Lucene search
K
UbuntuRecent

10869 matches found

Ubuntu
Ubuntu
added 2026/03/16 2:3 p.m.7 views

USN-8095-1: Linux kernel vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

7.8CVSS6.1AI score0.00544EPSS
Exploits7References1
Ubuntu
Ubuntu
added 2026/03/16 1:42 p.m.6 views

USN-8094-1: Linux kernel vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

9.8CVSS6AI score0.00378EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2026/03/16 11:35 a.m.7 views

USN-8087-2: python-cryptography regression

USN-8087-1 fixed a vulnerability in python-cryptography. The update caused a regression when using ECC algorithms with certain software. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that python-cryptography incorrectly handled...

5.8AI score
Exploits0References1
Ubuntu
Ubuntu
added 2026/03/16 10:57 a.m.6 views

USN-8093-1: libssh vulnerability

It was discovered that libssh incorrectly performed bounds checking when processing SFTP extensions. If a client application queried extension data out of bounds, it could cause the application to crash, resulting in a denial of service, or exhibit unintended behavior...

7.5CVSS5.8AI score0.00631EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/12 8:7 p.m.10 views

USN-8092-1: Sudo vulnerability

It was discovered that Sudo incorrectly checked return codes when dropping privileges to run the mailer. A local attacker could possibly use this issue to escalate privileges...

5.8AI score
Exploits0References1
Ubuntu
Ubuntu
added 2026/03/12 7:59 p.m.9 views

USN-8091-1: util-linux vulnerability

It was discovered that the util-linux su utility did not drop capabilities when being used with the --pty option. While not a security issue by itself, a local attacker could possibly use the su tool to exploit vulnerabilities in other applications...

5.8AI score
Exploits0References1
Ubuntu
Ubuntu
added 2026/03/12 6:31 p.m.13 views

USN-8090-2: OpenSSH vulnerabilities

USN-8090-1 fixed vulnerabilities in OpenSSH. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: Jeremy Brown discovered that the OpenSSH GSSAPI Key Exchange incorrectly handled disconnecting clients. In non-default configurations where the...

8.2CVSS6.1AI score0.0218EPSS
Exploits2
Ubuntu
Ubuntu
added 2026/03/12 6:16 p.m.9 views

USN-8090-1: OpenSSH vulnerabilities

Jeremy Brown discovered that the OpenSSH GSSAPI Key Exchange incorrectly handled disconnecting clients. In non-default configurations where the GSSAPIKeyExchange setting is enabled, a remote attacker could use this issue to cause OpenSSH to crash, resulting in a denial of service, or possibly...

8.2CVSS6.1AI score0.0218EPSS
Exploits2
Ubuntu
Ubuntu
added 2026/03/12 4:28 p.m.6 views

USN-8089-1: Go Networking vulnerabilities

Bahruz Jabiyev, Tommaso Innocenti, Anthony Gavazzi, Steven Sprecher, and Kaan Onarlioglu discovered that servers using Go Networking could hang during shutdown if preempted by a fatal error. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 22.04 LT...

7.5CVSS7.3AI score0.04561EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/03/12 3:53 p.m.4 views

USN-8088-1: go-git vulnerabilities

Ionut Lalu discovered that go-git incorrectly handled certain specially crafted Git server responses. An attacker could possibly use this issue to cause a denial of service. CVE-2023-49568, CVE-2025-21614 Ionut Lalu discovered that go-git incorrectly handled file system paths when using the...

9.8CVSS7.3AI score0.01523EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/12 2:16 p.m.9 views

USN-8087-1: python-cryptography vulnerability

It was discovered that python-cryptography incorrectly handled subgroup validation for SECT curves. A remote attacker could use this issue to perform a subgroup attack and possibly recover the least significant bits of private keys...

8.2CVSS5.8AI score0.00341EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/12 5:15 a.m.11 views

USN-8086-1: FreeType vulnerability

It was discovered that FreeType did not correctly handle certain integer arithmetic. An attacker could possibly use this issue to leak sensitive information...

5.3CVSS5.8AI score0.00141EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/11 4:50 p.m.5 views

USN-8085-1: .NET vulnerabilities

It was discovered that the .NET Microsoft.Bcl.Memory NuGet package did not properly handle certain malformed Base64Url encoded input. An attacker could possibly use this issue to cause .NET to crash, resulting in a denial of service. This issue only affected .NET 9.0 and .NET 10.0. CVE-2026-26127...

7.5CVSS5.8AI score0.02818EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/11 12:11 p.m.8 views

USN-8084-1: curl vulnerabilities

Zhicheng Chen discovered that curl could incorrectly reuse the wrong connection for Negotiate-authenticated HTTP or HTTPS requests. This could result in the use of credentials from a different connection, contrary to expectations. CVE-2026-1965 It was discovered that curl incorrectly leaked OAuth...

7.5CVSS7.3AI score0.00715EPSS
Exploits5
Ubuntu
Ubuntu
added 2026/03/11 9:10 a.m.5 views

USN-8081-1: libpng vulnerabilities

It was discovered that libpng did not properly handle memory when processing certain PNG files. An attacker could possibly use this issue to cause libpng to crash, resulting in a denial of service, or disclose sensitive information. CVE-2025-64505 Joshua Inscoe discovered that libpng did not...

8.3CVSS5.9AI score0.00955EPSS
Exploits3
Ubuntu
Ubuntu
added 2026/03/11 9:5 a.m.5 views

USN-8083-1: GeoPandas vulnerability

It was discovered that GeoPandas incorrectly handled certain input. An attacker could possibly use this issue to perform SQL injection attacks...

8.6CVSS5.8AI score0.00385EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/03/10 5:14 p.m.10 views

USN-8082-1: GIMP vulnerabilities

Michael Randrianantenaina discovered that GIMP incorrectly handled certain malformed ICO files. An attacker could possibly use this to cause a denial of service or execute arbitrary code. CVE-2025-5473 Seungho Kim discovered that GIMP incorrectly handled certain memory operations when running the...

8.8CVSS6AI score0.10561EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/10 3:38 p.m.7 views

USN-8060-7: Linux kernel (NVIDIA) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - MMC subsystem; CVE-2022-49267, CVE-2025-21780...

7.8CVSS6.8AI score0.00241EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/10 3:20 p.m.6 views

USN-8059-8: Linux kernel (NVIDIA) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; CVE-2025-22037, CVE-2025-37899...

7.8CVSS7.1AI score0.23278EPSS
Exploits2
Ubuntu
Ubuntu
added 2026/03/09 4:6 p.m.9 views

USN-8080-1: YARA vulnerabilities

Kamil Frankowicz discovered that a number of YARA's functions generated memory exceptions when processing specially crafted rules or files. A remote attacker could possibly use these issues to cause YARA to crash, resulting in a denial of service. These issues only affected Ubuntu 16.04 LTS...

9.1CVSS7.2AI score0.02996EPSS
Exploits12
Ubuntu
Ubuntu
added 2026/03/09 11:42 a.m.11 views

USN-7968-2: Apache HTTP Server regression

USN-7968-1 fixed vulnerabilities in Apache HTTP Server. The update introduced a regression in modmd where the MDStapleOthers setting was ignored which resulted in OCSP being broken for some domains. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It w...

7.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2026/03/09 9:24 a.m.11 views

USN-8018-2: Python regression

USN-8018-1 fixed vulnerabilities in python3. That update introduced regressions. The patches for CVE-2025-15366 and CVE-2025-15367 caused behavior regressions in IMAP and POP3 handling, which upstream chose to avoid by not backporting them. Additionally, the patch for CVE-2026-0865 incorrectly...

5.9CVSS7.2AI score0.00463EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2026/03/05 10:53 p.m.9 views

USN-8076-1: Qt vulnerabilities

It was discovered that Qt did not correctly handle OpenSSL's error queue. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 20.04 LTS. CVE-2020-13962 It was discovered that Qt incorrectly handled certain XBM image files. If a user or...

9.8CVSS6.2AI score0.03915EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/03/05 10:30 p.m.9 views

USN-8079-1: less vulnerability

It was discovered that less incorrectly handled certain file names. An attacker could possibly use this issue to cause a denial of service or execute arbitrary commands...

7.8CVSS6AI score0.01059EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/05 10:17 p.m.9 views

USN-8078-1: Zutty vulnerability

Carter Sande discovered that Zutty did not correctly echo invalid input to the console on DECRQSS. An attacker could possibly use this issue to execute arbitrary commands...

9.8CVSS6AI score0.01681EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/03/05 4:4 p.m.7 views

USN-8077-1: Bleach vulnerabilities

It was discovered that Bleach did not properly sanitize URI attributes containing character entities. An attacker could possibly use this issue to construct a URI with a disallowed scheme that would bypass sanitization, leading to cross-site scripting. This issue only affected Ubuntu 18.04 LTS...

9.8CVSS5.5AI score0.02229EPSS
Exploits4
Ubuntu
Ubuntu
added 2026/03/05 7:18 a.m.8 views

USN-8071-2: NSS vulnerability

USN-8071-1 fixed a vulnerability in nss. This update provides the corresponding fix for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that NSS incorrectly handled memory when performing certain GHASH operations. A remote...

9.8CVSS6.1AI score0.0036EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/04 5:42 p.m.9 views

USN-8075-1: GIMP vulnerabilities

Michael Randrianantenaina discovered that calculating the linear size of a DDS file could overflow on 32-bit systems. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS...

7.8CVSS6.2AI score0.06312EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/03/04 4:13 p.m.8 views

USN-8073-1: QEMU vulnerabilities

It was discovered that the UHCI controller implementation of QEMU could be brought into an invalid state. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2024-8354 It was discovered that QEMU incorrectly handled memory durin...

7.5CVSS6.2AI score0.00783EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/04 3:48 p.m.12 views

USN-8074-2: Linux kernel (Azure FIPS) vulnerabilities

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt...

9.8CVSS7AI score0.09796EPSS
Exploits10
Ubuntu
Ubuntu
added 2026/03/04 3:34 p.m.8 views

USN-8074-1: Linux kernel (Azure) vulnerabilities

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt...

9.8CVSS7AI score0.09796EPSS
Exploits10
Ubuntu
Ubuntu
added 2026/03/04 3:22 p.m.7 views

USN-8059-7: Linux kernel (AWS FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; CVE-2025-22037, CVE-2025-37899...

7.8CVSS6AI score0.23278EPSS
Exploits2
Ubuntu
Ubuntu
added 2026/03/04 2:36 p.m.8 views

USN-8070-3: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - MMC subsystem; - Network drivers; - USB Device Class drivers; - BTRFS file system; - File syste...

8.8CVSS6.9AI score0.0084EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/03/04 12:57 p.m.17 views

USN-8072-1: PostgreSQL vulnerabilities

Altan Birler discovered that PostgreSQL incorrectly validated oidvector types. An attacker could possibly use this issue to obtain a few bytes of sensitive information. CVE-2026-2003 Daniel Firer discovered that PostgreSQL incorrectly validated input in the intarray extension. An attacker could...

8.8CVSS6.2AI score0.01208EPSS
Exploits3
Ubuntu
Ubuntu
added 2026/03/04 12:37 p.m.9 views

USN-8071-1: NSS vulnerability

It was discovered that NSS incorrectly handled memory when performing certain GHASH operations. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS6AI score0.0036EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/04 12:11 p.m.8 views

USN-8069-1: ImageMagick vulnerabilities

It was discovered that ImageMagick did not properly decode certain SUN image files. An attacker could use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2026-25897 It was discovered that ImageMagick did not properly validate pix...

9.8CVSS6.2AI score0.00461EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/04 12:10 p.m.6 views

LSN-0118-1: Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption large read crashes with a slab-use-after-free way down in the crypto API. In the Linux kernel, the following vulnerability has been resolved: padata: avoid UAF fo...

8.8CVSS6.8AI score0.00391EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/03/04 11:35 a.m.8 views

USN-8070-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - MMC subsystem; - Network drivers; - USB Device Class drivers; - BTRFS file system; - File syste...

8.8CVSS6.9AI score0.0084EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/03/04 10:58 a.m.11 views

USN-8070-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - MMC subsystem; - Network drivers; - USB Device Class drivers; - BTRFS file system; - File syste...

8.8CVSS6.9AI score0.0084EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/03/04 10:40 a.m.5 views

USN-8060-6: Linux kernel (AWS FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - MMC subsystem; CVE-2022-49267, CVE-2025-21780...

7.8CVSS6AI score0.00241EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/04 10:31 a.m.6 views

USN-8060-5: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - MMC subsystem; CVE-2022-49267, CVE-2025-21780...

7.8CVSS6AI score0.00241EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/03 6:42 p.m.19 views

USN-8062-2: curl vulnerabilities

USN-8062-1 fixed vulnerabilities in curl. This update provides the corresponding update for CVE-2025-14017, CVE-2025-15079, and CVE-2025-15224 for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that curl incorrectly handled...

6.3CVSS6AI score0.00457EPSS
Exploits2
Ubuntu
Ubuntu
added 2026/03/03 5:23 p.m.8 views

USN-7990-6: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Padata parallel execution mechanism; - Netfilter; CVE-2022-49698, CVE-2025-21726, CVE-2025-400...

7.8CVSS6.3AI score0.00283EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/03/03 2:3 p.m.7 views

USN-8068-1: Intel Microcode vulnerability

Sergiu Ghetie discovered that some Intel® processors did not properly handle values in the microcode flow. A local authenticated user could potentially use this issue to escalate their privileges...

3.9CVSS5.9AI score0.00133EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/02 5:29 p.m.8 views

USN-8067-1: Mailman vulnerability

It was discovered that Mailman incorrectly handled CSRF tokens. A remote list member or moderator could possibly use their own token to craft an admin request CSRF attack and set a new admin password or make other changes...

8.8CVSS5.9AI score0.0073EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/02 4:15 p.m.7 views

USN-5376-6: Git regression

USN-5376-4 fixed a regression in Git. This update provides the corresponding update for Ubuntu 18.04 LTS. We apologize for the inconvenience. Original advisory details: 俞晨东 discovered that Git incorrectly handled certain repository paths in platforms with multiple users support. An attacker could...

6AI score
Exploits0References1
Ubuntu
Ubuntu
added 2026/02/27 2:42 p.m.7 views

USN-5376-5: Git regression

USN-5376-4 fixed a regression in Git. The update introduced a regression when specifying configuration includes due to additional restrictions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: 俞晨东 discovered that Git incorrectly handled certain...

6AI score
Exploits0References1
Ubuntu
Ubuntu
added 2026/02/26 3:21 p.m.6 views

USN-8059-6: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; CVE-2025-22037, CVE-2025-37899...

7.8CVSS8AI score0.23278EPSS
Exploits2
Ubuntu
Ubuntu
added 2026/02/26 1:7 a.m.6 views

USN-8066-1: Rack vulnerabilities

Minh Pham Quang discovered that Rack did not correctly handle parsing certain paths, which could lead to a path traversal attack. An attacker could possibly use this issue to leak sensitive information. CVE-2026-22860 Ali Firas discovered that Rack did not correctly sanitize certain inputs. An...

7.5CVSS6AI score0.00665EPSS
Exploits2
Ubuntu
Ubuntu
added 2026/02/25 8:43 p.m.7 views

USN-8065-1: Authlib vulnerabilities

Millie Solem discovered that Authlib did not properly restrict algorithm selection during JWT verification, allowing HMAC verification with asymmetric public keys when no algorithm was specified. A remote attacker could possibly use this issue to bypass signature verification and forge tokens,...

8.8CVSS5.7AI score0.00582EPSS
Exploits5
Total number of security vulnerabilities10869