Lucene search
K
UbuntuRecent

10923 matches found

Ubuntu
Ubuntu
added 2018/10/23 3:17 a.m.557 views

USN-3797-1: Linux kernel vulnerabilities

Noam Rathaus discovered that a use-after-free vulnerability existed in the Infiniband implementation in the Linux kernel. An attacker could use this to cause a denial of service system crash. CVE-2018-14734 It was discovered that an integer overflow existed in the CD-ROM driver of the Linux kerne...

8.4CVSS7.1AI score0.04997EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/10/23 3:8 a.m.549 views

USN-3798-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3798-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Dmitry Vyukov discovered that the key management subsystem in the Linux kernel did not...

9.3CVSS7.4AI score0.03543EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/10/23 2:46 a.m.564 views

USN-3798-1: Linux kernel vulnerabilities

Dmitry Vyukov discovered that the key management subsystem in the Linux kernel did not properly restrict adding a key that already exists but is negatively instantiated. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2015-8539 It...

9.3CVSS7.4AI score0.03543EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/10/22 4:38 p.m.535 views

USN-3790-2: Requests vulnerability

USN-3790-1 fixed vulnerabilities in Requests. This update provides the corresponding update for Ubuntu 18.10 Original advisory details: It was discovered that Requests incorrectly handled certain HTTP headers. An attacker could possibly use this issue to access sensitive information...

7.5CVSS7.1AI score0.07443EPSS
Exploits2
Ubuntu
Ubuntu
added 2018/10/22 4:37 p.m.528 views

USN-3796-3: Paramiko vulnerability

USN-3796-1 fixed a vulnerability in Paramiko. This update provides the corresponding update for Ubuntu 18.10. Original advisory details: Daniel Hoffman discovered that Paramiko incorrectly handled authentication when being used as a server. A remote attacker could use this issue to bypass...

8.8CVSS8AI score0.04407EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/10/22 4:34 p.m.534 views

USN-3795-2: libssh vulnerability

USN-3795-1 fixed a vulnerability in libssh. This update provides the corresponding update for Ubuntu 18.10. Original advisory details: Peter Winter-Smith discovered that libssh incorrectly handled authentication when being used as a server. A remote attacker could use this issue to bypass...

9.1CVSS7.7AI score0.91789EPSS
Exploits11
Ubuntu
Ubuntu
added 2018/10/22 4:33 p.m.522 views

USN-3792-3: Net-SNMP vulnerability

USN-3792-1 fixed a vulnerability in Net-SNMP. This update provides the corresponding update for Ubuntu 18.10. Original advisory details: It was discovered that Net-SNMP incorrectly handled certain certain crafted packets. A remote attacker could possibly use this issue to cause Net-SNMP to crash,...

6.5CVSS6.9AI score0.17189EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/10/17 6:13 p.m.518 views

USN-3796-2: Paramiko vulnerability

USN-3796-1 fixed a vulnerability in paramiko. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Daniel Hoffman discovered that Paramiko incorrectly handled authentication when being used as a server. A remote attacker could use this issue to bypass...

8.8CVSS8AI score0.04407EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/10/17 12:57 p.m.480 views

USN-3796-1: Paramiko vulnerability

Daniel Hoffman discovered that Paramiko incorrectly handled authentication when being used as a server. A remote attacker could use this issue to bypass authentication without any credentials...

8.8CVSS8.1AI score0.04407EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/10/17 12:53 p.m.507 views

USN-3795-1: libssh vulnerability

Peter Winter-Smith discovered that libssh incorrectly handled authentication when being used as a server. A remote attacker could use this issue to bypass authentication without any credentials...

9.1CVSS7.7AI score0.91789EPSS
Exploits11
Ubuntu
Ubuntu
added 2018/10/16 6:13 p.m.475 views

USN-3789-2: ClamAV vulnerabilities

USN-3789-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that ClamAV incorrectly handled unpacking MEW executables. A remote attacker could possibly use this issue to cause ClamAV to crash, resulti...

8.8CVSS6.8AI score0.03806EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/10/16 1:19 p.m.459 views

USN-3794-1: MoinMoin vulnerability

It was discovered that MoinMoin incorrectly handled certain inputs. An attacker could possibly use this issue to access sensitive information...

6.1CVSS6.1AI score0.01924EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/10/16 11:37 a.m.488 views

USN-3792-2: Net-SNMP vulnerability

USN-3792-1 fixed a vulnerability in Net-SNMP. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Net-SNMP incorrectly handled certain certain crafted packets. A remote attacker could possibly use this issue to cause Net-SNMP to...

6.5CVSS6.9AI score0.17189EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/10/15 9:8 p.m.425 views

USN-3793-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. CVE-2018-12376, CVE-2018-12377, CVE-2018-12378 It w...

9.8CVSS7.9AI score0.03357EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/10/15 5:43 p.m.482 views

USN-3792-1: Net-SNMP vulnerability

It was discovered that Net-SNMP incorrectly handled certain certain crafted packets. A remote attacker could possibly use this issue to cause Net-SNMP to crash, resulting in a denial of service...

6.5CVSS6.9AI score0.17189EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/10/15 11:49 a.m.433 views

USN-3790-1: Requests vulnerability

It was discovered that Requests incorrectly handled certain HTTP headers. An attacker could possibly use this issue to access sensitive information...

7.5CVSS7AI score0.07443EPSS
Exploits2
Ubuntu
Ubuntu
added 2018/10/12 12:41 a.m.378 views

USN-3791-1: Git vulnerability

It was discovered that git did not properly validate git submodule urls or paths. A remote attacker could possibly use this to craft a git repository that causes arbitrary code execution when recursive operations are used...

9.8CVSS7.9AI score0.97356EPSS
Exploits12
Ubuntu
Ubuntu
added 2018/10/11 5:35 p.m.330 views

USN-3789-1: ClamAV vulnerability

It was discovered that ClamAV incorrectly handled unpacking MEW executables. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service...

5.5CVSS7AI score0.01315EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/10/11 5:28 p.m.334 views

USN-3788-1: Tex Live vulnerabilities

Jakub Wilk discovered that Tex Live incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. CVE-2015-5700 It was discovered that Tex Live incorrectly handled certain files. An attacker could possibly use th...

7.8CVSS7.4AI score0.02058EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/10/10 2:32 p.m.223 views

USN-3787-1: Tomcat vulnerability

It was discovered that Tomcat incorrectly handled returning redirects to a directory. A remote attacker could possibly use this issue with a specially crafted URL to redirect to arbitrary URIs...

4.3CVSS6.4AI score0.94494EPSS
Exploits3
Ubuntu
Ubuntu
added 2018/10/10 11:49 a.m.204 views

USN-3781-2: WebKitGTK+ regression

USN-3781-1 fixed vulnerabilities in WebKitGTK+. The updated package was missing some header files, preventing certain applications from building. This update fixes the problem. We apologize for the inconvenience. Original advisory details: A large number of security issues were discovered in the...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2018/10/08 1:8 p.m.235 views

USN-3786-1: libxkbcommon vulnerabilities

It was discovered that libxkbcommon incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. CVE-2018-15853, CVE-2018-15854, CVE-2018-15855, CVE-2018-15856, CVE-2018-15857, CVE-2018-15858, CVE-2018-15859, CVE-2018-15861, CVE-2018-15862,...

7.8CVSS6AI score0.00535EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/10/04 11:13 p.m.234 views

USN-3785-1: ImageMagick vulnerabilities

Due to a large number of issues discovered in GhostScript that prevent it from being used by ImageMagick safely, this update includes a default policy change that disables support for the Postscript and PDF formats in ImageMagick. This policy can be overridden if necessary by using an alternate...

9.8CVSS7.3AI score0.49324EPSS
Exploits10References1
Ubuntu
Ubuntu
added 2018/10/04 9:34 p.m.196 views

USN-3784-1: AppArmor update

As a security improvement, this update adjusts the private-files abstraction to disallow writing to thumbnailer configuration files. Additionally adjust the private-files, private-files-strict and user-files abstractions to disallow writes on parent directories of sensitive files...

5.4AI score
Exploits0References2
Ubuntu
Ubuntu
added 2018/10/03 6:39 p.m.305 views

USN-3783-1: Apache HTTP Server vulnerabilities

Robert Swiecki discovered that the Apache HTTP Server HTTP/2 module incorrectly destroyed certain streams. A remote attacker could possibly use this issue to cause the server to crash, leading to a denial of service. CVE-2018-1302 Craig Young discovered that the Apache HTTP Server HTTP/2 module...

7.5CVSS6.8AI score0.51002EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/10/03 1:41 p.m.216 views

USN-3778-1: Firefox vulnerabilities

A crash was discovered in TransportSecurityInfo used for SSL, which could be triggered by data stored in the local cache directory. An attacker could potentially exploit this in combination with another vulnerability that allowed them to write data to the cache, to execute arbitrary code...

9.1CVSS8.1AI score0.13417EPSS
Exploits3
Ubuntu
Ubuntu
added 2018/10/03 12:1 p.m.213 views

USN-3782-1: Liblouis vulnerabilities

Henri Salo discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. CVE-2018-12085 It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. Thi...

8.8CVSS7.1AI score0.02716EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/10/03 11:33 a.m.246 views

USN-3781-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS7.3AI score0.10593EPSS
Exploits18
Ubuntu
Ubuntu
added 2018/10/02 5:55 p.m.207 views

USN-3780-1: HAProxy vulnerability

It was discovered that HAProxy incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS6.7AI score0.03009EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/10/02 3:54 p.m.255 views

USN-3779-1: Linux kernel vulnerabilities

It was discovered that an integer overflow vulnerability existed in the Linux kernel when loading an executable to run. A local attacker could use this to gain administrative privileges. CVE-2018-14634 It was discovered that a stack-based buffer overflow existed in the iSCSI target implementation...

8.3CVSS7.8AI score0.14806EPSS
Exploits6
Ubuntu
Ubuntu
added 2018/10/01 7:24 p.m.196 views

USN-3777-2: Linux kernel (HWE) vulnerabilities

USN-3777-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the vmacache subsystem did not properly handle sequence numb...

8.3CVSS8AI score0.08743EPSS
Exploits4References1
Ubuntu
Ubuntu
added 2018/10/01 7:15 p.m.245 views

USN-3777-1: Linux kernel vulnerabilities

Jann Horn discovered that the vmacache subsystem did not properly handle sequence number overflows, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2018-17182 It was discovered that the...

8.3CVSS8AI score0.08743EPSS
Exploits4References1
Ubuntu
Ubuntu
added 2018/10/01 6:52 p.m.190 views

USN-3776-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3776-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn discovered that the vmacache subsystem did not properly handle sequence numb...

8.3CVSS7.6AI score0.08743EPSS
Exploits4
Ubuntu
Ubuntu
added 2018/10/01 6:49 p.m.235 views

USN-3776-1: Linux kernel vulnerabilities

Jann Horn discovered that the vmacache subsystem did not properly handle sequence number overflows, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2018-17182 It was discovered that the...

8.3CVSS7.6AI score0.08743EPSS
Exploits4
Ubuntu
Ubuntu
added 2018/10/01 6:47 p.m.192 views

USN-3775-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3775-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that the paravirtualization implementation in the Linux kernel did n...

8.3CVSS7.6AI score0.14806EPSS
Exploits6
Ubuntu
Ubuntu
added 2018/10/01 6:44 p.m.218 views

USN-3775-1: Linux kernel vulnerabilities

It was discovered that the paravirtualization implementation in the Linux kernel did not properly handle some indirect calls, reducing the effectiveness of Spectre v2 mitigations for paravirtual guests. A local attacker could use this to expose sensitive information. CVE-2018-15594 It was...

8.3CVSS7.6AI score0.14806EPSS
Exploits6
Ubuntu
Ubuntu
added 2018/10/01 5:28 p.m.257 views

USN-3774-1: strongSwan vulnerability

It was discovered that strongSwan incorrectly handled signature validation in the gmp plugin. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.3AI score0.03511EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/10/01 2:2 p.m.157 views

USN-3769-2: Bind vulnerability

USN-3769-1 fixed a vulnerability in Bind. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Bind incorrectly handled the deny-answer-aliases feature. If this feature is enabled, a remote attacker could use this issue to cause Bin...

7.5CVSS7.4AI score0.59353EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/10/01 12:12 p.m.170 views

USN-3773-1: Ghostscript vulnerabilities

It was discovered that Ghostscript contained multiple security issues. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service...

7.8CVSS7.4AI score0.01829EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/09/28 3:58 a.m.59 views

USN-3719-3: Mutt vulnerabilities

USN-3719-1 fixed vulnerabilities in Mutt. Unfortunately, the fixes were not correctly applied to the packaging for Mutt in Ubuntu 16.04 LTS. This update corrects the oversight. We apologize for the inconvenience. Original advisory details: It was discovered that Mutt incorrectly handled certain...

9.8CVSS7.8AI score0.06229EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2018/09/26 4:51 p.m.57 views

USN-3772-1: UDisks vulnerability

It was discovered that UDisks incorrectly handled format strings when logging. A local attacker could possibly use this issue to cause a denial of service or obtain sensitive information...

7.8CVSS7AI score0.00622EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/09/25 12:34 p.m.62 views

USN-3771-1: strongSwan vulnerabilities

It was discovered that strongSwan incorrectly handled IKEv2 key derivation. A remote attacker could possibly use this issue to cause strongSwan to crash, resulting in a denial of service. CVE-2018-10811 Sze Yiu Chau discovered that strongSwan incorrectly handled parsing OIDs in the gmp plugin. A...

7.5CVSS7AI score0.07124EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/09/20 12:12 p.m.109 views

USN-3770-2: Little CMS vulnerabilities

USN-3770-1 fixed a vulnerability in Little CMS. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Pedro Ribeiro discoreved that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service...

7.1CVSS6.6AI score0.03502EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/09/20 9:18 a.m.83 views

USN-3770-1: Little CMS vulnerabilities

Ibrahim El-Sayed discovered that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. CVE-2016-10165 Quang Nguyen discovered that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to execute...

7.1CVSS6.5AI score0.02772EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/09/20 7:34 a.m.68 views

USN-3769-1: Bind vulnerability

It was discovered that Bind incorrectly handled the deny-answer-aliases feature. If this feature is enabled, a remote attacker could use this issue to cause Bind to crash, resulting in a denial of service...

7.5CVSS7.4AI score0.59353EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/09/19 9:49 a.m.86 views

USN-3766-2: PHP vulnerabilities

USN-3766-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that PHP incorrectly handled certain exif tags in JPEG images. A remote attacker could possibly use this issue to cause PHP to crash, resulting...

7.5CVSS6.6AI score0.08975EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/09/19 8:19 a.m.66 views

USN-3767-2: GLib vulnerabilities

USN-3767-1 fixed a vulnerability in GLib. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that GLib incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

9.8CVSS7.4AI score0.04693EPSS
Exploits2
Ubuntu
Ubuntu
added 2018/09/19 7:21 a.m.81 views

USN-3768-1: Ghostscript vulnerabilities

Tavis Ormandy discovered multiple security issues in Ghostscript. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service...

9.3CVSS7AI score0.92499EPSS
Exploits5
Ubuntu
Ubuntu
added 2018/09/19 7:4 a.m.75 views

USN-3767-1: GLib vulnerabilities

It was discovered that GLib incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2018-16428 It was discovered that GLib incorrectly handled certain files. An attacker could possibly use this issue to access...

9.8CVSS7.2AI score0.04693EPSS
Exploits2
Ubuntu
Ubuntu
added 2018/09/18 9:10 a.m.51 views

USN-3722-6: ClamAV vulnerabilities

USN-3722-1 fixed vulnerabilities in ClamAV. The new package introduced an issue which caused dpkg-reconfigure to enter an infinite loop. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that ClamAV incorrectly handled parsing certain...

6.1AI score
Exploits0References1
Total number of security vulnerabilities10923