Lucene search
K
UbuntuMost viewed

10889 matches found

Ubuntu
Ubuntu
•added 2016/12/20 9:55 p.m.•75 views

USN-3162-2: Linux kernel (Raspberry Pi 2) vulnerabilities

CAI Qian discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel's mount table. A local attacker could use this to cause a denial of service system crash. CVE-2016-6213 Andreas Gruenbacher and Jan Kara discovered that the...

10CVSS6.7AI score0.09144EPSS
Exploits1
Ubuntu
Ubuntu
•added 2016/12/02 2:5 a.m.•75 views

USN-3148-1: Ghostscript vulnerabilities

Tavis Ormandy discovered multiple vulnerabilities in the way that Ghostscript processes certain Postscript files. If a user or automated system were tricked into opening a specially crafted file, an attacker could cause a denial of service or possibly execute arbitrary code. CVE-2016-7976,...

9.8CVSS7.4AI score0.23453EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/10/20 3:18 a.m.•75 views

USN-3106-4: Linux kernel (Qualcomm Snapdragon) vulnerability

It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges...

7.2CVSS7.6AI score0.83524EPSS
Exploits81
Ubuntu
Ubuntu
•added 2016/10/13 1:54 p.m.•75 views

USN-3103-1: DBD::mysql vulnerabilities

It was discovered that DBD::mysql incorrectly handled certain memory operations. A remote attacker could use this issue to cause DBD::mysql to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2014-9906 Hanno Böck discovered that DBD::mysql incorrectly handled certa...

10CVSS8.1AI score0.06026EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/10/05 6:1 p.m.•75 views

USN-3096-1: NTP vulnerabilities

Aanchal Malhotra discovered that NTP incorrectly handled authenticated broadcast mode. A remote attacker could use this issue to perform a replay attack. CVE-2015-7973 Matt Street discovered that NTP incorrectly verified peer associations of symmetric keys. A remote attacker could use this issue ...

7.8CVSS6.8AI score0.16351EPSS
Exploits13
Ubuntu
Ubuntu
•added 2016/08/29 7:1 p.m.•75 views

USN-3070-1: Linux kernel vulnerabilities

A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to any file by setting an ACL. CVE-2016-1237 Kangjie Lu discovered an information leak in the Reliable Datagram Sockets RDS implementation in the Linux kernel. A local attacke...

7.8CVSS7.5AI score0.15073EPSS
Exploits3
Ubuntu
Ubuntu
•added 2016/08/17 4:53 p.m.•75 views

USN-3063-1: Fontconfig vulnerability

Tobias Stoeckmann discovered that Fontconfig incorrectly handled cache files. A local attacker could possibly use this issue with a specially crafted cache file to elevate privileges...

7.8CVSS6.3AI score0.00403EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/06/27 8:55 p.m.•75 views

USN-3016-4: Linux kernel (Xenial HWE) vulnerabilities

USN-3016-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not...

7.8CVSS7.1AI score0.05676EPSS
Exploits15
Ubuntu
Ubuntu
•added 2016/06/27 8:36 p.m.•75 views

USN-3017-1: Linux kernel vulnerabilities

Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPTSOSETREPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service system crash or execute...

7.8CVSS7.1AI score0.05676EPSS
Exploits15
Ubuntu
Ubuntu
•added 2016/05/16 5:46 p.m.•75 views

USN-2978-2: Linux kernel (Wily HWE) vulnerabilities

USN-2978-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 15.10 for Ubuntu 14.04 LTS. David Matlack discovered that the Kernel-based Virtual Machine KVM implementation in the Linux...

7.8CVSS7.2AI score0.00397EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/03/14 4:23 p.m.•75 views

USN-2930-1: Linux kernel vulnerabilities

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPTSOSETREPLACE events. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges...

8.4CVSS7.1AI score0.03723EPSS
Exploits21
Ubuntu
Ubuntu
•added 2016/03/09 3:28 p.m.•75 views

USN-2917-1: Firefox vulnerabilities

Francis Gabriel discovered a buffer overflow during ASN.1 decoding in NSS. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user...

10CVSS8.2AI score0.31046EPSS
Exploits9
Ubuntu
Ubuntu
•added 2016/02/02 2:18 a.m.•75 views

USN-2890-3: Linux kernel (Raspberry Pi 2) vulnerabilities

It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollctl calls to cause a denial of service system crash or expose sensitive information. CVE-2013-7446 It was discovered that the KVM implementation ...

10CVSS6.4AI score0.09235EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/12/17 8:1 a.m.•75 views

USN-2842-1: Linux kernel vulnerabilities

Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS. CVE-2015-8104 郭永刚 discovered that the pp...

10CVSS6.4AI score0.02501EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/11/05 5:42 p.m.•75 views

USN-2798-1: Linux kernel (Vivid HWE) vulnerabilities

It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. CVE-2015-2925 Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver...

6.9CVSS6.8AI score0.01246EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/10/19 9:57 p.m.•75 views

USN-2775-1: Linux kernel (Trusty HWE) vulnerabilities

It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing a denial of service...

6.1CVSS7.3AI score0.05059EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/07/23 11:21 p.m.•75 views

USN-2680-1: Linux kernel (Trusty HWE) vulnerabilities

A flaw was discovered in the user space memory copying for the pipe iovecs in the Linux kernel. An unprivileged local user could exploit this flaw to cause a denial of service system crash or potentially escalate their privileges. CVE-2015-1805 A flaw was discovered in the kvm kernel virtual...

7.8CVSS7AI score0.06267EPSS
Exploits3
Ubuntu
Ubuntu
•added 2015/02/26 11:22 a.m.•75 views

USN-2516-1: Linux kernel vulnerabilities

A flaw was discovered in the Kernel Virtual Machine's KVM emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS crash or potentially gain privileges on the guest OS...

7.8CVSS6.8AI score0.05489EPSS
Exploits4
Ubuntu
Ubuntu
•added 2015/02/26 11:18 a.m.•75 views

USN-2515-1: Linux kernel (Trusty HWE) vulnerabilities

A flaw was discovered in the Kernel Virtual Machine's KVM emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS crash or potentially gain privileges on the guest OS...

7.8CVSS6.8AI score0.05489EPSS
Exploits4
Ubuntu
Ubuntu
•added 2015/02/26 11:5 a.m.•75 views

USN-2512-1: Linux kernel (EC2) vulnerabilities

A race condition was discovered in the Linux kernel's key ring. A local user could cause a denial of service memory corruption or panic or possibly have unspecified impact via the keyctl commands. CVE-2014-9529 A memory leak was discovered in the ISO 9660 CDROM file system when parsing rock ridge...

6.9CVSS6.8AI score0.00465EPSS
Exploits0
Ubuntu
Ubuntu
•added 2014/11/27 3:33 p.m.•75 views

USN-2425-1: DBus vulnerability

It was discovered that DBus incorrectly handled a large number of file descriptor messages. A local attacker could use this issue to cause DBus to stop responding, resulting in a denial of service. CVE-2014-7824...

2.1CVSS7.8AI score0.00594EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/09/02 5:46 p.m.•75 views

USN-2333-1: Linux kernel (EC2) vulnerabilities

A bug was discovered in the handling of pathname components when used with an autofs direct mount. A local user could exploit this flaw to cause a denial of service system crash via an open system call. CVE-2014-0203 Toralf Förster reported an error in the Linux kernels syscall auditing on 32 bit...

7.1CVSS6.6AI score0.05926EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/09/02 5:41 p.m.•75 views

USN-2332-1: Linux kernel vulnerabilities

A bug was discovered in the handling of pathname components when used with an autofs direct mount. A local user could exploit this flaw to cause a denial of service system crash via an open system call. CVE-2014-0203 Toralf Förster reported an error in the Linux kernels syscall auditing on 32 bit...

7.1CVSS6.6AI score0.05926EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/07/23 8:11 p.m.•75 views

USN-2298-1: Oxide vulnerabilities

A type confusion bug was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. CVE-2014-1730 A...

7.8CVSS8.8AI score0.03225EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2014/07/17 12:49 a.m.•75 views

USN-2287-1: Linux kernel (Saucy HWE) vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Michael S. Tsirkin discovered an information leak in the Linux kernel's...

6.9CVSS7AI score0.08103EPSS
Exploits12
Ubuntu
Ubuntu
•added 2014/07/05 5:44 p.m.•75 views

USN-2268-1: Linux kernel vulnerability

Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on x8664 processors. An attacker could exploit this flaw to cause a denial of service System Crash or potential gain administrative privileges...

6.9CVSS6.7AI score0.02324EPSS
Exploits6
Ubuntu
Ubuntu
•added 2014/06/27 8:50 a.m.•77 views

USN-2262-1: Linux kernel (Quantal HWE) vulnerabilities

A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service system crash via crafted BPF instructions. CVE-2014-3144 A remainder calculation error was discovered in the socket filter subsystem of the Lin...

4.9CVSS7.4AI score0.00649EPSS
Exploits2
Ubuntu
Ubuntu
•added 2014/06/12 4:30 p.m.•75 views

USN-2245-1: json-c vulnerabilities

Florian Weimer discovered that json-c incorrectly handled buffer lengths. An attacker could use this issue with a specially-crafted large JSON document to cause json-c to crash, resulting in a denial of service. CVE-2013-6370 Florian Weimer discovered that json-c incorrectly handled hash arrays. ...

5CVSS5.5AI score0.04474EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/05/01 9:3 p.m.•75 views

USN-2191-1: OpenJDK 6 vulnerabilities

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. CVE-2014-0429, CVE-2014-0446, CVE-2014-0451, CVE-2014-0452,...

10CVSS7.5AI score0.0751EPSS
Exploits0
Ubuntu
Ubuntu
•added 2014/04/26 1:39 p.m.•75 views

USN-2175-1: Linux kernel (Quantal HWE) vulnerabilities

A flaw was discovered in the Kernel Virtual Machine KVM subsystem of the Linux kernel. A guest OS user could exploit this flaw to execute arbitrary code on the host OS. CVE-2014-0049 Al Viro discovered an error in how CIFS in the Linux kernel handles uncached write operations. An unprivileged loc...

7.4CVSS6.8AI score0.04517EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/04/26 12:12 p.m.•75 views

USN-2173-1: Linux kernel vulnerabilities

A flaw was discovered in the Linux kernel's handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2014-0101 An error was discovered in the Linux kernel's DCCP protocol support. A remote attacked could exploit this flaw to cause a...

10CVSS7AI score0.10385EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/02/18 9:38 p.m.•75 views

USN-2107-1: Linux kernel vulnerabilities

A flaw was discovered in the Linux kernel's compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. CVE-2013-6383 mpd reported an information leak in the recvfrom,...

6.9CVSS6.8AI score0.0049EPSS
Exploits0
Ubuntu
Ubuntu
•added 2014/01/31 5:25 a.m.•75 views

USN-2096-1: Linux kernel vulnerability

Pageexec reported a bug in the Linux kernel's recvmmsg syscall when called from code using the x32 ABI. An unprivileged local user could exploit this flaw to cause a denial of service system crash or gain administrator privileges...

6.9CVSS7.2AI score0.34649EPSS
Exploits16
Ubuntu
Ubuntu
•added 2013/10/31 12:48 p.m.•75 views

USN-2010-1: Thunderbird vulnerabilities

Multiple memory safety issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the...

10CVSS7.8AI score0.06493EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2013/09/06 10:50 a.m.•75 views

USN-1946-1: Linux kernel (OMAP4) vulnerabilities

A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. CVE-2012-5374 A denial of service flaw was discovered in the Btrfs file system in...

6.9CVSS6.6AI score0.01013EPSS
Exploits7
Ubuntu
Ubuntu
•added 2013/06/14 6:5 a.m.•75 views

USN-1877-1: Linux kernel (EC2) vulnerabilities

Andrew Honig reported a flaw in the way KVM Kernel-based Virtual Machine emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service crash the host. CVE-2013-1798 An information leak was discovered in the Linux kernel's rcvmsg path for ATM...

6.2CVSS6.5AI score0.0135EPSS
Exploits2
Ubuntu
Ubuntu
•added 2013/05/28 12:13 p.m.•75 views

USN-1839-1: Linux kernel (OMAP4) vulnerabilities

An flaw was discovered in the Linux kernel's perfevents interface. A local user could exploit this flaw to escalate privileges on the system. CVE-2013-2094 Andy Lutomirski discover an error in the Linux kernel's credential handling on unix sockets. A local user could exploit this flaw to gain...

8.4CVSS7.7AI score0.47709EPSS
Exploits18
Ubuntu
Ubuntu
•added 2013/05/16 7:38 p.m.•75 views

USN-1829-1: Linux kernel (EC2) vulnerabilities

Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver. A local user could exploit this flaw to examine some of the kernel's heap memory. CVE-2012-6549 Mathias Krause discovered a flaw in xfrmuser in the Linux kernel. A local attacker with NETADMIN...

6.9CVSS6.9AI score0.0082EPSS
Exploits2
Ubuntu
Ubuntu
•added 2013/04/08 10:54 p.m.•75 views

USN-1794-1: Linux kernel (OMAP4) vulnerabilities

Emese Revfy discovered that in the Linux kernel signal handlers could leak address information across an exec, making it possible to by pass ASLR Address Space Layout Randomization. A local user could use this flaw to by pass ASLR to reliably deliver an exploit payload that would otherwise be...

6.2CVSS6.4AI score0.005EPSS
Exploits3
Ubuntu
Ubuntu
•added 2013/02/21 1:55 p.m.•75 views

USN-1732-1: OpenSSL vulnerabilities

Adam Langley and Wolfgang Ettlingers discovered that OpenSSL incorrectly handled certain crafted CBC data when used with AES-NI. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 12.10...

5CVSS6.5AI score0.39593EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/12/10 2:29 p.m.•75 views

USN-1659-1: GIMP vulnerability

It was discovered that GIMP incorrectly handled malformed XWD files. If a user were tricked into opening a specially crafted XWD file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges...

7.5CVSS5.9AI score0.06685EPSS
Exploits1
Ubuntu
Ubuntu
•added 2012/11/30 9:2 a.m.•75 views

USN-1647-1: Linux kernel (OMAP4) vulnerabilities

Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. CVE-2012-0957 Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cau...

6.2CVSS6.7AI score0.00959EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/11/30 5:1 a.m.•75 views

USN-1643-1: Perl vulnerabilities

It was discovered that the decodexs function in the Encode module is vulnerable to a heap-based buffer overflow via a crafted Unicode string. An attacker could use this overflow to cause a denial of service. CVE-2011-2939 It was discovered that the 'new' constructor in the Digest module is...

7.5CVSS8.5AI score0.13526EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/09/14 6:6 p.m.•75 views

USN-1568-1: Linux kernel vulnerabilities

Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO TCP segment offload. A local or peer user could exploit this flaw to to cause a denial of service. CVE-2012-3412 Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS...

7.8CVSS6.6AI score0.06158EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/08/30 12:7 a.m.•75 views

USN-1505-2: IcedTea-Web regression

USN-1505-1 fixed vulnerabilities in OpenJDK 6. As part of the update, IcedTea-Web packages were upgraded to a new version. That upgrade introduced a regression which prevented the IcedTea-Web plugin from working with the Chromium web browser in Ubuntu 11.04 and Ubuntu 11.10. This update fixes the...

8.2AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2012/07/17 10:42 p.m.•75 views

USN-1510-1: Thunderbird vulnerabilities

Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smith, Gary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey discovered memory safety issues affecting Thunderbird. If the user were tricked into opening a specially crafted page, an attacker could possibly explo...

10CVSS8.7AI score0.05488EPSS
Exploits0References2
Ubuntu
Ubuntu
•added 2012/06/18 12:42 p.m.•75 views

USN-1478-1: Libav vulnerabilities

Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly handled certain malformed DV files. If a user were tricked into opening a crafted DV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user...

6.8CVSS8.8AI score0.04686EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/05/25 7:34 p.m.•75 views

USN-1453-1: Linux kernel (EC2) vulnerabilities

A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. CVE-2011-4086 A flaw was found in the Linux kernel's KVM Kernel Virtual Machine virtual cpu setup. An unprivileged local user coul...

7.2CVSS6.6AI score0.00418EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/03/16 8:55 p.m.•75 views

USN-1400-1: Firefox vulnerabilities

Soroush Dalili discovered that Firefox did not adequately protect against dropping JavaScript links onto a frame. A remote attacker could, through cross-site scripting XSS, exploit this to modify the contents or steal confidential data. CVE-2012-0455 Atte Kettunen discovered a use-after-free...

9.3CVSS8.5AI score0.0663EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2012/02/13 1:53 p.m.•75 views

USN-1359-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly performed certain caching and recycling operations. A remote attacker could use this flaw to obtain read access to IP address and HTTP header information in certain cases. This issue only applied to Ubuntu 11.10. CVE-2011-3375 It was discovered that Tomca...

5CVSS5.8AI score0.80318EPSS
Exploits8
Total number of security vulnerabilities5000