Lucene search
K
UbuntuMost viewed

10891 matches found

Ubuntu
Ubuntu
•added 2010/06/29 8:41 p.m.•71 views

USN-930-1: Firefox and Xulrunner vulnerabilities

If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.0...

10CVSS9.1AI score0.11418EPSS
Exploits8
Ubuntu
Ubuntu
•added 2010/01/20 7:2 p.m.•71 views

USN-890-1: Expat vulnerabilities

Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash. CVE-2009-2625, CVE-2009-3720 ...

5CVSS6.5AI score0.3038EPSS
Exploits5
Ubuntu
Ubuntu
•added 2009/05/19 9:7 p.m.•71 views

USN-777-1: Ntp vulnerabilities

A stack-based buffer overflow was discovered in ntpq. If a user were tricked into connecting to a malicious ntp server, a remote attacker could cause a denial of service in ntpq, or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2009-0159 Chris Ries...

6.8CVSS7.5AI score0.21123EPSS
Exploits2
Ubuntu
Ubuntu
•added 2009/05/13 2:12 p.m.•71 views

USN-776-2: KVM regression

USN-776-1 fixed vulnerabilities in KVM. Due to an incorrect fix, a regression was introduced in Ubuntu 8.04 LTS that caused KVM to fail to boot virtual machines started via libvirt. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Avi Kivity discovered...

7.8AI score0.02112EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2009/05/11 2:43 p.m.•71 views

USN-774-1: MoinMoin vulnerability

It was discovered that MoinMoin did not properly sanitize its input when attaching files, resulting in cross-site scripting XSS vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could...

4.3CVSS5AI score0.02482EPSS
Exploits1
Ubuntu
Ubuntu
•added 2009/05/07 5:57 p.m.•71 views

USN-773-1: Pango vulnerability

Will Drewry discovered that Pango incorrectly handled rendering text with long glyphstrings. If a user were tricked into displaying specially crafted data with applications linked against Pango, such as Firefox, an attacker could cause a denial of service or execute arbitrary code with privileges...

6.8CVSS5.5AI score0.0413EPSS
Exploits2
Ubuntu
Ubuntu
•added 2008/12/22 2:32 p.m.•71 views

USN-698-2: Nagios3 vulnerabilities

It was discovered that Nagios was vulnerable to a Cross-site request forgery CSRF vulnerability. If an authenticated nagios user were tricked into clicking a link on a specially crafted web page, an attacker could trigger commands to be processed by Nagios and execute arbitrary programs. This...

6.8CVSS5.8AI score0.06738EPSS
Exploits0
Ubuntu
Ubuntu
•added 2008/07/02 12:21 p.m.•71 views

USN-619-1: Firefox vulnerabilities

Various flaws were discovered in the browser engine. By tricking a user into opening a malicious web page, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2008-2798, CVE-2008-2799 Sever...

10CVSS5.9AI score0.13949EPSS
Exploits2
Ubuntu
Ubuntu
•added 2007/08/29 11:10 p.m.•71 views

USN-507-1: tcp-wrappers vulnerability

It was discovered that the TCP wrapper library was incorrectly allowing connections to services that did not specify server-side connection details. Remote attackers could connect to services that had been configured to block such connections. This only affected Ubuntu Feisty...

5CVSS5.3AI score0.02233EPSS
Exploits0
Ubuntu
Ubuntu
•added 2006/07/26 2:47 a.m.•71 views

USN-323-1: mozilla vulnerabilities

Jonas Sicking discovered that under some circumstances persisted XUL attributes are associated with the wrong URL. A malicious web site could exploit this to execute arbitrary code with the privileges of the user. MFSA 2006-35, CVE-2006-2775 Paul Nickerson discovered that content-defined setters ...

9.3CVSS9.1AI score0.07251EPSS
Exploits0
Ubuntu
Ubuntu
•added 2005/12/23 12:16 a.m.•71 views

USN-231-1: Linux kernel vulnerabilities

Rudolf Polzer reported an abuse of the 'loadkeys' command. By redefining one or more keys and tricking another user like root into logging in on a text console and typing something that involves the redefined keys, a local user could cause execution of arbitrary commands with the privileges of th...

7.8CVSS5.6AI score0.05357EPSS
Exploits4
Ubuntu
Ubuntu
•added 2005/12/06 6:2 p.m.•71 views

USN-224-1: Kerberos vulnerabilities

Gaël Delalleau discovered a buffer overflow in the envoptadd function of the Kerberos 4 and 5 telnet clients. By sending specially crafted replies, a malicious telnet server could exploit this to execute arbitrary code with the privileges of the user running the telnet client. CVE-2005-0468 Gaël...

9.8CVSS9.1AI score0.27073EPSS
Exploits0
Ubuntu
Ubuntu
•added 2005/03/29 4:16 a.m.•71 views

USN-101-1: telnet vulnerabilities

A buffer overflow was discovered in the telnet client's handling of the LINEMODE suboptions. By sending a specially constructed reply containing a large number of SLC Set Local Character commands, a remote attacker i. e. a malicious telnet server could execute arbitrary commands with the privileg...

7.5CVSS8.7AI score0.08635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2004/11/02 2:33 a.m.•71 views

USN-14-1: xpdf vulnerabilities

Markus Meissner discovered even more integer overflow vulnerabilities in xpdf, a viewer for PDF files. These integer overflows can eventually lead to buffer overflows. The Common UNIX Printing System CUPS uses the same code to print PDF files; tetex-bin uses the code to generate PDF output and...

10CVSS6.1AI score0.09334EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/02/23 7:36 p.m.•70 views

USN-6651-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the ATM Asynchronous Transfer Mode subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51780 It was...

7.8CVSS7.2AI score0.12836EPSS
Exploits9
Ubuntu
Ubuntu
•added 2024/01/08 5:46 p.m.•70 views

USN-6567-1: QEMU vulnerabilities

Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2020-14394 It w...

8.8CVSS7.1AI score0.01606EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/12/12 12:15 p.m.•70 views

USN-6550-1: PostfixAdmin vulnerabilities

It was discovered that Smarty, that is integrated in the PostfixAdmin code, was not properly sanitizing user input when generating templates. An attacker could, through PHP injection, possibly use this issue to execute arbitrary code. CVE-2022-29221 It was discovered that Moment.js, that is...

8.8CVSS6.6AI score0.04923EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/11/30 5:56 p.m.•70 views

USN-6494-2: Linux kernel vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Lucas Leong discovered that the netfilter subsystem in the...

7.8CVSS7.3AI score0.00856EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/10/31 9:7 p.m.•70 views

USN-6465-1: Linux kernel vulnerabilities

Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2023-31083 Lin Ma discovered that the Netlink...

5.5CVSS6.7AI score0.00454EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/30 4:10 p.m.•70 views

USN-6441-3: Linux kernel vulnerabilities

Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...

7.8CVSS7.5AI score0.00549EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/10/19 10:22 p.m.•70 views

USN-6443-1: Linux kernel (OEM) vulnerabilities

Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-42752 Kyle Zeng discovered that the IPv...

7.8CVSS7.1AI score0.004EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/10/19 4:12 p.m.•70 views

USN-6438-1: .NET vulnerabilities

Kevin Jones discovered that .NET did not properly process certain X.509 certificates. An attacker could possibly use this issue to cause a denial of service. CVE-2023-36799 It was discovered that the .NET Kestrel web server did not properly handle HTTP/2 requests. A remote attacker could possibly...

7.5CVSS7.3AI score0.99999EPSS
Exploits19
Ubuntu
Ubuntu
•added 2023/10/17 10:25 a.m.•70 views

USN-6432-1: Quagga vulnerabilities

It was discovered that the Quagga BGP daemon did not properly check the attribute length in NRLI. A remote attacker could possibly use this issue to cause a denial of service. CVE-2023-41358 It was discovered that the Quagga BGP daemon did not properly manage memory when reading initial bytes of...

9.1CVSS6.6AI score0.01058EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/08/30 10:45 a.m.•70 views

USN-6263-2: OpenJDK regression

USN-6263-1 fixed vulnerabilities in OpenJDK. Unfortunately, that update introduced a regression when opening APK, ZIP or JAR files in OpenJDK 11 and OpenJDK 17. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Motoyasu Saburi discovered that OpenJDK...

6.1AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/08/17 7:33 p.m.•70 views

USN-6299-1: poppler vulnerabilities

It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked into opening a specially crafted PDF file, a remote attacker could possibly use this issue to cause a denial of service. CVE-2020-36023, CVE-2020-36024...

6.5CVSS7AI score0.00927EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/08/11 5:51 p.m.•70 views

USN-6285-1: Linux kernel (OEM) vulnerabilities

It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2022-48502...

9.1CVSS7.6AI score0.15783EPSS
Exploits18
Ubuntu
Ubuntu
•added 2023/07/19 8:45 a.m.•70 views

USN-6236-1: ConnMan vulnerabilities

It was discovered that ConnMan could be made to write out of bounds. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2021-26675,...

9.8CVSS7.7AI score0.02863EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/07/12 7:9 p.m.•70 views

USN-6222-1: Linux kernel (Xilinx ZynqMP) vulnerabilities

Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2022-3108...

7.8CVSS7.2AI score0.16642EPSS
Exploits12
Ubuntu
Ubuntu
•added 2023/06/14 1:26 p.m.•70 views

USN-6165-1: GLib vulnerabilities

It was discovered that GLib incorrectly handled non-normal GVariants. An attacker could use this issue to cause GLib to crash, resulting in a denial of service, or perform other unknown attacks...

7.8CVSS6.7AI score0.00774EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/25 3:13 p.m.•70 views

USN-6109-1: Linux kernel (Raspberry Pi) vulnerabilities

Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service system crash. CVE-2022-3707 Jordy Zomer and Alexandra Sandulescu discover...

7.8CVSS7.1AI score0.00635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/18 9:35 a.m.•70 views

USN-6087-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. CVE-2023-28755 It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possily use this issue to cause a deni...

5.3CVSS7.6AI score0.02637EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/16 1:55 p.m.•70 views

USN-6079-1: Linux kernel vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Ziming Zhang discovered that the VMware Virtual GPU DR...

7.8CVSS7.4AI score0.71737EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/04/17 11:55 a.m.•70 views

USN-5855-4: ImageMagick vulnerabilities

USN-5855-1 fixed vulnerabilities in ImageMagick. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that ImageMagick incorrectly handled certain PNG images. If a user or automated system were tricked into opening ...

6.5CVSS7.7AI score0.89855EPSS
Exploits31
Ubuntu
Ubuntu
•added 2023/03/13 3:8 p.m.•70 views

USN-5948-1: Werkzeug vulnerabilities

It was discovered that Werkzeug did not properly handle the parsing of nameless cookies. A remote attacker could possibly use this issue to shadow other cookies. CVE-2023-23934 It was discovered that Werkzeug could be made to process unlimited number of multipart form data parts. A remote attacke...

7.5CVSS6.6AI score0.0142EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/03/06 9:40 p.m.•70 views

USN-5924-1: Linux kernel (Azure) vulnerabilities

It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...

8.8CVSS7.5AI score0.04947EPSS
Exploits8
Ubuntu
Ubuntu
•added 2023/02/27 12:51 p.m.•70 views

USN-5893-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS8AI score0.09426EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/02/10 2:8 p.m.•70 views

USN-5865-1: Linux kernel (Azure) vulnerabilities

It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 V4L2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20369 Pawan Kumar Gupta, Alyssa Milburn, Ami...

7CVSS7.3AI score0.04947EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/01/10 9:3 p.m.•70 views

USN-5798-1: .NET 6 vulnerability

Johan Gorter discovered that .NET 6 incorrectly processed certain invalid HTTP requests. An attacker could possibly use this issue to cause a denial of service condition for an exposed endpoint...

7.5CVSS8AI score0.0274EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/11/24 8:11 a.m.•70 views

USN-5736-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain values when processing PDF files. If a user or automated system using ImageMagick were tricked into opening a specially crafted PDF file, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 14....

7.8CVSS6.6AI score0.0238EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/11/02 12:10 p.m.•70 views

USN-5711-1: NTFS-3G vulnerability

Yuchen Zeng and Eduardo Vela discovered that NTFS-3G incorrectly validated certain NTFS metadata. A local attacker could possibly use this issue to gain privileges...

7.8CVSS6.5AI score0.00347EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/10/19 10:16 p.m.•70 views

USN-5693-1: Linux kernel (OEM) vulnerabilities

David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the iouring subsystem in the Linux kernel, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-2602...

8.8CVSS7.3AI score0.03763EPSS
Exploits7
Ubuntu
Ubuntu
•added 2022/09/26 1:31 p.m.•70 views

USN-5637-1: libvpx vulnerability

It was discovered that libvpx incorrectly handled certain WebM media files. A remote attacker could use this issue to crash an application using libvpx under certain conditions, resulting in a denial of service...

7.8CVSS6.3AI score0.01897EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/16 2:19 p.m.•70 views

USN-5616-1: Linux kernel (Intel IoTG) vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 Moshe Kol, Amit Klein and Yossi Gilad discovered that the I...

8.2CVSS6.8AI score0.02972EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/09/15 2:52 a.m.•70 views

USN-5612-1: Intel Microcode vulnerability

Pietro Borrello, Andreas Kogler, Martin Schwarzl, Daniel Gruss, Michael Schwarz and Moritz Lipp discovered that some Intel processors did not properly clear data between subsequent xAPIC MMIO reads. This could allow a local attacker to compromise SGX enclaves...

5.5CVSS6.7AI score0.00324EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/12 6:25 p.m.•70 views

USN-5606-1: poppler vulnerability

It was discovered that poppler incorrectly handled certain PDF. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

7.8CVSS8.3AI score0.00574EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/09/05 10:10 p.m.•70 views

USN-5598-1: Linux kernel (Oracle) vulnerability

It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

6.8CVSS7AI score0.00537EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/07/20 2:48 p.m.•70 views

USN-5272-1: HDF5 vulnerabilities

It was discovered that HDF5 incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service...

6.5CVSS6.8AI score0.01972EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/07/20 10:47 a.m.•70 views

USN-5525-1: Apache XML Security for Java vulnerability

It was discovered that Apache XML Security for Java incorrectly passed a configuration property when creating specific key elements. This allows an attacker to abuse an XPath Transform to extract sensitive information...

7.5CVSS6.7AI score0.10448EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/06/21 3:29 p.m.•70 views

USN-5348-3: Smarty vulnerabilities

USN-5348-1 fixed several vulnerabilities in Smarty. This update provides the fixes for CVE-2021-21408, CVE-2021-26119, CVE-2021-26120 and CVE-2021-29454 for Ubuntu 20.04 ESM. Original advisory details: David Gnedt and Thomas Konrad discovered that Smarty was incorrectly sanitizing the paths prese...

9.8CVSS7.2AI score0.82316EPSS
Exploits4
Ubuntu
Ubuntu
•added 2022/06/01 3:2 p.m.•70 views

USN-5456-1: ImageMagick vulnerability

It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into opening a specially crafted image, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact...

7.8CVSS7AI score0.01542EPSS
Exploits1
Total number of security vulnerabilities5000