Lucene search
K
UbuntuMost viewed

10904 matches found

Ubuntu
Ubuntu
•added 2013/12/03 7:36 p.m.•72 views

USN-2044-1: Linux kernel (OMAP4) vulnerabilities

A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. CVE-2013-4299 Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload UFO. An unprivileged...

6.9CVSS7.3AI score0.0381EPSS
Exploits2
Ubuntu
Ubuntu
•added 2013/09/27 12:41 p.m.•72 views

USN-1970-1: Linux kernel (Quantal HWE) vulnerabilities

Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A failure to validate block numbers was discovered in the Linux kernel's implementation of th...

6.9CVSS6.5AI score0.00557EPSS
Exploits1
Ubuntu
Ubuntu
•added 2013/06/14 7:7 a.m.•72 views

USN-1882-1: Linux kernel (OMAP4) vulnerabilities

Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote unauthenticated attacker could exploit this flaw to cause a denial of service system crash or potentially gain administrative privileges. CVE-2013-2850 Andy Lutomirski discover an error in the Linux kernel's credential...

7.9CVSS6.3AI score0.07313EPSS
Exploits9
Ubuntu
Ubuntu
•added 2013/06/14 5:58 a.m.•72 views

USN-1876-1: Linux kernel vulnerabilities

Andrew Honig reported a flaw in the way KVM Kernel-based Virtual Machine emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service crash the host. CVE-2013-1798 An information leak was discovered in the Linux kernel's rcvmsg path for ATM...

6.2CVSS6.5AI score0.0135EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/08/10 10:9 p.m.•72 views

USN-1533-1: Linux kernel vulnerabilities

An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface which is not available to unprivileged users until granted by a root user could exploit this flaw to crash the system or potential gain administrative privileges...

7.6CVSS6.8AI score0.08738EPSS
Exploits9
Ubuntu
Ubuntu
•added 2012/07/11 11:7 p.m.•72 views

USN-1504-1: Qt vulnerabilities

It was discovered that Qt did not properly handle wildcard domain names or IP addresses in the Common Name field of X.509 certificates. An attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications. This issue only affecte...

9.3CVSS5.8AI score0.07543EPSS
Exploits1
Ubuntu
Ubuntu
•added 2012/06/29 7:34 p.m.•72 views

USN-1493-1: Linux kernel vulnerabilities

Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. CVE-2012-2313 Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user...

7.2CVSS6.8AI score0.00556EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/06/29 7:21 p.m.•72 views

USN-1492-1: Linux kernel vulnerabilities

Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. CVE-2012-2313 Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user...

7.2CVSS6.8AI score0.00556EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/06/12 9:51 p.m.•72 views

USN-1472-1: Linux kernel vulnerabilities

Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server attacker could exploit this flaw to cause a denial of service. CVE-2011-4131 A flaw was discovered in the Linux kernel's KVM kernel virtual machine. An administrative user in the guest OS could leverage...

7.2CVSS6.7AI score0.00775EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/05/30 12:58 a.m.•72 views

USN-1455-1: Linux kernel (Oneiric backport) vulnerabilities

A flaw was found in the Linux kernel's KVM Kernel Virtual Machine virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. CVE-2012-1601 Steve Grubb reported a flaw with Linux fscaps file system base capabilities when used to increa...

7.2CVSS6.6AI score0.00418EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/05/24 6:42 p.m.•72 views

USN-1451-1: OpenSSL vulnerabilities

Ivan Nestlerode discovered that the Cryptographic Message Syntax CMS and PKCS 7 implementations in OpenSSL returned early if RSA decryption failed. This could allow an attacker to expose sensitive information via a Million Message Attack MMA. CVE-2012-0884 It was discovered that an integer...

6.8CVSS7.9AI score0.28154EPSS
Exploits0
Ubuntu
Ubuntu
•added 2012/05/23 5:23 p.m.•72 views

USN-1450-1: Net-SNMP vulnerability

It was discovered that Net-SNMP incorrectly performed entry lookups in the extension table. A remote attacker could send a specially crafted request and cause the SNMP server to crash, leading to a denial of service...

3.5CVSS8.2AI score0.02167EPSS
Exploits0
Ubuntu
Ubuntu
•added 2012/04/03 5:13 p.m.•72 views

USN-1400-4: Thunderbird regressions

USN-1400-3 fixed vulnerabilities in Thunderbird. The new Thunderbird version caused a regression in IMAP connections and mail filtering. This update fixes the problem. Original advisory details: Soroush Dalili discovered that Firefox did not adequately protect against dropping JavaScript links on...

8.8AI score
Exploits0References2
Ubuntu
Ubuntu
•added 2012/02/28 4:31 p.m.•72 views

USN-1378-1: PostgreSQL vulnerabilities

It was discovered that PostgreSQL incorrectly checked permissions on functions called by a trigger. An attacker could attach a trigger to a table they owned and possibly escalate privileges. CVE-2012-0866 It was discovered that PostgreSQL incorrectly truncated SSL certificate name checks to 32...

6.8CVSS7.8AI score0.03625EPSS
Exploits1
Ubuntu
Ubuntu
•added 2012/01/24 2:8 p.m.•72 views

USN-1343-1: Thunderbird vulnerabilities

Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia Knous, and Rober Longson discovered several memory safety issues which could possibly be exploited to crash Thunderbird or execute arbitrary code as t...

10CVSS8.7AI score0.69882EPSS
Exploits11References1
Ubuntu
Ubuntu
•added 2012/01/13 5:28 a.m.•72 views

USN-1328-1: Linux kernel (Marvell DOVE) vulnerabilities

Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. CVE-2011-2203 A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. CVE-2011-4110...

2.1CVSS7.4AI score0.00489EPSS
Exploits3
Ubuntu
Ubuntu
•added 2011/11/21 4:39 p.m.•72 views

USN-1268-1: Linux kernel vulnerabilities

It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password. CVE-2011-1585 It was discovered that the GRE protocol incorrectly handled netns...

7.8CVSS7.4AI score0.0283EPSS
Exploits10
Ubuntu
Ubuntu
•added 2011/05/05 9:15 p.m.•72 views

USN-1111-1: Linux kernel vulnerabilities

Dan Rosenberg discovered multiple flaws in the X.25 facilities parsing. If a system was using X.25, a remote attacker could exploit this to crash the system, leading to a denial of service. CVE-2010-4164 Vegard Nossum discovered that memory garbage collection was not handled correctly for active...

7.8CVSS6AI score0.04308EPSS
Exploits13
Ubuntu
Ubuntu
•added 2011/04/13 12:46 p.m.•72 views

USN-1109-1: GIMP vulnerabilities

It was discovered that GIMP incorrectly handled malformed data in certain plugin configuration files. If a user were tricked into opening a specially crafted plugin configuration file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges. The defaul...

9.3CVSS6AI score0.16273EPSS
Exploits3
Ubuntu
Ubuntu
•added 2011/03/03 1:20 a.m.•72 views

USN-1049-1: Firefox and Xulrunner vulnerabilities

Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the...

10CVSS8.9AI score0.072EPSS
Exploits3
Ubuntu
Ubuntu
•added 2011/02/01 2:20 p.m.•72 views

USN-1053-1: Subversion vulnerabilities

It was discovered that Subversion incorrectly handled certain 'partial access' privileges in rare scenarios. Remote authenticated users could use this flaw to obtain sensitive information revision properties. This issue only applied to Ubuntu 6.06 LTS. CVE-2007-2448 It was discovered that the...

6.8CVSS6.8AI score0.05136EPSS
Exploits2
Ubuntu
Ubuntu
•added 2010/11/18 5:48 a.m.•72 views

USN-1018-1: OpenSSL vulnerability

Rob Hulswit discovered a race condition in the OpenSSL TLS server extension parsing code when used within a threaded server. A remote attacker could trigger this flaw to cause a denial of service or possibly execute arbitrary code with application privileges. CVE-2010-3864...

7.6CVSS8AI score0.22145EPSS
Exploits0
Ubuntu
Ubuntu
•added 2010/10/07 2:46 p.m.•72 views

USN-1003-1: OpenSSL vulnerabilities

It was discovered that OpenSSL incorrectly handled return codes from the bnwexpand function calls. A remote attacker could trigger this flaw in services that used SSL to cause a denial of service or possibly execute arbitrary code with application privileges. This issue only affected Ubuntu 6.06...

10CVSS7.7AI score0.09977EPSS
Exploits1
Ubuntu
Ubuntu
•added 2010/09/20 1:22 p.m.•72 views

USN-986-1: bzip2 vulnerability

An integer overflow was discovered in bzip2. If a user or automated system were tricked into decompressing a crafted bz2 file, an attacker could cause bzip2 or any application linked against libbz2 to crash or possibly execute code as the user running the program...

5.1CVSS6AI score0.03297EPSS
Exploits0
Ubuntu
Ubuntu
•added 2010/01/20 6:42 p.m.•72 views

USN-889-1: gzip vulnerabilities

It was discovered that gzip incorrectly handled certain malformed compressed files. If a user or automated system were tricked into opening a specially crafted gzip file, an attacker could cause gzip to crash or possibly execute arbitrary code with the privileges of the user invoking the program...

6.8CVSS8.2AI score0.04774EPSS
Exploits0
Ubuntu
Ubuntu
•added 2009/11/12 1:28 p.m.•72 views

USN-858-1: OpenLDAP vulnerability

It was discovered that OpenLDAP did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...

4.3CVSS5.4AI score0.03094EPSS
Exploits1
Ubuntu
Ubuntu
•added 2009/04/16 8:38 p.m.•72 views

USN-759-1: poppler vulnerabilities

Will Dormann, Alin Rad Pop, Braden Thomas, and Drew Yao discovered that poppler contained multiple security issues in its JBIG2 decoder. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privilege...

7.5CVSS5.6AI score0.07347EPSS
Exploits1
Ubuntu
Ubuntu
•added 2009/04/15 1:58 p.m.•72 views

USN-757-1: Ghostscript vulnerabilities

It was discovered that Ghostscript contained a buffer underflow in its CCITTFax decoding filter. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program...

9.3CVSS6.2AI score0.07365EPSS
Exploits4
Ubuntu
Ubuntu
•added 2009/01/09 12:0 a.m.•72 views

USN-706-1: Bind vulnerability

It was discovered that Bind did not properly perform signature verification. When DNSSEC with DSA signatures are in use, a remote attacker could exploit this to bypass signature validation to spoof DNS entries and poison DNS caches. Among other things, this could lead to misdirected email and web...

6.8CVSS6.8AI score0.0686EPSS
Exploits0
Ubuntu
Ubuntu
•added 2008/12/17 9:40 p.m.•72 views

USN-692-1: Gadu vulnerability

It was discovered that the Gadu library, used by some Instant Messaging clients, did not correctly verify certain packet sizes from the server. If a user connected to a malicious server, clients using Gadu could be made to crash, leading to a denial of service...

4.3CVSS5.2AI score0.01264EPSS
Exploits0
Ubuntu
Ubuntu
•added 2008/12/03 10:39 p.m.•72 views

USN-685-1: Net-SNMP vulnerabilities

Wes Hardaker discovered that the SNMP service did not correctly validate HMAC authentication requests. An unauthenticated remote attacker could send specially crafted SNMPv3 traffic with a valid username and gain access to the user's views without a valid authentication passphrase. CVE-2008-0960...

10CVSS6.5AI score0.6879EPSS
Exploits15
Ubuntu
Ubuntu
•added 2008/11/17 9:26 p.m.•72 views

USN-667-1: Firefox and xulrunner vulnerabilities

Liu Die Yu discovered an information disclosure vulnerability in Firefox when using saved .url shortcut files. If a user were tricked into downloading a crafted .url file and a crafted HTML file, an attacker could steal information from the user's cache. CVE-2008-4582 Georgi Guninski, Michal...

10CVSS8.7AI score0.10187EPSS
Exploits2
Ubuntu
Ubuntu
•added 2008/07/02 12:21 p.m.•72 views

USN-619-1: Firefox vulnerabilities

Various flaws were discovered in the browser engine. By tricking a user into opening a malicious web page, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2008-2798, CVE-2008-2799 Sever...

10CVSS5.9AI score0.13949EPSS
Exploits2
Ubuntu
Ubuntu
•added 2008/05/13 1:43 p.m.•72 views

USN-612-2: OpenSSH vulnerability

A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledg...

7.8CVSS6.6AI score0.70721EPSS
Exploits7References1
Ubuntu
Ubuntu
•added 2007/12/21 4:22 a.m.•72 views

USN-559-1: MySQL vulnerabilities

Joe Gallo and Artem Russakovskii discovered that the InnoDB engine in MySQL did not properly perform input validation. An authenticated user could use a crafted CONTAINS statement to cause a denial of service. CVE-2007-5925 It was discovered that under certain conditions MySQL could be made to...

7.1CVSS7.9AI score0.1426EPSS
Exploits4
Ubuntu
Ubuntu
•added 2007/12/18 11:39 p.m.•72 views

USN-557-1: GD library vulnerability

Mattias Bengtsson and Philip Olausson discovered that the GD library did not properly perform bounds checking when creating images. An attacker could send specially crafted input to applications linked against libgd2 and cause a denial of service or possibly execute arbitrary code...

6.8CVSS5.7AI score0.04219EPSS
Exploits1
Ubuntu
Ubuntu
•added 2007/04/09 9:49 p.m.•72 views

USN-450-1: ipsec-tools vulnerability

A flaw was discovered in the IPSec key exchange server "racoon". Remote attackers could send a specially crafted packet and disrupt established IPSec tunnels, leading to a denial of service...

4.3CVSS5.2AI score0.02851EPSS
Exploits0
Ubuntu
Ubuntu
•added 2007/03/07 1:54 a.m.•72 views

USN-431-1: Thunderbird vulnerabilities

The SSLv2 protocol support in the NSS library did not sufficiently check the validity of public keys presented with a SSL certificate. A malicious SSL web site using SSLv2 could potentially exploit this to execute arbitrary code with the user's privileges. CVE-2007-0008 The SSLv2 protocol support...

9.3CVSS8.9AI score0.5036EPSS
Exploits0
Ubuntu
Ubuntu
•added 2006/11/17 8:58 a.m.•72 views

USN-383-1: libpng vulnerability

Tavis Ormandy discovered that libpng did not correctly calculate the size of sPLT structures when reading an image. By tricking a user or an automated system into processing a specially crafted PNG file, an attacker could exploit this weakness to crash the application using the library...

2.6CVSS7.7AI score0.01729EPSS
Exploits1
Ubuntu
Ubuntu
•added 2006/10/10 4:43 p.m.•72 views

USN-360-1: awstats vulnerabilities

awstats did not fully sanitize input, which was passed directly to the user's browser, allowing for an XSS attack. If a user was tricked into following a specially crafted awstats URL, the user's authentication information could be exposed for the domain where awstats was hosted. CVE-2006-3681...

5CVSS5.5AI score0.09545EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/05/05 5:16 p.m.•71 views

USN-7479-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.42 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. Ubuntu 25.04 has been updated to MySQL 8.4.5. In addition to...

6.8CVSS6.1AI score0.00908EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/04/14 4:27 p.m.•71 views

USN-7436-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

9.8CVSS6.9AI score0.00858EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/04/10 4:38 p.m.•71 views

USN-6728-1: Squid vulnerabilities

Joshua Rogers discovered that Squid incorrectly handled collapsed forwarding. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2023-49288 Joshua Rogers discovered that Squ...

8.6CVSS6.8AI score0.88864EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/03/18 11:7 p.m.•71 views

USN-6699-1: Linux kernel vulnerabilities

Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service guest crash. CVE-2023-30456 It was discovered that the...

7.8CVSS6.9AI score0.0047EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/03/12 10:22 a.m.•71 views

USN-6689-1: Rack vulnerabilities

It was discovered that Rack incorrectly parse some headers. An attacker could possibly use this issue to cause a denial of service. CVE-2023-27539, CVE-2024-26141, CVE-2024-26146...

7.5CVSS6.5AI score0.01996EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/02/27 10:17 a.m.•71 views

USN-6305-2: PHP vulnerabilities

USN-6305-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled certain XML files. An attacker could possibly use this issue to...

9.8CVSS7.9AI score0.08003EPSS
Exploits4References1
Ubuntu
Ubuntu
•added 2024/02/09 12:4 p.m.•71 views

USN-6628-1: Linux kernel (Intel IoTG) vulnerabilities

Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-32250, CVE-2023-32252, CVE-2023-32257...

9CVSS7.2AI score0.0406EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/01/25 11:35 p.m.•71 views

USN-6607-1: Linux kernel (Azure) vulnerabilities

It was discovered that the SMB network file sharing protocol implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.2AI score0.00843EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/01/08 5:46 p.m.•71 views

USN-6567-1: QEMU vulnerabilities

Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2020-14394 It w...

8.8CVSS7.1AI score0.01891EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/11/21 7:58 p.m.•71 views

USN-6503-1: Linux kernel vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Bien Pham discovered that the netfiler subsystem in the Linux...

7.8CVSS7.2AI score0.0047EPSS
Exploits0
Total number of security vulnerabilities5000