Lucene search
K
UbuntuMost viewed

10904 matches found

Ubuntu
Ubuntu
added 2004/11/19 8:12 a.m.74 views

USN-30-1: Linux kernel vulnerabilities

CAN-2004-0883, CAN-2004-0949: During an audit of the smb file system implementation within Linux, several vulnerabilities were discovered ranging from out of bounds read accesses to kernel level buffer overflows. To exploit any of these vulnerabilities, an attacker needs control over the answers ...

6.4CVSS6.8AI score0.04078EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2004/11/18 11:14 p.m.74 views

USN-29-1: samba vulnerability

During an audit of the Samba 3.x code base Stefan Esser discovered a Unicode file name buffer overflow within the handling of TRANSACT2QFILEPATHINFO replies. A malicious samba user with write access to a share could exploit this by creating specially crafted path names files with very long names...

10CVSS5.9AI score0.1373EPSS
Exploits0
Ubuntu
Ubuntu
added 2004/11/16 5:59 a.m.74 views

USN-25-1: libgd2 vulnerability

CAN-2004-0990 described several more buffer overflows which had been discovered in libgd2's PNG handling functions. However, it was determined that the update from USN-11-1 was not sufficient to prevent every possible attack, so another update is required. If an attacker tricked a user into loadi...

10CVSS7.1AI score0.10693EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/08/22 11:54 a.m.73 views

USN-6979-1: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - User-Mode Linux UML; - x86 architecture; - Accessibility subsystem; -...

9.8CVSS7.3AI score0.02701EPSS
Exploits4
Ubuntu
Ubuntu
added 2024/07/16 10:12 a.m.73 views

USN-6895-2: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the HugeTLB file syst...

7.8CVSS7.4AI score0.00756EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/09 12:12 p.m.73 views

USN-6886-1: Go vulnerabilities

It was discovered that the Go net/http module did not properly handle the requests when request's headers exceed MaxHeaderBytes. An attacker could possibly use this issue to cause a panic resulting into a denial of service. This issue only affected Go 1.21 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS...

9.8CVSS7.3AI score0.91969EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/03/20 5:48 a.m.73 views

USN-6703-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2024-2609, CVE-2024-2611,...

9.8CVSS8.1AI score0.01107EPSS
Exploits6
Ubuntu
Ubuntu
added 2024/03/08 1:1 a.m.73 views

USN-6680-2: Linux kernel vulnerabilities

黄思聪 discovered that the NFC Controller Interface NCI implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash...

8.8CVSS7.1AI score0.01657EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/02/14 5:23 a.m.73 views

USN-6626-2: Linux kernel vulnerabilities

Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-32250, CVE-2023-32252, CVE-2023-32257...

9CVSS7.2AI score0.0406EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/01/25 12:44 p.m.73 views

USN-6598-1: Paramiko vulnerability

Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being...

5.9CVSS7AI score0.9378EPSS
Exploits4
Ubuntu
Ubuntu
added 2024/01/10 1:10 p.m.73 views

USN-6541-2: GNU C Library regression

USN-6541-1 fixed vulnerabilities in the GNU C Library. Unfortunately, changes made to allow proper application of the fix for CVE-2023-4806 in Ubuntu 22.04 LTS introduced an issue in the NSCD service IPv6 processing functionalities. This update fixes the problem. We apologize for the inconvenienc...

6.6AI score
Exploits0References1
Ubuntu
Ubuntu
added 2023/11/30 5:38 p.m.73 views

USN-6495-2: Linux kernel vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Manfred Rudigier discovered that the IntelR PCI-Express Gigab...

7.5CVSS7.5AI score0.00544EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/29 3:51 p.m.73 views

USN-6525-1: pysha3 vulnerability

Nicky Mouha discovered that pysha incorrectly handled certain SHA-3 operations. An attacker could possibly use this issue to cause pysha3 to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.4AI score0.05193EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/11/15 2:24 p.m.73 views

USN-6482-1: Quagga vulnerabilities

It was discovered that Quagga incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause Quagga to crash, resulting in a denial of service...

9.1CVSS7.3AI score0.01578EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/11/10 10:16 a.m.73 views

USN-6462-2: Linux kernel (IoT) vulnerabilities

Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information kernel memory or in conjunction with another kernel vulnerability. CVE-2023-0597 Yu Hao and Weite...

5.5CVSS6.5AI score0.00454EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/01 12:39 p.m.73 views

USN-6465-2: Linux kernel (Raspberry Pi) vulnerabilities

Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2023-31083 Lin Ma discovered that the Netlink...

5.5CVSS6.7AI score0.00454EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/10/31 10:42 p.m.73 views

USN-6454-3: Linux kernel (ARM laptop) vulnerabilities

Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service system crash. CVE-2023-42756 Alex Birnberg discovered that the netfilter subsystem in the Linux...

7.8CVSS6.8AI score0.00396EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/10/25 12:43 p.m.73 views

USN-6440-3: Linux kernel (HWE) vulnerabilities

Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information kernel memory or in conjunction with another kernel vulnerability. CVE-2023-0597 It was discovere...

7.8CVSS7.4AI score0.00553EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/10/25 3:44 a.m.73 views

USN-6438-2: .Net regressions

USN-6438-1 fixed vulnerabilities in .Net. It was discovered that the fix for CVE-2023-36799 was incomplete. This update fixes the problem. Original advisory details: Kevin Jones discovered that .NET did not properly process certain X.509 certificates. An attacker could possibly use this issue to...

6.5CVSS7.3AI score0.04661EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2023/10/24 8:51 a.m.73 views

USN-6422-2: Ring vulnerabilities

It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2021-37706 It was discovered that Ring incorrectly handled...

9.8CVSS8.6AI score0.0462EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/09/18 6:52 p.m.73 views

USN-6381-1: GNU binutils vulnerabilities

It was discovered that a memory leak existed in certain GNU binutils modules. An attacker could possibly use this issue to cause a denial of service memory exhaustion. CVE-2020-19724, CVE-2020-21490 It was discovered that GNU binutils was not properly performing bounds checks in several functions...

8.8CVSS7.3AI score0.00698EPSS
Exploits8
Ubuntu
Ubuntu
added 2023/08/15 9:2 p.m.73 views

USN-6290-1: LibTIFF vulnerabilities

It was discovered that LibTIFF could be made to write out of bounds when processing certain malformed image files with the tiffcrop utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in a...

6.5CVSS7AI score0.01124EPSS
Exploits7
Ubuntu
Ubuntu
added 2023/08/10 8:34 a.m.73 views

USN-6281-1: Velocity Engine vulnerability

Alvaro Munoz discovered that Velocity Engine incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code...

9CVSS7AI score0.22709EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/07/27 12:26 p.m.73 views

USN-6256-1: Linux kernel (IoT) vulnerabilities

Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2022-3108...

7.8CVSS7.3AI score0.16642EPSS
Exploits13References2
Ubuntu
Ubuntu
added 2023/07/13 5:32 p.m.73 views

USN-6229-1: LibTIFF vulnerabilities

It was discovered that LibTIFF was not properly handling variables used to perform memory management operations when processing an image through tiffcrop, which could lead to a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

6.5CVSS7.5AI score0.01124EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/05/22 7:58 p.m.73 views

USN-6096-1: Linux kernel vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Ziming Zhang discovered that the VMware Virtual GPU DR...

7.8CVSS7.4AI score0.71737EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/05/18 8:22 a.m.73 views

USN-6086-1: minimatch vulnerability

It was discovered that minimatch incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.6AI score0.01674EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/05/01 12:7 p.m.73 views

USN-6051-1: Linux kernel vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS6.8AI score0.01029EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/04/13 10:18 p.m.73 views

USN-6018-1: Apport vulnerability

Chen Lu, Lei Wang, and YiQi Sun discovered a privilege escalation vulnerability in apport-cli when viewing crash reports and unprivileged users are allowed to run sudo less. A local attacker on a specially configured system could use this to escalate their privilege...

7.8CVSS7.3AI score0.00874EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2023/04/11 10:25 p.m.73 views

USN-6007-1: Linux kernel (GCP) vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

8.8CVSS7.3AI score0.04947EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/03/23 11:46 p.m.73 views

USN-5970-1: Linux kernel vulnerabilities

It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. CVE-2022-2196 It was discovered...

8.8CVSS7.5AI score0.03702EPSS
Exploits5
Ubuntu
Ubuntu
added 2023/02/14 7:12 p.m.73 views

USN-5870-1: apr-util vulnerability

Ronald Crane discovered that APR-util did not properly handled memory when encoding or decoding certain input data. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code...

6.5CVSS6.5AI score0.01417EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/02/09 9:46 p.m.73 views

USN-5859-1: Linux kernel (OEM) vulnerabilities

Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-0179 It was discovered that the Netronome...

7.8CVSS7.2AI score0.01944EPSS
Exploits5
Ubuntu
Ubuntu
added 2023/02/09 9:36 p.m.73 views

USN-5858-1: Linux kernel (OEM) vulnerabilities

Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-0179 It was discovered that the Netronome...

7.8CVSS7.1AI score0.01944EPSS
Exploits5
Ubuntu
Ubuntu
added 2023/01/10 6:37 a.m.73 views

USN-5782-3: Firefox regressions

USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use th...

8.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2022/10/27 1:0 p.m.73 views

USN-5704-1: DBus vulnerabilities

It was discovered that DBus incorrectly handled messages with invalid type signatures. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service. CVE-2022-42010 It was discovered that DBus was incorrectly validating the length of arrays of fixed-lengt...

6.5CVSS6.6AI score0.0131EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/09/27 6:8 p.m.73 views

USN-5644-1: Linux kernel (GCP) vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Duoming...

7.8CVSS7.1AI score0.05542EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/09/22 1:38 p.m.73 views

USN-5628-1: etcd vulnerabilities

It was discovered that etcd incorrectly handled certain specially crafted WAL files. An attacker could possibly use this issue to cause a denial of service. CVE-2020-15106, CVE-2020-15112 It was discovered that etcd incorrectly handled directory permissions when trying to create a directory that...

7.7CVSS7.2AI score0.01291EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/28 1:29 p.m.73 views

USN-5536-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the mouse pointer position, bypass Subresource Integrity protections, obtain sensitive information,...

9.8CVSS7.7AI score0.00748EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/13 8:16 p.m.73 views

USN-5516-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled memory access. An attacker could potentially use this issue to cause the corruption of sensitive information, a crash, or arbitrary code execution...

7.8CVSS7.8AI score0.01527EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/05/18 1:6 p.m.73 views

USN-5428-1: libXrandr vulnerabilities

Tobias Stoeckmann discovered that libXrandr incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. CVE-2016-7947, CVE-2016-7948...

9.8CVSS8.6AI score0.03629EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/12/16 9:18 a.m.73 views

USN-5195-1: Mumble vulnerability

It was discovered that the Mumble client supported websites for public servers with arbitrary URL schemes. If a user were tricked into visiting a malicious website from the public server list, a remote attacker could possibly execute arbitrary code...

8.8CVSS8.2AI score0.03203EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/15 10:3 p.m.73 views

USN-4823-1: Mosquitto vulnerability

It was discovered that Mosquitto incorrectly handled certain inputs. A remote attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.4AI score0.01885EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/15 9:5 p.m.73 views

USN-4787-1: jq vulnerability

It was discovered that jq did not perform sufficient bounds checking, resulting in unbounded resource consumption. An attacker could use this vulnerability to cause a denial of service...

7.8CVSS7.4AI score0.05333EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/12/09 4:46 p.m.73 views

USN-4665-2: curl vulnerabilities

USN-4665-1 fixed several vulnerabilities in curl. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Varnavas Papaioannou discovered that curl incorrectly handled FTP PASV responses. An attacker could possibly use this issue to tric...

7.5CVSS6.8AI score0.09917EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/11/26 1:57 p.m.73 views

USN-4649-1: xdg-utils vulnerability

Jens Mueller discovered that xdg-utils incorrectly handled certain URI. An attacker could possibly use this issue to expose sensitive information...

6.5CVSS6.7AI score0.01443EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/10/27 12:36 p.m.73 views

USN-4605-1: Blueman vulnerability

Vaisha Bernard discovered that blueman did not properly sanitize input on the d-bus interface to blueman-mechanism. A local attacker could possibly use this issue to escalate privileges and run arbitrary code or cause a denial of service. CVE-2020-15238...

7.1CVSS7.2AI score0.04539EPSS
Exploits4
Ubuntu
Ubuntu
added 2020/10/22 1:22 p.m.73 views

USN-4598-1: LibEtPan vulnerability

It was discovered that LibEtPan incorrectly handled STARTTLS when using IMAP, SMTP and POP3. A remote attacker could possibly use this issue to perform a response injection attack. CVE-2020-15953...

7.4CVSS7.3AI score0.02393EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/10/20 8:49 p.m.73 views

USN-4595-1: Grunt vulnerability

It was discovered that Grunt did not properly load yaml files. An attacker could possibly use this to execute arbitrary code. CVE-2020-7729...

7.1CVSS7.8AI score0.02285EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/09/25 5:14 p.m.73 views

USN-4541-1: Gnuplot vulnerabilities

Tim Blazytko, Cornelius Aschermann, Sergej Schumilo and Nils Bars discovered that Gnuplot did not properly validate string sizes in the dfgenerateasciiarrayentry function. An attacker could possibly use this issue to cause a heap buffer overflow, resulting in a denial of service attack or arbitra...

7.8CVSS7AI score0.01553EPSS
Exploits3
Total number of security vulnerabilities5000