Lucene search
K
UbuntuMost viewed

10890 matches found

Ubuntu
Ubuntu
•added 2015/09/03 9:11 p.m.•73 views

USN-2734-1: Linux kernel vulnerability

It was discovered that an integer overflow error existed in the SCSI generic sg driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service system crash or potentially escalate their privileges...

4.6CVSS7.2AI score0.00493EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/07/24 12:0 a.m.•73 views

USN-2685-1: Linux kernel vulnerabilities

A flaw was discovered in the kvm kernel virtual machine subsystem's kvmapichasevents function. A unprivileged local user could exploit this flaw to cause a denial of service system crash. CVE-2015-4692 A flaw was discovered in how the Linux kernel handles invalid UDP checksums. A remote attacker...

7.8CVSS7.1AI score0.06267EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/06/25 12:33 p.m.•73 views

USN-2655-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly handled data with malformed chunked transfer coding. A remote attacker could possibly use this issue to conduct HTTP request smuggling attacks, or cause Tomcat to consume resources, resulting in a denial of service. CVE-2014-0227 It was discovered that...

7.8CVSS6.6AI score0.21045EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/05/20 11:28 a.m.•73 views

USN-2614-1: Linux kernel vulnerabilities

Vincent Tondellier discovered an integer overflow in the Linux kernel's netfilter connection tracking accounting of loaded extensions. An attacker on the local area network LAN could potential exploit this flaw to cause a denial of service system crash of targeted system. CVE-2014-9715 Jan Beulic...

9.3CVSS7AI score0.10108EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/03/09 5:43 p.m.•73 views

USN-2505-2: Firefox regression

USN-2505-1 fixed vulnerabilities in Firefox. This update removed the deprecated "-remote" command-line switch that some older software still depends on. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Matthew Noorenberghe discovered that allowlisted...

8.1AI score0.06029EPSS
Exploits0References2
Ubuntu
Ubuntu
•added 2015/02/26 3:57 p.m.•73 views

USN-2519-1: GNU C Library vulnerabilities

Arnaud Le Blanc discovered that the GNU C Library incorrectly handled file descriptors when resolving DNS queries under high load. This may cause a denial of service in other applications, or an information leak. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS and Ubuntu 14.04 LTS...

7.8CVSS7.7AI score0.07688EPSS
Exploits5
Ubuntu
Ubuntu
•added 2015/02/10 5:56 p.m.•73 views

USN-2495-1: Oxide vulnerabilities

A use-after-free bug was discovered in the DOM implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed rende...

7.5CVSS8.7AI score0.02854EPSS
Exploits0
Ubuntu
Ubuntu
•added 2014/10/09 10:35 a.m.•73 views

USN-2375-1: Linux kernel (EC2) vulnerabilities

Ben Hawkes reported some off by one errors for report descriptors in the Linux kernel's HID stack. A physically proximate attacker could exploit these flaws to cause a denial of service out-of-bounds write via a specially crafted device. CVE-2014-3184 Several bounds check flaws allowing for buffe...

6.9CVSS6.8AI score0.00596EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/07/17 12:24 a.m.•73 views

USN-2285-1: Linux kernel (Quantal HWE) vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Michael S. Tsirkin discovered an information leak in the Linux kernel's...

6.9CVSS6.6AI score0.03303EPSS
Exploits14
Ubuntu
Ubuntu
•added 2014/05/06 2:26 a.m.•73 views

USN-2199-1: Linux kernel (Quantal HWE) vulnerability

A flaw was discovered in the Linux kernel's pseudo tty pty device. An unprivileged user could exploit this flaw to cause a denial of service system crash or potentially gain administrator privileges...

6.9CVSS7AI score0.22475EPSS
Exploits7
Ubuntu
Ubuntu
•added 2014/05/06 2:23 a.m.•73 views

USN-2198-1: Linux kernel vulnerability

A flaw was discovered in the Linux kernel's pseudo tty pty device. An unprivileged user could exploit this flaw to cause a denial of service system crash or potentially gain administrator privileges...

6.9CVSS7AI score0.22475EPSS
Exploits7
Ubuntu
Ubuntu
•added 2014/03/07 11:28 a.m.•73 views

USN-2133-1: Linux kernel vulnerabilities

Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported an error in the Linux Kernel's Kernel Virtual Machine KVM...

6.2CVSS6.7AI score0.10209EPSS
Exploits6
Ubuntu
Ubuntu
•added 2014/03/06 1:24 p.m.•73 views

USN-2130-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly handled certain inconsistent HTTP headers. A remote attacker could possibly use this flaw to conduct request smuggling attacks. CVE-2013-4286 It was discovered that Tomcat incorrectly handled certain requests submitted using chunked transfer encoding. A...

7.5CVSS7.1AI score0.83175EPSS
Exploits13
Ubuntu
Ubuntu
•added 2013/12/11 3:14 p.m.•73 views

USN-2053-1: Thunderbird vulnerabilities

Ben Turner, Bobby Holley, Jesse Ruderman and Christian Holler discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application...

10CVSS8.3AI score0.11076EPSS
Exploits10References1
Ubuntu
Ubuntu
•added 2013/12/03 7:20 p.m.•73 views

USN-2040-1: Linux kernel (Quantal HWE) vulnerabilities

A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. CVE-2013-4299 Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload UFO. An unprivileged...

6.9CVSS6.8AI score0.0381EPSS
Exploits4
Ubuntu
Ubuntu
•added 2013/11/08 9:35 p.m.•73 views

USN-2017-1: Linux kernel vulnerabilities

A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. CVE-2012-5374 A denial of service flaw was discovered in the Btrfs file system in...

4CVSS6.6AI score0.00858EPSS
Exploits2
Ubuntu
Ubuntu
•added 2013/10/23 8:19 p.m.•73 views

USN-2000-1: Nova vulnerabilities

It was discovered that Nova did not properly enforce the ispublic property when determining flavor access. An authenticated attacker could exploit this to obtain sensitive information in private flavors. This issue only affected Ubuntu 12.10 and 13.10. CVE-2013-2256, CVE-2013-4278 Grant Murphy...

6CVSS5.4AI score0.02703EPSS
Exploits6
Ubuntu
Ubuntu
•added 2013/10/23 8:19 p.m.•73 views

USN-2002-1: Keystone vulnerabilities

Chmouel Boudjnah discovered that Keystone did not properly invalidate user tokens when a tenant was disabled which allowed an authenticated user to retain access via the token. CVE-2013-4222 Kieran Spear discovered that Keystone did not properly verify PKI tokens when performing revocation when...

6.5CVSS5.3AI score0.02342EPSS
Exploits0
Ubuntu
Ubuntu
•added 2013/09/30 10:42 a.m.•73 views

USN-1976-1: Linux kernel vulnerabilities

An information leak was discovered in the handling of ICMPv6 Router Advertisement RA messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service excessive retries and address-generation outage, and consequently obtain sensitive...

6.2CVSS7.9AI score0.0181EPSS
Exploits0
Ubuntu
Ubuntu
•added 2013/09/18 1:46 p.m.•73 views

USN-1955-1: apt-xapian-index vulnerability

It was discovered that apt-xapian-index was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations...

4.6CVSS5.4AI score0.00378EPSS
Exploits0
Ubuntu
Ubuntu
•added 2013/08/06 7:47 p.m.•73 views

USN-1924-2: Ubufox and Unity Firefox Extension update

USN-1924-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Ubufox and Unity Firefox Extension. Original advisory details: Jeff Gilbert, Henrik Skupin, Ben Turner, Christian Holler, Andrew McCreight, Gary Kwong, Jan Varga and Jesse Ruderman discovered multiple...

7.9AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2013/07/29 10:12 p.m.•73 views

USN-1915-1: Linux kernel (Quantal HWE) vulnerability

Kees Cook discovered a format string vulnerability in the Broadcom B43 wireless driver for the Linux kernel. A local user could exploit this flaw to gain administrative privileges...

6.9CVSS6.6AI score0.01022EPSS
Exploits1
Ubuntu
Ubuntu
•added 2013/07/15 1:22 p.m.•73 views

USN-1903-1: Apache HTTP Server vulnerabilities

It was discovered that the modrewrite module incorrectly sanitized non- printable characters before writing data to log files. A remote attacker could possibly use this flaw to execute arbitrary commands by injecting escape sequences in the log file. CVE-2013-1862 It was discovered that the modda...

5.1CVSS8.4AI score0.29484EPSS
Exploits4
Ubuntu
Ubuntu
•added 2013/06/14 7:0 a.m.•73 views

USN-1880-1: Linux kernel (Quantal HWE) vulnerabilities

Andy Lutomirski discover an error in the Linux kernel's credential handling on unix sockets. A local user could exploit this flaw to gain administrative privileges. CVE-2013-1979 An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local...

6.9CVSS6.3AI score0.00732EPSS
Exploits8
Ubuntu
Ubuntu
•added 2013/05/30 11:43 p.m.•73 views

USN-1846-1: Linux kernel vulnerability

Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote unauthenticated attacker could exploit this flaw to cause a denial of service system crash or potentially gain administrative privileges...

7.9CVSS7.6AI score0.07313EPSS
Exploits1
Ubuntu
Ubuntu
•added 2013/05/24 9:27 a.m.•73 views

USN-1834-1: Linux kernel (Quantal HWE) vulnerabilities

A buffer overflow vulnerability was discovered in the Broadcom tg3 ethernet driver for the Linux kernel. A local user could exploit this flaw to cause a denial of service crash the system or potentially escalate privileges on the system. CVE-2013-1929 A flaw was discovered in the Linux kernel's...

7.2CVSS6.8AI score0.00985EPSS
Exploits2
Ubuntu
Ubuntu
•added 2013/02/22 5:16 a.m.•73 views

USN-1742-1: Linux kernel (OMAP4) vulnerability

Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered a race condition in the Linux kernel's ptrace syscall. An unprivileged local attacker could exploit this flaw to run programs as an administrator...

6.9CVSS6.8AI score0.01434EPSS
Exploits2
Ubuntu
Ubuntu
•added 2013/01/22 3:0 p.m.•73 views

USN-1704-1: Linux kernel (Quantal HWE) vulnerabilities

Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. CVE-2012-0957 Jon Howell reported a flaw in the Linux kernel's KVM Kernel-based virtual machine subsystem's handling of the XSAVE feature. On hosts,...

4.9CVSS6.5AI score0.00959EPSS
Exploits5
Ubuntu
Ubuntu
•added 2013/01/18 2:8 a.m.•73 views

USN-1696-1: Linux kernel vulnerabilities

Jon Howell reported a flaw in the Linux kernel's KVM Kernel-based virtual machine subsystem's handling of the XSAVE feature. On hosts, using qemu userspace, without the XSAVE feature an unprivileged local attacker could exploit this flaw to crash the system. CVE-2012-4461 A flaw was discovered in...

4.9CVSS6.5AI score0.00882EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/09/21 9:49 p.m.•73 views

USN-1579-1: Linux kernel vulnerabilities

Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO TCP segment offload. A local or peer user could exploit this flaw to to cause a denial of service. CVE-2012-3412 Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS...

7.8CVSS6.2AI score0.06158EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/08/10 10:54 p.m.•74 views

USN-1535-1: Linux kernel vulnerabilities

An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface which is not available to unprivileged users until granted by a root user could exploit this flaw to crash the system or potential gain administrative privileges...

7.2CVSS5.8AI score0.00583EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/05/25 7:8 p.m.•73 views

USN-1452-1: Linux kernel vulnerabilities

A flaw was found in the Linux kernel's KVM Kernel Virtual Machine virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. CVE-2012-1601 Steve Grubb reported a flaw with Linux fscaps file system base capabilities when used to increa...

7.2CVSS6.6AI score0.00418EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/04/12 7:9 p.m.•74 views

USN-1422-1: Linux kernel vulnerabilities

Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. CVE-2011-4347 Stephan Bärwolf discovered a flaw in the KVM kernel-based virtual machin...

7.8CVSS6.5AI score0.01014EPSS
Exploits4
Ubuntu
Ubuntu
•added 2012/03/09 5:58 p.m.•73 views

USN-1396-1: GNU C Library vulnerabilities

It was discovered that the GNU C Library did not properly handle integer overflows in the timezone handling code. An attacker could use this to possibly execute arbitrary code by convincing an application to load a maliciously constructed tzfile. CVE-2009-5029 It was discovered that the GNU C...

7.5CVSS7.9AI score0.14323EPSS
Exploits15
Ubuntu
Ubuntu
•added 2012/01/24 5:29 p.m.•73 views

USN-1344-1: Linux kernel vulnerabilities

Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. CVE-2011-2203 A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. CVE-2011-4110...

2.1CVSS7.4AI score0.00489EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/01/23 9:47 p.m.•73 views

USN-1340-1: Linux kernel (Oneiric backport) vulnerabilities

Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. CVE-2011-2203 A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain ro...

7.8CVSS7.1AI score0.00556EPSS
Exploits7
Ubuntu
Ubuntu
•added 2012/01/23 6:2 p.m.•73 views

USN-1337-1: Linux kernel (Natty backport) vulnerabilities

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel...

2.1CVSS7.4AI score0.00489EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/01/05 3:21 p.m.•73 views

USN-1320-1: FFmpeg vulnerabilities

Steve Manzuik discovered that FFmpeg incorrectly handled certain malformed Matroska files. If a user were tricked into opening a crafted Matroska file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking th...

9.3CVSS8.8AI score0.06597EPSS
Exploits0
Ubuntu
Ubuntu
•added 2011/09/13 8:13 p.m.•73 views

USN-1205-1: Linux kernel (Maverick backport) vulnerabilities

It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities...

7.8CVSS7.2AI score0.08793EPSS
Exploits5
Ubuntu
Ubuntu
•added 2011/08/17 5:40 p.m.•73 views

USN-1192-1: Firefox vulnerabilities

Aral Yaman discovered a vulnerability in the WebGL engine. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking Firefox. CVE-2011-2989 Vivekanand Bolajwar discovered a vulnerability in the JavaScript engine. An attacker could...

10CVSS8.8AI score0.0544EPSS
Exploits1
Ubuntu
Ubuntu
•added 2011/06/15 5:18 p.m.•73 views

USN-1151-1: Nagios vulnerabilities

Stefan Schurtz discovered than Nagios did not properly sanitize its input when processing certain requests, resulting in cross-site scripting XSS vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote...

4.3CVSS7.9AI score0.26037EPSS
Exploits2
Ubuntu
Ubuntu
•added 2011/03/02 1:20 a.m.•73 views

USN-1081-1: Linux kernel vulnerabilities

It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. CVE-2010-3698 Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could...

7.2CVSS6.1AI score0.03521EPSS
Exploits9
Ubuntu
Ubuntu
•added 2010/11/25 2:27 p.m.•73 views

USN-1021-1: Apache vulnerabilities

It was discovered that Apache's modcache and moddav modules incorrectly handled requests that lacked a path. A remote attacker could exploit this with a crafted request and cause a denial of service. This issue affected Ubuntu 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS. CVE-2010-1452 It was discovere...

5CVSS6.4AI score0.2187EPSS
Exploits2
Ubuntu
Ubuntu
•added 2010/10/05 8:18 p.m.•73 views

USN-999-1: Kerberos vulnerability

Mike Roszkowski discovered that the Kerberos KDC did not correctly validate the contents of certain messages. If an authenticated remote attacker sent specially crafted TGS requests, the KDC service would crash, leading to a denial of service...

6.5CVSS6.8AI score0.0304EPSS
Exploits0
Ubuntu
Ubuntu
•added 2010/09/16 9:46 p.m.•73 views

USN-978-2: Thunderbird regression

USN-978-1 fixed vulnerabilities in Thunderbird. Some users reported stability problems under certain circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Several dangling pointer vulnerabilities were discovered in Thunderbird. An attacker...

8.9AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2010/08/25 2:46 p.m.•73 views

USN-977-1: MoinMoin vulnerabilities

It was discovered that MoinMoin did not properly sanitize its input, resulting in cross-site scripting XSS vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify...

4.3CVSS5.1AI score0.02657EPSS
Exploits1
Ubuntu
Ubuntu
•added 2010/01/08 12:54 a.m.•73 views

USN-877-1: Firefox 3.0 and Xulrunner 1.9 regression

USN-873-1 fixed vulnerabilities in Firefox and Xulrunner. The upstream changes introduced a regression when using NTLM authentication. This update fixes the problem and adds additional stability fixes. We apologize for the inconvenience. Original advisory details: Jesse Ruderman, Josh Soref,...

8.8AI score0.03963EPSS
Exploits8References1
Ubuntu
Ubuntu
•added 2009/11/12 10:6 p.m.•73 views

USN-859-1: OpenJDK vulnerabilities

Dan Kaminsky discovered that SSL certificates signed with MD2 could be spoofed given enough time. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site. This update handles this issue by completely disabling MD2 for certificate validation in...

9.3CVSS7.4AI score0.65461EPSS
Exploits13
Ubuntu
Ubuntu
•added 2009/09/10 2:51 p.m.•73 views

USN-821-1: Firefox and Xulrunner vulnerabilities

Several flaws were discovered in the Firefox browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2009-3070,...

10CVSS8.9AI score0.06724EPSS
Exploits4
Ubuntu
Ubuntu
•added 2009/06/25 10:28 p.m.•73 views

USN-782-1: Thunderbird vulnerabilities

Several flaws were discovered in the JavaScript engine of Thunderbird. If a user had JavaScript enabled and were tricked into viewing malicious web content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program...

9.3CVSS8.7AI score0.09282EPSS
Exploits6
Total number of security vulnerabilities5000