Lucene search
K
UbuntuRecent

10918 matches found

Ubuntu
Ubuntu
•added 2020/11/30 12:25 p.m.•95 views

USN-4650-1: QEMU vulnerabilities

Alexander Bulekov discovered that QEMU incorrectly handled SDHCI device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvir...

6.5CVSS6.6AI score0.02515EPSS
Exploits2
Ubuntu
Ubuntu
•added 2020/11/27 1:16 p.m.•61 views

USN-4644-1: igraph vulnerability

It was discovered that igraph mishandled certain malformed XML. An attacker could use this vulnerability to cause a denial of service crash...

6.5CVSS6.4AI score0.01605EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/26 6:47 p.m.•110 views

USN-4382-2: FreeRDP vulnerabilities

It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.3CVSS6.5AI score0.02653EPSS
Exploits8
Ubuntu
Ubuntu
•added 2020/11/26 6:10 p.m.•81 views

USN-4646-2: poppler regression

USN-4646-1 fixed vulnerabilities in poppler. The fix for CVE-2019-10871 introduced a regression causing certain applications linked against poppler to fail. This update backs out the fix pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovere...

6.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/11/26 1:57 p.m.•74 views

USN-4649-1: xdg-utils vulnerability

Jens Mueller discovered that xdg-utils incorrectly handled certain URI. An attacker could possibly use this issue to expose sensitive information...

6.5CVSS6.7AI score0.01443EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/26 1:7 p.m.•121 views

USN-4648-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

10CVSS7.1AI score0.02917EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/11/25 9:51 p.m.•106 views

USN-4647-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across origins, bypass security restrictions,...

9.8CVSS7.4AI score0.42327EPSS
Exploits5
Ubuntu
Ubuntu
•added 2020/11/25 6:3 p.m.•100 views

USN-4646-1: poppler vulnerabilities

It was discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service...

8.8CVSS6.6AI score0.02486EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/11/25 3:18 p.m.•127 views

USN-4645-1: Mutt vulnerability

It was discovered that Mutt incorrectly handled certain connections. An attacker could possibly use this issue to expose sensitive information...

5.3CVSS5.7AI score0.02323EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/11/24 2:14 p.m.•62 views

USN-4643-1: atftp vulnerabilities

It was discovered that atftp's FTP server did not properly handler certain input. An attacker could use this to to cause a denial of service crash or possibly execute arbitrary code. CVE-2019-11365 It was discovered that atftp's FTP server did not make proper use of mutexes when locking certain...

9.8CVSS7.8AI score0.04288EPSS
Exploits2
Ubuntu
Ubuntu
•added 2020/11/24 12:22 a.m.•79 views

USN-4642-1: PDFResurrect vulnerability

It was discovered that PDFResurrect incorrectly handled certain memory operations during PDF summary generation. An attacker could use this to cause out-of-bounds writes, resulting in a denial of service system crash or arbitrary code execution...

7.8CVSS7.6AI score0.01337EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/23 6:2 p.m.•63 views

USN-4641-1: libextractor vulnerabilities

It was discovered that Libextractor incorrectly handled zero sample rate. An attacker could possibly use this issue to cause a denial of service. CVE-2017-15266 It was discovered that Libextractor incorrectly handled certain FLAC metadata. An attacker could possibly use this issue to cause a deni...

8.8CVSS6.7AI score0.02646EPSS
Exploits12
Ubuntu
Ubuntu
•added 2020/11/23 4:3 p.m.•76 views

USN-4640-1: PulseAudio vulnerability

James Henstridge discovered that an Ubuntu-specific patch caused PulseAudio to incorrectly handle snap client connections. An attacker could possibly use this to expose sensitive information...

4.7CVSS5.1AI score0.00314EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/23 12:4 p.m.•80 views

USN-4634-2: OpenLDAP vulnerabilities

USN-4634-1 fixed several vulnerabilities in OpenLDAP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that OpenLDAP incorrectly handled certain malformed inputs. A remote attacker could possibly use this issue t...

7.5CVSS7.4AI score0.02858EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/11/19 8:12 p.m.•86 views

USN-4637-2: Firefox vulnerabilities

USN-4637-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Ubuntu 16.04 LTS. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit...

9.3CVSS7.5AI score0.0245EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/19 3:1 p.m.•305 views

USN-4639-1: phpMyAdmin vulnerabilities

It was discovered that there was a bug in the way phpMyAdmin handles the phpMyAdmin Configuration Storage tables. An authenticated attacker could use this vulnerability to cause phpmyAdmin to leak sensitive files. CVE-2018-19968 It was discovered that phpMyAdmin incorrectly handled user input. An...

9.8CVSS7.1AI score0.67081EPSS
Exploits10
Ubuntu
Ubuntu
•added 2020/11/19 12:46 p.m.•89 views

USN-4638-1: c-ares vulnerability

It was discovered that c-ares incorrectly handled certain DNS requests. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.5AI score0.54164EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/11/18 1:4 p.m.•119 views

USN-4637-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across origins, bypass security restrictions, conduct phishing attacks,...

9.3CVSS7.2AI score0.0245EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/17 5:31 p.m.•60 views

USN-4636-1: LibVNCServer, Vino vulnerability

It was discovered that LibVNCServer incorrectly handled certain internals. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Vino package ships with a LibVNCServer source and all listed release...

7.5CVSS7.6AI score0.01613EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/17 1:35 p.m.•82 views

USN-4635-1: Kerberos vulnerability

Demi Obenour discovered that Kerberos incorrectly handled certain ASN.1. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.5AI score0.04365EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/11/17 1:10 p.m.•74 views

USN-4634-1: OpenLDAP vulnerabilities

It was discovered that OpenLDAP incorrectly handled certain malformed inputs. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service...

7.5CVSS7.4AI score0.02858EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/11/17 1:3 p.m.•96 views

USN-4633-1: PostgreSQL vulnerabilities

Peter Eisentraut discovered that PostgreSQL incorrectly handled connection security settings. Client applications could possibly be connecting with certain security parameters dropped, contrary to expectations. CVE-2020-25694 Etienne Stalmans discovered that PostgreSQL incorrectly handled the...

8.8CVSS7.3AI score0.4644EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/11/12 9:58 p.m.•153 views

USN-4607-2: OpenJDK regressions

USN-4607-1 fixed vulnerabilities and added features in OpenJDK. Unfortunately, that update introduced a regression that could cause TLS connections with client certificate authentication to fail in some situations. This update fixes the problem. We apologize for the inconvenience. Original adviso...

5.8CVSS6.2AI score0.03713EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/11/12 8:31 p.m.•93 views

USN-4632-1: SLiRP vulnerabilities

It was discovered that the SLiRP networking implementation of the QEMU emulator did not properly manage memory under certain circumstances. An attacker could use this to cause a heap-based buffer overflow or other out- of-bounds access, which can lead to a denial of service application crash or...

6.8CVSS7.6AI score0.03566EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/11/12 1:31 p.m.•75 views

USN-4631-1: libmaxminddb vulnerability

It was discovered that libmaxminddb incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause applications using libmaxminddb to crash, resulting in a denial of service...

6.5CVSS6.7AI score0.02133EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/12 1:22 p.m.•83 views

USN-4171-6: Apport regression

USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression when handling configuration files. This update fixes the problem, and also introduces further hardening measures. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings file as...

5.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/11/12 1:14 a.m.•123 views

USN-4628-2: Intel Microcode regression

USN-4628-1 provided updated Intel Processor Microcode. Unfortunately, that update prevented certain processors in the Intel Tiger Lake family from booting successfully. This update reverts the microcode update for the Tiger Lake processor family. Please note that the 'disucodeldr' kernel command...

7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/11/11 6:1 p.m.•63 views

USN-4622-2: OpenLDAP vulnerability

USN-4622-1 fixed a vulnerability in OpenLDAP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that OpenLDAP incorrectly handled certain network packets. A remote attacker could use this issue to cause OpenLDAP t...

7.5CVSS7.8AI score0.02183EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/11/11 3:22 p.m.•63 views

USN-4630-1: Raptor vulnerability

Hanno Böck discovered that Raptor incorrectly handled certain memory operations. If a user were tricked into opening a specially crafted document in an application linked against Raptor, an attacker could cause the application to crash, resulting in a denial of service, or possibly execute...

7.1CVSS7.3AI score0.03079EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/11 1:46 p.m.•53 views

USN-4629-1: MoinMoin vulnerabilities

Michael Chapman discovered that MoinMoin incorrectly handled certain cache actions. An attacker could possibly use this issue to execute arbitrary code. CVE-2020-25074 Catarina Leite discovered that MoinMoin incorrectly handled certain SVG files. An attacker could possibly use this issue to execu...

9.8CVSS7.7AI score0.06121EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/11 6:56 a.m.•122 views

USN-4628-1: Intel Microcode vulnerabilities

Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit RAPL feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker coul...

5.5CVSS6.9AI score0.0051EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/11/11 2:30 a.m.•236 views

USN-4627-1: Linux kernel vulnerability

Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit RAPL driver in the Linux kernel did not properly restrict access to power data. A local attacker could possibly use this to expose...

5.5CVSS6.4AI score0.00446EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/11/11 12:31 a.m.•179 views

USN-4626-1: Linux kernel vulnerabilities

Simon Scannell discovered that the bpf verifier in the Linux kernel did not properly calculate register bounds for certain operations. A local attacker could use this to expose sensitive information kernel memory or gain administrative privileges. CVE-2020-27194 Moritz Lipp, Michael Schwarz,...

5.5CVSS6.6AI score0.02018EPSS
Exploits5
Ubuntu
Ubuntu
•added 2020/11/10 3:23 p.m.•80 views

USN-4625-1: Firefox vulnerability

A use-after-free was discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to execute arbitrary code...

9.3CVSS8.7AI score0.42327EPSS
Exploits4
Ubuntu
Ubuntu
•added 2020/11/10 12:10 p.m.•72 views

USN-4624-1: libexif vulnerability

It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause unexpected behaviours, or execute arbitrary code...

9.8CVSS8.5AI score0.03189EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/11/09 12:1 p.m.•65 views

USN-4623-1: Pacemaker vulnerability

Ken Gaillot discovered that Pacemaker incorrectly handled IPC communications permissions. A local attacker could possibly use this issue to bypass ACL restrictions and execute arbitrary code as root...

9CVSS8AI score0.02002EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/11/09 11:49 a.m.•76 views

USN-4622-1: OpenLDAP vulnerability

It was discovered that OpenLDAP incorrectly handled certain network packets. A remote attacker could use this issue to cause OpenLDAP to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.8AI score0.02183EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/11/05 7:53 p.m.•76 views

USN-4621-1: netqmail vulnerabilities

It was discovered that netqmail did not properly handle certain input. Both remote and local attackers could use this vulnerability to cause netqmail to crash or execute arbitrary code. CVE-2005-1513, CVE-2005-1514, CVE-2005-1515 It was discovered that netqmail did not properly handle certain inp...

9.8CVSS6.9AI score0.10789EPSS
Exploits8
Ubuntu
Ubuntu
•added 2020/11/05 7:47 p.m.•35 views

USN-4599-3: Firefox regressions

USN-4599-1 and USN-4599-2 fixed vulnerabilities in Firefox. The updates introduced various minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a...

5.7AI score
Exploits0References2
Ubuntu
Ubuntu
•added 2020/11/05 6:44 p.m.•66 views

USN-4620-1: phpLDAPadmin vulnerability

It was discovered that phpLDAPadmin didn't properly sanitize before being echoed to the user. A remote attacker could inject arbitrary HTML/Javascript code in a user's context and cause a crash, resulting in denial of service or potential execution of arbitrary code...

6.1CVSS6.5AI score0.02069EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/05 4:9 p.m.•79 views

USN-4619-1: dom4j vulnerability

Mário Areias discovered that dom4j did not properly validate XML document elements. An attacker could exploit this with a crafted XML file to cause dom4j to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2018-1000632...

7.5CVSS6.8AI score0.0657EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/05 1:38 p.m.•147 views

USN-4618-1: tmux vulnerability

Sergey Nizovtsev discovered that tmux incorrectly handled some inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

8.8CVSS7.7AI score0.00679EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/04 12:7 p.m.•66 views

USN-4616-2: AccountsService vulnerabilities

USN-4616-1 fixed several vulnerabilities in AccountsService. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Kevin Backhouse discovered that AccountsService incorrectly dropped privileges. A local user could possibly use this issue to cause...

6.5CVSS6.5AI score0.03086EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/11/04 11:53 a.m.•87 views

USN-4617-1: SPICE vdagent vulnerabilities

Matthias Gerstner discovered that SPICE vdagent incorrectly handled the activexfers hash table. A local attacker could possibly use this issue to cause SPICE vdagent to consume memory, resulting in a denial of service. CVE-2020-25650 Matthias Gerstner discovered that SPICE vdagent incorrectly...

6.4CVSS5.9AI score0.0049EPSS
Exploits4
Ubuntu
Ubuntu
•added 2020/11/03 4:12 p.m.•63 views

USN-4615-1: Yerase's TNEF vulnerabilities

It was discovered that Yerase's TNEF had null pointer dereferences, infinite loop, buffer overflow, out of bounds reads, directory traversal issues and other vulnerabilities. An attacker could use those issues to cause a crash and consequently a denial of service. CVE-2017-6298, CVE-2017-6299,...

7.8CVSS6.9AI score0.02111EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/03 3:16 p.m.•97 views

USN-4616-1: AccountsService vulnerabilities

Kevin Backhouse discovered that AccountsService incorrectly dropped privileges. A local user could possibly use this issue to cause AccountsService to crash or hang, resulting in a denial of service. CVE-2020-16126 Kevin Backhouse discovered that AccountsService incorrectly handled reading...

6.5CVSS6.5AI score0.03086EPSS
Exploits4
Ubuntu
Ubuntu
•added 2020/11/03 3:0 p.m.•103 views

USN-4614-1: GDM vulnerability

Kevin Backhouse discovered that GDM incorrectly launched the initial setup tool when the accountsservice daemon was not reachable. A local attacker able to cause accountsservice to crash or stop responding could trick GDM into launching the initial setup tool and create a privileged user...

7.2CVSS7.2AI score0.01109EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/11/03 12:17 p.m.•103 views

USN-4613-1: python-cryptography vulnerability

Hubert Kario discovered that python-cryptography incorrectly handled certain decryption. An attacker could possibly use this issue to expose sensitive information...

5.9CVSS7.1AI score0.02454EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/11/03 2:50 a.m.•55 views

USN-4605-2: Blueman update

Vaisha Bernard discovered that blueman did not properly sanitize input on the d-bus interface to blueman-mechanism. A local attacker could possibly use this issue to escalate privileges and run arbitrary code or cause a denial of service. CVE-2020-15238 While a previous security update fixed the...

7.3AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/11/02 1:56 p.m.•100 views

USN-4611-1: Samba vulnerabilities

Steven French discovered that Samba incorrectly handled ChangeNotify permissions. A remote attacker could possibly use this issue to obtain file name information. CVE-2020-14318 Bas Alberts discovered that Samba incorrectly handled certain winbind requests. A remote attacker could possibly use th...

6.5CVSS7AI score0.0218EPSS
Exploits0
Total number of security vulnerabilities10918