Lucene search
K
UbuntuRecent

10923 matches found

Ubuntu
Ubuntu
•added 2020/01/27 3:5 p.m.•123 views

USN-4251-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly handled the RMI registry when configured with the JMX Remote Lifecycle Listener. A local attacker could possibly use this issue to obtain credentials and gain complete control over the Tomcat instance. CVE-2019-12418 It was discovered that Tomcat...

7.5CVSS7AI score0.10687EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/27 2:59 p.m.•184 views

USN-4250-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.19 in Ubuntu 19.10. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.29. In addition to security fixes, the updated package...

6.5CVSS6.4AI score0.03485EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/23 6:19 p.m.•106 views

USN-4230-2: ClamAV vulnerability

USN-4230-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that ClamAV incorrectly handled certain MIME messages. A remote attacker could possibly use this issue to cause ClamAV ...

7.5CVSS7.5AI score0.03135EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/01/23 4:57 p.m.•71 views

USN-4233-2: GnuTLS update

USN-4233-1 disabled SHA1 being used for digital signature operations in GnuTLS. In certain network environments, certificates using SHA1 may still be in use. This update adds the %VERIFYALLOWBROKEN and %VERIFYALLOWSIGNWITHSHA1 priority strings that can be used to temporarily re-enable SHA1 until...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/01/23 3:11 p.m.•83 views

USN-4247-3: python-apt vulnerabilities

USN-4247-1 fixed several vulnerabilities in python-apt. This update provides the corresponding updates for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker...

4.7CVSS5.1AI score0.00496EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/23 12:21 p.m.•98 views

USN-4249-1: e2fsprogs vulnerability

It was discovered that e2fsprogs incorrectly handled certain ext4 partitions. An attacker could possibly use this issue to execute arbitrary code...

7.5CVSS7.2AI score0.01025EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/01/22 11:11 p.m.•54 views

USN-4247-2: python-apt regression

USN-4247-1 fixed vulnerabilities in python-apt. The updated packages caused a regression when attempting to upgrade to a new Ubuntu release. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that python-apt would still use MD5 hashes t...

5.2AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/01/22 7:0 p.m.•367 views

USN-4246-1: zlib vulnerabilities

It was discovered that zlib incorrectly handled pointer arithmetic. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2016-9840, CVE-2016-9841 It was discovered that zlib incorrectly handled vectors involving left...

9.8CVSS7.8AI score0.07489EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/22 6:42 p.m.•89 views

USN-4248-1: GraphicsMagick vulnerabilities

It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact...

8.8CVSS6.7AI score0.03397EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/01/22 6:15 p.m.•64 views

USN-4247-1: python-apt vulnerabilities

It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could potentially be used to install altered packages. CVE-2019-15795 It was discovered that python-apt could...

4.7CVSS5.1AI score0.00496EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/21 4:41 p.m.•55 views

USN-4245-1: PySAML2 vulnerability

It was discovered that PySAML2 incorrectly handled certain SAML files. An attacker could possibly use this issue to bypass signature verification with arbitrary data...

7.5CVSS7.5AI score0.01207EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/21 12:59 p.m.•79 views

USN-4244-1: Samba vulnerabilities

It was discovered that Samba did not automatically replicate ACLs set to inherit down a subtree on AD Directory, contrary to expectations. This issue was only addressed in Ubuntu 18.04 LTS, Ubuntu 19.04 and Ubuntu 19.10. CVE-2019-14902 Robert Święcki discovered that Samba incorrectly handled...

6.5CVSS6.8AI score0.03151EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/20 3:24 p.m.•103 views

USN-4243-1: libbsd vulnerabilities

It was discovered that libbsd incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM. CVE-2016-2090 It was discovered that libbsd incorrectly handled certain strings. An attacker could possibly use this...

9.8CVSS8.4AI score0.03223EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/01/20 12:7 p.m.•94 views

USN-4242-1: Sysstat vulnerabilities

It was discovered that Sysstat incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 19.04 and Ubuntu 19.10. CVE-2019-16167 It was discovered that Sysstat incorrectly handled certain inputs. An...

9.8CVSS7.5AI score0.02762EPSS
Exploits2
Ubuntu
Ubuntu
•added 2020/01/18 6:40 a.m.•190 views

USN-4225-2: Linux kernel (HWE) vulnerabilities

USN-4225-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 19.10 for Ubuntu 18.04 LTS. It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for...

10CVSS7.3AI score0.16908EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/16 6:31 p.m.•68 views

USN-4240-1: Kamailio vulnerability

It was discovered that Kamailio incorrectly handled a specially crafted file. An attacker could possibly use this issue to cause a denial of service or other unspecified impact...

9.8CVSS8.2AI score0.31338EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/16 5:9 p.m.•92 views

USN-4241-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting XSS attacks, or execute arbitrary code...

8.8CVSS7.8AI score0.46589EPSS
Exploits11
Ubuntu
Ubuntu
•added 2020/01/15 6:22 p.m.•129 views

USN-4235-2: nginx vulnerability

USN-4235-1 fixed a vulnerability in nginx. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Bert JW Regeer and Francisco Oca Gonzalez discovered that nginx incorrectly handled certain errorpage configurations. A remote attacker could possibly use this...

5.3CVSS6.8AI score0.14961EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/01/15 4:4 p.m.•101 views

USN-4221-2: libpcap vulnerability

USN-4221-1 fixed a vulnerability in libpcap. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that libpcap did not properly validate PHB headers in some situations. An attacker could use this to cause a denial of service memory...

5.3CVSS6.6AI score0.02834EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/15 1:21 p.m.•121 views

USN-4239-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, 16.04 LTS, 18.04 LTS, 19.04 and 19.10. CVE-2019-11045 It was discovered that PHP incorrectly handled certain inputs. An...

6.5CVSS7AI score0.08818EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/01/15 10:37 a.m.•109 views

USN-4237-2: SpamAssassin vulnerabilities

USN-4237-1 fixed several vulnerabilities in SpamAssassin. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Original advisory details: It was discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a...

7.5CVSS7AI score0.07234EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/14 3:1 p.m.•91 views

USN-4238-1: SDL_image vulnerabilities

It was discovered that SDLimage incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact...

8.8CVSS6.7AI score0.04515EPSS
Exploits12
Ubuntu
Ubuntu
•added 2020/01/14 1:0 p.m.•69 views

USN-4236-2: Libgcrypt vulnerability

USN-4236-1 fixed a vulnerability in Libgcrypt. This update provides the corresponding fix for Ubuntu 16.04 LTS. Original advisory details: It was discovered that Libgcrypt was susceptible to a ECDSA timing attack. An attacker could possibly use this attack to recover sensitive information...

6.3CVSS6.8AI score0.0051EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/13 3:46 p.m.•83 views

USN-4237-1: SpamAssassin vulnerabilities

It was discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially-crafted CF file, a remote attacker could possibly run arbitrary code. CVE-2018-11805 It was discovered that SpamAssassin incorrectly handled certain messages...

7.5CVSS6.9AI score0.07234EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/13 3:36 p.m.•94 views

USN-4236-1: Libgcrypt vulnerability

It was discovered that Libgcrypt was susceptible to a ECDSA timing attack. An attacker could possibly use this attack to recover sensitive information...

6.3CVSS6.8AI score0.0051EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/13 3:29 p.m.•141 views

USN-4235-1: nginx vulnerability

Bert JW Regeer and Francisco Oca Gonzalez discovered that nginx incorrectly handled certain errorpage configurations. A remote attacker could possibly use this issue to perform HTTP request smuggling attacks and access resources contrary to expectations...

5.3CVSS6.8AI score0.14961EPSS
Exploits3
Ubuntu
Ubuntu
•added 2020/01/13 2:12 p.m.•91 views

USN-4047-2: libvirt update vulnerability

USN-4047-1 fixed a vulnerability in libvirt. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Matthias Gerstner and Ján Tomko discovered that libvirt incorrectly handled certain API calls. An attacker could possibly use this issue to check for arbitra...

8.8CVSS7.9AI score0.00516EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/09 10:3 p.m.•94 views

USN-4234-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass Content Security Policy CSP restrictions, conduct cross-site...

8.8CVSS8.3AI score0.46589EPSS
Exploits8
Ubuntu
Ubuntu
•added 2020/01/09 6:44 p.m.•79 views

USN-4229-1: NTP vulnerability

It was discovered that ntpq and ntpdc incorrectly handled some arguments. An attacker could possibly use this issue to cause ntpq or ntpdc to crash, execute arbitrary code, or escalate to higher privileges...

9.8CVSS7.2AI score0.29037EPSS
Exploits5
Ubuntu
Ubuntu
•added 2020/01/09 12:58 p.m.•84 views

USN-4233-1: GnuTLS update

As a security improvement, this update marks SHA1 as being untrusted for digital signature operations...

5.3AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2020/01/08 5:46 p.m.•106 views

USN-4231-1: NSS vulnerability

It was discovered that NSS incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code...

10CVSS7.2AI score0.03552EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/01/08 5:42 p.m.•130 views

USN-4232-1: GraphicsMagick vulnerabilities

It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact...

8.8CVSS6.6AI score0.19193EPSS
Exploits9
Ubuntu
Ubuntu
•added 2020/01/08 1:39 p.m.•87 views

USN-4230-1: ClamAV vulnerability

It was discovered that ClamAV incorrectly handled certain MIME messages. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service...

7.5CVSS7.5AI score0.03135EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/01/07 8:52 p.m.•191 views

USN-4227-2: Linux kernel (Azure) vulnerabilities

USN-4227-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 ESM. It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the...

10CVSS7.3AI score0.16908EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/01/07 8:10 p.m.•179 views

USN-4228-2: Linux kernel (Xenial HWE) vulnerabilities

USN-4228-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex...

10CVSS7.3AI score0.16908EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/07 3:2 a.m.•253 views

USN-4228-1: Linux kernel vulnerabilities

It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2019-14895, CVE-2019-14901 It was discovered that a...

10CVSS7.3AI score0.16908EPSS
Exploits0
Ubuntu
Ubuntu
•added 2020/01/07 2:24 a.m.•236 views

USN-4227-1: Linux kernel vulnerabilities

It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2019-14895, CVE-2019-14901 It was discovered that a...

10CVSS7.3AI score0.16908EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/01/07 2:16 a.m.•259 views

USN-4226-1: Linux kernel vulnerabilities

Michael Hanselmann discovered that the CIFS implementation in the Linux kernel did not sanitize paths returned by an SMB server. An attacker controlling an SMB server could use this to overwrite arbitrary files. CVE-2019-10220 It was discovered that a heap-based buffer overflow existed in the...

10CVSS7.2AI score0.16908EPSS
Exploits1
Ubuntu
Ubuntu
•added 2020/01/07 1:9 a.m.•238 views

USN-4225-1: Linux kernel vulnerabilities

It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2019-14895, CVE-2019-14901 It was discovered that a...

10CVSS7.3AI score0.16908EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/12/19 1:2 a.m.•139 views

USN-4224-1: Django vulnerability

Simon Charette discovered that the password reset functionality in Django used a Unicode case insensitive query to retrieve accounts associated with an email address. An attacker could possibly use this to obtain password reset tokens and hijack accounts...

9.8CVSS7.1AI score0.3481EPSS
Exploits7
Ubuntu
Ubuntu
•added 2019/12/17 11:14 p.m.•108 views

USN-4223-1: OpenJDK vulnerabilities

Jan Jancar, Petr Svenda, and Vladimir Sedlacek discovered that a side- channel vulnerability existed in the ECDSA implementation in OpenJDK. An Attacker could use this to expose sensitive information. CVE-2019-2894 It was discovered that the Socket implementation in OpenJDK did not properly...

6.8CVSS7AI score0.03749EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/12/16 4:37 p.m.•131 views

USN-4222-1: GraphicsMagick vulnerabilities

It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact...

9.8CVSS6.7AI score0.25065EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/12/13 1:7 p.m.•124 views

USN-4216-2: Firefox vulnerabilities

USN-4216-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit...

8.8CVSS7.7AI score0.02994EPSS
Exploits4
Ubuntu
Ubuntu
•added 2019/12/11 4:53 p.m.•69 views

USN-4214-2: RabbitMQ vulnerability

USN-4214-1 fixed a vulnerability in RabbitMQ. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that RabbitMQ incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary cod...

9.8CVSS8.7AI score0.03317EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/12/11 3:7 p.m.•97 views

USN-4217-2: Samba vulnerabilities

USN-4217-1 fixed several vulnerabilities in Samba. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Andreas Oster discovered that the Samba DNS management server incorrectly handled certain records. An authenticated attacker could possibly use this...

6.4CVSS6.4AI score0.02783EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/12/11 12:17 a.m.•101 views

USN-4221-1: libpcap vulnerability

It was discovered that libpcap did not properly validate PHB headers in some situations. An attacker could use this to cause a denial of service memory exhaustion...

5.3CVSS6.6AI score0.02834EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/12/10 8:33 p.m.•80 views

USN-4202-2: Thunderbird regression

USN-4202-1 fixed vulnerabilities in Thunderbird. After upgrading, Thunderbird created a new profile for some users. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that a specially crafted S/MIME message with an inner encryption laye...

7.5AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2019/12/10 7:0 p.m.•119 views

USN-4220-1: Git vulnerabilities

Joern Schneeweisz and Nicolas Joly discovered that Git contained various security flaws. An attacker could possibly use these issues to overwrite arbitrary paths, execute arbitrary code, and overwrite files in the .git directory...

9.8CVSS7.5AI score0.34007EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/12/10 5:49 p.m.•64 views

USN-4219-1: libssh vulnerability

It was discovered that libssh incorrectly handled certain scp commands. If a user or automated system were tricked into using a specially-crafted scp command, a remote attacker could execute arbitrary commands on the server...

9.3CVSS7.2AI score0.0316EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/12/10 1:49 p.m.•66 views

USN-4218-1: GNU C Library vulnerability

Jakub Wilk discovered that GNU C Library incorrectly handled certain memory alignments. An attacker could possibly use this issue to execute arbitrary code or cause a crash...

9.8CVSS8AI score0.04778EPSS
Exploits0
Total number of security vulnerabilities10923