Lucene search
K
UbuntuMost viewed

10890 matches found

Ubuntu
Ubuntu
•added 2022/12/05 8:43 a.m.•74 views

USN-5759-1: LibBPF vulnerabilities

It was discovered that LibBPF incorrectly handled certain memory operations under certain circumstances. An attacker could possibly use this issue to cause LibBPF to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.10. CVE-2021-45940,...

8CVSS7AI score0.01132EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/10/26 5:28 p.m.•74 views

USN-5702-1: curl vulnerabilities

Robby Simpson discovered that curl incorrectly handled certain POST operations after PUT operations. This issue could cause applications using curl to send the wrong data, perform incorrect memory operations, or crash. CVE-2022-32221 Hiroki Kurosawa discovered that curl incorrectly handled parsin...

9.8CVSS7.6AI score0.04325EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/10/10 9:53 p.m.•74 views

USN-5668-1: Linux kernel vulnerabilities

It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information kernel memory. CVE-2021-4159 It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2...

7.8CVSS7.2AI score0.00419EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/06/22 2:3 p.m.•74 views

USN-5491-1: Squid vulnerability

Joshua Rogers discovered that Squid incorrectly handled the Gopher protocol. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service...

6.5CVSS6.7AI score0.0362EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/17 11:35 a.m.•74 views

USN-5423-1: ClamAV vulnerabilities

Michał Dardas discovered that ClamAV incorrectly handled parsing CHM files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. CVE-2022-20770 Michał Dardas discovered that ClamAV incorrectly handled parsing TIFF files. A remote...

8.6CVSS7.2AI score0.0663EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/12/01 4:49 p.m.•74 views

USN-5168-1: NSS vulnerability

Tavis Ormandy discovered that NSS incorrectly handled verifying DSA/RSA-PSS signatures. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.7AI score0.17563EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/03/15 9:4 p.m.•74 views

USN-4786-1: Moment.js vulnerabilities

It was discovered that Moment.js mishandled certain regular expressions. An attacker could use this vulnerability to cause a denial of service...

7.8CVSS6.3AI score0.09905EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/30 4:24 p.m.•74 views

USN-4652-1: SniffIt vulnerability

It was discovered that SniffIt incorrectly handled certain configuration files. An attacker could possibly use this issue to execute arbitrary code...

9.3CVSS7.7AI score0.02548EPSS
Exploits2
Ubuntu
Ubuntu
•added 2020/11/17 1:10 p.m.•74 views

USN-4634-1: OpenLDAP vulnerabilities

It was discovered that OpenLDAP incorrectly handled certain malformed inputs. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service...

7.5CVSS7.4AI score0.02858EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/10/28 4:23 p.m.•74 views

USN-4552-3: Pam-python regression

USN-4552-1 and USN-4552-2 fixed a vulnerability in Pam-python. The update introduced a regression which prevented PAM modules written in Python from importing python modules from site-specific directories. We apologize for the inconvenience. Original advisory details: Malte Kraus discovered that...

7.8CVSS7.3AI score0.00356EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/09/30 1:18 p.m.•74 views

USN-4558-1: libapreq2 vulnerabilities

It was discovered that libapreq2 did not properly sanitize the Content-Type field in certain, crafted HTTP requests. An attacker could use this vulnerability to cause libapreq2 to crash...

7.5CVSS6.8AI score0.03941EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/09/22 4:0 p.m.•74 views

USN-4530-1: Debian-LAN vulnerabilities

Wolfgang Schweer discovered that Debian-LAN did not properly handle ACLs for the Kerberos admin server. A local attacker could possibly use this issue to change the passwords of other users, leading to root privilege escalation. CVE-2019-3467...

7.8CVSS7.3AI score0.00503EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/09/17 10:8 p.m.•74 views

USN-4519-1: PulseAudio vulnerability

Ratchanan Srirattanamet discovered that an Ubuntu-specific patch caused PulseAudio to incorrectly handle memory under certain error conditions in the Bluez 5 module. An attacker could use this issue to cause PulseAudio to crash, resulting in a denial of service, or possibly execute arbitrary code...

6.1CVSS6.7AI score0.00294EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/07/01 11:44 p.m.•74 views

USN-4407-1: LibVNCServer vulnerabilities

It was discovered that LibVNCServer incorrectly handled decompressing data. An attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service. CVE-2019-15680 It was discovered that an information disclosure vulnerability existed in LibVNCServer when sendin...

9.8CVSS7.5AI score0.03345EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/05/13 12:9 p.m.•74 views

USN-4357-1: IPRoute vulnerability

It was discovered that IPRoute incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code...

4.4CVSS6.6AI score0.00403EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/04/14 7:26 p.m.•74 views

USN-4329-1: Git vulnerability

Felix Wilhelm discovered that Git incorrectly handled certain URLs that included newlines. A remote attacker could possibly use this issue to trick Git into returning credential information for a wrong host...

9.3CVSS7.4AI score0.10047EPSS
Exploits2
Ubuntu
Ubuntu
•added 2020/02/06 6:44 p.m.•74 views

USN-4273-1: ReportLab vulnerability

It was discovered that ReportLab incorrectly handled certain XML documents. If a user or automated system were tricked into processing a specially crafted document, a remote attacker could possibly use this issue to execute arbitrary code...

9.8CVSS8.4AI score0.10231EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/10/31 4:33 p.m.•74 views

USN-4172-2: file vulnerability

USN-4172-1 fixed a vulnerability in file. This update provides the corresponding update for Ubuntu 12.04 ESM Ubuntu 14.04 ESM. Original advisory details: It was discovered that file incorrectly handled certain malformed files. An attacker could use this issue to cause a denial of service, or...

7.8CVSS8.2AI score0.0185EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/09/25 12:5 p.m.•74 views

USN-4139-1: File Roller vulnerability

It was discovered that File Roller incorrectly handled certain TAR files. An attacker could possibly use this issue to overwrite sensitive files during extraction...

4.3CVSS5.6AI score0.02132EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/06/13 6:0 p.m.•74 views

USN-3684-2: Perl vulnerability

USN-3684-1 fixed a vulnerability in perl. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Perl incorrectly handled certain archive files. An attacker could possibly use this to overwrite arbitrary files...

7.5CVSS6.7AI score0.07638EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/05/25 8:41 p.m.•74 views

USN-3660-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service via application crash, install lightweight themes without user interaction, or...

9.8CVSS7.8AI score0.21288EPSS
Exploits4
Ubuntu
Ubuntu
•added 2018/03/23 5:24 p.m.•74 views

USN-3595-2: Samba vulnerability

USN-3595-1 fix a vulnerability in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Samba incorrectly validated inputs to the RPC spoolss service. An authenticated attacker could use this issue to cause the service to cras...

4.3CVSS7AI score0.06691EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/02/09 12:22 p.m.•74 views

USN-3564-1: PostgreSQL vulnerability

It was discovered that PostgreSQL incorrectly handled certain temp files. An attacker could possibly use this to access sensitive information...

7CVSS6.4AI score0.00491EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/01/30 9:5 p.m.•74 views

USN-3551-1: WebKitGTK+ vulnerabilities

Multiple security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the user interface, or execute arbitrary code. CVE-2018-4088,...

8.8CVSS7.1AI score0.02689EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/01/10 2:53 p.m.•74 views

USN-3522-4: Linux kernel (Xenial HWE) regression

USN-3522-2 fixed a vulnerability in the Linux Hardware Enablement kernel for Ubuntu 14.04 LTS to address Meltdown CVE-2017-5754. Unfortunately, that update introduced a regression where a few systems failed to boot successfully. This update fixes the problem. We apologize for the inconvenience...

7.1AI score0.84172EPSS
Exploits3References2
Ubuntu
Ubuntu
•added 2018/01/10 2:51 p.m.•74 views

USN-3522-3: Linux kernel regression

USN-3522-1 fixed a vulnerability in the Linux kernel to address Meltdown CVE-2017-5754. Unfortunately, that update introduced a regression where a few systems failed to boot successfully. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jann Horn...

7.1AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2017/12/08 12:14 a.m.•74 views

USN-3510-1: Linux kernel vulnerabilities

Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem XFRM in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-16939 It was discovered that the Linux kernel did not...

7.8CVSS6.6AI score0.02841EPSS
Exploits12
Ubuntu
Ubuntu
•added 2017/11/22 6:27 p.m.•74 views

USN-3492-1: LibRaw vulnerabilities

It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.2AI score0.05454EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/10/30 2:25 p.m.•74 views

USN-3459-2: MySQL vulnerabilities

USN-3459-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to...

6.5CVSS6.9AI score0.03264EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/10/11 12:1 p.m.•74 views

USN-3451-1: OpenStack Swift vulnerabilities

It was discovered that OpenStack Swift incorrectly handled tempurls. A remote authenticated user in possession of a tempurl key authorized for PUT could retrieve other objects in the same Swift account. CVE-2015-5223 Romain Le Disez and Örjan Persson discovered that OpenStack Swift incorrectly...

7.5CVSS7.2AI score0.0382EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/08/28 9:24 p.m.•74 views

USN-3406-1: Linux kernel vulnerabilities

It was discovered that an out of bounds read vulnerability existed in the associative array implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash or expose sensitive information. CVE-2016-7914 It was discovered that a NULL pointer dereferenc...

7.8CVSS6.4AI score0.02041EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/08/11 6:19 a.m.•74 views

USN-3388-1: Subversion vulnerabilities

Joern Schneeweisz discovered that Subversion did not properly handle host names in 'svn+ssh://' URLs. A remote attacker could use this to construct a subversion repository that when accessed could run arbitrary code with the privileges of the user. CVE-2017-9800 Daniel Shahaf and James McCoy...

9.8CVSS7.3AI score0.18892EPSS
Exploits3
Ubuntu
Ubuntu
•added 2017/07/24 10:30 p.m.•74 views

USN-3364-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information kernel memory. CVE-2014-9900 It was discovered that the Linux kernel did not properly restrict access to /proc/iomem. A local attacker...

5.5CVSS6.3AI score0.01261EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/06/29 7:21 a.m.•74 views

USN-3344-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3344-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. USN 3334-1 fixed a vulnerability in the Linux kernel. However, that fix introduced...

7.8CVSS6.8AI score0.01372EPSS
Exploits7References2
Ubuntu
Ubuntu
•added 2017/02/17 5:34 p.m.•74 views

USN-3199-2: Python Crypto regression

USN-3199-1 fixed a vulnerability in the Python Cryptography Toolkit. Unfortunately, various programs depended on the original behavior of the Python Cryptography Toolkit which was altered when fixing the vulnerability. This update retains the fix for the vulnerability but issues a warning rather...

9.8CVSS9.1AI score0.09501EPSS
Exploits1
Ubuntu
Ubuntu
•added 2017/02/09 5:50 p.m.•74 views

USN-3187-2: Linux kernel (OMAP4) vulnerabilities

Andrey Konovalov discovered that the SCTP implementation in the Linux kernel improperly handled validation of incoming data. A remote attacker could use this to cause a denial of service system crash. CVE-2016-9555 It was discovered that multiple memory leaks existed in the XFS implementation in...

10CVSS6.4AI score0.09144EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/02/03 7:40 a.m.•74 views

USN-3188-1: Linux kernel vulnerability

Andrey Konovalov discovered that the SCTP implementation in the Linux kernel improperly handled validation of incoming data. A remote attacker could use this to cause a denial of service system crash...

10CVSS6.5AI score0.09144EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/12/05 11:58 p.m.•74 views

USN-3151-4: Linux kernel (Raspberry Pi 2) vulnerability

Philip Pettersson discovered a race condition in the afpacket implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service system crash or run arbitrary code with administrative privileges...

7.8CVSS7.5AI score0.11127EPSS
Exploits16
Ubuntu
Ubuntu
•added 2016/12/05 11:38 a.m.•74 views

USN-3149-2: Linux kernel (Trusty HWE) vulnerability

USN-3149-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Philip Pettersson discovered a race condition in the afpacket implementation in the...

7.8CVSS7.5AI score0.11127EPSS
Exploits16
Ubuntu
Ubuntu
•added 2016/10/21 6:32 a.m.•74 views

USN-3108-1: Bind vulnerability

Toshifumi Sakaguchi discovered that Bind incorrectly handled certain packets with malformed options. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service...

7.5CVSS7.4AI score0.25772EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/08/30 4:22 p.m.•74 views

USN-3070-2: Linux kernel (Raspberry Pi 2) vulnerabilities

A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to any file by setting an ACL. CVE-2016-1237 Kangjie Lu discovered an information leak in the Reliable Datagram Sockets RDS implementation in the Linux kernel. A local attacke...

7.8CVSS7.5AI score0.15073EPSS
Exploits3
Ubuntu
Ubuntu
•added 2016/08/12 5:33 p.m.•74 views

USN-3047-2: QEMU regression

USN-3047-1 fixed vulnerabilities in QEMU. The patch to fix CVE-2016-5403 caused a regression which resulted in save/restore failures when virtio memory balloon statistics are enabled. This update temporarily reverts the security fix for CVE-2016-5403 pending further investigation. We apologize fo...

7.3AI score0.00701EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2016/08/04 6:23 p.m.•74 views

USN-3047-1: QEMU vulnerabilities

Li Qiang discovered that QEMU incorrectly handled 53C9X Fast SCSI controller emulation. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is...

7.8CVSS7AI score0.00701EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/06/27 8:49 p.m.•74 views

USN-3017-3: Linux kernel (Wily HWE) vulnerabilities

USN-3017-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 15.10 for Ubuntu 14.04 LTS. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correct...

7.8CVSS7.2AI score0.05676EPSS
Exploits15
Ubuntu
Ubuntu
•added 2016/06/27 7:53 p.m.•74 views

USN-3016-2: Linux kernel (Raspberry Pi 2) vulnerabilities

Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPTSOSETREPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service system crash or execute...

7.8CVSS7.1AI score0.05676EPSS
Exploits15
Ubuntu
Ubuntu
•added 2016/06/10 5:36 a.m.•74 views

USN-3000-1: Linux kernel (Utopic HWE) vulnerabilities

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-2117 Jann Horn discovered that eCryptfs improperly attempted to use...

10CVSS6.8AI score0.2593EPSS
Exploits24
Ubuntu
Ubuntu
•added 2016/06/09 3:13 p.m.•74 views

USN-2993-1: Firefox vulnerabilities

Christian Holler, Gary Kwong, Jesse Ruderman, Tyson Smith, Timothy Nikkel, Sylvestre Ledru, Julian Seward, Olli Pettay, Karl Tomlinson, Christoph Diehl, Julian Hector, Jan de Mooij, Mats Palmgren, and Tooru Fujisawa discovered multiple memory safety issues in Firefox. If a user were tricked in to...

9.3CVSS7.7AI score0.24039EPSS
Exploits7
Ubuntu
Ubuntu
•added 2016/06/02 5:3 p.m.•74 views

USN-2991-1: nginx vulnerability

It was discovered that nginx incorrectly handled saving client request bodies to temporary files. A remote attacker could possibly use this issue to cause nginx to crash, resulting in a denial of service...

7.5CVSS7.5AI score0.16376EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/05/16 7:6 p.m.•74 views

USN-2979-4: Linux kernel (Qualcomm Snapdragon) vulnerability

Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

7.8CVSS7.3AI score0.00397EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/04/25 12:20 p.m.•74 views

USN-2954-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.7.12 in Ubuntu 16.04 LTS. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes...

10CVSS7AI score0.10144EPSS
Exploits0
Total number of security vulnerabilities5000