Lucene search
K
UbuntuMost viewed

10890 matches found

Ubuntu
Ubuntu
•added 2013/12/11 2:29 p.m.•71 views

USN-2052-1: Firefox vulnerabilities

Ben Turner, Bobby Holley, Jesse Ruderman, Christian Holler and Christoph Diehl discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or...

10CVSS8.4AI score0.11076EPSS
Exploits13References1
Ubuntu
Ubuntu
•added 2013/11/08 9:59 p.m.•71 views

USN-2021-1: Linux kernel vulnerabilities

An information leak was discovered in the handling of ICMPv6 Router Advertisement RA messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service excessive retries and address-generation outage, and consequently obtain sensitive...

6.2CVSS7.1AI score0.04144EPSS
Exploits3
Ubuntu
Ubuntu
•added 2013/05/24 8:58 a.m.•71 views

USN-1833-1: Linux kernel vulnerabilities

Andy Lutomirski discover an error in the Linux kernel's credential handling on unix sockets. A local user could exploit this flaw to gain administrative privileges. CVE-2013-1979 A buffer overflow vulnerability was discovered in the Broadcom tg3 ethernet driver for the Linux kernel. A local user...

7.2CVSS6.8AI score0.00985EPSS
Exploits3
Ubuntu
Ubuntu
•added 2013/02/28 6:8 p.m.•71 views

USN-1732-2: OpenSSL regression

USN-1732-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2013-0169 and CVE-2012-2686 introduced a regression causing decryption failures on hardware supporting AES-NI. This update temporarily reverts the security fix pending further investigation. We apologize for the inconvenience. Original...

6.6AI score0.39593EPSS
Exploits3References1
Ubuntu
Ubuntu
•added 2013/02/22 5:39 a.m.•71 views

USN-1744-1: Linux kernel vulnerability

Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered a race condition in the Linux kernel's ptrace syscall. An unprivileged local attacker could exploit this flaw to run programs as an administrator. CVE-2013-0871 A flaw was discovered in the Edgeort USB serial converter...

6.9CVSS6.6AI score0.01434EPSS
Exploits3
Ubuntu
Ubuntu
•added 2013/02/22 5:22 a.m.•71 views

USN-1743-1: Linux kernel (Quantal HWE) vulnerability

Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered a race condition in the Linux kernel's ptrace syscall. An unprivileged local attacker could exploit this flaw to run programs as an administrator. CVE-2013-0871 A flaw was discovered in the Edgeort USB serial converter...

6.9CVSS6.6AI score0.01434EPSS
Exploits3
Ubuntu
Ubuntu
•added 2013/02/14 10:0 p.m.•71 views

USN-1724-1: OpenJDK vulnerabilities

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to cause a denial of service. CVE-2012-1541, CVE-2012-3342, CVE-2013-0351, CVE-2013-0419, CVE-2013-0423, CVE-2013-0446, CVE-2012-3213, CVE-2013-0425,...

10CVSS7.3AI score0.10924EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/10/30 1:19 a.m.•71 views

USN-1620-2: Thunderbird vulnerabilities

USN-1620-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Please note that Thunderbird is only affected by window.location issues through RSS feeds and extensions that load web content. Original advisory details: Mariusz Mlynski and others...

6.4CVSS8.2AI score0.03287EPSS
Exploits2References1
Ubuntu
Ubuntu
•added 2012/10/05 1:29 a.m.•71 views

USN-1597-1: Linux kernel (EC2) vulnerability

A flaw was found in how the Linux kernel passed the replacement session keyring to a child process. An unprivileged local user could exploit this flaw to cause a denial of service panic...

4.7CVSS5.6AI score0.0038EPSS
Exploits0
Ubuntu
Ubuntu
•added 2012/09/21 10:1 p.m.•71 views

USN-1580-1: Linux kernel (OMAP4) vulnerabilities

Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO TCP segment offload. A local or peer user could exploit this flaw to to cause a denial of service. CVE-2012-3412 Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS...

7.8CVSS6.2AI score0.06158EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/09/19 1:12 a.m.•71 views

USN-1572-1: Linux kernel vulnerabilities

Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO TCP segment offload. A local or peer user could exploit this flaw to to cause a denial of service. CVE-2012-3412 Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS...

7.8CVSS6.6AI score0.06158EPSS
Exploits5
Ubuntu
Ubuntu
•added 2012/08/16 2:47 p.m.•71 views

USN-1540-1: NSS vulnerability

Kaspar Brand discovered a vulnerability in how the Network Security Services NSS ASN.1 decoder handles zero length items. If the user were tricked into opening a specially crafted certificate, an attacker could possibly exploit this to cause a denial of service via application crash...

5CVSS8.3AI score0.02945EPSS
Exploits0
Ubuntu
Ubuntu
•added 2012/05/30 12:58 a.m.•71 views

USN-1455-1: Linux kernel (Oneiric backport) vulnerabilities

A flaw was found in the Linux kernel's KVM Kernel Virtual Machine virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. CVE-2012-1601 Steve Grubb reported a flaw with Linux fscaps file system base capabilities when used to increa...

7.2CVSS6.6AI score0.00418EPSS
Exploits2
Ubuntu
Ubuntu
•added 2012/05/24 6:42 p.m.•71 views

USN-1451-1: OpenSSL vulnerabilities

Ivan Nestlerode discovered that the Cryptographic Message Syntax CMS and PKCS 7 implementations in OpenSSL returned early if RSA decryption failed. This could allow an attacker to expose sensitive information via a Million Message Attack MMA. CVE-2012-0884 It was discovered that an integer...

6.8CVSS7.9AI score0.28154EPSS
Exploits0
Ubuntu
Ubuntu
•added 2012/05/23 5:23 p.m.•71 views

USN-1450-1: Net-SNMP vulnerability

It was discovered that Net-SNMP incorrectly performed entry lookups in the extension table. A remote attacker could send a specially crafted request and cause the SNMP server to crash, leading to a denial of service...

3.5CVSS8.2AI score0.02167EPSS
Exploits0
Ubuntu
Ubuntu
•added 2012/05/01 5:24 a.m.•71 views

USN-1433-1: Linux kernel (Oneiric backport) vulnerabilities

A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. CVE-2011-4086 Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the...

7.8CVSS6.3AI score0.01014EPSS
Exploits5
Ubuntu
Ubuntu
•added 2012/04/03 5:13 p.m.•71 views

USN-1400-4: Thunderbird regressions

USN-1400-3 fixed vulnerabilities in Thunderbird. The new Thunderbird version caused a regression in IMAP connections and mail filtering. This update fixes the problem. Original advisory details: Soroush Dalili discovered that Firefox did not adequately protect against dropping JavaScript links on...

8.8AI score
Exploits0References2
Ubuntu
Ubuntu
•added 2012/02/17 9:29 p.m.•71 views

USN-1367-3: Thunderbird vulnerability

USN-1367-1 fixed vulnerabilities in libpng. This provides the corresponding update for Thunderbird. Original advisory details: Jueri Aedla discovered that libpng did not properly verify the size used when allocating memory during chunk decompression. If a user or automated system using libpng wer...

6.8CVSS7.8AI score0.73164EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2011/12/15 2:10 p.m.•71 views

USN-1309-1: DHCP vulnerability

It was discovered that the DHCP server incorrectly handled certain malformed packets when configured to evaluate regular expressions. A remote attacker could use this issue to cause DHCP to crash, resulting in a denial of service...

5CVSS6.3AI score0.15478EPSS
Exploits0
Ubuntu
Ubuntu
•added 2011/12/13 10:25 a.m.•71 views

USN-1299-1: Linux kernel (EC2) vulnerabilities

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 Zheng Liu discovered a flaw in how the ext4 filesystem splits extents. A local unprivileged attacker could...

7.2CVSS6.6AI score0.03212EPSS
Exploits7
Ubuntu
Ubuntu
•added 2011/11/21 4:39 p.m.•71 views

USN-1268-1: Linux kernel vulnerabilities

It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password. CVE-2011-1585 It was discovered that the GRE protocol incorrectly handled netns...

7.8CVSS7.4AI score0.0283EPSS
Exploits10
Ubuntu
Ubuntu
•added 2011/10/04 7:38 p.m.•71 views

USN-1226-2: cifs-utils vulnerabilities

Dan Rosenberg discovered that cifs-utils incorrectly handled changes to the mtab file. A local attacker could use this issue to corrupt the mtab file, possibly leading to a denial of service. CVE-2011-1678 Jan Lieskovsky discovered that cifs-utils incorrectly filtered certain strings being added ...

3.3CVSS7.2AI score0.00531EPSS
Exploits2
Ubuntu
Ubuntu
•added 2011/03/03 1:20 a.m.•71 views

USN-1049-1: Firefox and Xulrunner vulnerabilities

Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the...

10CVSS8.9AI score0.072EPSS
Exploits3
Ubuntu
Ubuntu
•added 2010/09/29 2:2 p.m.•71 views

USN-993-1: libgdiplus vulnerability

Stefan Cornelius discovered that libgdiplus incorrectly handled certain image files. If a user or automated system were tricked into opening a crafted image file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program...

6.8CVSS5.6AI score0.01914EPSS
Exploits0
Ubuntu
Ubuntu
•added 2010/08/25 2:38 p.m.•71 views

USN-976-1: Tomcat vulnerability

It was discovered that Tomcat incorrectly handled invalid Transfer-Encoding headers. A remote attacker could send specially crafted requests containing invalid headers to the server and cause a denial of service, or possibly obtain sensitive information from other requests...

6.4CVSS5.7AI score0.54779EPSS
Exploits2
Ubuntu
Ubuntu
•added 2010/06/29 8:41 p.m.•71 views

USN-930-1: Firefox and Xulrunner vulnerabilities

If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.0...

10CVSS9.1AI score0.11418EPSS
Exploits8
Ubuntu
Ubuntu
•added 2010/01/20 7:2 p.m.•71 views

USN-890-1: Expat vulnerabilities

Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash. CVE-2009-2625, CVE-2009-3720 ...

5CVSS6.5AI score0.3038EPSS
Exploits5
Ubuntu
Ubuntu
•added 2010/01/20 6:42 p.m.•71 views

USN-889-1: gzip vulnerabilities

It was discovered that gzip incorrectly handled certain malformed compressed files. If a user or automated system were tricked into opening a specially crafted gzip file, an attacker could cause gzip to crash or possibly execute arbitrary code with the privileges of the user invoking the program...

6.8CVSS8.2AI score0.04774EPSS
Exploits0
Ubuntu
Ubuntu
•added 2009/05/19 9:7 p.m.•71 views

USN-777-1: Ntp vulnerabilities

A stack-based buffer overflow was discovered in ntpq. If a user were tricked into connecting to a malicious ntp server, a remote attacker could cause a denial of service in ntpq, or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2009-0159 Chris Ries...

6.8CVSS7.5AI score0.21123EPSS
Exploits2
Ubuntu
Ubuntu
•added 2009/05/13 2:12 p.m.•71 views

USN-776-2: KVM regression

USN-776-1 fixed vulnerabilities in KVM. Due to an incorrect fix, a regression was introduced in Ubuntu 8.04 LTS that caused KVM to fail to boot virtual machines started via libvirt. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Avi Kivity discovered...

7.8AI score0.02112EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2009/05/11 2:43 p.m.•71 views

USN-774-1: MoinMoin vulnerability

It was discovered that MoinMoin did not properly sanitize its input when attaching files, resulting in cross-site scripting XSS vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could...

4.3CVSS5AI score0.02482EPSS
Exploits1
Ubuntu
Ubuntu
•added 2009/05/07 5:57 p.m.•71 views

USN-773-1: Pango vulnerability

Will Drewry discovered that Pango incorrectly handled rendering text with long glyphstrings. If a user were tricked into displaying specially crafted data with applications linked against Pango, such as Firefox, an attacker could cause a denial of service or execute arbitrary code with privileges...

6.8CVSS5.5AI score0.0413EPSS
Exploits2
Ubuntu
Ubuntu
•added 2009/01/09 12:0 a.m.•71 views

USN-706-1: Bind vulnerability

It was discovered that Bind did not properly perform signature verification. When DNSSEC with DSA signatures are in use, a remote attacker could exploit this to bypass signature validation to spoof DNS entries and poison DNS caches. Among other things, this could lead to misdirected email and web...

6.8CVSS6.8AI score0.0686EPSS
Exploits0
Ubuntu
Ubuntu
•added 2008/12/17 9:40 p.m.•71 views

USN-692-1: Gadu vulnerability

It was discovered that the Gadu library, used by some Instant Messaging clients, did not correctly verify certain packet sizes from the server. If a user connected to a malicious server, clients using Gadu could be made to crash, leading to a denial of service...

4.3CVSS5.2AI score0.01264EPSS
Exploits0
Ubuntu
Ubuntu
•added 2008/12/03 10:39 p.m.•71 views

USN-685-1: Net-SNMP vulnerabilities

Wes Hardaker discovered that the SNMP service did not correctly validate HMAC authentication requests. An unauthenticated remote attacker could send specially crafted SNMPv3 traffic with a valid username and gain access to the user's views without a valid authentication passphrase. CVE-2008-0960...

10CVSS6.5AI score0.6879EPSS
Exploits15
Ubuntu
Ubuntu
•added 2008/11/17 9:26 p.m.•71 views

USN-667-1: Firefox and xulrunner vulnerabilities

Liu Die Yu discovered an information disclosure vulnerability in Firefox when using saved .url shortcut files. If a user were tricked into downloading a crafted .url file and a crafted HTML file, an attacker could steal information from the user's cache. CVE-2008-4582 Georgi Guninski, Michal...

10CVSS8.7AI score0.10187EPSS
Exploits2
Ubuntu
Ubuntu
•added 2007/08/29 11:10 p.m.•71 views

USN-507-1: tcp-wrappers vulnerability

It was discovered that the TCP wrapper library was incorrectly allowing connections to services that did not specify server-side connection details. Remote attackers could connect to services that had been configured to block such connections. This only affected Ubuntu Feisty...

5CVSS5.3AI score0.02233EPSS
Exploits0
Ubuntu
Ubuntu
•added 2006/10/10 4:43 p.m.•71 views

USN-360-1: awstats vulnerabilities

awstats did not fully sanitize input, which was passed directly to the user's browser, allowing for an XSS attack. If a user was tricked into following a specially crafted awstats URL, the user's authentication information could be exposed for the domain where awstats was hosted. CVE-2006-3681...

5CVSS5.5AI score0.09545EPSS
Exploits2
Ubuntu
Ubuntu
•added 2006/07/26 2:47 a.m.•71 views

USN-323-1: mozilla vulnerabilities

Jonas Sicking discovered that under some circumstances persisted XUL attributes are associated with the wrong URL. A malicious web site could exploit this to execute arbitrary code with the privileges of the user. MFSA 2006-35, CVE-2006-2775 Paul Nickerson discovered that content-defined setters ...

9.3CVSS9.1AI score0.07251EPSS
Exploits0
Ubuntu
Ubuntu
•added 2005/12/23 12:16 a.m.•71 views

USN-231-1: Linux kernel vulnerabilities

Rudolf Polzer reported an abuse of the 'loadkeys' command. By redefining one or more keys and tricking another user like root into logging in on a text console and typing something that involves the redefined keys, a local user could cause execution of arbitrary commands with the privileges of th...

7.8CVSS5.6AI score0.05357EPSS
Exploits4
Ubuntu
Ubuntu
•added 2005/12/06 6:2 p.m.•71 views

USN-224-1: Kerberos vulnerabilities

Gaël Delalleau discovered a buffer overflow in the envoptadd function of the Kerberos 4 and 5 telnet clients. By sending specially crafted replies, a malicious telnet server could exploit this to execute arbitrary code with the privileges of the user running the telnet client. CVE-2005-0468 Gaël...

9.8CVSS9.1AI score0.27073EPSS
Exploits0
Ubuntu
Ubuntu
•added 2005/03/29 4:16 a.m.•71 views

USN-101-1: telnet vulnerabilities

A buffer overflow was discovered in the telnet client's handling of the LINEMODE suboptions. By sending a specially constructed reply containing a large number of SLC Set Local Character commands, a remote attacker i. e. a malicious telnet server could execute arbitrary commands with the privileg...

7.5CVSS8.7AI score0.08635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2004/11/02 2:33 a.m.•71 views

USN-14-1: xpdf vulnerabilities

Markus Meissner discovered even more integer overflow vulnerabilities in xpdf, a viewer for PDF files. These integer overflows can eventually lead to buffer overflows. The Common UNIX Printing System CUPS uses the same code to print PDF files; tetex-bin uses the code to generate PDF output and...

10CVSS6.1AI score0.09334EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/02/23 7:36 p.m.•70 views

USN-6651-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the ATM Asynchronous Transfer Mode subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51780 It was...

7.8CVSS7.2AI score0.12836EPSS
Exploits9
Ubuntu
Ubuntu
•added 2024/01/08 5:46 p.m.•70 views

USN-6567-1: QEMU vulnerabilities

Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2020-14394 It w...

8.8CVSS7.1AI score0.01606EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/12/12 12:15 p.m.•70 views

USN-6550-1: PostfixAdmin vulnerabilities

It was discovered that Smarty, that is integrated in the PostfixAdmin code, was not properly sanitizing user input when generating templates. An attacker could, through PHP injection, possibly use this issue to execute arbitrary code. CVE-2022-29221 It was discovered that Moment.js, that is...

8.8CVSS6.6AI score0.04923EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/11/30 5:56 p.m.•70 views

USN-6494-2: Linux kernel vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Lucas Leong discovered that the netfilter subsystem in the...

7.8CVSS7.3AI score0.00856EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/10/31 9:7 p.m.•70 views

USN-6465-1: Linux kernel vulnerabilities

Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2023-31083 Lin Ma discovered that the Netlink...

5.5CVSS6.7AI score0.00454EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/30 4:10 p.m.•70 views

USN-6441-3: Linux kernel vulnerabilities

Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...

7.8CVSS7.5AI score0.00549EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/10/19 10:22 p.m.•70 views

USN-6443-1: Linux kernel (OEM) vulnerabilities

Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-42752 Kyle Zeng discovered that the IPv...

7.8CVSS7.1AI score0.004EPSS
Exploits2
Total number of security vulnerabilities5000