Lucene search
K
UbuntuRecent

10923 matches found

Ubuntu
Ubuntu
•added 2019/07/30 4:50 p.m.•124 views

USN-4078-1: OpenLDAP vulnerabilities

It was discovered that OpenLDAP incorrectly handled rootDN delegation. A database administrator could use this issue to request authorization as an identity from another database, contrary to expectations. CVE-2019-13057 It was discovered that OpenLDAP incorrectly handled SASL authentication and...

7.5CVSS6.5AI score0.05015EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/29 3:55 p.m.•141 views

USN-4077-1: tmpreaper vulnerability

It was discovered that tmpreaper incorrectly handled certain mount operations. A local attacker could possibly use this issue to create arbitrary files, leading to privilege escalation...

7CVSS7.1AI score0.00253EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/29 1:43 p.m.•216 views

USN-3990-2: urllib3 vulnerability

USN-3990-1 fixed a vulnerability in urllib3. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that urllib3 incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection...

6.1CVSS7.6AI score0.02056EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/07/25 9:51 p.m.•282 views

USN-4076-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the Serial Attached SCSI SAS implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service system crash or execute arbitrary code. CVE-2018-20836 It was discovered that the ext4 file system implementati...

9.3CVSS7AI score0.05111EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/25 8:3 p.m.•146 views

USN-4054-2: Firefox regressions

USN-4054-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. We apologize for the inconvenience. Original advisory details: A sandbox escape was discovered in Firefox. If a user were tricked in to installing a malicious language pac...

7.5AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2019/07/25 3:19 p.m.•131 views

USN-4075-1: Exim vulnerability

Jeremy Harris discovered that Exim incorrectly handled sort expansions. In environments where sort expansions are used, a remote attacker could possibly use this issue to execute arbitrary code as root...

10CVSS8.8AI score0.08622EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/25 11:57 a.m.•179 views

USN-4074-1: VLC vulnerabilities

It was discovered that the VLC CAF demuxer incorrectly handled certain files. If a user were tricked into opening a specially-crafted CAF file, a remote attacker could use this issue to cause VLC to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2018-19857...

9.8CVSS8.3AI score0.05295EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/07/25 11:47 a.m.•104 views

USN-4073-1: libEBML vulnerability

It was discovered that libEBML incorrectly handled certain media files. If a user were tricked into opening a specially crafted media file, libEBML could possibly be made to crash, resulting in a denial of service...

5.5CVSS5.6AI score0.02492EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/07/24 11:7 p.m.•127 views

USN-4072-1: Ansible vulnerabilities

It was discovered that Ansible failed to properly handle sensitive information. A local attacker could use those vulnerabilities to extract them. CVE-2017-7481 CVE-2018-10855 CVE-2018-16837 CVE-2018-16876 CVE-2019-10156 It was discovered that Ansible could load configuration files from the curren...

9.8CVSS6.6AI score0.04804EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/24 3:15 p.m.•139 views

USN-4071-2: Patch vulnerabilities

USN-4071-1 fixed several vulnerabilities in Patch. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. CVE-2019-136...

9.3CVSS7.4AI score0.0453EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/24 1:33 p.m.•143 views

USN-4071-1: Patch vulnerabilities

It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. CVE-2019-13636 It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code...

9.3CVSS7.3AI score0.0453EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/24 11:34 a.m.•207 views

USN-4070-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.04 have been updated to MySQL 5.7.27. In addition to security fixes, the updated packages contain bug fixes, new features,...

6.5CVSS6.5AI score0.03972EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/23 6:28 a.m.•279 views

USN-4069-1: Linux kernel vulnerabilities

It was discovered that an integer overflow existed in the Linux kernel when reference counting pages, leading to potential use-after-free issues. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2019-11487 Jann Horn discovered that ...

7.8CVSS6.8AI score0.00989EPSS
Exploits4
Ubuntu
Ubuntu
•added 2019/07/23 4:47 a.m.•282 views

USN-4068-2: Linux kernel (HWE) vulnerabilities

USN-4068-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 for Ubuntu 16.04 LTS. Adam Zabrocki discovered that the Intel i915 kernel mode graphics driver in the Linux kern...

9.3CVSS6.9AI score0.04458EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/07/23 3:20 a.m.•374 views

USN-4068-1: Linux kernel vulnerabilities

Adam Zabrocki discovered that the Intel i915 kernel mode graphics driver in the Linux kernel did not properly restrict mmap ranges in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2019-11085 It was discovered tha...

9.3CVSS6.9AI score0.04458EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/07/22 4:55 p.m.•121 views

USN-4067-1: Evince vulnerability

It was discovered that Evince incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service or to execute arbitrary code...

7.8CVSS7.1AI score0.02092EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/07/22 2:46 p.m.•153 views

USN-4065-2: Squid vulnerabilities

USN-4065-1 fixed several vulnerabilities in Squid. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Squid incorrectly handled Digest authentication. A remote attacker could possibly use this issue to cause Squid to crash,...

9.8CVSS6.4AI score0.24401EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/22 11:54 a.m.•177 views

USN-4066-2: ClamAV vulnerability

USN-4066-1 fixed a vulnerability in libmspack. This update provides the corresponding update for ClamAV in Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that ClamAV incorrectly handled certain CHM files. A remote attacker could possibly use this issue to acce...

5.5CVSS6.8AI score0.01464EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/07/18 5:32 p.m.•148 views

USN-4066-1: libmspack vulnerability

It was discovered that libmspack incorrectly handled certain CHM files. A remote attacker could possibly use this issue to access sensitive information...

5.5CVSS6.8AI score0.01464EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/07/18 5:22 p.m.•182 views

USN-4065-1: Squid vulnerabilities

It was discovered that Squid incorrectly handled Digest authentication. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. CVE-2019-12525 It was discovered that Squid incorrectly handled Basic authentication. A remote attacker could use this...

9.8CVSS6.7AI score0.50454EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/17 10:22 p.m.•227 views

USN-4064-1: Thunderbird vulnerabilities

A sandbox escape was discovered in Thunderbird. If a user were tricked in to installing a malicious language pack, an attacker could exploit this to gain additional privileges. CVE-2019-9811 Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially...

9.8CVSS7.7AI score0.20271EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/07/17 6:21 p.m.•269 views

USN-4063-1: LibreOffice vulnerabilities

Nils Emmerich discovered that LibreOffice incorrectly handled LibreLogo scripts. If a user were tricked into opening a specially crafted document, a remote attacker could cause LibreOffice to execute arbitrary code. CVE-2019-9848 Matei "Mal" Badanoiu discovered that LibreOffice incorrectly handle...

9.8CVSS7.9AI score0.31215EPSS
Exploits5
Ubuntu
Ubuntu
•added 2019/07/17 1:25 p.m.•271 views

USN-4059-2: Squid vulnerabilities

USN-4059-1 and USN-3557-1 fixed several vulnerabilities in Squid. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Louis Dion-Marcil discovered that Squid incorrectly handled certain Edge Side Includes ESI responses. A malicious remote server could...

7.5CVSS6.1AI score0.74477EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/07/16 5:20 p.m.•157 views

USN-4062-1: WavPack vulnerabilities

Rohan Padhye discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to cause a denial of service. CVE-2019-1010315, CVE-2019-1010317, CVE-2019-1010318, CVE-2019-1010319...

5.5CVSS5.9AI score0.01534EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/07/16 4:21 p.m.•138 views

USN-4060-2: NSS vulnerabilities

USN-4060-1 fixed several vulnerabilities in nss. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Henry Corrigan-Gibbs discovered that NSS incorrectly handled importing certain curve25519 private keys. An attacker could use this...

7.5CVSS8.2AI score0.02794EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/16 1:47 p.m.•155 views

USN-4061-1: Redis vulnerabilities

It was discovered that Redis incorrectly handled the hyperloglog data structure. An attacker could use this issue to cause Redis to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.2CVSS7.6AI score0.26048EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/16 12:14 p.m.•168 views

USN-4060-1: NSS vulnerabilities

Henry Corrigan-Gibbs discovered that NSS incorrectly handled importing certain curve25519 private keys. An attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly obtain sensitive information. CVE-2019-11719 Hubert Kario discovered that NSS incorrectly...

7.5CVSS7.6AI score0.02794EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/15 2:38 p.m.•128 views

USN-4059-1: Squid vulnerabilities

It was discovered that Squid incorrectly handled certain SNMP packets. A remote attacker could possibly use this issue to cause memory consumption, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2018-19132 It was discovered that Squid incorrect...

6.1CVSS6.3AI score0.74477EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/07/15 2:37 p.m.•125 views

USN-4057-1: Zipios vulnerability

Mike Salvatore discovered that Zipios mishandled certain malformed ZIP files. An attacker could use this vulnerability to cause a denial of service or consume system resources. CVE-2019-13453...

6.5CVSS6.3AI score0.02026EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/15 2:31 p.m.•151 views

USN-4058-1: Bash vulnerability

It was discovered that Bash incorrectly handled the restricted shell. An attacker could possibly use this issue to escape restrictions and execute any command...

7.8CVSS7AI score0.00415EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/15 1:42 p.m.•100 views

USN-4055-1: flightcrew vulnerabilities

Mike Salvatore discovered that FlightCrew improperly handled certain malformed EPUB files. An attacker could potentially use this vulnerability to cause a denial of service. CVE-2019-13032 Mike Salvatore discovered that FlightCrew mishandled certain malformed EPUB files. An attacker could use thi...

7.8CVSS6.6AI score0.02026EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/07/15 1:25 p.m.•109 views

USN-4056-1: Exiv2 vulnerabilities

It was discovered that Exiv2 incorrectly handled certain PSD files. An attacker could possibly use this issue to cause a denial of service. CVE-2018-19107, CVE-2018-19108 It was discovered that Exiv2 incorrectly handled certain PNG files. An attacker could possibly use this issue to cause a denia...

6.5CVSS6.7AI score0.02127EPSS
Exploits5
Ubuntu
Ubuntu
•added 2019/07/12 5:1 p.m.•250 views

USN-4054-1: Firefox vulnerabilities

A sandbox escape was discovered in Firefox. If a user were tricked in to installing a malicious language pack, an attacker could exploit this to gain additional privileges. CVE-2019-9811 Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted...

9.8CVSS7.5AI score0.20271EPSS
Exploits4
Ubuntu
Ubuntu
•added 2019/07/09 2:41 p.m.•41 views

USN-4051-2: Apport vulnerability

USN-4051-1 fixed a vulnerability in apport. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Kevin Backhouse discovered a race-condition when reading the user's local Apport configuration. This could be used by a local attacker to cause Apport to...

7CVSS6.3AI score0.00314EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/07/09 11:29 a.m.•66 views

USN-4053-1: GVfs vulnerabilities

It was discovered that GVfs incorrectly handled the admin backend. Files created or moved by the admin backend could end up with the wrong ownership information, contrary to expectations. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04. CVE-2019-12447, CVE-2019-12448,...

8.1CVSS6.6AI score0.0184EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/09 12:36 a.m.•189 views

USN-4051-1: Apport vulnerability

Kevin Backhouse discovered a race-condition when reading the user's local Apport configuration. This could be used by a local attacker to cause Apport to include arbitrary files in a resulting crash report...

7CVSS6.3AI score0.00314EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/07/09 12:33 a.m.•154 views

USN-4052-1: Whoopsie vulnerability

Kevin Backhouse discovered Whoopsie incorrectly handled very large crash reports. A local attacker could possibly use this issue to cause a denial of service or expose sensitive information...

7.8CVSS6.8AI score0.00577EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/07/08 6:15 p.m.•169 views

USN-4049-2: GLib vulnerability

USN-4049-1 fixed a vulnerability in GLib. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that GLib created directories and files without properly restricting permissions. An attacker could possibly use this iss...

7.5CVSS7.4AI score0.03211EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/08 6:1 p.m.•180 views

USN-4050-1: ZeroMQ vulnerability

It was discovered that ZeroMQ incorrectly handled certain application metadata. A remote attacker could use this issue to cause ZeroMQ to crash, or possibly execute arbitrary code...

9.8CVSS8AI score0.42464EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/07/08 3:59 p.m.•171 views

USN-4049-1: GLib vulnerability

It was discovered that GLib created directories and files without properly restricting permissions. An attacker could possibly use this issue to access sensitive information...

7.5CVSS7.4AI score0.03211EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/08 2:41 p.m.•208 views

USN-4048-1: Docker vulnerabilities

Aleksa Sarai discovered that Docker was vulnerable to a directory traversal attack. An attacker could use this vulnerability to read and write arbitrary files on the host filesystem as root...

9.3CVSS7AI score0.9857EPSS
Exploits34
Ubuntu
Ubuntu
•added 2019/07/08 11:38 a.m.•211 views

USN-4047-1: libvirt vulnerabilities

Matthias Gerstner and Ján Tomko discovered that libvirt incorrectly handled certain API calls. An attacker could possibly use this issue to check for arbitrary files, or execute arbitrary binaries. In the default installation, attackers would be isolated by the libvirt AppArmor profile...

8.8CVSS7.9AI score0.00549EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/04 5:38 p.m.•207 views

USN-4046-1: Irssi vulnerabilities

It was discovered that Irssi incorrectly handled certain disconnections. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. CVE-2018-7054 It was discovered that Irssi incorrectly handled certain requests. An...

9.8CVSS6.9AI score0.03333EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/04 3:48 p.m.•208 views

USN-4038-4: bzip2 regression

USN-4038-1 fixed a vulnerability in bzip2. The update introduced a regression causing bzip2 to incorrect raises CRC errors for some files. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. We apologize for the inconvenience. Original advisory details: It was...

5.9AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2019/07/04 1:41 p.m.•208 views

USN-4038-3: bzip2 regression

USN-4038-1 fixed a vulnerability in bzip2. The update introduced a regression causing bzip2 to incorrect raises CRC errors for some files. We apologize for the inconvenience. Original advisory details: It was discovered that bzip2 incorrectly handled certain files. An attacker could possibly use...

5.9AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2019/07/01 9:3 p.m.•102 views

USN-4045-1: Thunderbird vulnerabilities

A type confusion bug was discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could exploit this by causing a denial of service, or executing arbirary code. CVE-2019-11707 It was discovered that a sandboxed child process...

10CVSS8.4AI score0.55874EPSS
Exploits14
Ubuntu
Ubuntu
•added 2019/07/01 8:26 p.m.•60 views

USN-4044-1: ZNC vulnerability

Fix vulnerability where an authenticated non-admin users could load a module with a crafted name, then escalate privileges and run arbitrary code...

8.8CVSS7.8AI score0.04127EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/07/01 11:2 a.m.•83 views

USN-4043-1: Django vulnerabilities

It was discovered that Django incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10 and Ubuntu 19.04. CVE-2019-12308 Gavin Wahl discovered that Django incorrectly handled HTTP detection when...

6.1CVSS7.2AI score0.02563EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/06/29 4:59 a.m.•108 views

USN-4041-2: Linux kernel (HWE) update

USN-4041-1 provided updates for the Linux kernel in Ubuntu. This update provides the corresponding updates for the Linux kernel for Ubuntu 16.04 ESM. USN-4017-2 fixed vulnerabilities in the Linux kernel. Unfortunately, the update introduced a regression that interfered with networking application...

7.5CVSS6.8AI score0.9166EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2019/06/29 3:23 a.m.•288 views

USN-4041-1: Linux kernel update

USN-4017-1 fixed vulnerabilities in the Linux kernel for Ubuntu. Unfortunately, the update introduced a regression that interfered with networking applications that setup very low SOSNDBUF values. This update fixes the problem. We apologize for the inconvenience. Jonathan Looney discovered that t...

7.5CVSS6.8AI score0.9166EPSS
Exploits1References1
Total number of security vulnerabilities10923