Lucene search
K
UbuntuRecent

10918 matches found

Ubuntu
Ubuntu
added 2021/03/17 5:2 p.m.78 views

USN-4774-1: Spring Framework vulnerabilities

Toshiaki Maki discovered that Spring Framework incorrectly handled certain XML files. A remote attacker could exploit this with a crafted XML file to cause a denial of service. CVE-2015-3192 Alvaro Muñoz discovered that Spring Framework incorrectly handled certain URLs. A remote attacker could...

9.6CVSS7AI score0.1005EPSS
Exploits6
Ubuntu
Ubuntu
added 2021/03/17 4:50 p.m.29 views

USN-4806-1: mpg123 vulnerability

It was discovered that mpg123 failed to handle certain malformed mp3 files. An attacker could use this vulnerability to potentially leak sensitive information or cause a crash...

8.3CVSS6.3AI score0.02897EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/03/17 12:59 p.m.115 views

USN-4881-1: containerd vulnerability

It was discovered that containerd incorrectly handled certain environment variables. Contrary to expectations, a container could receive environment variables defined for a different container, possibly containing sensitive information...

6.3CVSS6.5AI score0.02044EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/16 8:9 p.m.39 views

USN-5102-2: Mercurial vulnerabilities

USN-5102-1 fixed vulnerabilities in Mercurial. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that Mercurial mishandled symlinks in subrepositories. An attacker could use this issue to write arbitrary files to...

9.1CVSS7.2AI score0.02033EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/16 7:51 p.m.33 views

USN-4835-1: VCFtools vulnerabilities

It was discovered that VCFtools improperly handled certain input. If a user were tricked into opening a crafted input file, VCFtools could be made to crash or possibly cause other unspecified impact. CVE-2018-11099, CVE-2018-11129, CVE-2018-11130 It was discovered that VCFtools improperly handled...

7.8CVSS6.8AI score0.22369EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/03/16 2:27 p.m.143 views

USN-4843-1: phpMyAdmin vulnerabilities

Javier Nieto and Andres Rojas discovered that phpMyAdmin incorrectly managed input in the form of passwords. An attacker could use this vulnerability to cause a denial-of-service DoS. This issue only affected Ubuntu 14.04 ESM. CVE-2014-9218 Emanuel Bronshtein discovered that phpMyAdmin failed to...

9.8CVSS7.5AI score0.67081EPSS
Exploits19
Ubuntu
Ubuntu
added 2021/03/16 10:32 a.m.155 views

USN-4880-1: OpenJPEG vulnerabilities

It was discovered that OpenJPEG incorrectly handled certain image data. An attacker could use this issue to cause OpenJPEG to crash, leading to a denial of service, or possibly execute arbitrary code...

7.8CVSS7.3AI score0.02008EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/03/16 6:51 a.m.184 views

USN-4879-1: Linux kernel vulnerabilities

It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-36158 Loris Reiff discovered that the BPF implementation in t...

8.8CVSS6.6AI score0.02209EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/16 6:21 a.m.211 views

USN-4878-1: Linux kernel vulnerabilities

It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-36158 Ryota Shiga discovered that the sockopt BPF hooks in th...

8.8CVSS7.1AI score0.02417EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/03/16 6:2 a.m.169 views

USN-4877-1: Linux kernel vulnerabilities

It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-36158 吴异 discovered that the NFS implementation in the Linux...

8.8CVSS6.7AI score0.02417EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/16 5:38 a.m.196 views

USN-4876-1: Linux kernel vulnerabilities

Olivier Benjamin and Pawel Wieczorkiewicz discovered a race condition the Xen paravirt block backend in the Linux kernel, leading to a use-after-free vulnerability. An attacker in a guest VM could use this to cause a denial of service in the host OS. CVE-2020-29569 It was discovered that the...

8.8CVSS6.5AI score0.02417EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/15 11:6 p.m.53 views

USN-4875-1: OpenSMTPD vulnerabilities

It was discovered that OpenSMTPD incorrectly verified the sender's or receiver's e-mail addresses under certain conditions. An attacker could possibly use this vulnerability to execute arbitrary commands as root. CVE-2020-7247 It was discovered that OpenSMTPD did not properly handle hardlinks und...

10CVSS7.9AI score0.98946EPSS
Exploits41
Ubuntu
Ubuntu
added 2021/03/15 11:5 p.m.50 views

USN-4874-1: Apache Ant vulnerability

It was discovered that Apache Ant created temporary files with insecure permissions. An attacker could use this vulnerability to read sensitive information leaked into /tmp, or potentially inject malicious code into a project that is built with Apache Ant...

6.3CVSS7.4AI score0.01793EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/15 11:1 p.m.43 views

USN-4872-1: Axel vulnerability

It was discovered that Axel did not properly verify the certificates for hostnames. An attacker could use this vulnerability to impersonate another server and obtain sensitive information...

5.9CVSS5.9AI score0.01928EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/03/15 11:0 p.m.50 views

USN-4871-1: targetcli-fb vulnerabilities

It was discovered that targetcli-fb did not properly manage socket permissions. A local attacker could use this issue to modify the iSCSI configuration resulting in a denial of service, obtain sensitive information or execute arbitrary code. CVE-2020-10699 It was discovered that targetcli-fb did...

7.8CVSS6.5AI score0.00348EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/15 10:59 p.m.42 views

USN-4870-1: Bundler vulnerability

It was discovered that Bundler incorrectly created directories with insecure permissions in /tmp. An attacker could write malicious libraries to this location for later execution...

7.8CVSS7.4AI score0.00529EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/15 10:58 p.m.43 views

USN-4869-1: aria2 vulnerability

It was discovered that aria2 could accidentally leak authentication data. An attacker could possibly use this to gain access to sensitive information...

7.8CVSS7.2AI score0.00351EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/03/15 10:56 p.m.29 views

USN-4868-1: LibTomCrypt vulnerability

It was discovered that LibTomCrypt incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service or read sensitive information...

9.1CVSS7.2AI score0.03195EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/03/15 10:50 p.m.27 views

USN-4863-1: fstream vulnerability

It was discovered that fstream incorrectly handled certain crafted tarballs. An attacker could use this vulnerability to write arbitrary files to the filesystem...

7.5CVSS8.1AI score0.02416EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/15 10:50 p.m.57 views

USN-4862-1: Neovim vulnerability

It was discovered that Neovim incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

9.3CVSS8.3AI score0.19111EPSS
Exploits5
Ubuntu
Ubuntu
added 2021/03/15 10:47 p.m.78 views

USN-4860-1: Monit vulnerabilities

Zack Flack discovered that Monit incorrectly handled certain input. A remote authenticated user could exploit this to conduct cross-site scripting XSS attacks. CVE-2019-11454 Zack Flack discovered a buffer overread when Monit decoded certain crafted URLs. An attacker could exploit this to...

8.1CVSS7.2AI score0.03138EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/03/15 10:45 p.m.41 views

USN-4859-1: MediaInfoLib vulnerabilities

It was discovered that MediaInfoLib contained multiple security issues when handling certain multimedia files. If a user were tricked into opening a crafted multimedia file, an attacker could cause MediaInfoLib to crash, resulting in a denial of service...

6.5CVSS6.3AI score0.02503EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/03/15 10:44 p.m.61 views

USN-4858-1: Gradle vulnerabilities

It was discovered that Gradle used an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins were used. A remote unauthenticated attacker could possibly use this issue to perform a machine-in-the-middle attack. CVE-2019-11065 It was discovered that...

5.9CVSS6.7AI score0.01366EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/03/15 10:43 p.m.24 views

USN-4857-1: BWA vulnerability

It was discovered that Burrows-Wheeler Aligner BWA mishandled certain crafted .alt files. An attacker could use this vulnerability to cause a denial of service crash or possibly execute arbitrary code...

10CVSS8.7AI score0.0291EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/03/15 10:42 p.m.31 views

USN-4856-1: docker-credential-helpers vulnerability

Jasiel Spelman discovered that docker-credential-helpers has a double free. A local attacker could use this to cause a denial of service crash or possibly execute arbitrary code...

5.5CVSS5.8AI score0.00406EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/15 10:41 p.m.41 views

USN-4855-1: IPython vulnerability

It was discovered that IPython did not properly sanitize certain input. If a user were tricked into opening a specially crafted notebook file, a remote attacker could possibly use this issue to execute arbitrary code...

7.8CVSS7.6AI score0.011EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/15 10:40 p.m.26 views

USN-4854-1: AsyncSSH vulnerability

Matthijs Kooijman discovered that AsyncSSH server did not properly handle authentication under certain conditions. An attacker with a specially crafted client could use this vulnerability to skip authentication of SSH sessions...

9.8CVSS8.4AI score0.0178EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/15 10:39 p.m.53 views

USN-4853-1: liveMedia vulnerabilities

It was discovered that liveMedia incorrectly handled certain network packets. An attacker could possibly use this issue to execute arbitrary code. CVE-2018-4013 It was discovered that liveMedia incorrectly handled certain network sessions. An attacker could possibly use this issue to cause a deni...

10CVSS8.4AI score0.09487EPSS
Exploits4
Ubuntu
Ubuntu
added 2021/03/15 10:38 p.m.72 views

USN-4852-1: VTK vulnerabilities

It was discovered that VTK incorrectly handled certain XML files in the embedded Expat library. An attacker could possibly use this issue to cause a denial of service or expose sensitive information...

7.8CVSS7.4AI score0.07107EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/03/15 10:36 p.m.45 views

USN-4851-1: Libsolv vulnerabilities

It was discovered that Libsolv incorrectly handled certain malformed input. An attacker could use this issue to cause Libsolv to crash, resulting in a denial of service...

6.5CVSS6.3AI score0.0233EPSS
Exploits3
Ubuntu
Ubuntu
added 2021/03/15 10:32 p.m.48 views

USN-4848-1: mini_httpd vulnerability

It was discovered that ACME minihttpd did not properly handle HTTP GET requests with empty headers. A remote attacker could use this vulnerability to read arbitrary files...

6.5CVSS7.1AI score0.74036EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/15 10:30 p.m.30 views

USN-4846-1: Yubico PIV Tool vulnerabilities

It was discovered that libykpiv, a supporting library of the Yubico PIV tool and YubiKey PIV Manager, mishandled specially crafted input. An attacker with a custom-made, malicious USB device could potentially execute arbitrary code on a computer running the Yubico PIV Tool or Yubikey PIV Manager...

7.2CVSS6.2AI score0.00486EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/03/15 10:29 p.m.34 views

USN-4845-1: libcgroup vulnerability

It was discovered that libcgroup incorrectly handled log file permissions. An attacker could possibly use this issue to obtain sensitive information...

8.1CVSS6.5AI score0.02316EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/15 10:27 p.m.37 views

USN-4844-1: Cinnamon vulnerability

Matthias Gerstner discovered that the cinnamon-settings-users utility in Cinnamon did not safely handle symlinks. An unprivileged attacker could potentially use this vulnerability to overwrite arbitrary files as root...

8.1CVSS7.8AI score0.02201EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/15 10:25 p.m.20 views

USN-4842-1: ntopng vulnerability

It was discovered that ntopng did not properly seed its random number generator, leading to predictable session tokens. An attacker could use this vulnerability to hijack a user's session...

8.1CVSS7.8AI score0.10675EPSS
Exploits5
Ubuntu
Ubuntu
added 2021/03/15 10:24 p.m.431 views

USN-4229-2: NTP vulnerability

USN-4229-1 fixed a vulnerability in NTP. This update provides the corresponding update for Ubuntu 18.04 ESM. Original advisory details: It was discovered that ntpq and ntpdc incorrectly handled some arguments. An attacker could possibly use this issue to cause ntpq or ntpdc to crash, execute...

9.8CVSS7.4AI score0.29037EPSS
Exploits5
Ubuntu
Ubuntu
added 2021/03/15 10:22 p.m.39 views

USN-4840-1: Singularity vulnerabilities

It was discovered that Singularity incorrectly handled certain inputs. An attacker could possibly use this issue to obtain sensitive information. CVE-2018-19295 It was discovered that Singularity incorrectly handled access control. An attacker could possibly use this issue to obtain sensitive...

7.8CVSS6.8AI score0.01596EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/15 10:21 p.m.52 views

USN-4839-1: python-gnupg vulnerabilities

Marcus Brinkmann discovered that python-gnupg improperly handled certain command line parameters. A remote attacker could use this to spoof the output of python-gnupg and cause unsigned e-mail to appear signed. CVE-2018-12020 It was discovered that python-gnupg incorrectly handled the GPG...

7.5CVSS7.1AI score0.08654EPSS
Exploits2
Ubuntu
Ubuntu
added 2021/03/15 10:19 p.m.54 views

USN-4837-1: LibSass vulnerabilities

It was discovered that LibSass incorrectly handled certain specially crafted sass file. An attacker could possibly use this issue to cause a denial of service or other unspecified impact...

9.8CVSS6.6AI score0.04006EPSS
Exploits10
Ubuntu
Ubuntu
added 2021/03/15 10:18 p.m.37 views

USN-4836-1: Symfony vulnerability

It was discovered that Symfony through the HttpFoundation component allowed unauthorized access on a misconfigured LDAP server. A remote attacker could use this vulnerability to gain unauthorized access...

9.8CVSS8.2AI score0.02345EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/15 10:17 p.m.25 views

USN-4834-1: Prosody vulnerability

It was discovered that Prosody incorrectly validated the virtual host associated with a user session across stream restarts. A remote attacker could use this issue to gain unintended access to resources...

8.8CVSS6.7AI score0.01657EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/15 10:16 p.m.37 views

USN-4832-1: Plexus Archiver vulnerability

It was discovered that Plexus Archiver incorrectly handled directory traversal during extraction. An attacker could possibly use this for a Zip-Slip attack...

5.5CVSS6.3AI score0.13179EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/03/15 10:16 p.m.25 views

USN-4831-1: OpenMPT vulnerabilities

It was discovered that OpenMPT incorrectly handled certain files. A remote attacker could possibly use this issue to cause a denial of service or other unspecified impact...

8.8CVSS7.2AI score0.02155EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/15 10:15 p.m.39 views

USN-4830-1: Okular vulnerability

It was discovered that Okular mishandled certain crafted archives during extraction. An attacker could use this vulnerability to write arbitrary files to the filesystem...

5.5CVSS5.6AI score0.0183EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/03/15 10:14 p.m.38 views

USN-4442-2: Sympa vulnerabilities

USN-4442-1 fixed vulnerabilities in Sympa. This update provides the corresponding updates for Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. Original advisory details: Nicolas Chatelain discovered that Sympa incorrectly handled environment variables. An attacker could possibly use this...

9.8CVSS7.6AI score0.03982EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/03/15 10:11 p.m.34 views

USN-4828-1: librelp vulnerability

It was discovered that librelp did not properly manage x509 certificates, leading to a stack-based buffer overflow. A remote attacker could possibly use this issue to execute arbitrary code...

9.8CVSS9.1AI score0.09662EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/03/15 10:10 p.m.41 views

USN-4827-1: Crypto++ vulnerability

It was discovered that Crypto++ mishandled certain input. An attacker could use this vulnerability to leak potentially sensitive information...

5.3CVSS6.2AI score0.01369EPSS
Exploits0
Ubuntu
Ubuntu
added 2021/03/15 10:8 p.m.29 views

USN-4826-1: SoundTouch vulnerabilities

It was discovered that SoundTouch incorrectly handled certain WAV files. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM. CVE-2017-9258, CVE-2017-9259, CVE-2017-9260 It was discovered that SoundTouch incorrectly handled...

8.8CVSS7.1AI score0.06151EPSS
Exploits10
Ubuntu
Ubuntu
added 2021/03/15 10:6 p.m.83 views

USN-4825-1: Coin3D vulnerability

USN-3356-1 fix a vulnerability in Expat. This update provides the corresponding update for Coin3D for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM...

7.5CVSS8AI score0.08739EPSS
Exploits1
Ubuntu
Ubuntu
added 2021/03/15 10:4 p.m.32 views

USN-4824-1: Varnish vulnerability

It was discovered that Varnish incorrectly handled certain inputs. A remote attacker could possibly use this issue to obtain sensitive information...

9.1CVSS7.3AI score0.04084EPSS
Exploits0
Total number of security vulnerabilities10918