Lucene search
K
UbuntuRecent

10923 matches found

Ubuntu
Ubuntu
added 2019/06/27 1:29 p.m.285 views

USN-4042-1: poppler vulnerabilities

It was discovered that poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service, or possibly execute arbitrary code...

9.8CVSS6.8AI score0.03518EPSS
Exploits10
Ubuntu
Ubuntu
added 2019/06/26 8:39 p.m.47 views

USN-4039-1: CImg vulnerabilities

It was discovered that allocation failures could occur in CImg when loading crafted bmp images. An attacker could possibly use this issue to cause a denial of service. CVE-2018-7587 It was discovered that a heap-based buffer over-read existed in CImg when loading crafted bmp images. An attacker...

7.8CVSS7.8AI score0.01349EPSS
Exploits3
Ubuntu
Ubuntu
added 2019/06/26 7:44 p.m.85 views

USN-4040-2: Expat vulnerability

USN-4040-1 fixed a vulnerability in expat. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to cause a denial of service...

7.8CVSS6.5AI score0.07107EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/06/26 6:36 p.m.69 views

USN-4040-1: Expat vulnerability

It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to cause a denial of service...

7.8CVSS6.5AI score0.07107EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/06/26 1:58 p.m.72 views

USN-4038-2: bzip2 vulnerabilities

USN-4038-1 fixed several vulnerabilities in bzip2. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Aladdin Mubaied discovered that bzip2 incorrectly handled certain files. An attacker could possibly use this issue to cause a deni...

9.8CVSS7.5AI score0.15685EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/06/26 12:1 p.m.83 views

USN-4038-1: bzip2 vulnerabilities

Aladdin Mubaied discovered that bzip2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2016-3189 It was discovered that bzip2 incorrectly handled certain files. An attacker could possibly use...

9.8CVSS7.4AI score0.15685EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/06/25 11:57 a.m.37 views

USN-4037-1: policykit-desktop-privileges update

The policykit-desktop-privileges Startup Disk Creator policy allowed administrative users to overwrite disks. As a security improvement, this operation now requires authentication...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
added 2019/06/25 11:48 a.m.54 views

USN-4036-1: OpenStack Neutron vulnerability

Erik Olof Gunnar Andersson discovered that OpenStack Neutron incorrectly handled certain security group rules in the iptables firewall module. An authenticated attacker could possibly use this issue to block further application of security group rules for other instances...

6.5CVSS6.9AI score0.03635EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/06/25 11:40 a.m.70 views

USN-4035-1: Ceph vulnerabilities

It was discovered that Ceph incorrectly handled read only permissions. An authenticated attacker could use this issue to obtain dm-crypt encryption keys. This issue only affected Ubuntu 16.04 LTS. CVE-2018-14662 It was discovered that Ceph incorrectly handled certain OMAPs holding bucket indices...

7.5CVSS6.6AI score0.02946EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/06/25 11:26 a.m.76 views

USN-4034-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of th...

8.8CVSS6.9AI score0.49324EPSS
Exploits26
Ubuntu
Ubuntu
added 2019/06/24 8:6 p.m.114 views

USN-4033-1: libmysofa vulnerability

It was discovered that a libmysofa component does not properly validate multiplications and additions, and may crash with some specific input...

9.8CVSS8.2AI score0.02368EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/06/24 3:43 p.m.178 views

USN-4032-1: Firefox vulnerability

It was discovered that a sandboxed child process could open arbitrary web content in the parent process via the Prompt:Open IPC message. When combined with another vulnerability, an attacker could potentially exploit this to execute arbitrary code...

10CVSS8.9AI score0.55874EPSS
Exploits10
Ubuntu
Ubuntu
added 2019/06/24 2:4 p.m.141 views

USN-4031-1: Linux kernel vulnerability

It was discovered that the Linux kernel did not properly separate certain memory mappings when creating new userspace processes on 64-bit Power ppc64el systems. A local attacker could use this to access memory contents or cause memory corruption of other processes on the system...

7CVSS7.3AI score0.00386EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/06/21 6:49 p.m.198 views

USN-4030-1: web2py vulnerabilities

It was discovered that web2py does not properly check denied hosts before verifying passwords. An attacker could possibly use this issue to perform brute-force attacks. CVE-2016-10321 It was discovered that web2py allows remote attackers to obtain environment variable values. An attacker could...

9.8CVSS7.8AI score0.0499EPSS
Exploits4
Ubuntu
Ubuntu
added 2019/06/20 7:47 p.m.132 views

USN-3977-3: Intel Microcode update

USN-3977-1 and USN-3977-2 provided mitigations for Microarchitectural Data Sampling MDS vulnerabilities in Intel Microcode for a large number of Intel processor families. This update provides the corresponding updated microcode mitigations for the Intel Sandy Bridge processor family Ke Sun,...

5.9CVSS6.6AI score0.01553EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2019/06/20 2:47 p.m.106 views

USN-4028-1: Thunderbird vulnerabilities

Multiple memory safety issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code...

9.8CVSS7.3AI score0.10527EPSS
Exploits14
Ubuntu
Ubuntu
added 2019/06/20 1:33 p.m.118 views

USN-4027-1: PostgreSQL vulnerability

Alexander Lakhin discovered that PostgreSQL incorrectly handled authentication. An authenticated attacker or a rogue server could use this issue to cause PostgreSQL to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases...

9CVSS7.7AI score0.03711EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/06/20 1:31 p.m.92 views

USN-4023-1: Mosquitto vulnerabilities

It was discovered that Mosquitto broker incorrectly handled certain specially crafted input and network packets. A remote attacker could use this to cause a denial of service...

7.5CVSS6.5AI score0.02173EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/06/20 11:22 a.m.111 views

USN-4026-1: Bind vulnerability

It was discovered that Bind incorrectly handled certain malformed packets. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service...

5.9CVSS6.6AI score0.03271EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/06/19 8:0 p.m.76 views

USN-4024-1: Evince update

As a security improvement, this update adjusts the AppArmor profile for the Evince thumbnailer to reduce access to the system and adjusts the AppArmor profile for Evince and Evince previewer to limit access to the DBus system bus. Additionally adjust the evince abstraction to disallow writes on...

5.4AI score
Exploits0References2
Ubuntu
Ubuntu
added 2019/06/19 7:53 p.m.104 views

USN-4022-1: Gunicorn vulnerability

It was discovered that gunicorn improperly handled certain input. An attacker could potentially use this issue execute a cross-site scripting XSS attack...

7.5CVSS7AI score0.02431EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/06/19 5:21 p.m.169 views

USN-4019-2: SQLite vulnerabilities

USN-4019-1 fixed several vulnerabilities in sqlite3. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Original advisory details: It was discovered that SQLite incorrectly handled certain SQL files. An attacker could possibly use this issue to execute arbitrary cod...

9.8CVSS7.4AI score0.45426EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/06/19 5:19 p.m.109 views

USN-4020-1: Firefox vulnerability

A type confusion bug was discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could exploit this by causing a denial of service, or executing arbitrary code...

8.8CVSS8.1AI score0.37951EPSS
Exploits7
Ubuntu
Ubuntu
added 2019/06/19 4:42 p.m.144 views

USN-4021-1: libvirt vulnerabilities

Daniel P. Berrangé discovered that libvirt incorrectly handled socket permissions. A local attacker could possibly use this issue to access libvirt. CVE-2019-10132 It was discovered that libvirt incorrectly performed certain permission checks. A remote attacker could possibly use this issue to...

8.8CVSS7AI score0.01411EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/06/19 3:32 p.m.140 views

USN-4019-1: SQLite vulnerabilities

It was discovered that SQLite incorrectly handled certain SQL files. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2017-2518, CVE-2017-2520 It was discovered that SQLite incorrectly handled certain...

9.8CVSS7.3AI score0.45426EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/06/19 12:46 p.m.146 views

USN-4018-1: Samba vulnerabilities

It was discovered that Samba incorrectly handled certain RPC messages. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. CVE-2019-12435 It was discovered that Samba incorrectly handled LDAP pages searches. A remote attacker could possibly u...

6.5CVSS6.8AI score0.02845EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/06/17 9:11 p.m.208 views

USN-4017-1: Linux kernel vulnerabilities

Jonathan Looney discovered that the TCP retransmission queue implementation in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment SACK sequences. A remote attacker could use this to cause a denial of service. CVE-2019-11478 Jonathan Looney discovered that an...

7.8CVSS6.8AI score0.98745EPSS
Exploits4References1
Ubuntu
Ubuntu
added 2019/06/17 5:58 p.m.240 views

USN-4017-2: Linux kernel vulnerabilities

USN-4017-1 fixed vulnerabilities in the Linux kernel for Ubuntu. This update provides the corresponding updates for the Linux kernel for Ubuntu 16.04 ESM and Ubuntu 14.04 ESM. Jonathan Looney discovered that the TCP retransmission queue implementation in the Linux kernel could be fragmented when...

7.8CVSS6.8AI score0.98745EPSS
Exploits4References1
Ubuntu
Ubuntu
added 2019/06/14 8:29 p.m.149 views

USN-3991-3: Firefox regression

USN-3991-1 fixed vulnerabilities in Firefox, and USN-3991-2 fixed a subsequent regression. The update caused an additional regression that resulted in Firefox failing to load correctly after executing it in safe mode. This update fixes the problem. We apologize for the inconvenience. Original...

7.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2019/06/12 2:50 p.m.196 views

USN-4015-2: DBus vulnerability

USN-4015-1 fixed a vulnerability in DBus. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Joe Vennix discovered that DBus incorrectly handled DBUSCOOKIESHA1 authentication. A local attacker could possibly use this issue to bypass...

7.1CVSS7.2AI score0.00555EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/06/11 6:27 p.m.97 views

USN-4016-2: Neovim vulnerability

It was discovered that Neovim incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. CVE-2019-12735...

9.3CVSS8.4AI score0.19111EPSS
Exploits5
Ubuntu
Ubuntu
added 2019/06/11 5:34 p.m.215 views

USN-4016-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. CVE-2017-5953 It was discovered that Vim incorrectly handled certain files. An attacker could possibly use this issue to...

9.8CVSS7.5AI score0.19111EPSS
Exploits5
Ubuntu
Ubuntu
added 2019/06/11 4:38 p.m.167 views

USN-4015-1: DBus vulnerability

Joe Vennix discovered that DBus incorrectly handled DBUSCOOKIESHA1 authentication. A local attacker could possibly use this issue to bypass authentication and connect to DBus servers with elevated privileges...

7.1CVSS7.2AI score0.00555EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/06/11 11:38 a.m.172 views

USN-4014-2: GLib vulnerability

USN-4014-1 fixed a vulnerability in GLib. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that GLib incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information...

9.8CVSS6.5AI score0.02602EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/06/10 6:50 p.m.189 views

USN-4014-1: GLib vulnerability

It was discovered that GLib incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information...

9.8CVSS6.5AI score0.02602EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/06/10 2:8 p.m.237 views

USN-4013-1: libsndfile vulnerabilities

It was discovered that libsndfile incorrectly handled certain malformed files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.8CVSS7AI score0.03574EPSS
Exploits6
Ubuntu
Ubuntu
added 2019/06/10 2:2 p.m.200 views

USN-4012-1: elfutils vulnerabilities

It was discovered that elfutils incorrectly handled certain malformed files. If a user or automated system were tricked into processing a specially crafted file, elfutils could be made to crash or consume resources, resulting in a denial of service...

9.8CVSS6.3AI score0.03691EPSS
Exploits8
Ubuntu
Ubuntu
added 2019/06/07 4:21 a.m.435 views

USN-4008-3: Linux kernel (Xenial HWE) vulnerabilities

USN-4008-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Robert Święcki discovered that the Linux kernel did not properly apply Address Space...

9.3CVSS6.9AI score0.05789EPSS
Exploits3
Ubuntu
Ubuntu
added 2019/06/06 9:27 p.m.152 views

USN-3991-2: Firefox regression

USN-3991-1 fixed vulnerabilities in Firefox. The update caused a regression which resulted in issues when upgrading between Ubuntu releases. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user...

7.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2019/06/06 1:44 p.m.203 views

USN-4011-2: Jinja2 vulnerabilities

USN-4011-1 fixed several vulnerabilities in Jinja2. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Olivier Dony discovered that Jinja incorrectly handled str.format. An attacker could possibly use this issue to escape the sandbo...

8.6CVSS7.2AI score0.03603EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/06/06 11:14 a.m.196 views

USN-4011-1: Jinja2 vulnerabilities

Olivier Dony discovered that Jinja incorrectly handled str.format. An attacker could possibly use this issue to escape the sandbox. This issue only affected Ubuntu 16.04 LTS. CVE-2016-10745 Brian Welch discovered that Jinja incorrectly handled str.formatmap. An attacker could possibly use this...

8.6CVSS7.2AI score0.03603EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/06/05 7:43 p.m.266 views

USN-4008-2: AppArmor update

USN-4008-1 fixed multiple security issues in the Linux kernel. This update provides the corresponding changes to AppArmor policy for correctly operating under the Linux kernel with fixes for CVE-2019-11190. Without these changes, some profile transitions may be unintentionally denied due to missi...

4.7CVSS6.9AI score0.00485EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/06/05 5:15 p.m.261 views

USN-3957-3: MariaDB vulnerabilities

USN-3957-1 fixed multiple vulnerabilities in MySQL. This update provides the corresponding fixes for CVE-2019-2614 and CVE-2019-2627 in MariaDB 10.1. Ubuntu 18.04 LTS has been updated to MariaDB 10.1.40. In addition to security fixes, the updated package contain bug fixes, new features, and...

4.9CVSS6.4AI score0.0301EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/06/05 5:11 p.m.274 views

USN-4009-2: PHP vulnerabilities

USN-4009-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that PHP incorrectly decoding certain MIME headers. A remote attacker could possibly use this issue to cause PHP t...

9.1CVSS7.6AI score0.04068EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/06/05 3:31 p.m.391 views

USN-4010-1: Exim vulnerability

It was discovered that Exim incorrectly handled certain decoding operations. A remote attacker could possibly use this issue to execute arbitrary commands...

10CVSS8.5AI score0.99961EPSS
Exploits27
Ubuntu
Ubuntu
added 2019/06/05 3:2 p.m.279 views

USN-4009-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain exif tags in images. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. CVE-2019-11036 It was discovered that PHP incorrectly decoding certain MIME headers...

9.1CVSS7AI score0.07031EPSS
Exploits2
Ubuntu
Ubuntu
added 2019/06/04 10:55 p.m.110 views

USN-4007-2: Linux kernel (HWE) vulnerability

USN-4007-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Federico Manuel Bento discovered that the Linux kernel did not properly apply Address...

2.5CVSS6.6AI score0.00495EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/06/04 10:54 p.m.103 views

USN-4006-2: Linux kernel (HWE) vulnerability

USN-4006-1 fixed a vulnerability in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS. Federico Manuel Bento discovered that the Linux kernel did not properly apply Address Space...

2.5CVSS6.6AI score0.00495EPSS
Exploits1
Ubuntu
Ubuntu
added 2019/06/04 10:52 p.m.410 views

USN-4008-1: Linux kernel vulnerabilities

Robert Święcki discovered that the Linux kernel did not properly apply Address Space Layout Randomization ASLR in some situations for setuid elf binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid elf binary. CVE-2019-11190 It was...

9.3CVSS6.9AI score0.05789EPSS
Exploits3
Ubuntu
Ubuntu
added 2019/06/04 10:50 p.m.125 views

USN-4007-1: Linux kernel vulnerability

Federico Manuel Bento discovered that the Linux kernel did not properly apply Address Space Layout Randomization ASLR in some situations for setuid a.out binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid a.out binary. As a hardeni...

2.5CVSS6.6AI score0.00495EPSS
Exploits1
Total number of security vulnerabilities10923