Lucene search
K
UbuntuRecent

10923 matches found

Ubuntu
Ubuntu
•added 2020/06/24 4:22 p.m.•72 views

USN-4403-1: Mutt vulnerability and regression

It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to enable MITM attacks. CVE-2020-14954 This update also address a regression caused in the last update USN-4401-1. It only affected Ubuntu 12.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and...

5.9CVSS6.6AI score0.02288EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2020/06/24 11:51 a.m.•218 views

USN-4402-1: curl vulnerabilities

Marek Szlagor, Gregory Jefferis and Jeroen Ooms discovered that curl incorrectly handled certain credentials. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 19.10 and Ubuntu 20.04 LTS. CVE-2020-8169 It was discovered that curl incorrectl...

7.8CVSS6.8AI score0.03427EPSS
Exploits2
Ubuntu
Ubuntu
•added 2020/06/22 2:20 p.m.•70 views

USN-4401-1: Mutt vulnerabilities

It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to enable MITM attacks. CVE-2020-14093 It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to proceeds with a connection even if the...

5.9CVSS6.3AI score0.0214EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/06/22 1:35 p.m.•83 views

USN-4400-1: nfs-utils vulnerability

It was discovered that the nfs-utils package set incorrect permissions on the /var/lib/nfs directory. An attacker could possibly use this issue to escalate privileges...

10CVSS7.7AI score0.01518EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/06/17 7:26 p.m.•73 views

USN-4399-1: Bind vulnerabilities

It was discovered that Bind incorrectly handled large responses during zone transfers. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. CVE-2020-8618 It was discovered that Bind incorrectly handled certain asterisk characters in zone files....

4.9CVSS6.5AI score0.02088EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/06/17 3:11 p.m.•85 views

USN-4397-2: NSS vulnerability

USN-4397-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Cesar Pereida Garcia discovered that NSS incorrectly handled DSA key generation. A local attacker could possibly use this issue to perform a...

4.4CVSS7.3AI score0.00651EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/06/16 6:42 p.m.•66 views

USN-4398-2: DBus vulnerability

USN-4398-1 fixed a vulnerability in DBus. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Kevin Backhouse discovered that DBus incorrectly handled file descriptors. A local attacker could possibly use this issue to cause DBus to...

5.5CVSS6.7AI score0.00569EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/06/16 5:5 p.m.•63 views

USN-4398-1: DBus vulnerability

Kevin Backhouse discovered that DBus incorrectly handled file descriptors. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service...

5.5CVSS6.7AI score0.00569EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/06/16 4:56 p.m.•86 views

USN-4397-1: NSS vulnerabilities

It was discovered that NSS incorrectly handled the TLS State Machine. A remote attacker could possibly use this issue to cause NSS to hang, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.10. CVE-2019-17023 Cesar Pereida Garcia discovered that NSS...

6.5CVSS7.3AI score0.0134EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/06/16 1:12 p.m.•72 views

USN-4396-1: libexif vulnerabilities

It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. CVE-2020-0093, CVE-2020-0182 It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause a remote...

9.1CVSS7.2AI score0.04262EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/06/15 2:51 p.m.•73 views

USN-4315-2: Apport vulnerabilities

USN-4315-1 fixed several vulnerabilities in Apport. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Maximilien Bourgeteau discovered that the Apport lock file was created with insecure permissions. This could allow a local attacker to escalate their...

6.5CVSS5.6AI score0.00651EPSS
Exploits2
Ubuntu
Ubuntu
•added 2020/06/15 1:23 p.m.•80 views

USN-4395-1: fwupd vulnerability

Justin Steven discovered that fwupd incorrectly handled certain signature verification. An attacker could possibly use this issue to install an unsigned firmware...

6CVSS6.1AI score0.0049EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/06/11 11:1 p.m.•128 views

USN-4391-1: Linux kernel vulnerabilities

It was discovered that the ext4 file system implementation in the Linux kernel did not properly handle setxattr operations in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2019-19319 It was discovered that memory...

7.5CVSS7.3AI score0.0124EPSS
Exploits4References1
Ubuntu
Ubuntu
•added 2020/06/11 10:52 p.m.•224 views

USN-4390-1: Linux kernel vulnerabilities

It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2020-0067 It was discovered that memory contents...

7.5CVSS6.9AI score0.0124EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2020/06/10 9:50 p.m.•155 views

USN-4385-2: Intel Microcode regression

USN-4385-1 provided updated Intel Processor Microcode. Unfortunately, that update prevented certain processors in the Intel Skylake family 064EH from booting successfully. Additonally, on Ubuntu 20.04 LTS, late loading of microcode was enabled, which could lead to system instability. This update...

6.8AI score
Exploits0References2
Ubuntu
Ubuntu
•added 2020/06/10 6:31 p.m.•137 views

USN-4387-1: Linux kernel vulnerabilities

It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2020-0067 It was discovered that memory contents...

7.2CVSS7.1AI score0.00802EPSS
Exploits2References1
Ubuntu
Ubuntu
•added 2020/06/10 5:26 p.m.•119 views

USN-4389-1: Linux kernel vulnerabilities

It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2020-0067 It was discovered that memory contents...

7.2CVSS7.2AI score0.00802EPSS
Exploits2References1
Ubuntu
Ubuntu
•added 2020/06/10 1:36 p.m.•116 views

USN-4394-1: SQLite vulnerabilities

It was discovered that SQLite incorrectly handled certain corruped schemas. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2018-8740 It was discovered that SQLite incorrectly handled certain SELECT statements. An attacker cou...

7.5CVSS7AI score0.0825EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/06/10 12:44 a.m.•117 views

USN-4393-1: Linux kernel vulnerabilities

It was discovered that the Marvell WiFi-Ex Driver in the Linux kernel did not properly validate status lengths in messages received from an access point, leading to a buffer overflow. A physically proximate attacker controlling an access point could use this to construct messages that could...

7.1CVSS7.6AI score0.01218EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2020/06/10 12:42 a.m.•133 views

USN-4392-1: Linux kernel vulnerabilities

It was discovered that the Marvell WiFi-Ex Driver in the Linux kernel did not properly validate status lengths in messages received from an access point, leading to a buffer overflow. A physically proximate attacker controlling an access point could use this to construct messages that could...

7.1CVSS7.5AI score0.01218EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2020/06/09 11:18 p.m.•129 views

USN-4388-1: Linux kernel vulnerabilities

It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2020-0067 It was discovered that memory contents...

7.5CVSS7.2AI score0.0124EPSS
Exploits2References1
Ubuntu
Ubuntu
•added 2020/06/09 6:42 p.m.•84 views

USN-4385-1: Intel Microcode vulnerabilities

It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use th...

5.5CVSS6.8AI score0.00587EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2020/06/09 5:44 p.m.•73 views

USN-4386-1: libjpeg-turbo vulnerability

It was discovered that libjpeg-turbo incorrectly handled certain PPM files. An attacker could possibly use this issue to access sensitive information...

8.1CVSS6.8AI score0.03205EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/06/09 12:7 p.m.•93 views

LSN-0068-1: Kernel Live Patch Security Notice

It was discovered that the virtual terminal implementation in the Linux kernel did not properly handle resize events. A local attacker could use this to expose sensitive information. CVE-2020-8647 It was discovered that the virtual terminal implementation in the Linux kernel contained a race...

7.1CVSS6.7AI score0.00722EPSS
Exploits2
Ubuntu
Ubuntu
•added 2020/06/05 5:9 p.m.•84 views

USN-4384-1: GnuTLS vulnerability

It was discovered that GnuTLS incorrectly handled session ticket encryption keys. A remote attacker could possibly use this issue to bypass authentication or recover sensitive information...

7.4CVSS7.4AI score0.17507EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/06/04 8:26 p.m.•94 views

USN-4383-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the addressbar, or execute arbitrary code. CVE-2020-12405, CVE-2020-12406, CVE-2020-12407,...

9.3CVSS7.7AI score0.01537EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/06/04 12:57 p.m.•84 views

USN-4381-2: Django vulnerabilities

USN-4381-1 fixed several vulnerabilities in Django. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Dan Palmer discovered that Django incorrectly validated memcached cache keys. A remote attacker could possibly use this issue to cause a denial of...

6.1CVSS6.7AI score0.0609EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/06/04 11:58 a.m.•120 views

USN-4382-1: FreeRDP vulnerabilities

It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.3CVSS6.5AI score0.02653EPSS
Exploits9
Ubuntu
Ubuntu
•added 2020/06/03 11:32 a.m.•80 views

USN-4381-1: Django vulnerabilities

Dan Palmer discovered that Django incorrectly validated memcached cache keys. A remote attacker could possibly use this issue to cause a denial of service and obtain sensitive information. CVE-2020-13254 Jon Dufresne discovered that Django incorrectly encoded query parameters for the admin...

6.1CVSS6.7AI score0.0609EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/06/01 8:8 p.m.•82 views

USN-4380-1: Apache Ant vulnerability

It was discovered that Apache Ant created temporary files with insecure permissions. An attacker could use this vulnerability to read sensitive information leaked into /tmp, or potentially inject malicious code into a project that is built with Apache Ant...

6.3CVSS7.4AI score0.01793EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/06/01 5:32 p.m.•94 views

USN-4379-1: FreeRDP vulnerabilities

It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly exeucte arbitrary code...

8.3CVSS6.5AI score0.02689EPSS
Exploits13
Ubuntu
Ubuntu
•added 2020/06/01 5:5 p.m.•66 views

USN-4377-2: ca-certificates update

USN-4377-1 updated ca-certificates. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: The ca-certificates package contained an expired CA certificate that caused connectivity issues. This update removes the "AddTrust External Root"...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/06/01 3:28 p.m.•225 views

USN-4378-1: Flask vulnerability

It was discovered that Flask incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS6.4AI score0.03855EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/06/01 2:23 p.m.•74 views

USN-4377-1: ca-certificates update

The ca-certificates package contained an expired CA certificate that caused connectivity issues. This update removes the "AddTrust External Root" CA. In addition, on Ubuntu 16.04 LTS and Ubuntu 18.04 LTS, this update refreshes the included certificates to those contained in the 20190110 package...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/05/28 10:46 p.m.•115 views

USN-4367-2: Linux kernel regression

USN-4367-1 fixed vulnerabilities in the 5.4 Linux kernel. Unfortunately, that update introduced a regression in overlayfs. This update corrects the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the btrfs implementation in the Linux kernel did not...

6.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/05/28 10:34 p.m.•164 views

USN-4369-2: Linux kernel regression

USN-4369-1 fixed vulnerabilities in the 5.3 Linux kernel. Unfortunately, that update introduced a regression in overlayfs. This update corrects the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the btrfs implementation in the Linux kernel did not...

6.5AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/05/28 8:20 p.m.•210 views

USN-4363-1: Linux kernel vulnerabilities

It was discovered that the Serial CAN interface driver in the Linux kernel did not properly initialize data. A local attacker could use this to expose sensitive information kernel memory. CVE-2020-11494 It was discovered that the linux kernel did not properly validate certain mount options to the...

7.8CVSS6.4AI score0.00722EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/05/28 7:6 p.m.•74 views

USN-4359-2: APT vulnerability

USN-4359-1 fixed a vulnerability in APT. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Original advisory details: It was discovered that APT incorrectly handled certain filenames during package installation. If an attacker could provide a specially crafted...

5.5CVSS6.3AI score0.01305EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/05/28 12:7 p.m.•106 views

USN-4376-1: OpenSSL vulnerabilities

Cesar Pereida García, Sohaib ul Hassan, Nicola Tuveri, Iaroslav Gridin, Alejandro Cabrera Aldaya, and Billy Brumley discovered that OpenSSL incorrectly handled ECDSA signatures. An attacker could possibly use this issue to perform a timing side-channel attack and recover private ECDSA keys...

5.3CVSS6.6AI score0.14298EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/05/28 11:33 a.m.•109 views

USN-4360-4: json-c vulnerability

USN-4360-1 fixed a vulnerability in json-c. The security fix introduced a memory leak that was reverted in USN-4360-2 and USN-4360-3. This update provides the correct fix update for CVE-2020-12762. Original advisory details: It was discovered that json-c incorrectly handled certain JSON files. An...

7.8CVSS7.2AI score0.01888EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/05/27 6:0 p.m.•128 views

USN-4375-1: PHP vulnerability

It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service...

5.3CVSS7.1AI score0.06264EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/05/27 3:19 p.m.•120 views

USN-4374-1: Unbound vulnerabilities

Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Unbound incorrectly handled certain queries. A remote attacker could use this issue to perform an amplification attack directed at a target. CVE-2020-12662 It was discovered that Unbound incorrectly handled certain malformed answers....

7.5CVSS6.8AI score0.03588EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/05/26 2:33 p.m.•94 views

USN-4373-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. CVE-2020-6831, CVE-2020-12387, CVE-2020-12395 It wa...

10CVSS7.8AI score0.05803EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/05/24 2:16 a.m.•199 views

USN-4367-1: Linux kernel vulnerabilities

It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service system crash. CVE-2019-19377 It was...

7.8CVSS6.4AI score0.034EPSS
Exploits2
Ubuntu
Ubuntu
•added 2020/05/24 2:13 a.m.•228 views

USN-4369-1: Linux kernel vulnerabilities

It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service system crash. CVE-2019-19377 Trista...

7.8CVSS6.3AI score0.034EPSS
Exploits2
Ubuntu
Ubuntu
•added 2020/05/21 6:47 p.m.•70 views

USN-4370-2: ClamAV vulnerabilities

USN-4370-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Original advisory details: It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause ClamAV ...

7.5CVSS8AI score0.05063EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/05/21 5:8 p.m.•105 views

USN-4372-1: QEMU vulnerabilities

It was discovered that QEMU incorrectly handled bochs-display devices. A local attacker in a guest could use this to cause a denial of service or possibly execute arbitrary code in the host. This issue only affected Ubuntu 19.10. CVE-2019-15034 It was discovered that QEMU incorrectly handled memo...

7.5CVSS7.2AI score0.02293EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/05/21 4:52 p.m.•89 views

USN-4371-1: libvirt vulnerabilities

It was discovered that libvirt incorrectly handled an active pool without a target path. A remote attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. CVE-2020-10703 It was discovered that libvirt incorrectly handled memory when retrieving certain...

6.5CVSS7AI score0.02363EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/05/21 4:43 p.m.•73 views

USN-4370-1: ClamAV vulnerabilities

It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. CVE-2020-3327 It was discovered that ClamAV incorrectly handled parsing PDF files. A remote attacker could possibly u...

7.5CVSS7.9AI score0.05063EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/05/20 6:10 p.m.•129 views

USN-4365-2: Bind vulnerabilities

USN-4365-1 fixed several vulnerabilities in Bind. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Original advisory details: Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Bind incorrectly limited certain fetches. A remote attacker could possibly...

8.6CVSS6.9AI score0.93422EPSS
Exploits6
Total number of security vulnerabilities10923