Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2016/12/05 11:58 p.m.•74 views

USN-3151-4: Linux kernel (Raspberry Pi 2) vulnerability

Philip Pettersson discovered a race condition in the afpacket implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service system crash or run arbitrary code with administrative privileges...

7.8CVSS7.5AI score0.11127EPSS
Exploits16
Ubuntu
Ubuntu
•added 2016/12/05 11:38 a.m.•74 views

USN-3149-2: Linux kernel (Trusty HWE) vulnerability

USN-3149-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Philip Pettersson discovered a race condition in the afpacket implementation in the...

7.8CVSS7.5AI score0.11127EPSS
Exploits16
Ubuntu
Ubuntu
•added 2016/10/21 6:32 a.m.•74 views

USN-3108-1: Bind vulnerability

Toshifumi Sakaguchi discovered that Bind incorrectly handled certain packets with malformed options. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service...

7.5CVSS7.4AI score0.25772EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/08/30 4:22 p.m.•74 views

USN-3070-2: Linux kernel (Raspberry Pi 2) vulnerabilities

A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to any file by setting an ACL. CVE-2016-1237 Kangjie Lu discovered an information leak in the Reliable Datagram Sockets RDS implementation in the Linux kernel. A local attacke...

7.8CVSS7.5AI score0.15073EPSS
Exploits3
Ubuntu
Ubuntu
•added 2016/08/12 5:33 p.m.•74 views

USN-3047-2: QEMU regression

USN-3047-1 fixed vulnerabilities in QEMU. The patch to fix CVE-2016-5403 caused a regression which resulted in save/restore failures when virtio memory balloon statistics are enabled. This update temporarily reverts the security fix for CVE-2016-5403 pending further investigation. We apologize fo...

7.3AI score0.00701EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2016/08/04 6:23 p.m.•74 views

USN-3047-1: QEMU vulnerabilities

Li Qiang discovered that QEMU incorrectly handled 53C9X Fast SCSI controller emulation. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is...

7.8CVSS7AI score0.00701EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/06/27 8:49 p.m.•74 views

USN-3017-3: Linux kernel (Wily HWE) vulnerabilities

USN-3017-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 15.10 for Ubuntu 14.04 LTS. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correct...

7.8CVSS7.2AI score0.05676EPSS
Exploits15
Ubuntu
Ubuntu
•added 2016/06/27 7:53 p.m.•74 views

USN-3016-2: Linux kernel (Raspberry Pi 2) vulnerabilities

Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPTSOSETREPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service system crash or execute...

7.8CVSS7.1AI score0.05676EPSS
Exploits15
Ubuntu
Ubuntu
•added 2016/06/10 5:36 a.m.•74 views

USN-3000-1: Linux kernel (Utopic HWE) vulnerabilities

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-2117 Jann Horn discovered that eCryptfs improperly attempted to use...

10CVSS6.8AI score0.2593EPSS
Exploits24
Ubuntu
Ubuntu
•added 2016/06/09 3:13 p.m.•74 views

USN-2993-1: Firefox vulnerabilities

Christian Holler, Gary Kwong, Jesse Ruderman, Tyson Smith, Timothy Nikkel, Sylvestre Ledru, Julian Seward, Olli Pettay, Karl Tomlinson, Christoph Diehl, Julian Hector, Jan de Mooij, Mats Palmgren, and Tooru Fujisawa discovered multiple memory safety issues in Firefox. If a user were tricked in to...

9.3CVSS7.7AI score0.24039EPSS
Exploits7
Ubuntu
Ubuntu
•added 2016/06/02 5:3 p.m.•74 views

USN-2991-1: nginx vulnerability

It was discovered that nginx incorrectly handled saving client request bodies to temporary files. A remote attacker could possibly use this issue to cause nginx to crash, resulting in a denial of service...

7.5CVSS7.5AI score0.16376EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/05/16 7:6 p.m.•74 views

USN-2979-4: Linux kernel (Qualcomm Snapdragon) vulnerability

Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

7.8CVSS7.3AI score0.00397EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/04/25 12:20 p.m.•74 views

USN-2954-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.7.12 in Ubuntu 16.04 LTS. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes...

10CVSS7AI score0.10144EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/03/14 3:43 p.m.•74 views

USN-2928-2: Linux kernel (OMAP4) vulnerability

Andrey Konovalov discovered that the ALSA USB MIDI driver incorrectly performed a double-free. A local attacker with physical access could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges...

4.9CVSS6.5AI score0.03723EPSS
Exploits10
Ubuntu
Ubuntu
•added 2016/03/14 1:21 p.m.•74 views

USN-2927-1: graphite2 vulnerabilities

It was discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially- crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute arbitrary...

9.3CVSS8.4AI score0.04907EPSS
Exploits1
Ubuntu
Ubuntu
•added 2016/02/22 6:5 p.m.•74 views

USN-2906-1: GNU cpio vulnerabilities

Alexander Cherepanov discovered that GNU cpio incorrectly handled symbolic links when used with the --no-absolute-filenames option. If a user or automated system were tricked into extracting a specially-crafted cpio archive, a remote attacker could possibly use this issue to write arbitrary files...

6.5CVSS7.1AI score0.05484EPSS
Exploits4
Ubuntu
Ubuntu
•added 2016/01/28 3:33 p.m.•74 views

USN-2883-1: OpenSSL vulnerability

Antonio Sanso discovered that OpenSSL reused the same private DH exponent for the life of a server process when configured with a X9.42 style parameter file. This could allow a remote attacker to possibly discover the server's private DH exponent when being used with non-safe primes...

3.7CVSS6.5AI score0.83645EPSS
Exploits1
Ubuntu
Ubuntu
•added 2016/01/05 9:39 p.m.•74 views

USN-2858-3: Linux kernel (Raspberry Pi 2) vulnerability

Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files with administrative permission attributes and execute arbitrary code with elevated privileges...

7.2CVSS6.7AI score0.22374EPSS
Exploits12
Ubuntu
Ubuntu
•added 2015/12/17 8:8 a.m.•74 views

USN-2842-2: Linux kernel (Vivid HWE) vulnerabilities

Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS. CVE-2015-8104 郭永刚 discovered that the pp...

10CVSS6.4AI score0.02501EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/12/04 5:57 p.m.•74 views

USN-2829-1: Linux kernel vulnerabilities

It was discovered that the SCTP protocol implementation in the Linux kernel performed an incorrect sequence of protocol-initialization steps. A local attacker could use this to cause a denial of service system crash. CVE-2015-5283 Dmitry Vyukov discovered that the Linux kernel's keyring handler...

4.7CVSS6.3AI score0.00549EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/11/10 3:18 a.m.•74 views

USN-2804-1: Linux kernel (Trusty HWE) vulnerability

Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS...

4.9CVSS6.9AI score0.00566EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/09/24 6:37 p.m.•74 views

USN-2745-1: QEMU vulnerabilities

Lian Yihan discovered that QEMU incorrectly handled certain payload messages in the VNC display driver. A malicious guest could use this issue to cause the QEMU process to hang, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2015-5239 Qinghao...

7.5CVSS7.2AI score0.0361EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/08/04 4:52 p.m.•74 views

USN-2677-1: Oxide vulnerabilities

An uninitialized value issue was discovered in ICU. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service. CVE-2015-1270 A use-after-free was discovered in the GPU process implementation in Chromium. If a user wer...

9.8CVSS8AI score0.19069EPSS
Exploits2References1
Ubuntu
Ubuntu
•added 2015/07/28 9:21 a.m.•74 views

USN-2691-1: Linux kernel vulnerabilities

Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs non-maskable interrupts. An unprivileged local user could exploit this flaw to cause a denial of service system crash or potentially escalate their privileges. CVE-2015-3290 Colin King discovered a flaw in the addkey...

7.2CVSS6.7AI score0.01103EPSS
Exploits4
Ubuntu
Ubuntu
•added 2015/07/24 12:0 a.m.•74 views

USN-2685-1: Linux kernel vulnerabilities

A flaw was discovered in the kvm kernel virtual machine subsystem's kvmapichasevents function. A unprivileged local user could exploit this flaw to cause a denial of service system crash. CVE-2015-4692 A flaw was discovered in how the Linux kernel handles invalid UDP checksums. A remote attacker...

7.8CVSS7.1AI score0.06267EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/07/23 11:18 p.m.•74 views

USN-2679-1: Linux kernel (OMAP4) vulnerabilities

A flaw was discovered in the user space memory copying for the pipe iovecs in the Linux kernel. An unprivileged local user could exploit this flaw to cause a denial of service system crash or potentially escalate their privileges. CVE-2015-1805 Daniel Borkmann reported a kernel crash in the Linux...

7.2CVSS7AI score0.01407EPSS
Exploits3
Ubuntu
Ubuntu
•added 2015/07/09 5:32 p.m.•74 views

USN-2672-1: NSS vulnerabilities

Karthikeyan Bhargavan discovered that NSS incorrectly handled state transitions for the TLS state machine. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to skip the ServerKeyExchange message and remove the forward-secrecy property...

4.3CVSS7.4AI score0.03594EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/06/10 9:41 p.m.•74 views

USN-2632-1: Linux kernel (OMAP4) vulnerabilities

Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service host crash. CVE-2015-2150 A privilege escalation was discovered in the fork syscall via t...

9.3CVSS7.3AI score0.10108EPSS
Exploits6
Ubuntu
Ubuntu
•added 2015/04/30 1:27 p.m.•74 views

USN-2591-1: curl vulnerabilities

Paras Sethia discovered that curl could incorrectly re-use NTLM HTTP credentials when subsequently connecting to the same host over HTTP. CVE-2015-3143 Hanno Böck discovered that curl incorrectly handled zero-length host names. If a user or automated system were tricked into using a specially...

9CVSS8AI score0.3763EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/03/12 6:32 a.m.•74 views

USN-2527-1: Linux kernel (Trusty HWE) vulnerability

It was discovered that the Linux kernel's Infiniband subsystem did not properly sanitize its input parameters while registering memory regions from userspace. A local user could exploit this flaw to cause a denial of service system crash or to potentially gain administrative privileges...

6.9CVSS6.2AI score0.00441EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/03/10 3:28 p.m.•74 views

USN-2521-1: Oxide vulnerabilities

Several out-of-bounds write bugs were discovered in Skia. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program...

7.5CVSS8.7AI score0.02565EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/03/06 7:9 p.m.•74 views

USN-2522-2: ICU regression

USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font patches caused a regression when using LibreOffice Calc. The patches have been temporarily backed out until the regression is investigated. We apologize for the inconvenience. Original advisory details: It was discovered that...

7.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2015/02/04 5:56 p.m.•74 views

USN-2494-1: file vulnerabilities

Francisco Alonso discovered that file incorrectly handled certain ELF files. An attacker could use this issue to cause file to crash, resulting in a denial of service. CVE-2014-3710 Thomas Jarosch discovered that file incorrectly handled certain ELF files. An attacker could use this issue to caus...

5CVSS7.9AI score0.14013EPSS
Exploits0
Ubuntu
Ubuntu
•added 2014/10/15 7:50 p.m.•74 views

USN-2384-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. MySQL has been updated to 5.5.40. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the...

7.5CVSS7.3AI score0.14784EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/09/23 8:43 p.m.•74 views

USN-2358-1: Linux kernel (Trusty HWE) vulnerabilities

Jack Morgenstein reported a flaw in the page handling of the KVM Kerenl Virtual Machine subsystem in the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service host OS memory corruption or possibly have other unspecified impact on the host OS. CVE-2014-3601 Jason...

7.1CVSS6.9AI score0.05794EPSS
Exploits3
Ubuntu
Ubuntu
•added 2014/08/18 6:5 p.m.•74 views

USN-2232-4: OpenSSL regression

USN-2232-1 fixed vulnerabilities in OpenSSL. One of the patch backports for Ubuntu 10.04 LTS caused a regression for certain applications. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jüri Aedla discovered that OpenSSL incorrectly handled invalid...

7.6AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2014/07/22 8:38 p.m.•74 views

USN-2295-1: Firefox vulnerabilities

Christian Holler, David Keeler, Byron Campen, Gary Kwong, Jesse Ruderman, Andrew McCreight, Alon Zakai, Bobby Holley, Jonathan Watt, Shu-yu Guo, Steve Fink, Terrence Cole, Gijs Kruitbosch and Cătălin Badea discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a...

10CVSS8.2AI score0.06109EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2014/07/05 5:56 p.m.•74 views

USN-2272-1: Linux kernel (Trusty HWE) vulnerability

Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on x8664 processors. An attacker could exploit this flaw to cause a denial of service System Crash or potential gain administrative privileges...

6.9CVSS6.7AI score0.02324EPSS
Exploits6
Ubuntu
Ubuntu
•added 2014/06/27 8:54 a.m.•74 views

USN-2264-1: Linux kernel vulnerabilities

Salva Peiró discovered an information leak in the Linux kernel's media- device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. CVE-2014-1739 A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user...

4.9CVSS6.8AI score0.01121EPSS
Exploits4
Ubuntu
Ubuntu
•added 2014/03/07 11:33 a.m.•74 views

USN-2135-1: Linux kernel (Quantal HWE) vulnerabilities

Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported a flaw in the Linux Kernel's kvmvmioctlcreatevcpu function ...

7.2CVSS7AI score0.10209EPSS
Exploits9
Ubuntu
Ubuntu
•added 2014/03/06 1:24 p.m.•74 views

USN-2130-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly handled certain inconsistent HTTP headers. A remote attacker could possibly use this flaw to conduct request smuggling attacks. CVE-2013-4286 It was discovered that Tomcat incorrectly handled certain requests submitted using chunked transfer encoding. A...

7.5CVSS7.1AI score0.83175EPSS
Exploits13
Ubuntu
Ubuntu
•added 2013/10/23 8:19 p.m.•74 views

USN-2000-1: Nova vulnerabilities

It was discovered that Nova did not properly enforce the ispublic property when determining flavor access. An authenticated attacker could exploit this to obtain sensitive information in private flavors. This issue only affected Ubuntu 12.10 and 13.10. CVE-2013-2256, CVE-2013-4278 Grant Murphy...

6CVSS5.4AI score0.02703EPSS
Exploits6
Ubuntu
Ubuntu
•added 2013/09/30 10:45 a.m.•74 views

USN-1977-1: Linux kernel (EC2) vulnerabilities

An information leak was discovered in the handling of ICMPv6 Router Advertisement RA messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service excessive retries and address-generation outage, and consequently obtain sensitive...

6.2CVSS7.9AI score0.0181EPSS
Exploits0
Ubuntu
Ubuntu
•added 2013/09/06 10:14 a.m.•74 views

USN-1940-1: Linux kernel (EC2) vulnerabilities

Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local user could exploit this flaw to run commands as root when using the perf tool. CVE-2013-1060 Michael S. Tsirkin discovered a flaw in how the Linux kernel's KVM subsystem allocates memory...

7.8CVSS6.9AI score0.04707EPSS
Exploits1
Ubuntu
Ubuntu
•added 2013/08/20 1:22 p.m.•74 views

USN-1936-1: Linux kernel (Raring HWE) vulnerabilities

Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2013-1059 An information leak was discovered in the Linux kernel's fanotify interface. A local user could exploit this flaw to obtai...

7.8CVSS6.7AI score0.04672EPSS
Exploits5
Ubuntu
Ubuntu
•added 2013/08/20 12:10 p.m.•74 views

USN-1932-1: Linux kernel vulnerabilities

Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2013-1059 An information leak was discovered in the Linux kernel's fanotify interface. A local user could exploit this flaw to obtai...

7.8CVSS6.9AI score0.04546EPSS
Exploits1
Ubuntu
Ubuntu
•added 2013/08/06 7:47 p.m.•74 views

USN-1924-2: Ubufox and Unity Firefox Extension update

USN-1924-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Ubufox and Unity Firefox Extension. Original advisory details: Jeff Gilbert, Henrik Skupin, Ben Turner, Christian Holler, Andrew McCreight, Gary Kwong, Jan Varga and Jesse Ruderman discovered multiple...

7.9AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2013/07/29 10:20 p.m.•74 views

USN-1918-1: Linux kernel (OMAP4) vulnerability

Kees Cook discovered a format string vulnerability in the Broadcom B43 wireless driver for the Linux kernel. A local user could exploit this flaw to gain administrative privileges...

6.9CVSS6.6AI score0.01022EPSS
Exploits1
Ubuntu
Ubuntu
•added 2013/07/29 10:4 p.m.•74 views

USN-1913-1: Linux kernel (EC2) vulnerabilities

Jonathan Salwan discovered an information leak in the Linux kernel's cdrom driver. A local user can exploit this leak to obtain sensitive information from kernel memory if the CD-ROM drive is malfunctioning. CVE-2013-2164 A flaw was discovered in the Linux kernel when an IPv6 socket is used to...

6CVSS6.7AI score0.00557EPSS
Exploits4
Ubuntu
Ubuntu
•added 2013/05/31 2:33 a.m.•74 views

USN-1849-1: Linux kernel (Raring HWE) vulnerability

Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote unauthenticated attacker could exploit this flaw to cause a denial of service system crash or potentially gain administrative privileges. CVE-2013-2850 An flaw was discovered in the Linux kernel's perfevents interface. A...

8.4CVSS7.2AI score0.47709EPSS
Exploits18
Total number of security vulnerabilities5000