Lucene search
K
UbuntuRecent

10923 matches found

Ubuntu
Ubuntu
•added 2018/04/24 5:24 p.m.•64 views

USN-3634-1: PackageKit vulnerability

Matthias Gerstner discovered that PackageKit incorrectly handled authentication. A local attacker could possibly use this issue to install arbitrary packages and escalate privileges...

5.5CVSS5.6AI score0.00393EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/04/24 6:48 a.m.•96 views

USN-3633-1: Linux kernel (Intel Euclid) vulnerability

Jann Horn discovered that the Berkeley Packet Filter BPF implementation in the Linux kernel improperly performed sign extension in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.2AI score0.30052EPSS
Exploits16
Ubuntu
Ubuntu
•added 2018/04/24 6:25 a.m.•97 views

USN-3632-1: Linux kernel (Azure) vulnerabilities

It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-0861 It was discovered that the KVM...

7.8CVSS6.9AI score0.07679EPSS
Exploits10
Ubuntu
Ubuntu
•added 2018/04/24 5:4 a.m.•73 views

USN-3631-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3631-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a buffer overread vulnerability existed in the keyring subsyste...

7.8CVSS7AI score0.03543EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/04/24 4:49 a.m.•64 views

USN-3631-1: Linux kernel vulnerabilities

It was discovered that a buffer overread vulnerability existed in the keyring subsystem of the Linux kernel. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2017-13305 It was discovered that the DM04/QQBOX USB driver in the Linux kernel did not properly...

7.8CVSS7AI score0.03543EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/04/24 2:27 a.m.•73 views

USN-3630-2: Linux kernel (HWE) vulnerability

USN-3630-1 fixed a vulnerability in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. It was discovered that the Broadcom UniMAC MDIO bus controller driver in the Linux kernel did...

5.5CVSS6.3AI score0.00412EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/04/23 11:30 p.m.•83 views

USN-3630-1: Linux kernel vulnerability

It was discovered that the Broadcom UniMAC MDIO bus controller driver in the Linux kernel did not properly validate device resources. A local attacker could use this to cause a denial of service system crash...

5.5CVSS6.4AI score0.00412EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/04/23 5:47 p.m.•89 views

USN-3629-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.60 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS, and Ubuntu 17.10 have been updated to MySQL 5.7.22. In addition to security fixes, the updated packag...

7.7CVSS6.4AI score0.0401EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/04/19 4:52 p.m.•88 views

USN-3628-2: OpenSSL vulnerability

USN-3628-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia discovered that OpenSSL incorrectly handled RSA key generation. A...

5.9CVSS6.2AI score0.12046EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/04/19 1:56 p.m.•79 views

USN-3628-1: OpenSSL vulnerability

Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia discovered that OpenSSL incorrectly handled RSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private RSA keys...

5.9CVSS6.2AI score0.12046EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/04/19 12:26 p.m.•137 views

USN-3627-1: Apache HTTP Server vulnerabilities

Alex Nichols and Jakob Hirsch discovered that the Apache HTTP Server modauthnzldap module incorrectly handled missing charset encoding headers. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. CVE-2017-15710 Elar Lang discovered that...

9.8CVSS6.6AI score0.86006EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/04/17 9:0 p.m.•69 views

USN-3625-2: Perl vulnerabilities

USN-3625-1 fixed a vulnerability in Perl. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Perl incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause Perl to hang, resulting in a...

9.8CVSS7.5AI score0.10866EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/04/17 4:25 p.m.•90 views

USN-3611-2: OpenSSL vulnerabilities

USN-3611-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that OpenSSL incorrectly parsed the IPAddressFamily extension in X.509 certificates, resulting in an erroneous display of the certificate i...

6.5CVSS6.7AI score0.19295EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/04/16 5:46 p.m.•65 views

USN-3626-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this to execute arbitrary code. CVE-2018-6914 It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this to access sensitive information. CVE-2018-8778,...

9.1CVSS7.5AI score0.10552EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/04/16 1:3 p.m.•56 views

USN-3624-2: Patch vulnerabilities

USN-3624-1 fixed a vulnerability in Patch. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this to cause a denial of service. CVE-2016-10713 It was...

7.8CVSS7AI score0.0556EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/04/16 12:47 p.m.•79 views

USN-3625-1: Perl vulnerabilities

It was discovered that Perl incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause Perl to hang, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2015-8853 It was discovered that Perl incorrectly loaded libraries from th...

9.8CVSS7.4AI score0.10866EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/04/13 3:35 p.m.•59 views

USN-3621-2: Ruby regression

USN-3621-1 fixed vulnerabilities in Ruby. The update caused an issue due to an incomplete patch for CVE-2018-1000074. This update reverts the problematic patch pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovered that Ruby incorrectly...

7.8CVSS7.5AI score0.02982EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/04/10 4:45 p.m.•59 views

USN-3624-1: Patch vulnerabilities

It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this to cause a denial of service. CVE-2016-10713 It was discovered that Patch incorrectly handled certain input validation. An attacker could possibly use this to execute arbitrary code. CVE-2018-10001...

7.8CVSS6.9AI score0.08585EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/04/09 4:50 p.m.•35 views

USN-3623-1: ubuntu-release-upgrader vulnerability

It was discovered that ubuntu-release-upgrader did not correctly drop permissions before opening a browser to view the release notes. This update fixes the issue...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2018/04/09 4:42 p.m.•76 views

USN-3622-1: Wayland vulnerability

It was discovered that the Wayland Xcursor support incorrectly handled certain files. An attacker could use these issues to cause Wayland to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.6AI score0.05173EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/04/09 12:11 p.m.•74 views

USN-3616-2: Python Crypto vulnerability

USN-3616-1 fixed a vulnerability in Python Crypto. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Python Crypto incorrectly generated ElGamal key parameters. A remote attacker could possibly use this issue to obtain sensitive...

7.5CVSS7.4AI score0.0211EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/04/06 12:32 p.m.•61 views

USN-3596-2: Firefox regression

USN-3596-1 fixed vulnerabilities in Firefox. The update caused an issue where it was not possible to customize the toolbars when running Firefox in Unity. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in...

7.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2018/04/05 8:14 p.m.•343 views

USN-3619-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3619-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn discovered that the Berkeley Packet Filter BPF implementation in the Linux...

7.8CVSS7.4AI score0.30052EPSS
Exploits26
Ubuntu
Ubuntu
•added 2018/04/05 3:4 p.m.•63 views

USN-3621-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this to access sensitive information. CVE-2018-1000073 It was discovered that Ruby incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code. CVE-2018-1000074 It w...

9.8CVSS7.5AI score0.05076EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/04/05 1:23 a.m.•84 views

USN-3620-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3620-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jann Horn discovered that microprocessors utilizing speculative execution and branch...

10CVSS7.7AI score0.74041EPSS
Exploits9
Ubuntu
Ubuntu
•added 2018/04/04 7:44 p.m.•89 views

USN-3620-1: Linux kernel vulnerabilities

It was discovered that the netlink 802.11 configuration interface in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker with the CAPNETADMIN privilege could use this to cause a denial of service system crash or possibly execute arbitrary code...

10CVSS7.2AI score0.05233EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/04/04 7:21 p.m.•105 views

USN-3619-1: Linux kernel vulnerabilities

Jann Horn discovered that the Berkeley Packet Filter BPF implementation in the Linux kernel improperly performed sign extension in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-16995 It was discovered that a...

7.8CVSS7.3AI score0.30052EPSS
Exploits26
Ubuntu
Ubuntu
•added 2018/04/04 6:17 p.m.•110 views

USN-3617-3: Linux kernel (Raspberry Pi 2) vulnerabilities

It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-0861 It was discovered that a...

7.8CVSS6.9AI score0.07679EPSS
Exploits10
Ubuntu
Ubuntu
•added 2018/04/04 2:43 p.m.•61 views

USN-3618-1: LibVNCServer vulnerability

It was discovered that LibVNCServer incorrectly handled certain packet lengths. A remote attacker able to connect to a LibVNCServer could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code...

9.8CVSS7.7AI score0.06222EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/04/03 7:40 p.m.•106 views

USN-3617-2: Linux (HWE) vulnerabilities

USN-3617-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. It was discovered that a race condition leading to a use-after-free vulnerability existed in t...

7.8CVSS6.9AI score0.07679EPSS
Exploits10
Ubuntu
Ubuntu
•added 2018/04/03 6:43 p.m.•105 views

USN-3617-1: Linux kernel vulnerabilities

It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-0861 It was discovered that the KVM...

7.8CVSS6.9AI score0.07679EPSS
Exploits10
Ubuntu
Ubuntu
•added 2018/04/03 4:53 p.m.•73 views

USN-3616-1: Python Crypto vulnerability

It was discovered that Python Crypto incorrectly generated ElGamal key parameters. A remote attacker could possibly use this issue to obtain sensitive information...

7.5CVSS7.5AI score0.0211EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/04/03 4:48 p.m.•60 views

USN-3615-1: LibRaw vulnerabilities

It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.8CVSS6.9AI score0.02548EPSS
Exploits2
Ubuntu
Ubuntu
•added 2018/04/02 7:17 p.m.•99 views

USN-3614-1: OpenJDK 7 vulnerabilities

It was discovered that a race condition existed in the cryptography implementation in OpenJDK. An attacker could possibly use this to expose sensitive information. CVE-2018-2579 It was discovered that the LDAP implementation in OpenJDK did not properly encode login names. A remote attacker could...

8.3CVSS7.2AI score0.06905EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/04/02 7:15 p.m.•223 views

USN-3613-1: OpenJDK 8 vulnerabilities

It was discovered that a race condition existed in the cryptography implementation in OpenJDK. An attacker could possibly use this to expose sensitive information. CVE-2018-2579 It was discovered that the Hotspot component of OpenJDK did not properly validate uses of the invokeinterface JVM...

8.3CVSS7.2AI score0.06905EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/04/02 12:41 p.m.•68 views

USN-3587-2: Dovecot vulnerabilities

USN-3587-1 fixed a vulnerability in Dovecot. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Dovecot incorrectly handled parsing certain email addresses. A remote attacker could use this issue to cause Dovecot to crash, resulti...

7.1CVSS6.8AI score0.16979EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/03/29 2:36 p.m.•105 views

USN-3531-3: intel-microcode update

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. CVE-2017-5715 This...

5.6CVSS7.1AI score0.74041EPSS
Exploits9
Ubuntu
Ubuntu
•added 2018/03/29 1:14 p.m.•89 views

USN-3545-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. CVE-2018-5125, CVE-2018-5127, CVE-2018-5129,...

9.8CVSS8.1AI score0.12054EPSS
Exploits3
Ubuntu
Ubuntu
•added 2018/03/28 5:58 p.m.•59 views

USN-3612-1: librelp vulnerability

Bas van Schaik and Kevin Backhouse discovered that librelp incorrectly handled checking certain x509 certificates. A remote attacker able to connect to rsyslog could possibly use this issue to execute arbitrary code...

9.8CVSS8.6AI score0.09662EPSS
Exploits1
Ubuntu
Ubuntu
•added 2018/03/28 5:53 p.m.•65 views

USN-3611-1: OpenSSL vulnerability

It was discovered that OpenSSL incorrectly handled certain ASN.1 types. A remote attacker could possibly use this issue to cause a denial of service...

6.5CVSS6.8AI score0.19295EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/03/28 5:46 p.m.•70 views

USN-3610-1: ICU vulnerability

It was discovered that ICU incorrectly handled certain calendars. If an application using ICU processed crafted data, a remote attacker could possibly cause it to crash, leading to a denial of service...

6.5CVSS7.5AI score0.02479EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/03/27 8:10 p.m.•67 views

USN-3609-1: Firefox vulnerability

A use-after-free was discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service or execute arbitrary code...

9.8CVSS8.4AI score0.03013EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/03/27 2:16 p.m.•69 views

USN-3608-1: Zsh vulnerabilities

Richard Maciel Costa discovered that Zsh incorrectly handled certain inputs. An attacker could possibly use this to cause a denial of service. CVE-2018-1071 It was discovered that Zsh incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code. CVE-2018-1083...

7.8CVSS7.5AI score0.00628EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/03/26 9:35 p.m.•73 views

USN-3607-1: Screen Resolution Extra vulnerability

It was discovered that Screen Resolution Extra was using PolicyKit in an unsafe manner. A local attacker could potentially exploit this issue to bypass intended PolicyKit authorizations...

7CVSS6.9AI score0.00219EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/03/26 11:50 a.m.•71 views

USN-3606-1: LibTIFF vulnerabilities

It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges...

9.8CVSS7.4AI score0.10639EPSS
Exploits6
Ubuntu
Ubuntu
•added 2018/03/23 5:24 p.m.•75 views

USN-3595-2: Samba vulnerability

USN-3595-1 fix a vulnerability in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Samba incorrectly validated inputs to the RPC spoolss service. An authenticated attacker could use this issue to cause the service to cras...

4.3CVSS7AI score0.06691EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/03/22 3:13 p.m.•55 views

USN-3605-1: Sharutils vulnerability

It was discovered that Sharutils incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code...

7.8CVSS6.8AI score0.02026EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/03/22 11:15 a.m.•50 views

USN-3604-1: libvorbis vulnerability

Richard Zhu discovered that libvorbis incorrectly handled certain sound files. An attacker could use this to cause libvorbis to crash, resulting in a denial or service, or possibly execute arbitrary code...

8.8CVSS8.2AI score0.12054EPSS
Exploits0
Ubuntu
Ubuntu
•added 2018/03/20 7:29 p.m.•60 views

USN-3603-2: Paramiko vulnerability

USN-3603-1 fixed a vulnerability in Paramiko. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Matthijs Kooijman discovered that Paramiko's SSH server implementation did not properly require authentication before processing requests. An unauthenticate...

9.8CVSS8.2AI score0.27065EPSS
Exploits10
Ubuntu
Ubuntu
•added 2018/03/20 7:10 p.m.•52 views

USN-3603-1: Paramiko vulnerability

Matthijs Kooijman discovered that Paramiko's SSH server implementation did not properly require authentication before processing requests. An unauthenticated remote attacker could possibly use this to execute arbitrary code...

9.8CVSS8.1AI score0.27065EPSS
Exploits10
Total number of security vulnerabilities10923