Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2016/10/11 5:28 a.m.•72 views

USN-3098-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3098-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit...

7.8CVSS6.7AI score0.07613EPSS
Exploits5
Ubuntu
Ubuntu
•added 2016/09/19 6:49 p.m.•72 views

USN-3084-1: Linux kernel vulnerabilities

Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. CVE-2016-6136 It was discovered that the powerpc and powerpc64 hypervisor-mode KVM implementation in the Linux kernel for did...

6.5CVSS6.4AI score0.00348EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/05/09 9:43 p.m.•72 views

USN-2968-2: Linux kernel (Trusty HWE) vulnerabilities

USN-2968-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kerne...

7.8CVSS7.4AI score0.01946EPSS
Exploits19
Ubuntu
Ubuntu
•added 2016/04/06 7:53 a.m.•72 views

USN-2949-1: Linux kernel (Vivid HWE) vulnerabilities

Venkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2015-8812 Xiaofei Rex Guo discovered a timing side channel vulnerability in the Linux...

10CVSS7.4AI score0.14281EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/03/21 6:5 p.m.•72 views

USN-2937-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

6.8CVSS7.3AI score0.10946EPSS
Exploits2
Ubuntu
Ubuntu
•added 2015/12/19 12:7 p.m.•72 views

USN-2852-1: Linux kernel (Raspberry Pi 2) vulnerability

Jann Horn discovered a ptrace issue with user namespaces in the Linux kernel. The namespace owner could potentially exploit this flaw by ptracing a root owned process entering the user namespace to elevate its privileges and potentially gain access outside of the namespace...

7CVSS7.2AI score0.00398EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/12/04 6:21 p.m.•72 views

USN-2829-2: Linux kernel (Vivid HWE) vulnerabilities

It was discovered that the SCTP protocol implementation in the Linux kernel performed an incorrect sequence of protocol-initialization steps. A local attacker could use this to cause a denial of service system crash. CVE-2015-5283 Dmitry Vyukov discovered that the Linux kernel's keyring handler...

4.7CVSS6.3AI score0.00549EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/11/05 4:23 p.m.•72 views

USN-2794-1: Linux kernel vulnerabilities

It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. CVE-2015-2925 Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver...

6.9CVSS6.8AI score0.01246EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/10/28 8:34 a.m.•72 views

USN-2784-1: OpenJDK 7 vulnerabilities

Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. CVE-2015-4805, CVE-2015-4835, CVE-2015-4843, CVE-2015-4844,...

10CVSS6.6AI score0.09991EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/10/05 8:1 p.m.•72 views

USN-2764-1: Linux kernel (Utopic HWE) vulnerability

Dmitry Vyukov discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their privileges, expose confidential information, or cause a denial of service system crash...

6.9CVSS6.7AI score0.00412EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/09/02 7:57 p.m.•72 views

USN-2728-1: Bind vulnerability

Hanno Böck discovered that Bind incorrectly handled certain malformed keys when configured to perform DNSSEC validation. A remote attacker could use this issue with specially crafted zone data to cause Bind to crash, resulting in a denial of service...

7.8CVSS6.8AI score0.33652EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/09/01 11:44 a.m.•73 views

USN-2727-1: GnuTLS vulnerabilities

It was discovered that GnuTLS incorrectly handled parsing CRL distribution points. A remote attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. CVE-2015-3308 Kurt Roeckx discovered that GnuTLS incorrectly handled a long DistinguishedName DN entry in a...

7.5CVSS7.6AI score0.1903EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/05/13 5:41 p.m.•72 views

USN-2602-1: Firefox vulnerabilities

Jesse Ruderman, Mats Palmgren, Byron Campen, Steve Fink, Gary Kwong, Andrew McCreight, Christian Holler, Jon Coppeard, and Milan Sreckovic discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit...

7.5CVSS8.4AI score0.07417EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/05/04 4:34 p.m.•72 views

USN-2592-1: XML::LibXML vulnerability

Tilmann Haak discovered that XML::LibXML incorrectly handled the expandentities parameter in certain situations. A remote attacker could possibly use this issue to access sensitive information...

5CVSS8.3AI score0.04013EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/04/30 7:34 a.m.•72 views

USN-2583-1: Linux kernel vulnerability

A race condition between chown and execve was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to gain administrative privileges...

6.2CVSS6.8AI score0.00317EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/04/21 1:3 p.m.•72 views

USN-2573-1: OpenJDK 6 vulnerabilities

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. CVE-2015-0460, CVE-2015-0469 Alexander Cherepanov discovered that...

10CVSS5.7AI score0.07224EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/02/10 8:4 p.m.•72 views

USN-2498-1: Kerberos vulnerabilities

It was discovered that Kerberos incorrectly sent old keys in response to a -randkey -keepold request. An authenticated remote attacker could use this issue to forge tickets by leveraging administrative access. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS and Ubuntu 14.04 LTS...

9CVSS7.5AI score0.06213EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/02/04 1:16 a.m.•72 views

USN-2491-1: Linux kernel (EC2) vulnerabilities

Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment SS register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. CVE-2014-9322 Lars Bull reported a race condition in the PIT...

7.8CVSS6.4AI score0.01504EPSS
Exploits9
Ubuntu
Ubuntu
•added 2015/01/12 5:40 p.m.•72 views

USN-2459-1: OpenSSL vulnerabilities

Pieter Wuille discovered that OpenSSL incorrectly handled Bignum squaring. CVE-2014-3570 Markus Stenberg discovered that OpenSSL incorrectly handled certain crafted DTLS messages. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. CVE-2014-3571...

5CVSS7.5AI score0.98685EPSS
Exploits0
Ubuntu
Ubuntu
•added 2014/11/13 12:54 p.m.•72 views

USN-2409-1: QEMU vulnerabilities

Laszlo Ersek discovered that QEMU incorrectly handled memory in the vga device. A malicious guest could possibly use this issue to read arbitrary host memory. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. CVE-2014-3615 Xavier Mehrenberger and Stephane Duverger discovered that QEMU...

7.2CVSS7.2AI score0.03742EPSS
Exploits0
Ubuntu
Ubuntu
•added 2014/08/29 2:6 a.m.•72 views

USN-2328-1: GNU C Library vulnerability

Tavis Ormandy and John Haxby discovered that the GNU C Library contained an off-by-one error when performing transliteration module loading. A local attacker could exploit this to gain administrative privileges. CVE-2014-5119 USN-2306-1 fixed vulnerabilities in the GNU C Library. On Ubuntu 10.04...

7.5CVSS8.2AI score0.18099EPSS
Exploits4
Ubuntu
Ubuntu
•added 2014/08/21 7:57 p.m.•72 views

USN-2311-2: OpenStack Ceilometer vulnerability

USN-2311-1 fixed vulnerabilities in pyCADF. This update provides the corresponding updates for OpenStack Ceilometer. Original advisory details: Zhi Kun Liu discovered that pyCADF incorrectly filtered certain tokens. An attacker could possibly use this issue to obtain authentication tokens used in...

5CVSS5.4AI score0.02774EPSS
Exploits0
Ubuntu
Ubuntu
•added 2014/08/12 10:0 p.m.•72 views

USN-2312-1: OpenJDK 6 vulnerabilities

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. CVE-2014-2490, CVE-2014-4216, CVE-2014-4219, CVE-2014-4262 Several...

9.3CVSS7AI score0.06118EPSS
Exploits0
Ubuntu
Ubuntu
•added 2014/07/16 11:14 p.m.•72 views

USN-2283-1: Linux kernel vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Michael S. Tsirkin discovered an information leak in the Linux kernel's...

6.9CVSS6.6AI score0.02103EPSS
Exploits8
Ubuntu
Ubuntu
•added 2014/05/06 2:14 a.m.•72 views

USN-2196-1: Linux kernel vulnerability

A flaw was discovered in the Linux kernel's pseudo tty pty device. An unprivileged user could exploit this flaw to cause a denial of service system crash or potentially gain administrator privileges...

6.9CVSS7AI score0.22475EPSS
Exploits7
Ubuntu
Ubuntu
•added 2014/03/07 11:54 a.m.•72 views

USN-2137-1: Linux kernel (Saucy HWE) vulnerabilities

An information leak was discovered in the Linux kernel when built with the NetFilter Connection Tracking NFCONNTRACK support for IRC protocol NFNATIRC. A remote attacker could exploit this flaw to obtain potentially sensitive kernel information when communicating over a client- to-client IRC...

4.9CVSS6.7AI score0.03849EPSS
Exploits1
Ubuntu
Ubuntu
•added 2014/02/19 5:35 p.m.•72 views

USN-2102-2: Firefox regression

USN-2102-1 fixed vulnerabilities in Firefox. The update introduced a regression which could make Firefox crash under some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Christian Holler, Terrence Cole, Jesse Ruderman, Gary Kwong, Eric...

8.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2013/12/19 10:34 p.m.•72 views

USN-2061-1: OpenStack Keystone vulnerability

Steven Hardy discovered that Keystone did not properly enforce trusts when using the ec2tokens API. An authenticated attacker could exploit this to retrieve a token not scoped to the trust and elevate privileges to the trustor's roles...

5.8CVSS5.3AI score0.02239EPSS
Exploits2
Ubuntu
Ubuntu
•added 2013/12/03 7:36 p.m.•72 views

USN-2044-1: Linux kernel (OMAP4) vulnerabilities

A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. CVE-2013-4299 Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload UFO. An unprivileged...

6.9CVSS7.3AI score0.0381EPSS
Exploits2
Ubuntu
Ubuntu
•added 2013/10/01 3:8 p.m.•72 views

USN-1985-1: Python 3.3 vulnerabilities

Florian Weimer discovered that Python incorrectly handled matching multiple wildcards in ssl certificate hostnames. An attacker could exploit this to cause Python to consume resources, resulting in a denial of service. CVE-2013-2099 Ryan Sleevi discovered that Python did not properly handle...

4.3CVSS7.4AI score0.05347EPSS
Exploits1
Ubuntu
Ubuntu
•added 2013/09/27 12:41 p.m.•72 views

USN-1970-1: Linux kernel (Quantal HWE) vulnerabilities

Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A failure to validate block numbers was discovered in the Linux kernel's implementation of th...

6.9CVSS6.5AI score0.00557EPSS
Exploits1
Ubuntu
Ubuntu
•added 2013/06/14 7:7 a.m.•72 views

USN-1882-1: Linux kernel (OMAP4) vulnerabilities

Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote unauthenticated attacker could exploit this flaw to cause a denial of service system crash or potentially gain administrative privileges. CVE-2013-2850 Andy Lutomirski discover an error in the Linux kernel's credential...

7.9CVSS6.3AI score0.07313EPSS
Exploits9
Ubuntu
Ubuntu
•added 2013/06/14 5:58 a.m.•72 views

USN-1876-1: Linux kernel vulnerabilities

Andrew Honig reported a flaw in the way KVM Kernel-based Virtual Machine emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service crash the host. CVE-2013-1798 An information leak was discovered in the Linux kernel's rcvmsg path for ATM...

6.2CVSS6.5AI score0.0135EPSS
Exploits2
Ubuntu
Ubuntu
•added 2013/05/01 6:15 p.m.•72 views

USN-1812-1: Linux kernel (Quantal HWE) vulnerabilities

Mathias Krause discovered an information leak in the Linux kernel's UDF file system implementation. A local user could exploit this flaw to examine some of the kernel's heap memory. CVE-2012-6548 Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver...

7.2CVSS7.3AI score0.04707EPSS
Exploits7
Ubuntu
Ubuntu
•added 2012/08/10 10:9 p.m.•72 views

USN-1533-1: Linux kernel vulnerabilities

An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface which is not available to unprivileged users until granted by a root user could exploit this flaw to crash the system or potential gain administrative privileges...

7.6CVSS6.8AI score0.08738EPSS
Exploits9
Ubuntu
Ubuntu
•added 2012/07/11 11:7 p.m.•72 views

USN-1504-1: Qt vulnerabilities

It was discovered that Qt did not properly handle wildcard domain names or IP addresses in the Common Name field of X.509 certificates. An attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications. This issue only affecte...

9.3CVSS5.8AI score0.07543EPSS
Exploits1
Ubuntu
Ubuntu
•added 2012/06/29 7:34 p.m.•72 views

USN-1493-1: Linux kernel vulnerabilities

Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. CVE-2012-2313 Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user...

7.2CVSS6.8AI score0.00556EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/06/29 7:21 p.m.•72 views

USN-1492-1: Linux kernel vulnerabilities

Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. CVE-2012-2313 Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user...

7.2CVSS6.8AI score0.00556EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/06/12 9:51 p.m.•72 views

USN-1472-1: Linux kernel vulnerabilities

Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server attacker could exploit this flaw to cause a denial of service. CVE-2011-4131 A flaw was discovered in the Linux kernel's KVM kernel virtual machine. An administrative user in the guest OS could leverage...

7.2CVSS6.7AI score0.00775EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/05/30 12:58 a.m.•72 views

USN-1455-1: Linux kernel (Oneiric backport) vulnerabilities

A flaw was found in the Linux kernel's KVM Kernel Virtual Machine virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. CVE-2012-1601 Steve Grubb reported a flaw with Linux fscaps file system base capabilities when used to increa...

7.2CVSS6.6AI score0.00418EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/05/24 6:42 p.m.•72 views

USN-1451-1: OpenSSL vulnerabilities

Ivan Nestlerode discovered that the Cryptographic Message Syntax CMS and PKCS 7 implementations in OpenSSL returned early if RSA decryption failed. This could allow an attacker to expose sensitive information via a Million Message Attack MMA. CVE-2012-0884 It was discovered that an integer...

6.8CVSS7.9AI score0.28154EPSS
Exploits0
Ubuntu
Ubuntu
•added 2012/05/23 5:23 p.m.•72 views

USN-1450-1: Net-SNMP vulnerability

It was discovered that Net-SNMP incorrectly performed entry lookups in the extension table. A remote attacker could send a specially crafted request and cause the SNMP server to crash, leading to a denial of service...

3.5CVSS8.2AI score0.02167EPSS
Exploits0
Ubuntu
Ubuntu
•added 2012/04/03 5:13 p.m.•72 views

USN-1400-4: Thunderbird regressions

USN-1400-3 fixed vulnerabilities in Thunderbird. The new Thunderbird version caused a regression in IMAP connections and mail filtering. This update fixes the problem. Original advisory details: Soroush Dalili discovered that Firefox did not adequately protect against dropping JavaScript links on...

8.8AI score
Exploits0References2
Ubuntu
Ubuntu
•added 2012/02/28 4:31 p.m.•72 views

USN-1378-1: PostgreSQL vulnerabilities

It was discovered that PostgreSQL incorrectly checked permissions on functions called by a trigger. An attacker could attach a trigger to a table they owned and possibly escalate privileges. CVE-2012-0866 It was discovered that PostgreSQL incorrectly truncated SSL certificate name checks to 32...

6.8CVSS7.8AI score0.03625EPSS
Exploits1
Ubuntu
Ubuntu
•added 2012/01/24 2:8 p.m.•72 views

USN-1343-1: Thunderbird vulnerabilities

Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia Knous, and Rober Longson discovered several memory safety issues which could possibly be exploited to crash Thunderbird or execute arbitrary code as t...

10CVSS8.7AI score0.69882EPSS
Exploits11References1
Ubuntu
Ubuntu
•added 2012/01/13 5:28 a.m.•72 views

USN-1328-1: Linux kernel (Marvell DOVE) vulnerabilities

Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. CVE-2011-2203 A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. CVE-2011-4110...

2.1CVSS7.4AI score0.00489EPSS
Exploits3
Ubuntu
Ubuntu
•added 2011/11/21 7:42 p.m.•72 views

USN-1272-1: Linux kernel vulnerabilities

It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password. CVE-2011-1585 Andrea Righi discovered a race condition in the KSM memory merging support...

7.2CVSS7.4AI score0.00541EPSS
Exploits4
Ubuntu
Ubuntu
•added 2011/11/21 4:39 p.m.•72 views

USN-1268-1: Linux kernel vulnerabilities

It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password. CVE-2011-1585 It was discovered that the GRE protocol incorrectly handled netns...

7.8CVSS7.4AI score0.0283EPSS
Exploits10
Ubuntu
Ubuntu
•added 2011/05/05 9:15 p.m.•72 views

USN-1111-1: Linux kernel vulnerabilities

Dan Rosenberg discovered multiple flaws in the X.25 facilities parsing. If a system was using X.25, a remote attacker could exploit this to crash the system, leading to a denial of service. CVE-2010-4164 Vegard Nossum discovered that memory garbage collection was not handled correctly for active...

7.8CVSS6AI score0.04308EPSS
Exploits13
Ubuntu
Ubuntu
•added 2011/04/13 12:46 p.m.•72 views

USN-1109-1: GIMP vulnerabilities

It was discovered that GIMP incorrectly handled malformed data in certain plugin configuration files. If a user were tricked into opening a specially crafted plugin configuration file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges. The defaul...

9.3CVSS6AI score0.16273EPSS
Exploits3
Total number of security vulnerabilities5000