Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2015/07/23 11:18 p.m.•75 views

USN-2679-1: Linux kernel (OMAP4) vulnerabilities

A flaw was discovered in the user space memory copying for the pipe iovecs in the Linux kernel. An unprivileged local user could exploit this flaw to cause a denial of service system crash or potentially escalate their privileges. CVE-2015-1805 Daniel Borkmann reported a kernel crash in the Linux...

7.2CVSS7AI score0.01407EPSS
Exploits3
Ubuntu
Ubuntu
•added 2015/06/10 2:30 p.m.•75 views

USN-2630-1: QEMU vulnerabilities

Matt Tait discovered that QEMU incorrectly handled the virtual PCNET driver. A malicious guest could use this issue to cause a denial of service, or possibly execute arbitrary code on the host as the user running the QEMU process. In the default installation, when QEMU is used with libvirt,...

7.8CVSS8.2AI score0.09668EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/04/30 1:27 p.m.•75 views

USN-2591-1: curl vulnerabilities

Paras Sethia discovered that curl could incorrectly re-use NTLM HTTP credentials when subsequently connecting to the same host over HTTP. CVE-2015-3143 Hanno Böck discovered that curl incorrectly handled zero-length host names. If a user or automated system were tricked into using a specially...

9CVSS8AI score0.3763EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/03/06 7:9 p.m.•75 views

USN-2522-2: ICU regression

USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font patches caused a regression when using LibreOffice Calc. The patches have been temporarily backed out until the regression is investigated. We apologize for the inconvenience. Original advisory details: It was discovered that...

7.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2015/02/26 11:22 a.m.•75 views

USN-2516-1: Linux kernel vulnerabilities

A flaw was discovered in the Kernel Virtual Machine's KVM emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS crash or potentially gain privileges on the guest OS...

7.8CVSS6.8AI score0.05489EPSS
Exploits4
Ubuntu
Ubuntu
•added 2015/02/26 11:5 a.m.•75 views

USN-2512-1: Linux kernel (EC2) vulnerabilities

A race condition was discovered in the Linux kernel's key ring. A local user could cause a denial of service memory corruption or panic or possibly have unspecified impact via the keyctl commands. CVE-2014-9529 A memory leak was discovered in the ISO 9660 CDROM file system when parsing rock ridge...

6.9CVSS6.8AI score0.00465EPSS
Exploits0
Ubuntu
Ubuntu
•added 2014/11/27 3:33 p.m.•75 views

USN-2425-1: DBus vulnerability

It was discovered that DBus incorrectly handled a large number of file descriptor messages. A local attacker could use this issue to cause DBus to stop responding, resulting in a denial of service. CVE-2014-7824...

2.1CVSS7.8AI score0.00594EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/10/15 7:50 p.m.•75 views

USN-2384-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. MySQL has been updated to 5.5.40. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the...

7.5CVSS7.3AI score0.14784EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/09/02 5:46 p.m.•75 views

USN-2333-1: Linux kernel (EC2) vulnerabilities

A bug was discovered in the handling of pathname components when used with an autofs direct mount. A local user could exploit this flaw to cause a denial of service system crash via an open system call. CVE-2014-0203 Toralf Förster reported an error in the Linux kernels syscall auditing on 32 bit...

7.1CVSS6.6AI score0.05926EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/07/23 8:11 p.m.•75 views

USN-2298-1: Oxide vulnerabilities

A type confusion bug was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. CVE-2014-1730 A...

7.8CVSS8.8AI score0.03225EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2014/07/05 5:44 p.m.•75 views

USN-2268-1: Linux kernel vulnerability

Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on x8664 processors. An attacker could exploit this flaw to cause a denial of service System Crash or potential gain administrative privileges...

6.9CVSS6.7AI score0.02324EPSS
Exploits6
Ubuntu
Ubuntu
•added 2014/06/27 8:50 a.m.•77 views

USN-2262-1: Linux kernel (Quantal HWE) vulnerabilities

A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service system crash via crafted BPF instructions. CVE-2014-3144 A remainder calculation error was discovered in the socket filter subsystem of the Lin...

4.9CVSS7.4AI score0.00649EPSS
Exploits2
Ubuntu
Ubuntu
•added 2014/06/12 4:30 p.m.•75 views

USN-2245-1: json-c vulnerabilities

Florian Weimer discovered that json-c incorrectly handled buffer lengths. An attacker could use this issue with a specially-crafted large JSON document to cause json-c to crash, resulting in a denial of service. CVE-2013-6370 Florian Weimer discovered that json-c incorrectly handled hash arrays. ...

5CVSS5.5AI score0.04511EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/05/01 9:3 p.m.•75 views

USN-2191-1: OpenJDK 6 vulnerabilities

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. CVE-2014-0429, CVE-2014-0446, CVE-2014-0451, CVE-2014-0452,...

10CVSS7.5AI score0.07571EPSS
Exploits0
Ubuntu
Ubuntu
•added 2014/04/26 1:39 p.m.•75 views

USN-2175-1: Linux kernel (Quantal HWE) vulnerabilities

A flaw was discovered in the Kernel Virtual Machine KVM subsystem of the Linux kernel. A guest OS user could exploit this flaw to execute arbitrary code on the host OS. CVE-2014-0049 Al Viro discovered an error in how CIFS in the Linux kernel handles uncached write operations. An unprivileged loc...

7.4CVSS6.8AI score0.04517EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/04/26 12:12 p.m.•75 views

USN-2173-1: Linux kernel vulnerabilities

A flaw was discovered in the Linux kernel's handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2014-0101 An error was discovered in the Linux kernel's DCCP protocol support. A remote attacked could exploit this flaw to cause a...

10CVSS7AI score0.10385EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/02/18 9:38 p.m.•75 views

USN-2107-1: Linux kernel vulnerabilities

A flaw was discovered in the Linux kernel's compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. CVE-2013-6383 mpd reported an information leak in the recvfrom,...

6.9CVSS6.8AI score0.0049EPSS
Exploits0
Ubuntu
Ubuntu
•added 2013/10/31 12:48 p.m.•75 views

USN-2010-1: Thunderbird vulnerabilities

Multiple memory safety issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the...

10CVSS7.8AI score0.06493EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2013/05/28 12:13 p.m.•75 views

USN-1839-1: Linux kernel (OMAP4) vulnerabilities

An flaw was discovered in the Linux kernel's perfevents interface. A local user could exploit this flaw to escalate privileges on the system. CVE-2013-2094 Andy Lutomirski discover an error in the Linux kernel's credential handling on unix sockets. A local user could exploit this flaw to gain...

8.4CVSS7.7AI score0.47709EPSS
Exploits18
Ubuntu
Ubuntu
•added 2013/05/16 7:38 p.m.•75 views

USN-1829-1: Linux kernel (EC2) vulnerabilities

Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver. A local user could exploit this flaw to examine some of the kernel's heap memory. CVE-2012-6549 Mathias Krause discovered a flaw in xfrmuser in the Linux kernel. A local attacker with NETADMIN...

6.9CVSS6.9AI score0.0082EPSS
Exploits2
Ubuntu
Ubuntu
•added 2013/04/08 10:54 p.m.•75 views

USN-1794-1: Linux kernel (OMAP4) vulnerabilities

Emese Revfy discovered that in the Linux kernel signal handlers could leak address information across an exec, making it possible to by pass ASLR Address Space Layout Randomization. A local user could use this flaw to by pass ASLR to reliably deliver an exploit payload that would otherwise be...

6.2CVSS6.4AI score0.005EPSS
Exploits3
Ubuntu
Ubuntu
•added 2013/03/26 2:49 p.m.•75 views

USN-1781-1: Linux kernel (OMAP4) vulnerabilities

Andrew Jones discovered a flaw with the xeniret function in Linux kernel's Xen virtualizeation. In the 32-bit Xen paravirt platform an unprivileged guest OS user could exploit this flaw to cause a denial of service crash the system or gain guest OS privilege. CVE-2013-0228 A flaw was reported in...

6.5CVSS7AI score0.01557EPSS
Exploits4
Ubuntu
Ubuntu
•added 2013/02/21 1:55 p.m.•75 views

USN-1732-1: OpenSSL vulnerabilities

Adam Langley and Wolfgang Ettlingers discovered that OpenSSL incorrectly handled certain crafted CBC data when used with AES-NI. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 12.10...

5CVSS6.5AI score0.39593EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/12/10 2:29 p.m.•75 views

USN-1659-1: GIMP vulnerability

It was discovered that GIMP incorrectly handled malformed XWD files. If a user were tricked into opening a specially crafted XWD file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges...

7.5CVSS5.9AI score0.06685EPSS
Exploits1
Ubuntu
Ubuntu
•added 2012/11/30 9:2 a.m.•75 views

USN-1647-1: Linux kernel (OMAP4) vulnerabilities

Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. CVE-2012-0957 Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cau...

6.2CVSS6.7AI score0.00959EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/11/30 5:1 a.m.•75 views

USN-1643-1: Perl vulnerabilities

It was discovered that the decodexs function in the Encode module is vulnerable to a heap-based buffer overflow via a crafted Unicode string. An attacker could use this overflow to cause a denial of service. CVE-2011-2939 It was discovered that the 'new' constructor in the Digest module is...

7.5CVSS8.5AI score0.13526EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/09/14 6:6 p.m.•75 views

USN-1568-1: Linux kernel vulnerabilities

Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO TCP segment offload. A local or peer user could exploit this flaw to to cause a denial of service. CVE-2012-3412 Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS...

7.8CVSS6.6AI score0.06158EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/07/17 10:42 p.m.•75 views

USN-1510-1: Thunderbird vulnerabilities

Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smith, Gary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey discovered memory safety issues affecting Thunderbird. If the user were tricked into opening a specially crafted page, an attacker could possibly explo...

10CVSS8.7AI score0.05488EPSS
Exploits0References2
Ubuntu
Ubuntu
•added 2012/06/18 12:42 p.m.•75 views

USN-1478-1: Libav vulnerabilities

Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly handled certain malformed DV files. If a user were tricked into opening a crafted DV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user...

6.8CVSS8.8AI score0.04686EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/05/25 7:34 p.m.•75 views

USN-1453-1: Linux kernel (EC2) vulnerabilities

A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. CVE-2011-4086 A flaw was found in the Linux kernel's KVM Kernel Virtual Machine virtual cpu setup. An unprivileged local user coul...

7.2CVSS6.6AI score0.00418EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/03/16 8:55 p.m.•75 views

USN-1400-1: Firefox vulnerabilities

Soroush Dalili discovered that Firefox did not adequately protect against dropping JavaScript links onto a frame. A remote attacker could, through cross-site scripting XSS, exploit this to modify the contents or steal confidential data. CVE-2012-0455 Atte Kettunen discovered a use-after-free...

9.3CVSS8.5AI score0.0663EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2012/03/06 6:25 p.m.•75 views

USN-1387-1: Linux kernel (Maverick backport) vulnerabilities

Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's handling of IPv4 icmp packets. A remote user could exploit this to cause a denial of service. CVE-2011-1927 A flaw was found in the Linux Ethernet bridge's handling of IGMP Internet Group Management Protocol packets. An...

7.8CVSS6.8AI score0.02591EPSS
Exploits8
Ubuntu
Ubuntu
•added 2012/02/13 1:53 p.m.•75 views

USN-1359-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly performed certain caching and recycling operations. A remote attacker could use this flaw to obtain read access to IP address and HTTP header information in certain cases. This issue only applied to Ubuntu 11.10. CVE-2011-3375 It was discovered that Tomca...

5CVSS5.8AI score0.80318EPSS
Exploits8
Ubuntu
Ubuntu
•added 2012/01/24 5:38 p.m.•75 views

USN-1345-1: Linux kernel vulnerabilities

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel...

2.1CVSS7.4AI score0.00489EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/01/09 1:53 p.m.•75 views

USN-1319-1: Linux kernel (OMAP4) vulnerabilities

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel...

2.1CVSS7.4AI score0.00489EPSS
Exploits3
Ubuntu
Ubuntu
•added 2011/12/08 11:24 a.m.•75 views

USN-1292-1: Linux kernel (Maverick backport) vulnerabilities

A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. CVE-2011-4077 Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions...

7.2CVSS6.2AI score0.03212EPSS
Exploits6
Ubuntu
Ubuntu
•added 2011/11/21 8:50 p.m.•75 views

USN-1275-1: Linux kernel vulnerability

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit...

5.5CVSS5.6AI score0.00429EPSS
Exploits0
Ubuntu
Ubuntu
•added 2011/11/11 2:8 a.m.•75 views

USN-1259-1: Apache vulnerabilities

It was discovered that the modproxy module in Apache did not properly interact with the RewriteRule and ProxyPassMatch pattern matches in the configuration of a reverse proxy. This could allow remote attackers to contact internal webservers behind the proxy that were not intended for external...

5CVSS7.3AI score0.90734EPSS
Exploits14
Ubuntu
Ubuntu
•added 2011/08/19 7:39 a.m.•75 views

USN-1184-1: Firefox and Xulrunner vulnerabilities

Gary Kwong, Igor Bukanov, and Bob Clary discovered multiple memory vulnerabilities in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Firefox. CVE-2011-2982 It was discovered that a vulnerability in event...

10CVSS8.7AI score0.05556EPSS
Exploits1
Ubuntu
Ubuntu
•added 2011/08/17 6:13 p.m.•75 views

USN-1192-2: Mozvoikko update

USN-1192-1 fixed vulnerabilities in Firefox. This update provides an updated Mozvoikko for use with Firefox 6. Original advisory details: Aral Yaman discovered a vulnerability in the WebGL engine. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privilege...

9AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2011/04/18 2:59 p.m.•75 views

USN-1113-1: Postfix vulnerabilities

It was discovered that the Postfix package incorrectly granted write access on the PID directory to the postfix user. A local attacker could use this flaw to possibly conduct a symlink attack and overwrite arbitrary files. This issue only affected Ubuntu 6.06 LTS and 8.04 LTS. CVE-2009-2939 Wiets...

6.9CVSS8.4AI score0.16334EPSS
Exploits3
Ubuntu
Ubuntu
•added 2011/04/11 7:19 p.m.•75 views

USN-1108-1: DHCP vulnerability

Sebastian Krahmer discovered that the dhclient utility incorrectly filtered crafted responses. An attacker could use this flaw with a malicious DHCP server to execute arbitrary code, resulting in root privilege escalation...

7.5CVSS6.8AI score0.84292EPSS
Exploits6
Ubuntu
Ubuntu
•added 2011/02/11 1:27 a.m.•75 views

USN-1061-1: iTALC vulnerability

Stéphane Graber discovered that the iTALC private keys shipped with the Edubuntu Live DVD were not correctly regenerated once Edubuntu was installed. If an iTALC client was installed with the vulnerable keys, a remote attacker could gain control of the system. Only systems using keys from the...

9.3CVSS5.3AI score0.0293EPSS
Exploits0
Ubuntu
Ubuntu
•added 2011/01/13 4:24 a.m.•75 views

USN-1042-2: PHP5 regression

USN-1042-1 fixed vulnerabilities in PHP5. The fix for CVE-2010-3436 introduced a regression in the openbasedir restriction handling code. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that attackers might be able to bypass...

7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2010/07/21 5:59 a.m.•75 views

USN-940-2: Kerberos vulnerability

USN-940-1 fixed vulnerabilities in Kerberos. This update provides the corresponding updates for Ubuntu 10.04. Original advisory details: Joel Johnson, Brian Almeida, and Shawn Emery discovered that Kerberos did not correctly verify certain packet structures. An unauthenticated remote attacker cou...

6.8CVSS6.4AI score0.06884EPSS
Exploits2
Ubuntu
Ubuntu
•added 2009/08/19 10:43 p.m.•75 views

USN-809-1: GnuTLS vulnerabilities

Moxie Marlinspike and Dan Kaminsky independently discovered that GnuTLS did not properly handle certificates with NULL characters in the certificate name. An attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...

7.5CVSS6.5AI score0.04506EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2009/07/06 5:51 p.m.•75 views

USN-797-1: tiff vulnerability

It was discovered that the TIFF library did not correctly handle certain malformed TIFF images. If a user or automated system were tricked into processing a malicious image, a remote attacker could cause an application linked against libtiff to crash, leading to a denial of service...

4.3CVSS8.2AI score0.07996EPSS
Exploits1
Ubuntu
Ubuntu
•added 2009/06/12 9:40 p.m.•75 views

USN-779-1: Firefox and Xulrunner vulnerabilities

Several flaws were discovered in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2009-1392,...

9.3CVSS8.6AI score0.09282EPSS
Exploits9
Ubuntu
Ubuntu
•added 2009/06/03 2:15 p.m.•75 views

USN-781-1: Pidgin vulnerabilities

It was discovered that Pidgin did not properly handle certain malformed messages when sending a file using the XMPP protocol handler. If a user were tricked into sending a file, a remote attacker could send a specially crafted response and cause Pidgin to crash, or possibly execute arbitrary code...

9.3CVSS6AI score0.13294EPSS
Exploits1
Ubuntu
Ubuntu
•added 2009/04/20 9:37 p.m.•75 views

USN-762-1: APT vulnerabilities

Alexandre Martani discovered that the APT daily cron script did not check the return code of the date command. If a machine is configured for automatic updates and is in a time zone where DST occurs at midnight, under certain circumstances automatic updates might not be applied and could become...

10CVSS5.4AI score0.01856EPSS
Exploits0References1
Total number of security vulnerabilities5000