Lucene search
K
UbuntuMost viewed

10894 matches found

Ubuntu
Ubuntu
•added 2023/01/05 1:30 p.m.•71 views

USN-5782-2: Firefox regressions

USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use th...

8.3AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2022/12/05 11:0 a.m.•71 views

USN-5760-1: libxml2 vulnerabilities

It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash. CVE-2022-2309 It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information or cause ...

7.8CVSS6.7AI score0.22791EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/11/08 8:13 a.m.•71 views

USN-5714-1: LibTIFF vulnerabilities

It was discovered that LibTIFF incorrectly handled certain memory operations when using tiffcrop. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to cause a denial of service. This issue only affected Ubuntu 22.10. CVE-2022-2519,...

7.7CVSS6.6AI score0.01385EPSS
Exploits11
Ubuntu
Ubuntu
•added 2022/09/15 2:52 a.m.•71 views

USN-5612-1: Intel Microcode vulnerability

Pietro Borrello, Andreas Kogler, Martin Schwarzl, Daniel Gruss, Michael Schwarz and Moritz Lipp discovered that some Intel processors did not properly clear data between subsequent xAPIC MMIO reads. This could allow a local attacker to compromise SGX enclaves...

5.5CVSS6.7AI score0.00324EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/08 9:12 p.m.•71 views

USN-5604-1: LibTIFF vulnerabilities

It was discovered that LibTIFF incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. CVE-2022-2867, CVE-2022-2869 It was discovered that LibTIFF incorrectly handled certain files. An attacker could possibly u...

5.5CVSS7.1AI score0.003EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/08 6:44 p.m.•71 views

USN-5602-1: Linux kernel (Raspberry Pi) vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 Moshe Kol, Amit Klein and Yossi Gilad discovered that the I...

8.2CVSS6.8AI score0.02972EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/08/24 3:0 a.m.•71 views

USN-5576-1: Twisted vulnerability

It was discovered that Twisted incorrectly parsed some types of HTTP requests in its web server implementation. In certain proxy or multi-server configurations, a remote attacker could craft malicious HTTP requests in order to obtain sensitive information...

8.1CVSS7.7AI score0.028EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/06/16 3:33 p.m.•71 views

USN-5483-1: Exempi vulnerabilities

It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could cause Exempi to stop responding or crash, resulting in a denial of service, or possibly execute arbitrary code...

9.3CVSS6.8AI score0.05409EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/06/01 11:24 a.m.•71 views

USN-5457-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS7.9AI score0.01424EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/26 4:46 a.m.•71 views

USN-5445-1: Subversion vulnerabilities

Ace Olszowka discovered that Subversion incorrectly handled certain svnserve requests. A remote attacker could possibly use this issue to cause svnserver to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2018-11782 Tomas Bortoli discovered that Subversion...

7.5CVSS7AI score0.37516EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/04/21 1:20 p.m.•71 views

USN-5386-1: AIOHTTP vulnerability

Jelmer Vernooij and Beast Glatisant discovered that AIOHTTP incorrectly handled certain URLs, leading to an open redirect attack. A remote attacker could possibly use this issue to perform phishing attacks...

6.1CVSS7.1AI score0.01905EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/11/30 9:34 p.m.•71 views

USN-5161-1: Linux kernel vulnerabilities

Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information kernel memory. CVE-2021-3655 It was discovered that the AMD...

7.8CVSS6.9AI score0.00533EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/11/18 9:19 p.m.•71 views

USN-5152-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, spoof the UI, confuse the user, conduct phishing...

10CVSS7.6AI score0.0383EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/09/29 3:16 p.m.•71 views

USN-4556-1: netqmail vulnerabilities

It was discovered that netqmail did not properly handle certain input. Both remote and local attackers could use this vulnerability to cause netqmail to crash or execute arbitrary code. CVE-2005-1513, CVE-2005-1514, CVE-2005-1515 It was discovered that netqmail did not properly handle certain inp...

9.8CVSS6.9AI score0.10789EPSS
Exploits8
Ubuntu
Ubuntu
•added 2020/09/21 2:33 p.m.•71 views

USN-4521-1: pam_tacplus vulnerability

It was discovered that pamtacplus did not properly manage shared secrets if DEBUG loglevel and journald are used. A remote attacker could use this issue to expose sensitive information...

7.5CVSS7.2AI score0.01673EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/09/17 4:0 p.m.•71 views

USN-4514-1: libproxy vulnerability

It was discovered that libproxy incorrectly handled certain PAC files. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.4AI score0.04284EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/08/31 5:48 p.m.•71 views

USN-4478-1: Python-RSA vulnerability

It was discovered that Python-RSA incorrectly handled certain ciphertexts. An attacker could possibly use this issue to obtain sensitive information...

7.5CVSS7.4AI score0.01359EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/07/22 12:3 p.m.•71 views

USN-4429-1: Evolution Data Server vulnerability

It was discovered that Evolution Data Server incorrectly handled STARTTLS when using SMTP and POP3. A remote attacker could possibly use this issue to perform a response injection attack...

5.9CVSS7AI score0.02808EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/07/06 6:22 p.m.•71 views

USN-4418-1: OpenEXR vulnerabilities

It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...

5.5CVSS7AI score0.00464EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/07/06 6:16 p.m.•71 views

USN-4417-1: NSS vulnerability

Cesar Pereida, Billy Bob Brumley, Yuval Yarom, and Nicola Tuveri discovered that NSS incorrectly handled RSA key generation. A local attacker could possibly use this issue to perform a timing attack and recover RSA keys...

4.4CVSS7.3AI score0.00337EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/06/24 4:22 p.m.•71 views

USN-4403-1: Mutt vulnerability and regression

It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to enable MITM attacks. CVE-2020-14954 This update also address a regression caused in the last update USN-4401-1. It only affected Ubuntu 12.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and...

5.9CVSS6.6AI score0.02288EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2020/05/15 6:42 p.m.•71 views

USN-4360-2: json-c regression

USN-4360-1 fixed a vulnerability in json-c. The security fix introduced a memory leak in some scenarios. This update reverts the security fix pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovered that json-c incorrectly handled certain JSO...

5.9AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/04/22 4:22 p.m.•71 views

USN-4338-1: re2c vulnerability

Agostino Sarubbo discovered that re2c incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code...

7.8CVSS7.7AI score0.01656EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/30 1:6 p.m.•71 views

USN-4262-1: OpenStack Keystone vulnerability

Daniel Preussker discovered that OpenStack Keystone incorrectly handled the list credentials API. A user with a role on the project could use this issue to view any other user's credentials...

8.8CVSS7AI score0.0178EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/01/23 4:57 p.m.•71 views

USN-4233-2: GnuTLS update

USN-4233-1 disabled SHA1 being used for digital signature operations in GnuTLS. In certain network environments, certificates using SHA1 may still be in use. This update adds the %VERIFYALLOWBROKEN and %VERIFYALLOWSIGNWITHSHA1 priority strings that can be used to temporarily re-enable SHA1 until...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2019/11/13 1:33 p.m.•71 views

USN-4189-1: DPDK vulnerability

Jason Wang discovered that DPDK incorrectly handled certain messages. An attacker in a malicious container could possibly use this issue to cause DPDK to leak resources, resulting in a denial of service...

7.5CVSS7.2AI score0.02815EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/06/26 1:58 p.m.•71 views

USN-4038-2: bzip2 vulnerabilities

USN-4038-1 fixed several vulnerabilities in bzip2. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Aladdin Mubaied discovered that bzip2 incorrectly handled certain files. An attacker could possibly use this issue to cause a deni...

9.8CVSS7.5AI score0.15685EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/02/26 2:20 p.m.•71 views

USN-3894-1: GNOME Keyring vulnerability

It was discovered that GNOME Keyring incorrectly cleared out credentials supplied to the PAM module. A local attacker could possibly use this issue to discover login credentials...

7.8CVSS7.4AI score0.01483EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/01/24 9:16 p.m.•71 views

USN-3868-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass same-origin restrictions, or execute arbitrary code...

9.8CVSS8.1AI score0.09646EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/09/12 10:13 p.m.•71 views

USN-3747-2: OpenJDK 10 regression

USN-3747-1 fixed vulnerabilities in OpenJDK 10 for Ubuntu 18.04 LTS. Unfortunately, that update introduced a regression around accessability support that prevented some Java applications from starting. This update fixes the problem. We apologize for the inconvenience. Original advisory details: I...

6.6AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2018/08/20 5:25 p.m.•71 views

USN-3746-1: APT vulnerability

It was discovered that APT incorrectly handled the mirror method mirror://. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could potentially be used to install altered packages in environments configured to use mirror:// entries...

5.9CVSS5.9AI score0.00954EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/07/02 8:19 p.m.•71 views

USN-3698-1: Linux kernel vulnerabilities

It was discovered that the nested KVM implementation in the Linux kernel in some situations did not properly prevent second level guests from reading and writing the hardware CR8 register. A local attacker in a guest could use this to cause a denial of service system crash. CVE-2017-12154 Fan Wu,...

7.8CVSS7.2AI score0.00694EPSS
Exploits2
Ubuntu
Ubuntu
•added 2018/06/28 7:53 p.m.•71 views

USN-3686-2: file vulnerabilities

USN-3686-1 fixed a vulnerability in file. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that file incorrectly handled certain magic files. An attacker could use this issue with a specially crafted magic file to cause a denial of...

7.5CVSS7.2AI score0.04985EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/06/12 11:33 a.m.•71 views

USN-3680-1: libvirt vulnerability and update

Ken Johnson and Jann Horn independently discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via sidechannel attacks. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This update...

7.5CVSS7.2AI score0.60631EPSS
Exploits2
Ubuntu
Ubuntu
•added 2018/06/11 9:53 p.m.•71 views

USN-3675-1: GnuPG vulnerabilities

Marcus Brinkmann discovered that during decryption or verification, GnuPG did not properly filter out terminal sequences when reporting the original filename. An attacker could use this to specially craft a file that would cause an application parsing GnuPG output to incorrectly interpret the...

7.5CVSS7.1AI score0.08654EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/03/26 11:50 a.m.•71 views

USN-3606-1: LibTIFF vulnerabilities

It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges...

9.8CVSS7.4AI score0.10639EPSS
Exploits6
Ubuntu
Ubuntu
•added 2018/02/12 10:54 p.m.•71 views

USN-3544-2: Firefox regressions

USN-3544-1 fixed vulnerabilities in Firefox. The update caused a web compatibility regression and a tab crash during printing in some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. I...

7.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2018/01/09 11:57 p.m.•71 views

USN-3524-1: Linux kernel vulnerability

Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory...

5.6CVSS7.1AI score0.84172EPSS
Exploits3
Ubuntu
Ubuntu
•added 2017/11/21 6:49 a.m.•71 views

USN-3485-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3485-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a race condition existed in the ALSA subsystem of the Linux...

7.8CVSS7.4AI score0.0097EPSS
Exploits4
Ubuntu
Ubuntu
•added 2017/11/06 6:34 p.m.•71 views

USN-3475-1: OpenSSL vulnerabilities

It was discovered that OpenSSL incorrectly parsed the IPAddressFamily extension in X.509 certificates, resulting in an erroneous display of the certificate in text format. CVE-2017-3735 It was discovered that OpenSSL incorrectly performed the x8664 Montgomery squaring procedure. While unlikely, a...

6.5CVSS6.8AI score0.17699EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/10/31 10:13 a.m.•71 views

USN-3470-1: Linux kernel vulnerabilities

Qian Zhang discovered a heap-based buffer overflow in the tipcmsgbuild function in the Linux kernel. A local attacker could use to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges. CVE-2016-8632 Dmitry Vyukov discovered that a race condition...

7.8CVSS7.3AI score0.13378EPSS
Exploits11
Ubuntu
Ubuntu
•added 2017/10/24 1:18 p.m.•71 views

USN-3454-2: libffi vulnerability

USN-3454-1 fixed a vulnerability in libffi. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that libffi incorrectly enforced an executable stack. An attacker could possibly use this issue, in combination with another vulnerability, ...

7CVSS7.3AI score0.00503EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/09/18 10:29 p.m.•71 views

USN-3419-1: Linux kernel vulnerabilities

It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2017-1000251 It was discovered that a buffer overflow existed in t...

8CVSS7.5AI score0.16181EPSS
Exploits12
Ubuntu
Ubuntu
•added 2017/09/18 5:15 p.m.•71 views

USN-3346-2: Bind regression

USN-3346-1 fixed vulnerabilities in Bind. The fix for CVE-2017-3142 introduced a regression in the ability to receive an AXFR or IXFR in the case where TSIG is used and not every message is signed. This update fixes the problem. In addition, this update adds the new root zone key signing key KSK...

6.6AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2017/08/28 2:24 p.m.•71 views

USN-3199-3: Python Crypto vulnerability

USN-3199-1 fixed a vulnerability in Python Crypto. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that the ALGnew function in blocktemplace.c in the Python Cryptography Toolkit contained a heap-based buffer overflow vulnerability. ...

9.8CVSS9AI score0.09501EPSS
Exploits1
Ubuntu
Ubuntu
•added 2017/08/11 3:42 a.m.•71 views

USN-3385-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3385-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload UFO code...

7.8CVSS7AI score0.20797EPSS
Exploits19
Ubuntu
Ubuntu
•added 2017/08/07 4:53 p.m.•71 views

USN-3380-1: FreeRDP vulnerabilities

It was discovered that FreeRDP incorrectly handled certain width and height values. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS. CVE-2014-0250 It was discovered...

8.8CVSS7.5AI score0.0367EPSS
Exploits7
Ubuntu
Ubuntu
•added 2017/08/07 2:13 p.m.•71 views

USN-3339-2: OpenVPN vulnerability

USN-3339-1 fixed several issues in OpenVPN. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Guido Vranken discovered that OpenVPN incorrectly handled an HTTP proxy with NTLM authentication. A remote attacker could use this issue to cause OpenVPN...

7.4CVSS7.7AI score0.0338EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/08/07 1:49 p.m.•71 views

USN-3212-4: LibTIFF vulnerabilities

USN-3212-1 fixed several issues in LibTIFF. This update provides a subset of corresponding update for Ubuntu 12.04 ESM. Mei Wang discovered a multiple integer overflows in LibTIFF which allows remote attackers to cause a denial of service crash or execute arbitrary code via a crafted TIFF image,...

9.8CVSS8.2AI score0.04427EPSS
Exploits1
Ubuntu
Ubuntu
•added 2017/08/01 11:58 a.m.•71 views

USN-3294-2: Bash vulnerability

USN-3294-1 fixed a vulnerability in Bash. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Bash incorrectly handled the SHELLOPTS and PS4 environment variables. A local attacker could use this issue to execute arbitrary code wit...

8.4CVSS6.9AI score0.00576EPSS
Exploits0
Total number of security vulnerabilities5000