Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
added 2011/09/21 12:23 p.m.74 views

USN-1211-1: Linux kernel vulnerabilities

It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities...

7.8CVSS7.7AI score0.08793EPSS
Exploits8
Ubuntu
Ubuntu
added 2011/08/19 7:39 a.m.74 views

USN-1184-1: Firefox and Xulrunner vulnerabilities

Gary Kwong, Igor Bukanov, and Bob Clary discovered multiple memory vulnerabilities in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Firefox. CVE-2011-2982 It was discovered that a vulnerability in event...

10CVSS8.7AI score0.05556EPSS
Exploits1
Ubuntu
Ubuntu
added 2011/04/04 5:6 p.m.74 views

USN-1102-1: tiff vulnerability

Martin Barbella discovered that the thunder aka ThunderScan decoder in the TIFF library incorrectly handled an unexpected BitsPerSample value. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could execute arbitrary code with user privilege...

6.8CVSS8.7AI score0.06233EPSS
Exploits0
Ubuntu
Ubuntu
added 2011/03/15 12:49 a.m.74 views

USN-1079-2: OpenJDK 6 vulnerabilities

USN-1079-1 fixed vulnerabilities in OpenJDK 6 for non-armel ARM architectures. This update provides the corresponding updates for OpenJDK 6 for use with the armel ARM architectures. In order to build the armel ARM OpenJDK 6 update for Ubuntu 10.04 LTS, it was necessary to rebuild binutils and...

10CVSS6.5AI score0.2349EPSS
Exploits2
Ubuntu
Ubuntu
added 2011/02/25 8:26 p.m.74 views

USN-1071-1: Linux kernel vulnerabilities

Tavis Ormandy discovered that the Linux kernel did not properly implement exception fixup. A local attacker could exploit this to crash the kernel, leading to a denial of service. CVE-2010-3086 Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signednes...

6.9CVSS5.6AI score0.03739EPSS
Exploits8
Ubuntu
Ubuntu
added 2011/02/02 10:31 p.m.74 views

USN-1056-1: OpenOffice.org vulnerabilities

Charlie Miller discovered several heap overflows in PPT processing. If a user or automated system were tricked into opening a specially crafted PPT document, a remote attacker could execute arbitrary code with user privileges. Ubuntu 10.10 was not affected. CVE-2010-2935, CVE-2010-2936 Marc...

9.3CVSS7.8AI score0.10731EPSS
Exploits0
Ubuntu
Ubuntu
added 2011/02/01 10:7 p.m.74 views

USN-1055-1: OpenJDK vulnerabilities

It was discovered that IcedTea for Java did not properly verify signatures when handling multiply signed or partially signed JAR files, allowing an attacker to cause code to execute that appeared to come from a verified source. CVE-2011-0025 USN 1052-1 fixed a vulnerability in OpenJDK for Ubuntu...

6.8CVSS5.8AI score0.02578EPSS
Exploits0
Ubuntu
Ubuntu
added 2010/12/09 11:1 p.m.74 views

USN-1019-1: Firefox and Xulrunner vulnerabilities

Jesse Ruderman, Andreas Gal, Nils, Brian Hackett, and Igor Bukanov discovered several memory issues in the browser engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the program. CVE-2010-3776, CVE-2010-3777, CVE-2010-3778 It was...

9.3CVSS8.4AI score0.08669EPSS
Exploits1
Ubuntu
Ubuntu
added 2010/11/25 2:27 p.m.74 views

USN-1021-1: Apache vulnerabilities

It was discovered that Apache's modcache and moddav modules incorrectly handled requests that lacked a path. A remote attacker could exploit this with a crafted request and cause a denial of service. This issue affected Ubuntu 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS. CVE-2010-1452 It was discovere...

5CVSS6.4AI score0.2187EPSS
Exploits2
Ubuntu
Ubuntu
added 2010/11/10 10:31 p.m.74 views

USN-1016-1: libxml2 vulnerability

Bui Quang Minh discovered that libxml2 did not properly process XPath namespaces and attributes. If an application using libxml2 opened a specially crafted XML file, an attacker could cause a denial of service or possibly execute code as the user invoking the program...

4.3CVSS6.7AI score0.03133EPSS
Exploits1
Ubuntu
Ubuntu
added 2010/11/04 12:18 p.m.74 views

USN-1012-1: CUPS vulnerability

Emmanuel Bouillon discovered that CUPS did not properly handle certain Internet Printing Protocol IPP packets. A remote attacker could use this flaw to cause a denial of service or possibly execute arbitrary code. In the default installation in Ubuntu 8.04 LTS and later, attackers would be isolat...

9.8CVSS8.6AI score0.0647EPSS
Exploits0
Ubuntu
Ubuntu
added 2010/10/25 3:19 p.m.74 views

USN-959-2: PAM vulnerability

USN-959-1 fixed vulnerabilities in PAM. This update provides the corresponding updates for Ubuntu 10.10. Original advisory details: Denis Excoffier discovered that the PAM MOTD module in Ubuntu did not correctly handle path permissions when creating user file stamps. A local attacker could exploi...

6.9CVSS5.3AI score0.00941EPSS
Exploits11
Ubuntu
Ubuntu
added 2010/09/16 9:46 p.m.74 views

USN-978-2: Thunderbird regression

USN-978-1 fixed vulnerabilities in Thunderbird. Some users reported stability problems under certain circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Several dangling pointer vulnerabilities were discovered in Thunderbird. An attacker...

8.9AI score
Exploits0References1
Ubuntu
Ubuntu
added 2010/08/17 4:55 p.m.74 views

USN-972-1: FreeType vulnerabilities

It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges...

9.3CVSS5.6AI score0.30653EPSS
Exploits9
Ubuntu
Ubuntu
added 2010/03/18 2:8 p.m.74 views

USN-915-1: Thunderbird vulnerabilities

Several flaws were discovered in the JavaScript engine of Thunderbird. If a user had JavaScript enabled and were tricked into viewing malicious web content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program...

10CVSS7.9AI score0.28167EPSS
Exploits48
Ubuntu
Ubuntu
added 2009/08/19 10:43 p.m.74 views

USN-809-1: GnuTLS vulnerabilities

Moxie Marlinspike and Dan Kaminsky independently discovered that GnuTLS did not properly handle certificates with NULL characters in the certificate name. An attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...

7.5CVSS6.5AI score0.04506EPSS
Exploits1References1
Ubuntu
Ubuntu
added 2009/08/08 12:52 a.m.74 views

USN-812-1: Subversion vulnerability

Matt Lewis discovered that Subversion did not properly sanitize its input when processing svndiff streams, leading to various integer and heap overflows. If a user or automated system processed crafted input, a remote attacker could cause a denial of service or potentially execute arbitrary code ...

8.5CVSS7.8AI score0.05112EPSS
Exploits1
Ubuntu
Ubuntu
added 2009/07/13 6:52 p.m.74 views

USN-799-1: D-Bus vulnerability

It was discovered that the D-Bus library did not correctly validate signatures. If a local user sent a specially crafted D-Bus key, they could spoof a valid signature and bypass security policies...

3.6CVSS7.1AI score0.01332EPSS
Exploits1
Ubuntu
Ubuntu
added 2009/07/06 5:51 p.m.74 views

USN-797-1: tiff vulnerability

It was discovered that the TIFF library did not correctly handle certain malformed TIFF images. If a user or automated system were tricked into processing a malicious image, a remote attacker could cause an application linked against libtiff to crash, leading to a denial of service...

4.3CVSS8.2AI score0.07996EPSS
Exploits1
Ubuntu
Ubuntu
added 2009/06/03 2:15 p.m.74 views

USN-781-1: Pidgin vulnerabilities

It was discovered that Pidgin did not properly handle certain malformed messages when sending a file using the XMPP protocol handler. If a user were tricked into sending a file, a remote attacker could send a specially crafted response and cause Pidgin to crash, or possibly execute arbitrary code...

9.3CVSS6AI score0.13294EPSS
Exploits1
Ubuntu
Ubuntu
added 2009/04/20 9:37 p.m.74 views

USN-762-1: APT vulnerabilities

Alexandre Martani discovered that the APT daily cron script did not check the return code of the date command. If a machine is configured for automatic updates and is in a time zone where DST occurs at midnight, under certain circumstances automatic updates might not be applied and could become...

10CVSS5.4AI score0.01856EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2008/10/10 2:21 a.m.74 views

USN-651-1: Ruby vulnerabilities

Akira Tagoh discovered a vulnerability in Ruby which lead to an integer overflow. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program...

7.8CVSS7.4AI score0.95182EPSS
Exploits29
Ubuntu
Ubuntu
added 2007/10/11 4:7 a.m.74 views

USN-528-1: MySQL vulnerabilities

Neil Kettle discovered that MySQL could be made to dereference a NULL pointer and divide by zero. An authenticated user could exploit this with a crafted IF clause, leading to a denial of service. CVE-2007-2583 Victoria Reznichenko discovered that MySQL did not always require the DROP privilege. ...

5CVSS8.3AI score0.14051EPSS
Exploits2
Ubuntu
Ubuntu
added 2007/10/04 9:34 p.m.74 views

USN-525-1: libsndfile vulnerability

Robert Buchholz discovered that libsndfile did not correctly validate the size of its memory buffers. If a user were tricked into playing a specially crafted FLAC file, a remote attacker could execute arbitrary code with user privileges...

7.5CVSS8.4AI score0.04488EPSS
Exploits0
Ubuntu
Ubuntu
added 2007/07/10 1:32 p.m.74 views

USN-481-1: ImageMagick vulnerabilities

Multiple vulnerabilities were found in ImageMagick's handling of DCM and WXD image files. By tricking a user into processing a specially crafted image with an application that uses imagemagick, an attacker could execute arbitrary code with the user's privileges...

9.3CVSS7.5AI score0.04613EPSS
Exploits0
Ubuntu
Ubuntu
added 2005/10/10 8:5 p.m.74 views

USN-197-1: Shorewall vulnerability

A firewall bypass vulnerability has been found in shorewall. If MACLISTTTL was set to a value greater than 0 or MACLISTDISPOSITION was set to "ACCEPT" in /etc/shorewall/shorewall.conf, and a client was positively identified through its MAC address, that client bypassed all other policies/rules in...

7.5CVSS5.2AI score0.02305EPSS
Exploits0
Ubuntu
Ubuntu
added 2005/08/19 4:50 p.m.74 views

USN-169-1: Linux kernel vulnerabilities

David Howells discovered a local Denial of Service vulnerability in the key session joining function. Under certain user-triggerable conditions, a semaphore was not released properly, which caused processes which also attempted to join a key session to hang forever. This only affects Ubuntu 5.04...

5.5CVSS5.5AI score0.04626EPSS
Exploits3
Ubuntu
Ubuntu
added 2005/04/06 7:49 p.m.74 views

USN-109-1: MySQL vulnerability

USN-32-1 fixed a database privilege escalation vulnerability; original advisory text: "If a user was granted privileges to a database with a name containing an underscore "", the user also gained the ability to grant privileges to other databases with similar names. CAN-2004-0957" Recently a corn...

6.8CVSS5.3AI score0.02425EPSS
Exploits0
Ubuntu
Ubuntu
added 2005/02/10 6:43 a.m.74 views

USN-78-1: Mailman vulnerability

An path traversal vulnerability has been discovered in the "private" module of Mailman. A flawed path sanitation algorithm allowed the construction of URLS to arbitrary files readable by Mailman. This allowed a remote attacker to retrieve configuration and password databases, private list archive...

5CVSS5.5AI score0.02856EPSS
Exploits0
Ubuntu
Ubuntu
added 2004/11/25 9:15 p.m.74 views

USN-32-1: mysql vulnerabilities

Several vulnerabilities have been discovered in the MySQL database server. Lukasz Wojtow discovered a potential buffer overflow in the function mysqlrealconnect. A malicious name server could send specially crafted DNS packages which might result in execution of arbitrary code with the database...

10CVSS6.1AI score0.09801EPSS
Exploits2
Ubuntu
Ubuntu
added 2004/11/19 8:12 a.m.74 views

USN-30-1: Linux kernel vulnerabilities

CAN-2004-0883, CAN-2004-0949: During an audit of the smb file system implementation within Linux, several vulnerabilities were discovered ranging from out of bounds read accesses to kernel level buffer overflows. To exploit any of these vulnerabilities, an attacker needs control over the answers ...

6.4CVSS6.8AI score0.04078EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2024/08/22 11:54 a.m.73 views

USN-6979-1: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - User-Mode Linux UML; - x86 architecture; - Accessibility subsystem; -...

9.8CVSS7.3AI score0.02701EPSS
Exploits4
Ubuntu
Ubuntu
added 2024/07/16 10:12 a.m.73 views

USN-6895-2: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the HugeTLB file syst...

7.8CVSS7.4AI score0.00756EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/09 12:12 p.m.73 views

USN-6886-1: Go vulnerabilities

It was discovered that the Go net/http module did not properly handle the requests when request's headers exceed MaxHeaderBytes. An attacker could possibly use this issue to cause a panic resulting into a denial of service. This issue only affected Go 1.21 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS...

9.8CVSS7.3AI score0.91969EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/03/20 5:48 a.m.73 views

USN-6703-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2024-2609, CVE-2024-2611,...

9.8CVSS8.1AI score0.01107EPSS
Exploits6
Ubuntu
Ubuntu
added 2024/03/08 1:1 a.m.73 views

USN-6680-2: Linux kernel vulnerabilities

黄思聪 discovered that the NFC Controller Interface NCI implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash...

8.8CVSS7.1AI score0.01643EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/02/14 5:23 a.m.73 views

USN-6626-2: Linux kernel vulnerabilities

Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-32250, CVE-2023-32252, CVE-2023-32257...

9CVSS7.2AI score0.0406EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/01/25 12:44 p.m.73 views

USN-6598-1: Paramiko vulnerability

Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being...

5.9CVSS7AI score0.9378EPSS
Exploits4
Ubuntu
Ubuntu
added 2024/01/10 1:10 p.m.73 views

USN-6541-2: GNU C Library regression

USN-6541-1 fixed vulnerabilities in the GNU C Library. Unfortunately, changes made to allow proper application of the fix for CVE-2023-4806 in Ubuntu 22.04 LTS introduced an issue in the NSCD service IPv6 processing functionalities. This update fixes the problem. We apologize for the inconvenienc...

6.6AI score0.01655EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2023/11/30 5:38 p.m.73 views

USN-6495-2: Linux kernel vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Manfred Rudigier discovered that the IntelR PCI-Express Gigab...

7.5CVSS7.5AI score0.00544EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/29 3:51 p.m.73 views

USN-6525-1: pysha3 vulnerability

Nicky Mouha discovered that pysha incorrectly handled certain SHA-3 operations. An attacker could possibly use this issue to cause pysha3 to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.4AI score0.05193EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/11/15 2:24 p.m.73 views

USN-6482-1: Quagga vulnerabilities

It was discovered that Quagga incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause Quagga to crash, resulting in a denial of service...

9.1CVSS7.3AI score0.01578EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/11/10 10:16 a.m.73 views

USN-6462-2: Linux kernel (IoT) vulnerabilities

Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information kernel memory or in conjunction with another kernel vulnerability. CVE-2023-0597 Yu Hao and Weite...

5.5CVSS6.5AI score0.00454EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/01 12:39 p.m.73 views

USN-6465-2: Linux kernel (Raspberry Pi) vulnerabilities

Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2023-31083 Lin Ma discovered that the Netlink...

5.5CVSS6.7AI score0.00454EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/10/31 10:42 p.m.73 views

USN-6454-3: Linux kernel (ARM laptop) vulnerabilities

Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service system crash. CVE-2023-42756 Alex Birnberg discovered that the netfilter subsystem in the Linux...

7.8CVSS6.8AI score0.00396EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/10/25 12:43 p.m.73 views

USN-6440-3: Linux kernel (HWE) vulnerabilities

Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information kernel memory or in conjunction with another kernel vulnerability. CVE-2023-0597 It was discovere...

7.8CVSS7.4AI score0.00553EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/10/25 3:44 a.m.73 views

USN-6438-2: .Net regressions

USN-6438-1 fixed vulnerabilities in .Net. It was discovered that the fix for CVE-2023-36799 was incomplete. This update fixes the problem. Original advisory details: Kevin Jones discovered that .NET did not properly process certain X.509 certificates. An attacker could possibly use this issue to...

6.5CVSS7.3AI score0.04661EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2023/10/24 8:51 a.m.73 views

USN-6422-2: Ring vulnerabilities

It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2021-37706 It was discovered that Ring incorrectly handled...

9.8CVSS8.6AI score0.0462EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/09/18 6:52 p.m.73 views

USN-6381-1: GNU binutils vulnerabilities

It was discovered that a memory leak existed in certain GNU binutils modules. An attacker could possibly use this issue to cause a denial of service memory exhaustion. CVE-2020-19724, CVE-2020-21490 It was discovered that GNU binutils was not properly performing bounds checks in several functions...

8.8CVSS7.3AI score0.00698EPSS
Exploits8
Ubuntu
Ubuntu
added 2023/08/29 9:35 p.m.73 views

USN-6318-1: Linux kernel vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

7.8CVSS7.9AI score0.05794EPSS
Exploits4
Total number of security vulnerabilities5000