10869 matches found
USN-7967-1: Avahi vulnerabilities
It was discovered that Avahi incorrectly terminated when processing browser records with wide-area disabled. An attacker could possibly use this issue to cause Avahi to crash, resulting in a denial of service. CVE-2025-68276 It was discovered that Avahi incorrectly terminated when processing...
USN-7955-2: urllib3 regression
USN-7955-1 fixed vulnerabilities in urllib3. The update introduced a regression in response streaming on Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that urllib3 incorrectly handled...
USN-7966-1: Snowflake vulnerabilities
It was discovered that Pion DTLS, vendored in Snowflake, did not impose a limit on the amount of data that was buffered during the handshake. An attacker could possibly use the issue to cause a denial of service. CVE-2022-29189 It was discovered that Pion DTLS, vendored in Snowflake, did not...
USN-7964-1: Git vulnerabilities
It was discovered that Git did not properly sanitize URLs when asking for credentials via a terminal prompt. An attacker could possibly use this issue to trick a user into disclosing their password. CVE-2024-50349 It was discovered that Git did not properly handle carriage return characters in it...
USN-7965-1: SimGear vulnerability
It was discovered that SimGear could be made to bypass the sandboxing of Nasal scripts. An attacker could possibly use this issue to execute arbitrary code...
USN-7916-2: python-apt regression
USN-7916-1 fixed a vulnerability in python-apt. The update had a PEP 440 incompatible version. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Julian Andres Klode discovered that python-apt incorrectly handled deb822 configuration files. An attacker...
USN-7963-1: libpng vulnerabilities
It was discovered that the libpng simplified API incorrectly processed palette PNG images with partial transparency and gamma correction. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash, resulting in a...
USN-7962-1: cpp-httplib vulnerability
It was discovered that cpp-httplib did not correctly handle HTTP headers. A remote attacker could possibly use this issue to bypass authorization and impersonate users...
USN-7961-1: Erlang vulnerability
It was discovered that Erlang incorrectly validated peer certificates when incorrect extended key usage was presented. A remote attacker could possibly use this issue to bypass SSL key usage restrictions...
USN-7960-1: Rack vulnerabilities
It was discovered that Rack incorrectly handled certain query parameters. An attacker could possibly use this issue to cause a limited denial of service. This issue was only addressed in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2025-59830 It was discovered that Rack did not properly handle...
USN-7959-1: klibc vulnerabilities
It was discovered that zlib, vendored in klibc, did not properly handle integer arithmetic. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service...
USN-7958-1: AngularJS vulnerabilities
It was discovered that AngularJS did not properly sanitize certain xlink:href attributes. A remote attacker could possibly use this issue to perform cross site scripting. This issue only affected Ubuntu 16.04 LTS. CVE-2019-14863 It was discovered that AngularJS incorrectly handled certain regular...
USN-7927-3: urllib3 regression
USN-7927-1 fixed vulnerabilities in urllib3. The update for CVE-2025-66471 introduced a regression in urllib3 when decompressing zstd data. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Illia Volochii discovered that urllib3 did not limit the steps ...
USN-7957-1: WebKitGTK vulnerabilities
Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...
USN-7956-1: Google Guest Agent vulnerability
Jakub Ciolek discovered that the Go Cryptography module included in Google Guest Agent did not validate GSSAPI authentication requests during SSH operations. An attacker could possibly use this issue to cause a denial of service...
USN-7922-5: Linux kernel (IoT) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - InfiniBand drivers; - Media drivers; - Network drivers; - Pin controllers...
USN-7927-2: urllib3 regression
USN-7927-1 fixed vulnerabilities in urllib3. The update for CVE-2025-66471 introduced a regression in the zstd decompression component inside urllib3. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Illia Volochii discovered that urllib3 did not limit...
USN-7955-1: urllib3 vulnerability
It was discovered that urllib3 incorrectly handled decompression during HTTP redirects. An attacker could possibly use this issue to cause urllib3 to use excessive resources, causing a denial of service...
USN-7954-1: Libtasn1 vulnerabilities
It was discovered that Libtasn1 incorrectly handled decoding ASN.1 content. An attacker could possibly use this issue to cause Libtasn1 to crash, resulting in a denial of service. CVE-2025-13151 It was discovered that Libtasn1 incorrectly handled encoding ASN.1 content. An attacker could possibly...
USN-7951-1: Python vulnerability
It was discovered that Python's http.client did not properly handle the Content-Length header in HTTP responses. A malicious server could exploit this to cause Python to allocate excessive memory, leading to a denial of service...
USN-7953-1: PHP vulnerabilities
It was discovered that PHP incorrectly handled memory while reading images in multi-chunk mode. An attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 24.04 LTS, Ubuntu 25.04 and Ubuntu 25.10. CVE-2025-14177 It was discovered that PHP incorrectl...
USN-7952-1: libheif vulnerabilities
It was discovered that libheif did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. CVE-2024-25269 Aldo Ristori discovered that libheif did not...
USN-7931-5: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Media drivers; - Memory management; - Appletalk network protocol; - Netfilter; CVE-2025-37958,...
USN-7940-2: Linux kernel (Azure, N-Series) vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
USN-7928-5: Linux kernel (KVM) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Media drivers; - Network drivers; - AFS file system; - F2FS file system; - Tracing...
USN-7950-1: Tornado vulnerabilities
It was discovered that Tornado incorrectly handled special characters in HTTP headers. An attacker could possibly use this issue to execute a cross- site scripting XSS attack. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 25.04, and Ubuntu 25.10...
USN-7946-2: GnuPG vulnerability
USN-7946-1 fixed vulnerabilities in GnuPG 2.x. This update provides the corresponding updates for GnuPG 1.x. Original advisory details: It was discovered that GnuPG incorrectly handled crafted input. A remote attacker could possibly use this issue to crash the program, or execute arbitrary code...
USN-7949-1: Sodium vulnerability
It was discovered that Sodium incorrectly handled the elliptic curve point validity check in certain atypical use cases. This could result in invalid points being used, contrary to expectations...
USN-7948-1: GPSd vulnerabilities
It was discovered that GPSd incorrectly handled processing NMEA2000 packets. An attacker could use this issue to cause GPSd to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2025-67268 It was discovered that GPSd incorrectly handled processing NAVCOM packets. An...
USN-7946-1: GnuPG vulnerability
It was discovered that GnuPG incorrectly handled crafted input. A remote attacker could possibly use this issue to crash the program, or execute arbitrary code...
USN-7047-1: libvirt vulnerabilities
It was discovered that libvirt parsed user-provided XML files before performing ACL checks. An attacker could possibly use this issue to cause libvirt to consume memory, resulting in a denial of service. CVE-2025-12748 It was discovered that libvirt incorrectly handled permissions on external...
USN-7945-1: Libxslt vulnerability
Ivan Fratric discovered that Libxslt was vulnerable to type confusion when performing XML transformations. An attacker could possibly use this issue to cause Libxslt to crash or corrupt memory, causing a denial of service or undefined behavior...
USN-7944-1: Net-SNMP vulnerability
Bahae Bahrini discovered that Net-SNMP could be made to write out of bounds. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service...
USN-7943-1: libcaca vulnerability
Han Zheng discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to cause libcaca to crash...
USN-7922-4: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - InfiniBand drivers; - Media drivers; - Network drivers; - Pin controllers...
USN-7942-1: GLib vulnerabilities
It was discovered that GLib incorrectly handled escaping URI strings. An attacker could use this issue to cause GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2025-13601 It was discovered that GLib incorrectly parsed certain GVariants. An attacker could u...
USN-7941-1: WebKitGTK vulnerabilities
Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...
USN-7922-3: Linux kernel (Oracle) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - InfiniBand drivers; - Media drivers; - Network drivers; - Pin controllers...
USN-7928-4: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Media drivers; - Network drivers; - AFS file system; - F2FS file system; - Tracing...
USN-7931-4: Linux kernel (Xilinx) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Media drivers; - Memory management; - Appletalk network protocol; - Netfilter; CVE-2025-37958,...
USN-7921-2: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Media drivers; - Netfilter; - TLS protocol; CVE-2025-39946, CVE-2025-39964, CVE-2025-39993,...
USN-7940-1: Linux kernel (Azure FIPS) vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
USN-7939-2: Linux kernel (Azure FIPS) vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
USN-7939-1: Linux kernel (Azure) vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
USN-7938-1: Linux kernel (Azure) vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
USN-7889-7: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - Network drivers; - Netfilter; - TLS protocol; CVE-2025-21729, CVE-2025-38227, CVE-2025-38616,...
USN-7937-1: Linux kernel (Azure FIPS) vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
USN-7935-1: Linux kernel (Azure) vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
USN-7936-1: Linux kernel (OEM) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Compute Acceleration Framework; - Media drivers; - Netfilter; - TLS protocol; CVE-2025-39946,...
USN-7920-2: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Tracing infrastructure; - Netfilter; CVE-2025-40018, CVE-2025-40232...