Lucene search
K
UbuntuRecent

10923 matches found

Ubuntu
Ubuntu
•added 2019/10/07 11:22 a.m.•121 views

USN-4148-1: OpenEXR vulnerabilities

It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. CVE-2017-12596...

8.8CVSS7AI score0.0331EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/10/04 3:38 p.m.•195 views

USN-4147-1: Linux kernel vulnerabilities

It was discovered that the Intel Wi-Fi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup TDLS. A physically proximate attacker could use this to cause a denial of service Wi-Fi disconnect. CVE-2019-0136 It was discovered that the Bluetooth UART...

9.4CVSS7.1AI score0.05189EPSS
Exploits11
Ubuntu
Ubuntu
•added 2019/10/03 2:21 p.m.•287 views

USN-4146-2: ClamAV vulnerabilities

USN-4146-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that ClamAV incorrectly handled unpacking ZIP files. A remote attacker could possibly use this issue to cause...

9.8CVSS7.5AI score0.08042EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/10/02 11:39 a.m.•166 views

USN-4146-1: ClamAV vulnerabilities

It was discovered that ClamAV incorrectly handled unpacking ZIP files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. CVE-2019-12625 It was discovered that ClamAV incorrectly handled unpacking bzip2 files. A remote attacker could use th...

9.8CVSS7.5AI score0.08042EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/10/01 4:12 a.m.•304 views

USN-4145-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the GFS2 file system in the Linux kernel. A local attacker could possibly use this to cause a denial of service system crash. CVE-2016-10905 It was discovered that the IPv6 implementation in the Linux kernel did not properly validate socket optio...

10CVSS6.8AI score0.06342EPSS
Exploits6
Ubuntu
Ubuntu
•added 2019/10/01 3:53 a.m.•188 views

USN-4144-1: Linux kernel vulnerabilities

It was discovered that the XFS file system in the Linux kernel did not properly handle mount failures in some situations. A local attacker could possibly use this to cause a denial of service system crash or execute arbitrary code. CVE-2018-20976 Benjamin Moody discovered that the XFS file system...

7.8CVSS6.4AI score0.03916EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/09/30 3:5 p.m.•109 views

USN-4143-1: SDL 2.0 vulnerabilities

It was discovered that SDL 2.0 mishandled crafted image files resulting in an integer overflow. If a user were tricked into opening a malicious file, SDL 2.0 could be caused to crash or potentially run arbitrary code. CVE-2017-2888 It was discovered that SDL 2.0 mishandled crafted image files. If...

8.8CVSS7AI score0.03299EPSS
Exploits6
Ubuntu
Ubuntu
•added 2019/09/30 2:17 p.m.•123 views

USN-4142-2: e2fsprogs vulnerability

USN-4142-1 fixed a vulnerability in e2fsprogs. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that e2fsprogs incorrectly handled certain ext4 partitions. An attacker could possibly use this issue to execute...

7.5CVSS7.5AI score0.01105EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/09/30 12:31 p.m.•101 views

USN-4142-1: e2fsprogs vulnerability

It was discovered that e2fsprogs incorrectly handled certain ext4 partitions. An attacker could possibly use this issue to execute arbitrary code...

7.5CVSS7.4AI score0.01105EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/09/28 4:30 p.m.•200 views

USN-4141-1: Exim vulnerability

It was discovered that Exim incorrectly handled certain string operations. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS8.9AI score0.41589EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/09/25 3:3 p.m.•67 views

USN-4140-1: Firefox vulnerability

It was discovered that no user notification was given when pointer lock is enabled. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to hijack the mouse pointer and confuse users...

4.3CVSS7.3AI score0.00624EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/09/25 12:5 p.m.•75 views

USN-4139-1: File Roller vulnerability

It was discovered that File Roller incorrectly handled certain TAR files. An attacker could possibly use this issue to overwrite sensitive files during extraction...

4.3CVSS5.6AI score0.02132EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/09/24 8:24 a.m.•108 views

USN-4138-1: LibreOffice vulnerability

It was discovered that LibreOffice incorrectly handled embedded scripts in document files. If a user were tricked into opening a specially crafted document, a remote attacker could possibly execute arbitrary code...

7.8CVSS8.4AI score0.0193EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/09/23 4:48 p.m.•118 views

USN-4137-1: Mosquitto vulnerability

It was discovered that Mosquitto incorrectly handled certain specially crafted input and network packets. A remote attacker could use this to cause a denial of service...

6.5CVSS7AI score0.02742EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/09/23 1:33 p.m.•106 views

USN-4134-2: IBus regression

USN-4134-1 fixed a vulnerability in IBus. The security fix introduced a regression when being used with Qt applications. This update reverts the security fix pending further investigation. Original advisory details: Simon McVittie discovered that IBus did not enforce appropriate access controls o...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2019/09/18 2:8 p.m.•145 views

USN-4128-2: Tomcat vulnerabilities

It was discovered that the Tomcat 9 SSI printenv command echoed user provided data without escaping it. An attacker could possibly use this issue to perform an XSS attack. CVE-2019-0221 It was discovered that Tomcat 9 did not address HTTP/2 connection window exhaustion on write while addressing...

7.5CVSS6.7AI score0.72988EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/09/18 2:4 p.m.•93 views

USN-4136-2: wpa_supplicant and hostapd vulnerability

USN-4136-1 fixed a vulnerability in wpasupplicant. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that wpasupplicant incorrectly handled certain management frames. An attacker could possibly use this issue to...

6.5CVSS6.5AI score0.01214EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/09/18 12:40 p.m.•95 views

USN-4136-1: wpa_supplicant and hostapd vulnerability

It was discovered that wpasupplicant incorrectly handled certain management frames. An attacker could possibly use this issue to cause a denial of service...

6.5CVSS6.5AI score0.01214EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/09/18 10:27 a.m.•168 views

USN-4135-2: Linux kernel vulnerabilities

Peter Pi discovered a buffer overflow in the virtio network backend vhostnet implementation in the Linux kernel. An attacker in a guest may be able to use this to cause a denial of service host OS crash or possibly execute arbitrary code in the host OS. CVE-2019-14835 It was discovered that the...

7.8CVSS7.3AI score0.00627EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/09/18 10:10 a.m.•154 views

USN-4135-1: Linux kernel vulnerabilities

Peter Pi discovered a buffer overflow in the virtio network backend vhostnet implementation in the Linux kernel. An attacker in a guest may be able to use this to cause a denial of service host OS crash or possibly execute arbitrary code in the host OS. CVE-2019-14835 It was discovered that the...

7.8CVSS7.3AI score0.00627EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/09/17 12:24 p.m.•198 views

USN-4113-2: Apache HTTP Server regression

USN-4113-1 fixed vulnerabilities in the Apache HTTP server. Unfortunately, that update introduced a regression when proxying balancer manager connections in some configurations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Stefan Eissing discovered...

7.1AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2019/09/16 1:3 p.m.•118 views

USN-4124-2: Exim vulnerability

USN-4124-1 fixed a vulnerability in Exim. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that Exim incorrectly handled certain decoding operations. A remote attacker could possibly use this issue to execute arbitrary commands...

10CVSS8.7AI score0.35736EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/09/16 12:8 p.m.•127 views

USN-4134-1: IBus vulnerability

Simon McVittie discovered that IBus did not enforce appropriate access controls on its private D-Bus socket. A local unprivileged user who discovers the IBus socket address of another user could exploit this to capture the key strokes of the other user...

7.1CVSS7AI score0.00365EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/09/16 4:42 a.m.•117 views

USN-4133-1: Wireshark vulnerabilities

It was discovered that Wireshark improperly handled certain input. A remote or local attacker could cause Wireshark to crash by injecting malformed packets onto the wire or convincing someone to read a malformed packet trace file...

7.5CVSS6.8AI score0.06079EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/09/12 8:10 p.m.•114 views

USN-4129-2: curl vulnerability

USN-4129-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Original advisory details: Thomas Vegas discovered that curl incorrectly handled memory during TFTP transfers. A remote attacker could use this issue to crash curl, resultin...

9.8CVSS6.8AI score0.17939EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/09/12 7:47 p.m.•94 views

USN-4132-2: Expat vulnerability

USN-4132-1 fixed a vulnerability in Expat. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive...

7.5CVSS7.4AI score0.06643EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/09/12 6:5 p.m.•108 views

USN-4132-1: Expat vulnerability

It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information...

7.5CVSS7.3AI score0.06643EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/09/11 5:11 p.m.•115 views

USN-4131-1: VLC vulnerabilities

It was discovered that VLC incorrectly handled certain media files. If a user were tricked into opening a specially-crafted file, a remote attacker could use this issue to cause VLC to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.2AI score0.036EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/09/11 5:2 p.m.•113 views

USN-4130-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

9.3CVSS6.7AI score0.12852EPSS
Exploits6
Ubuntu
Ubuntu
•added 2019/09/11 8:37 a.m.•122 views

USN-4129-1: curl vulnerabilities

Thomas Vegas discovered that curl incorrectly handled memory when using Kerberos over FTP. A remote attacker could use this issue to crash curl, resulting in a denial of service. CVE-2019-5481 Thomas Vegas discovered that curl incorrectly handled memory during TFTP transfers. A remote attacker...

9.8CVSS6.9AI score0.17939EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/09/11 5:29 a.m.•229 views

USN-4115-2: Linux kernel regression

USN 4115-1 fixed vulnerabilities in the Linux 4.15 kernel for Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Unfortunately, as part of the update, a regression was introduced that caused a kernel crash when handling fragmented packets in some situations. This update addresses the issue. We apologize for...

7.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2019/09/10 10:18 p.m.•69 views

USN-4120-2: systemd regression

USN-4120-1 fixed a vulnerability in systemd. The update included a recent SRU from the updates pocket that introduced networking problems for some users. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the systemd-resolved D-Bus...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2019/09/10 6:22 p.m.•128 views

USN-4128-1: Tomcat vulnerabilities

It was discovered that the Tomcat 8 SSI printenv command echoed user provided data without escaping it. An attacker could possibly use this issue to perform an XSS attack. CVE-2019-0221 It was discovered that Tomcat 8 did not address HTTP/2 connection window exhaustion on write while addressing...

7.5CVSS6.7AI score0.72988EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/09/10 1:8 p.m.•142 views

USN-4127-2: Python vulnerabilities

USN-4127-1 fixed several vulnerabilities in Python. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that Python incorrectly handled certain pickle files. An attacker could possibly use this issue to consume...

9.8CVSS7.2AI score0.20743EPSS
Exploits6
Ubuntu
Ubuntu
•added 2019/09/09 7:6 p.m.•86 views

USN-4126-2: FreeType vulnerabilities

USN-4126-1 fixed a vulnerability in FreeType. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that FreeType incorrectly handled certain font files. An attacker could possibly use this issue to access sensitive information. CVE-2015-9381,...

8.8CVSS6.8AI score0.02281EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/09/09 5:22 p.m.•100 views

USN-4127-1: Python vulnerabilities

It was discovered that Python incorrectly handled certain pickle files. An attacker could possibly use this issue to consume memory, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2018-20406 It was discovered that Python incorrectly validated t...

9.8CVSS7.2AI score0.20743EPSS
Exploits6
Ubuntu
Ubuntu
•added 2019/09/09 4:30 p.m.•64 views

USN-4126-1: FreeType vulnerability

It was discovered that FreeType incorrectly handled certain font files. An attacker could possibly use this issue to access sensitive information...

6.5CVSS6.7AI score0.02281EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/09/09 2:34 p.m.•95 views

USN-4125-1: Memcached vulnerability

It was discovered that Memcached incorrectly handled certain UNIX sockets. An attacker could possibly use this issue to access sensitive information...

7.5CVSS6.5AI score0.02638EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/09/06 12:54 p.m.•188 views

USN-4124-1: Exim vulnerability

It was discovered that Exim incorrectly handled certain decoding operations. A remote attacker could possibly use this issue to execute arbitrary commands...

10CVSS8.6AI score0.35736EPSS
Exploits3References1
Ubuntu
Ubuntu
•added 2019/09/05 12:42 p.m.•104 views

USN-4123-1: npm/fstream vulnerability

It was discovered that npm/fstream incorrectly handled certain crafted tarballs. An attacker could use this vulnerability to write aritrary files to the filesystem...

7.5CVSS8AI score0.02416EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/09/04 8:46 p.m.•131 views

USN-4122-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to obtain sensitive information, bypass Content Security Policy CSP protections, bypass same-origin restrictions, conduct cross-site...

9.8CVSS7.3AI score0.0216EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/09/03 8:59 p.m.•84 views

USN-4121-1: Samba vulnerability

Stefan Metzmacher discovered that the Samba SMB server did not properly prevent clients from escaping outside the share root directory in some situations. An attacker could use this to gain access to files outside of the Samba share, where allowed by the permissions of the underlying filesystem...

9.1CVSS7.5AI score0.03182EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/09/03 6:35 p.m.•105 views

USN-4120-1: systemd vulnerability

It was discovered that the systemd-resolved D-Bus interface did not enforce appropriate access controls. A local unprivileged user could exploit this to modify a system's DNS resolver settings...

4.4CVSS6AI score0.00511EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/09/03 1:59 p.m.•103 views

USN-4119-1: Irssi vulnerability

It was discovered that Irssi incorrectly handled certain CAP requests. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

9.8CVSS8.4AI score0.02488EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/09/02 9:34 p.m.•196 views

USN-4118-1: Linux kernel (AWS) vulnerabilities

It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. CVE-2018-13053 Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track...

10CVSS7.7AI score0.52199EPSS
Exploits50
Ubuntu
Ubuntu
•added 2019/09/02 9:30 p.m.•189 views

USN-4117-1: Linux kernel (AWS) vulnerabilities

It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2019-10126 Amit Klein and Benny Pinkas discovered that the Linux kerne...

9.8CVSS7.6AI score0.52199EPSS
Exploits23
Ubuntu
Ubuntu
•added 2019/09/02 9:7 p.m.•199 views

USN-4116-1: Linux kernel vulnerabilities

It was discovered that a use-after-free error existed in the block layer subsystem of the Linux kernel when certain failure conditions occurred. A local attacker could possibly use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2018-20856 Amit Klein and Ben...

7.8CVSS7.4AI score0.04425EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/09/02 8:38 p.m.•283 views

USN-4115-1: Linux kernel vulnerabilities

Hui Peng and Mathias Payer discovered that the Option USB High Speed driver in the Linux kernel did not properly validate metadata received from the device. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2018-19985 Zhipeng Xie discovered that an...

10CVSS7.6AI score0.05789EPSS
Exploits17
Ubuntu
Ubuntu
•added 2019/09/02 8:25 p.m.•162 views

USN-4114-1: Linux kernel vulnerabilities

Amit Klein and Benny Pinkas discovered that the Linux kernel did not sufficiently randomize IP ID values generated for connectionless networking protocols. A remote attacker could use this to track particular Linux devices. CVE-2019-10638 Praveen Pandey discovered that the Linux kernel did not...

7.7CVSS6.9AI score0.04425EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/09/02 1:23 p.m.•209 views

USN-3934-2: PolicyKit vulnerability

USN-3934-1 fixed a vulnerability in Policykit. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that PolicyKit incorrectly relied on the fork system call in the Linux kernel being atomic. A local attacker could possibly use this issu...

6.7CVSS6.8AI score0.00446EPSS
Exploits0
Total number of security vulnerabilities10923