Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
added 2012/11/21 9:42 p.m.76 views

USN-1638-2: ubufox update

USN-1638-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Original advisory details: Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andr...

8.8AI score0.11079EPSS
Exploits16References1
Ubuntu
Ubuntu
added 2012/10/12 9:42 a.m.76 views

USN-1609-1: Linux kernel (OMAP4) vulnerability

A flaw was found in how the Linux kernel's KVM Kernel-based Virtual Machine subsystem handled MSI Message Signaled Interrupts. A local unprivileged user could exploit this flaw to cause a denial of service or potentially elevate privileges. CVE-2012-2137 Mathias Krause discover an error in Linux...

6.9CVSS6.5AI score0.00521EPSS
Exploits2
Ubuntu
Ubuntu
added 2012/10/11 6:48 p.m.76 views

USN-1606-1: Linux kernel vulnerabilities

A flaw was found in how the Linux kernel's KVM Kernel-based Virtual Machine subsystem handled MSI Message Signaled Interrupts. A local unprivileged user could exploit this flaw to cause a denial of service or potentially elevate privileges. CVE-2012-2137 A flaw was found in how the Linux kernel...

6.9CVSS6.3AI score0.00521EPSS
Exploits1
Ubuntu
Ubuntu
added 2012/09/10 10:5 p.m.76 views

USN-1563-1: Linux kernel (Oneiric backport) vulnerability

A flaw was found in the Linux kernel's Reliable Datagram Sockets RDS protocol implementation. A local, unprivileged user could use this flaw to cause a denial of service. CVE-2012-2372 Mathias Krause discovered an information leak in the Linux kernel's TUN/TAP device driver. A local user could...

6.6CVSS6.1AI score0.00399EPSS
Exploits0
Ubuntu
Ubuntu
added 2012/08/30 12:7 a.m.76 views

USN-1505-2: IcedTea-Web regression

USN-1505-1 fixed vulnerabilities in OpenJDK 6. As part of the update, IcedTea-Web packages were upgraded to a new version. That upgrade introduced a regression which prevented the IcedTea-Web plugin from working with the Chromium web browser in Ubuntu 11.04 and Ubuntu 11.10. This update fixes the...

8.2AI score
Exploits0References1
Ubuntu
Ubuntu
added 2012/07/18 1:18 a.m.76 views

USN-1509-2: ubufox update

USN-1509-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the lastest Firefox. Original advisory details: Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smith, Gary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Hue...

8.7AI score0.05488EPSS
Exploits1References1
Ubuntu
Ubuntu
added 2012/05/08 7:41 a.m.76 views

USN-1440-1: Linux kernel (Natty backport) vulnerabilities

A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. CVE-2011-4086 Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the...

7.8CVSS6.4AI score0.02678EPSS
Exploits5
Ubuntu
Ubuntu
added 2012/04/24 8:46 p.m.76 views

USN-1428-1: OpenSSL vulnerability

It was discovered that the fix for CVE-2012-2110 was incomplete for OpenSSL 0.9.8. A remote attacker could trigger this flaw in services that used SSL to cause a denial of service or possibly execute arbitrary code with application privileges. Ubuntu 11.10 was not affected by this issue...

7.5CVSS8.2AI score0.48298EPSS
Exploits8
Ubuntu
Ubuntu
added 2012/03/01 9:7 a.m.76 views

USN-1373-2: OpenJDK 6 (ARM) vulnerabilities

USN 1373-1 fixed vulnerabilities in OpenJDK 6 in Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04 for all architectures except for ARM armel. This provides the corresponding OpenJDK 6 update for use with the ARM armel architecture in Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. Original adviso...

10CVSS8.2AI score0.98237EPSS
Exploits19
Ubuntu
Ubuntu
added 2012/02/13 6:43 p.m.76 views

USN-1361-1: Linux kernel vulnerabilities

Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user who can mount a FUSE file system could cause a denial of service. CVE-2011-3353 A flaw was found in KVM's Programmable Interval Timer PIT. When a virtual interrupt control is not available a local user could use this to caus...

7.8CVSS6.8AI score0.00399EPSS
Exploits3
Ubuntu
Ubuntu
added 2011/02/03 7:23 p.m.76 views

USN-1057-1: Linux kernel vulnerabilities

Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. CVE-2010-2943 Dan Rosenberg discover...

8.1CVSS6.6AI score0.17009EPSS
Exploits2
Ubuntu
Ubuntu
added 2010/10/29 3:20 a.m.76 views

USN-1011-3: Xulrunner vulnerability

USN-1011-1 fixed a vulnerability in Firefox. This update provides the corresponding update for Xulrunner. Original advisory details: Morten Krakvik discovered a heap-based buffer overflow in Firefox. If a user were tricked into navigating to a malicious site, an attacker could cause a denial of...

9.8CVSS9.1AI score0.83279EPSS
Exploits14
Ubuntu
Ubuntu
added 2010/07/26 4:0 p.m.76 views

USN-930-6: Firefox and Xulrunner vulnerability

USN-957-1 fixed vulnerabilities in Firefox and Xulrunner. Daniel Holbert discovered that the fix for CVE-2010-1214 introduced a regression which did not properly initialize a plugin pointer. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browse...

10CVSS9.1AI score0.11418EPSS
Exploits14
Ubuntu
Ubuntu
added 2010/02/17 9:54 p.m.76 views

USN-896-1: Firefox 3.5 and Xulrunner 1.9.1 vulnerabilities

Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2010-0159 Orlando Barrera II...

10CVSS8.8AI score0.06392EPSS
Exploits4
Ubuntu
Ubuntu
added 2009/09/28 12:44 p.m.76 views

USN-838-1: Dovecot vulnerabilities

It was discovered that the ACL plugin in Dovecot would incorrectly handle negative access rights. An attacker could exploit this flaw to access the Dovecot server, bypassing the intended access restrictions. This only affected Ubuntu 8.04 LTS. CVE-2008-4577 It was discovered that the ManageSieve...

7.5CVSS6.6AI score0.0404EPSS
Exploits0
Ubuntu
Ubuntu
added 2009/06/11 11:59 p.m.76 views

USN-787-1: Apache vulnerabilities

Matthew Palmer discovered an underflow flaw in apr-util as included in Apache. An attacker could cause a denial of service via application crash in Apache using a crafted SVNMasterURI directive, .htaccess file, or when using modapreq2. This issue only affected Ubuntu 6.06 LTS. CVE-2009-0023 Sande...

7.5CVSS7.7AI score0.52988EPSS
Exploits10
Ubuntu
Ubuntu
added 2008/11/07 7:31 p.m.76 views

USN-666-1: Dovecot vulnerability

It was discovered that certain email headers were not correctly handled by Dovecot. If a remote attacker sent a specially crafted email to a user with a mailbox managed by Dovecot, that user's mailbox would become inaccessible through Dovecot, leading to a denial of service...

4.3CVSS5.4AI score0.06203EPSS
Exploits0
Ubuntu
Ubuntu
added 2008/07/25 2:7 a.m.76 views

USN-629-1: Thunderbird vulnerabilities

Various flaws were discovered in the browser engine. If a user had Javascript enabled and were tricked into opening a malicious web page, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program...

10CVSS8.7AI score0.13949EPSS
Exploits3
Ubuntu
Ubuntu
added 2007/12/19 12:52 a.m.77 views

USN-558-1: Linux kernel vulnerabilities

The minix filesystem did not properly validate certain filesystem values. If a local attacker could trick the system into attempting to mount a corrupted minix filesystem, the kernel could be made to hang for long periods of time, resulting in a denial of service. CVE-2006-6058 Certain calculatio...

7.8CVSS7.3AI score0.14336EPSS
Exploits3
Ubuntu
Ubuntu
added 2007/10/04 9:34 p.m.76 views

USN-525-1: libsndfile vulnerability

Robert Buchholz discovered that libsndfile did not correctly validate the size of its memory buffers. If a user were tricked into playing a specially crafted FLAC file, a remote attacker could execute arbitrary code with user privileges...

7.5CVSS8.4AI score0.04488EPSS
Exploits0
Ubuntu
Ubuntu
added 2007/06/08 10:32 p.m.76 views

USN-470-1: Linux kernel vulnerabilities

USN-464-1 fixed several vulnerabilities in the Linux kernel. Some additional code changes were accidentally included in the Feisty update which caused trouble for some people who were not using UUID-based filesystem mounts. These changes have been reverted. We apologize for the inconvenience. For...

5CVSS5.5AI score0.02098EPSS
Exploits0
Ubuntu
Ubuntu
added 2006/12/14 12:46 a.m.76 views

USN-395-1: Linux kernel vulnerabilities

Mark Dowd discovered that the netfilter iptables module did not correcly handle fragmented packets. By sending specially crafted packets, a remote attacker could exploit this to bypass firewall rules. This has only be fixed for Ubuntu 6.10; the corresponding fix for Ubuntu 5.10 and 6.06 will foll...

7.5CVSS6AI score0.04601EPSS
Exploits2
Ubuntu
Ubuntu
added 2006/09/05 11:59 p.m.76 views

USN-339-1: OpenSSL vulnerability

Philip Mackenzie, Marius Schilder, Jason Waddle and Ben Laurie of Google Security discovered that the OpenSSL library did not sufficiently check the padding of PKCS 1 v1.5 signatures if the exponent of the public key is 3 which is widely used for CAs. This could be exploited to forge signatures...

4.3CVSS7.3AI score0.04894EPSS
Exploits1
Ubuntu
Ubuntu
added 2005/09/19 8:14 p.m.76 views

USN-184-1: umount vulnerability

David Watson discovered that "umount -r" removed some restrictive mount options like the "nosuid" flag. If /etc/fstab contains user-mountable removable devices which specify the "nosuid" flag which is common practice for such devices, a local attacker could exploit this to execute arbitrary...

7.2CVSS5.7AI score0.00426EPSS
Exploits0
Ubuntu
Ubuntu
added 2004/11/30 8:29 p.m.76 views

USN-34-1: OpenSSH information leakage

@Mediaservice.net discovered two information leaks in the OpenSSH server. When using password authentication, an attacker could test whether a login name exists by measuring the time between failed login attempts, i. e. the time after which the "password:" prompt appears again. A similar issue...

5CVSS6.9AI score0.76751EPSS
Exploits10
Ubuntu
Ubuntu
added 2024/05/07 2:44 p.m.75 views

USN-6754-2: nghttp2 vulnerability

USN-6754-1 fixed vulnerabilities in nghttp2. This update provides the corresponding update for Ubuntu 24.04 LTS. Original advisory details: It was discovered that nghttp2 incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to cause nghttp2 to consume...

5.3CVSS7.1AI score0.8496EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/03/25 11:24 p.m.75 views

USN-6704-3: Linux kernel (Oracle) vulnerabilities

It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service system crash. CVE-2023-23000 Quentin Minster discovered that the KSMBD...

7.8CVSS7.6AI score0.28058EPSS
Exploits16
Ubuntu
Ubuntu
added 2024/01/30 9:18 p.m.75 views

USN-6609-2: Linux kernel (NVIDIA) vulnerabilities

Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6040 It was discovered that the CIFS...

7.8CVSS7.2AI score0.00836EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/01/02 3:25 a.m.75 views

USN-6562-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code.CVE-2023-6865, CVE-2023-6857,...

8.8CVSS7.9AI score0.20472EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/09/20 2:17 p.m.75 views

USN-6391-1: CUPS vulnerability

It was discovered that CUPS incorrectly parsed certain Postscript objects. If a user or automated system were tricked into printing a specially crafted document, a remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code...

7CVSS7.1AI score0.00663EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/09/19 5:44 p.m.75 views

USN-6385-1: Linux kernel (OEM) vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 William Zhao discovered that the Traffic Control TC...

10CVSS7.6AI score0.16642EPSS
Exploits7
Ubuntu
Ubuntu
added 2023/09/06 4:15 p.m.75 views

USN-6348-1: Linux kernel vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

7.8CVSS7.9AI score0.05794EPSS
Exploits5
Ubuntu
Ubuntu
added 2023/08/28 10:47 p.m.75 views

USN-6312-1: Linux kernel vulnerabilities

It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service infinite recursion. CVE-2020-36691 Billy Jheng Bing Jhong discovered that the CIFS network...

7.8CVSS7AI score0.00491EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/08/17 8:11 p.m.75 views

USN-6301-1: Linux kernel vulnerabilities

It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service infinite recursion. CVE-2020-36691 Billy Jheng Bing Jhong discovered that the CIFS network...

7.8CVSS7AI score0.00491EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/06/29 12:38 p.m.75 views

USN-6192-1: Linux kernel vulnerabilities

Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-35788, LP: 2023577 Xingyuan Mo and Gengjia Chen...

7.8CVSS7.3AI score0.00532EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2023/05/24 2:16 p.m.75 views

USN-6104-1: PostgreSQL vulnerabilities

Alexander Lakhin discovered that PostgreSQL incorrectly handled certain CREATE privileges. An authenticated user could possibly use this issue to execute arbitrary code as the bootstrap supervisor. CVE-2023-2454 Wolfgang Walther discovered that PostgreSQL incorrectly handled certain row security...

7.2CVSS6.9AI score0.0119EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/05/18 10:3 a.m.75 views

USN-6088-1: runC vulnerabilities

It was discovered that runC incorrectly made /sys/fs/cgroup writable when in rootless mode. An attacker could possibly use this issue to escalate privileges. CVE-2023-25809 It was discovered that runC incorrectly performed access control when mounting /proc to non-directories. An attacker could...

7.8CVSS7.1AI score0.00448EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/03/27 4:40 p.m.75 views

USN-5974-1: GraphicsMagick vulnerabilities

It was discovered that GraphicsMagick was not properly performing bounds checks when processing TGA image files, which could lead to a heap buffer overflow. If a user or automated system were tricked into processing a specially crafted TGA image file, an attacker could possibly use this issue to...

9.1CVSS7.3AI score0.03193EPSS
Exploits7
Ubuntu
Ubuntu
added 2023/03/07 7:29 p.m.75 views

USN-5934-1: Linux kernel (Raspberry Pi) vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

8.1CVSS7.7AI score0.03702EPSS
Exploits6
Ubuntu
Ubuntu
added 2023/03/02 10:15 a.m.75 views

USN-5482-2: SPIP vulnerabilities

USN-5482-1 fixed several vulnerabilities in SPIP. This update provides the corresponding updates for Ubuntu 20.04 LTS for CVE-2021-44118, CVE-2021-44120, CVE-2021-44122 and CVE-2021-44123. Original advisory details: It was discovered that SPIP incorrectly validated inputs. An authenticated attack...

8.8CVSS7.4AI score0.02396EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/02/20 3:14 a.m.75 views

USN-5880-1: Firefox vulnerabilities

Christian Holler discovered that Firefox did not properly manage memory when using PKCS 12 Safe Bag attributes. An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes. CVE-2023-0767 Johan Carlsson discovered that Firefox did not properly manag...

9.8CVSS7.7AI score0.00817EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/02/01 9:22 a.m.75 views

USN-4781-2: Slurm vulnerabilities

USN-4781-1 fixed several vulnerabilities in Slurm. This update provides the corresponding updates for Ubuntu 14.04 ESM CVE-2016-10030 and Ubuntu 16.04 ESM CVE-2018-10995. Original advisory details: It was discovered that Slurm incorrectly handled certain messages between the daemon and the user. ...

8.1CVSS7.7AI score0.02483EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/09/20 8:29 a.m.75 views

USN-5619-1: LibTIFF vulnerabilities

It was discovered that LibTIFF was not properly performing the calculation of data that would eventually be used as a reference for bound-checking operations. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu...

7.5CVSS6.7AI score0.02433EPSS
Exploits6
Ubuntu
Ubuntu
added 2022/07/19 11:5 a.m.75 views

USN-5523-1: LibTIFF vulnerabilities

It was discovered that LibTIFF was not properly performing checks to guarantee that allocated memory space existed, which could lead to a NULL pointer dereference via a specially crafted file. An attacker could possibly use this issue to cause a denial of service. CVE-2022-0907, CVE-2022-0908 It...

7.7CVSS6.9AI score0.02433EPSS
Exploits6
Ubuntu
Ubuntu
added 2022/07/13 6:30 p.m.75 views

USN-5511-1: Git vulnerabilities

Carlo Marcelo Arenas Belón discovered that an issue related to CVE-2022-24765 still affected Git. An attacker could possibly use this issue to run arbitrary commands as administrator. CVE-2022-29187...

7.8CVSS7.7AI score0.00445EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/06/23 8:26 p.m.75 views

USN-5492-1: Vim vulnerability

It was discovered that Vim incorrectly handled memory when opening and searching the contents of certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash...

7.8CVSS7.4AI score0.01411EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/05/23 8:53 a.m.75 views

USN-5342-3: Python vulnerability

USN-5342-1 fixed several vulnerabilities in Python. This update provides the corresponding fix for CVE-2021-3426 for Ubuntu 18.04 ESM. Original advisory details: David Schwörer discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive...

5.7CVSS7.8AI score0.01863EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/05/02 6:27 a.m.75 views

USN-5382-2: libinput vulnerability

USN-5382-1 fixed a vulnerability in libinput. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: Albin Eldstål-Ahrens and Lukas Lamster discovered libinput did not properly handle input devices with specially crafted names. A local attacker with physic...

7.8CVSS7AI score0.00364EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/12/01 4:49 p.m.75 views

USN-5168-1: NSS vulnerability

Tavis Ormandy discovered that NSS incorrectly handled verifying DSA/RSA-PSS signatures. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.7AI score0.17563EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/11/30 4:24 p.m.75 views

USN-4652-1: SniffIt vulnerability

It was discovered that SniffIt incorrectly handled certain configuration files. An attacker could possibly use this issue to execute arbitrary code...

9.3CVSS7.7AI score0.02548EPSS
Exploits2
Total number of security vulnerabilities5000