A local attacker could possibly use this issue with a specially crafted cache file to elevate privileges...

7.8CVSS6.3AI score0.00403EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/08/10 10:55 a.m.•76 views

USN-3056-1: Linux kernel (Raspberry Pi 2) vulnerabilities

Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges. CVE-2016-3135 It was...

7.8CVSS7.3AI score0.01009EPSS
Exploits2
Ubuntu
Ubuntu
•added 2016/06/27 9:26 p.m.•76 views

USN-3019-1: Linux kernel (Utopic HWE) vulnerabilities

Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPTSOSETREPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service system crash or execute...

7.8CVSS7AI score0.05676EPSS
Exploits15
Ubuntu
Ubuntu
•added 2016/06/01 5:51 a.m.•76 views

USN-2989-1: Linux kernel vulnerabilities

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-2117 Jason A. Donenfeld discovered multiple out-of-bounds reads in t...

10CVSS7AI score0.2593EPSS
Exploits17
Ubuntu
Ubuntu
•added 2016/03/09 3:28 p.m.•76 views

USN-2917-1: Firefox vulnerabilities

Francis Gabriel discovered a buffer overflow during ASN.1 decoding in NSS. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user...

10CVSS8.2AI score0.31046EPSS
Exploits9
Ubuntu
Ubuntu
•added 2016/02/22 8:42 p.m.•76 views

USN-2908-2: Linux kernel (Wily HWE) vulnerabilities

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. CVE-2016-1576 halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security...

7.8CVSS7.2AI score0.01061EPSS
Exploits4
Ubuntu
Ubuntu
•added 2016/02/16 1:19 p.m.•76 views

USN-2855-2: Samba regression

USN-2855-1 fixed vulnerabilities in Samba. The upstream fix for CVE-2015-5252 introduced a regression in certain specific environments. This update fixes the problem. Original advisory details: Thilo Uttendorfer discovered that the Samba LDAP server incorrectly handled certain packets. A remote...

6.8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2016/02/02 2:18 a.m.•76 views

USN-2890-3: Linux kernel (Raspberry Pi 2) vulnerabilities

It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollctl calls to cause a denial of service system crash or expose sensitive information. CVE-2013-7446 It was discovered that the KVM implementation ...

10CVSS6.4AI score0.09235EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/12/19 11:40 a.m.•76 views

USN-2849-1: Linux kernel (Utopic HWE) vulnerabilities

Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service crash the host or potentially execute arbitrary code on the host. CVE-2015-8550...

8.2CVSS7.2AI score0.0108EPSS
Exploits2
Ubuntu
Ubuntu
•added 2015/11/10 3:31 a.m.•76 views

USN-2805-1: Linux kernel (Utopic HWE) vulnerability

Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS...

4.9CVSS6.9AI score0.00566EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/11/05 5:34 p.m.•76 views

USN-2797-1: Linux kernel (Utopic HWE) vulnerabilities

It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing a denial of service...

6.9CVSS6.7AI score0.05059EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/10/20 7:36 p.m.•76 views

USN-2779-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing a denial of service...

6.1CVSS7.3AI score0.05059EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/07/28 9:11 a.m.•76 views

USN-2688-1: Linux kernel vulnerabilities

Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs non-maskable interrupts. An unprivileged local user could exploit this flaw to cause a denial of service system crash or potentially escalate their privileges. CVE-2015-3290 Colin King discovered a flaw in the addkey...

7.2CVSS6.7AI score0.01103EPSS
Exploits4
Ubuntu
Ubuntu
•added 2015/07/07 9:44 a.m.•76 views

USN-2665-1: Linux kernel (Vivid HWE) vulnerabilities

A race condition was discovered in the Linux kernel's filehandle size verification. A local user could exploit this flaw to read potentially sensative memory locations. CVE-2015-1420 A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote...

9CVSS6.7AI score0.08339EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/05/18 5:8 p.m.•76 views

USN-2603-1: Thunderbird vulnerabilities

Jesse Ruderman, Mats Palmgren, Byron Campen, and Steve Fink discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application...

7.5CVSS8.3AI score0.07417EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/04/09 10:35 a.m.•76 views

USN-2565-1: Linux kernel vulnerabilities

An integer overflow was discovered in the stack randomization feature of the Linux kernel on 64 bit platforms. A local attacker could exploit this flaw to bypass the Address Space Layout Randomization ASLR protection mechanism. CVE-2015-1593 An information leak was discovered in the Linux Kernel'...

7.2CVSS6.7AI score0.03742EPSS
Exploits2
Ubuntu
Ubuntu
•added 2015/04/08 10:25 p.m.•76 views

USN-2562-1: Linux kernel (Trusty HWE) vulnerabilities

Sun Baoliang discovered a use after free flaw in the Linux kernel's SCTP Stream Control Transmission Protocol subsystem during INIT collisions. A remote attacker could exploit this flaw to cause a denial of service system crash or potentially escalate their privileges on the system. CVE-2015-1421...

10CVSS6.7AI score0.09828EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/02/28 6:17 p.m.•76 views

USN-2516-2: Linux kernel vulnerability regression

USN-2516-1 fixed vulnerabilities in the Linux kernel. There was an unrelated regression in the use of the virtual counter CNTVCT on arm64 architectures. This update fixes the problem. We apologize for the inconvenience. Original advisory details: A flaw was discovered in the Kernel Virtual...

6.9AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2015/02/26 11:22 a.m.•76 views

USN-2516-1: Linux kernel vulnerabilities

A flaw was discovered in the Kernel Virtual Machine's KVM emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS crash or potentially gain privileges on the guest OS...

7.8CVSS6.8AI score0.05489EPSS
Exploits4
Ubuntu
Ubuntu
•added 2015/02/26 11:18 a.m.•76 views

USN-2515-1: Linux kernel (Trusty HWE) vulnerabilities

A flaw was discovered in the Kernel Virtual Machine's KVM emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS crash or potentially gain privileges on the guest OS...

7.8CVSS6.8AI score0.05489EPSS
Exploits4
Total number of security vulnerabilities5000