Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2013/01/18 2:8 a.m.•73 views

USN-1696-1: Linux kernel vulnerabilities

Jon Howell reported a flaw in the Linux kernel's KVM Kernel-based virtual machine subsystem's handling of the XSAVE feature. On hosts, using qemu userspace, without the XSAVE feature an unprivileged local attacker could exploit this flaw to crash the system. CVE-2012-4461 A flaw was discovered in...

4.9CVSS6.5AI score0.00882EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/09/21 9:49 p.m.•73 views

USN-1579-1: Linux kernel vulnerabilities

Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO TCP segment offload. A local or peer user could exploit this flaw to to cause a denial of service. CVE-2012-3412 Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS...

7.8CVSS6.2AI score0.06158EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/08/10 10:54 p.m.•74 views

USN-1535-1: Linux kernel vulnerabilities

An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface which is not available to unprivileged users until granted by a root user could exploit this flaw to crash the system or potential gain administrative privileges...

7.2CVSS5.8AI score0.00583EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/05/25 7:8 p.m.•73 views

USN-1452-1: Linux kernel vulnerabilities

A flaw was found in the Linux kernel's KVM Kernel Virtual Machine virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. CVE-2012-1601 Steve Grubb reported a flaw with Linux fscaps file system base capabilities when used to increa...

7.2CVSS6.6AI score0.00418EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/04/12 7:9 p.m.•74 views

USN-1422-1: Linux kernel vulnerabilities

Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. CVE-2011-4347 Stephan Bärwolf discovered a flaw in the KVM kernel-based virtual machin...

7.8CVSS6.5AI score0.01014EPSS
Exploits4
Ubuntu
Ubuntu
•added 2012/03/09 5:58 p.m.•73 views

USN-1396-1: GNU C Library vulnerabilities

It was discovered that the GNU C Library did not properly handle integer overflows in the timezone handling code. An attacker could use this to possibly execute arbitrary code by convincing an application to load a maliciously constructed tzfile. CVE-2009-5029 It was discovered that the GNU C...

7.5CVSS7.9AI score0.14323EPSS
Exploits15
Ubuntu
Ubuntu
•added 2012/01/24 5:29 p.m.•73 views

USN-1344-1: Linux kernel vulnerabilities

Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. CVE-2011-2203 A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. CVE-2011-4110...

2.1CVSS7.4AI score0.00489EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/01/23 9:47 p.m.•73 views

USN-1340-1: Linux kernel (Oneiric backport) vulnerabilities

Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. CVE-2011-2203 A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain ro...

7.8CVSS7.1AI score0.00556EPSS
Exploits7
Ubuntu
Ubuntu
•added 2012/01/23 6:2 p.m.•73 views

USN-1337-1: Linux kernel (Natty backport) vulnerabilities

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel...

2.1CVSS7.4AI score0.00489EPSS
Exploits3
Ubuntu
Ubuntu
•added 2011/09/13 8:13 p.m.•73 views

USN-1205-1: Linux kernel (Maverick backport) vulnerabilities

It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities...

7.8CVSS7.2AI score0.08793EPSS
Exploits5
Ubuntu
Ubuntu
•added 2011/08/17 5:40 p.m.•73 views

USN-1192-1: Firefox vulnerabilities

Aral Yaman discovered a vulnerability in the WebGL engine. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking Firefox. CVE-2011-2989 Vivekanand Bolajwar discovered a vulnerability in the JavaScript engine. An attacker could...

10CVSS8.8AI score0.0544EPSS
Exploits1
Ubuntu
Ubuntu
•added 2011/06/15 5:18 p.m.•73 views

USN-1151-1: Nagios vulnerabilities

Stefan Schurtz discovered than Nagios did not properly sanitize its input when processing certain requests, resulting in cross-site scripting XSS vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote...

4.3CVSS7.9AI score0.26037EPSS
Exploits2
Ubuntu
Ubuntu
•added 2011/03/02 1:20 a.m.•73 views

USN-1081-1: Linux kernel vulnerabilities

It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. CVE-2010-3698 Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could...

7.2CVSS6.1AI score0.03521EPSS
Exploits9
Ubuntu
Ubuntu
•added 2010/10/05 8:18 p.m.•73 views

USN-999-1: Kerberos vulnerability

Mike Roszkowski discovered that the Kerberos KDC did not correctly validate the contents of certain messages. If an authenticated remote attacker sent specially crafted TGS requests, the KDC service would crash, leading to a denial of service...

6.5CVSS6.8AI score0.0304EPSS
Exploits0
Ubuntu
Ubuntu
•added 2010/08/25 2:46 p.m.•73 views

USN-977-1: MoinMoin vulnerabilities

It was discovered that MoinMoin did not properly sanitize its input, resulting in cross-site scripting XSS vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify...

4.3CVSS5.1AI score0.02657EPSS
Exploits1
Ubuntu
Ubuntu
•added 2010/01/08 12:54 a.m.•73 views

USN-877-1: Firefox 3.0 and Xulrunner 1.9 regression

USN-873-1 fixed vulnerabilities in Firefox and Xulrunner. The upstream changes introduced a regression when using NTLM authentication. This update fixes the problem and adds additional stability fixes. We apologize for the inconvenience. Original advisory details: Jesse Ruderman, Josh Soref,...

8.8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2009/11/12 10:6 p.m.•73 views

USN-859-1: OpenJDK vulnerabilities

Dan Kaminsky discovered that SSL certificates signed with MD2 could be spoofed given enough time. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site. This update handles this issue by completely disabling MD2 for certificate validation in...

9.3CVSS7.4AI score0.65461EPSS
Exploits13
Ubuntu
Ubuntu
•added 2009/09/10 2:51 p.m.•73 views

USN-821-1: Firefox and Xulrunner vulnerabilities

Several flaws were discovered in the Firefox browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2009-3070,...

10CVSS8.9AI score0.06724EPSS
Exploits4
Ubuntu
Ubuntu
•added 2009/06/25 10:28 p.m.•73 views

USN-782-1: Thunderbird vulnerabilities

Several flaws were discovered in the JavaScript engine of Thunderbird. If a user had JavaScript enabled and were tricked into viewing malicious web content, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program...

9.3CVSS8.7AI score0.09282EPSS
Exploits6
Ubuntu
Ubuntu
•added 2009/01/06 11:17 p.m.•73 views

USN-701-1: Thunderbird vulnerabilities

Several flaws were discovered in the browser engine. If a user had Javascript enabled, these problems could allow an attacker to crash Thunderbird and possibly execute arbitrary code with user privileges. CVE-2008-5500 Boris Zbarsky discovered that the same-origin check in Thunderbird could be...

10CVSS8.6AI score0.03201EPSS
Exploits0
Ubuntu
Ubuntu
•added 2009/01/06 1:24 a.m.•73 views

USN-703-1: xterm vulnerabilities

Paul Szabo discovered that the DECRQSS escape sequences were not handled correctly by xterm. Additionally, window title operations were also not safely handled. If a user were tricked into viewing a specially crafted series of characters while in xterm, a remote attacker could execute arbitrary...

9.3CVSS7.3AI score0.0747EPSS
Exploits0
Ubuntu
Ubuntu
•added 2008/03/26 10:34 a.m.•73 views

USN-592-1: Firefox vulnerabilities

Alexey Proskuryakov, Yosuke Hasegawa and Simon Montagu discovered flaws in Firefox's character encoding handling. If a user were tricked into opening a malicious web page, an attacker could perform cross-site scripting attacks. CVE-2008-0416 Various flaws were discovered in the JavaScript engine...

9.3CVSS8.4AI score0.06055EPSS
Exploits3
Ubuntu
Ubuntu
•added 2007/07/18 12:3 a.m.•73 views

USN-488-1: mod_perl vulnerability

Alex Solovey discovered that modperl did not correctly validate certain regular expression matches. A remote attacker could send a specially crafted request to a web application using modperl, causing the web server to monopolize CPU resources. This could lead to a remote denial of service...

5CVSS8.3AI score0.10111EPSS
Exploits0
Ubuntu
Ubuntu
•added 2007/05/24 9:48 p.m.•73 views

USN-464-1: Linux kernel vulnerabilities

Philipp Richter discovered that the AppleTalk protocol handler did not sufficiently verify the length of packets. By sending a crafted AppleTalk packet, a remote attacker could exploit this to crash the kernel. CVE-2007-1357 Gabriel Campana discovered that the doipv6setsockopt function did not...

7.8CVSS5.4AI score0.13529EPSS
Exploits0
Ubuntu
Ubuntu
•added 2005/09/07 3:59 p.m.•73 views

USN-177-1: Apache 2 vulnerabilities

Apache did not honour the "SSLVerifyClient require" directive within a block if the surrounding block contained a directive "SSLVerifyClient optional". This allowed clients to bypass client certificate validation on servers with the above configuration. CAN-2005-2700 Filip Sneppe discovered a...

10CVSS6.8AI score0.30576EPSS
Exploits0
Ubuntu
Ubuntu
•added 2005/08/09 6:48 a.m.•73 views

USN-162-1: ekg and Gadu library vulnerabilities

Marcin Owsiany and Wojtek Kaniewski discovered that some contributed scripts contrib/ekgh, contrib/ekgnv.sh, and contrib/getekg.sh in the ekg package created temporary files in an insecure way, which allowed exploitation of a race condition to create or overwrite files with the privileges of the...

10CVSS6.1AI score0.04703EPSS
Exploits0
Ubuntu
Ubuntu
•added 2005/02/02 10:57 p.m.•73 views

USN-72-1: Perl vulnerabilities

Two exploitable vulnerabilities involving setuid-enabled perl scripts have been discovered. The package "perl-suid" provides a wrapper around perl which allows to use setuid-root perl scripts, i.e. user-callable Perl scripts which have full root privileges. Previous versions allowed users to...

4.6CVSS6.1AI score0.01315EPSS
Exploits2
Ubuntu
Ubuntu
•added 2005/01/14 11:30 p.m.•73 views

USN-60-0: Linux kernel vulnerabilities

CAN-2005-0001: Paul Starzetz discovered a race condition in the Linux page fault handler code. This allowed an unprivileged user to gain root privileges on multiprocessor machines under some circumstances. This also affects the Hyper-Threading mode on Pentium 4 processors...

6.9CVSS5.3AI score0.00499EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2004/12/23 4:54 p.m.•73 views

USN-47-1: Linux kernel vulnerabilities

Georgi Guninski discovered two Denial of Service vulnerabilities in the Linux kernel. An integer overflow in the vcresize function caused the memory allocation for the new screen being too short, thus causing a buffer overflow and a kernel crash. There was also a memory leak in the ipoptionsget...

5.3AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2004/11/18 11:14 p.m.•73 views

USN-29-1: samba vulnerability

During an audit of the Samba 3.x code base Stefan Esser discovered a Unicode file name buffer overflow within the handling of TRANSACT2QFILEPATHINFO replies. A malicious samba user with write access to a share could exploit this by creating specially crafted path names files with very long names...

10CVSS5.9AI score0.1373EPSS
Exploits0
Ubuntu
Ubuntu
•added 2004/11/16 5:59 a.m.•73 views

USN-25-1: libgd2 vulnerability

CAN-2004-0990 described several more buffer overflows which had been discovered in libgd2's PNG handling functions. However, it was determined that the update from USN-11-1 was not sufficient to prevent every possible attack, so another update is required. If an attacker tricked a user into loadi...

10CVSS7.1AI score0.10693EPSS
Exploits0
Ubuntu
Ubuntu
•added 2004/10/28 3:8 p.m.•73 views

USN-9-1: tetex-bin vulnerabilities

Chris Evans and Marcus Meissner recently discovered several integer overflow vulnerabilities in xpdf, a viewer for PDF files. Because tetex-bin contains xpdf code, it is also affected. These vulnerabilities could be exploited by an attacker providing a specially crafted TeX, LaTeX, or PDF file...

10CVSS5.6AI score0.09334EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/14 1:31 p.m.•72 views

USN-7435-1: Protocol Buffers vulnerability

It was discovered that Protocol Buffers incorrectly handled memory when receiving malicious input using the Java bindings. An attacker could possibly use this issue to cause a denial of service...

8.7CVSS7.2AI score0.02772EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/07/16 9:17 a.m.•72 views

USN-6893-2: Linux kernel vulnerabilities

It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. CVE-2024-24857, CVE-2024-24858, CVE-2024-24859 Several security issues we...

9.1CVSS7AI score0.01401EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/07/10 9:6 p.m.•72 views

USN-6892-1: Linux kernel (IBM) vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

9.1CVSS7.4AI score0.01635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/27 10:48 a.m.•72 views

USN-6857-1: Squid vulnerabilities

Joshua Rogers discovered that Squid incorrectly handled requests with the urn: scheme. A remote attacker could possibly use this issue to cause Squid to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2021-28651 It was discovered that Squid...

8.6CVSS6.9AI score0.88864EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/04/23 11:20 a.m.•72 views

USN-6728-3: Squid vulnerability

USN-6728-1 fixed vulnerabilities in Squid. The fix for CVE-2023-5824 caused Squid to crash in certain environments on Ubuntu 20.04 LTS and was disabled in USN-6728-2. The problematic fix for CVE-2023-5824 has now been corrected and reinstated in this update. We apologize for the inconvenience...

8.6CVSS6.5AI score0.05229EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2024/01/11 5:30 a.m.•72 views

USN-6574-1: Go vulnerabilities

Takeshi Kaneko discovered that Go did not properly handle comments and special tags in the script context of html/template module. An attacker could possibly use this issue to inject Javascript code and perform a cross site scripting attack. This issue only affected Go 1.20 in Ubuntu 20.04 LTS,...

8.1CVSS7.3AI score0.99999EPSS
Exploits19
Ubuntu
Ubuntu
•added 2023/12/11 11:18 a.m.•72 views

USN-6544-1: GNU binutils vulnerabilities

It was discovered that GNU binutils incorrectly handled certain COFF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. CVE-2022-38533 It was discovered that GNU binutils was not properly performing bounds checks...

8.8CVSS7AI score0.00698EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/12/06 3:22 p.m.•72 views

USN-6539-1: python-cryptography vulnerabilities

It was discovered that the python-cryptography Cipher.updateinto function would incorrectly accept objects with immutable buffers. This would result in corrupted output, contrary to expectations. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. CVE-2023-23931 It was...

7.5CVSS6.6AI score0.01301EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/10/26 11:50 a.m.•72 views

USN-6446-3: Linux kernel (Oracle) vulnerabilities

Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...

7.8CVSS7.5AI score0.00549EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/10/25 4:47 p.m.•72 views

USN-6452-1: Vim vulnerabilities

It was discovered that Vim could be made to divide by zero. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.04. CVE-2023-3896 It was discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a...

7.8CVSS6.9AI score0.0119EPSS
Exploits12
Ubuntu
Ubuntu
•added 2023/10/17 11:27 a.m.•72 views

USN-6394-2: Python vulnerability

USN-6394-1 fixed a vulnerability in Python. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute...

7.5CVSS7.9AI score0.0177EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/10/03 6:27 a.m.•72 views

USN-6404-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-5169, CVE-2023-5170,...

9.8CVSS8.6AI score0.49013EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/09/26 10:44 p.m.•72 views

USN-6387-2: Linux kernel vulnerabilities

Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. CVE-2023-20588 It was discovered...

7.8CVSS7AI score0.12405EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/19 10:20 p.m.•72 views

USN-6388-1: Linux kernel vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Yang Lan discovered that the GFS2 file system...

7.8CVSS7.8AI score0.03882EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/08 9:44 p.m.•72 views

USN-6339-2: Linux kernel vulnerabilities

It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service system crash. CVE-2022-48425...

9.8CVSS6.7AI score0.02975EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/08/22 4:59 p.m.•72 views

USN-6304-1: Inetutils vulnerabilities

It was discovered that telnetd in GNU Inetutils incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS CVE-2022-39028 It was discovered that Inetutils incorrectly handled certain inputs. An...

7.8CVSS7.5AI score0.01657EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/08/08 3:1 a.m.•72 views

USN-6267-2: Firefox regressions

USN-6267-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...

8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/07/13 2:16 p.m.•72 views

USN-6228-1: Linux kernel vulnerabilities

It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service system crash. CVE-2023-212...

7.8CVSS6.7AI score0.00491EPSS
Exploits1
Total number of security vulnerabilities5000