Lucene search
K
UbuntuRecent

10923 matches found

Ubuntu
Ubuntu
•added 2015/07/07 6:55 p.m.•62 views

USN-2669-1: Bind vulnerability

Breno Silveira Soares discovered that Bind incorrectly handled certain zone data when configured to perform DNSSEC validation. A remote attacker could use this issue with specially crafted zone data to cause Bind to crash, resulting in a denial of service...

7.8CVSS7.4AI score0.37872EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/07/07 12:34 p.m.•58 views

USN-2668-1: HAProxy vulnerability

It was discovered that HAProxy incorrectly handled certain buffers. A remote attacker could possibly use this issue to obtain sensitive information belonging to previous requests...

5CVSS6.4AI score0.04274EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/07/07 9:51 a.m.•72 views

USN-2667-1: Linux kernel vulnerabilities

A race condition was discovered in the Linux kernel's filehandle size verification. A local user could exploit this flaw to read potentially sensative memory locations. CVE-2015-1420 A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote...

9CVSS6.7AI score0.08339EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/07/07 9:47 a.m.•80 views

USN-2666-1: Linux kernel vulnerabilities

A race condition was discovered in the Linux kernel's filehandle size verification. A local user could exploit this flaw to read potentially sensative memory locations. CVE-2015-1420 A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote...

9CVSS6.8AI score0.08339EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/07/07 9:44 a.m.•77 views

USN-2665-1: Linux kernel (Vivid HWE) vulnerabilities

A race condition was discovered in the Linux kernel's filehandle size verification. A local user could exploit this flaw to read potentially sensative memory locations. CVE-2015-1420 A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote...

9CVSS6.7AI score0.08339EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/07/07 9:41 a.m.•55 views

USN-2664-1: Linux kernel (Utopic HWE) vulnerabilities

A race condition was discovered in the Linux kernel's filehandle size verification. A local user could exploit this flaw to read potentially sensative memory locations. CVE-2015-1420 A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote...

9CVSS6.8AI score0.08339EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/07/07 9:39 a.m.•81 views

USN-2663-1: Linux kernel vulnerabilities

Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes xattrs. A local attacker could exploit this flaw to bypass ACLs and potentially escalate privileges. CVE-2014-9710 A race condition was discovered in the Linux kernel's filehandle size...

9CVSS6.8AI score0.08339EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/07/07 9:37 a.m.•66 views

USN-2662-1: Linux kernel (Trusty HWE) vulnerabilities

Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes xattrs. A local attacker could exploit this flaw to bypass ACLs and potentially escalate privileges. CVE-2014-9710 A race condition was discovered in the Linux kernel's filehandle size...

9CVSS6.8AI score0.08339EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/07/07 9:34 a.m.•63 views

USN-2661-1: Linux kernel (OMAP4) vulnerability

A race condition was discovered in the Linux kernel's filehandle size verification. A local user could exploit this flaw to read potentially sensative memory locations...

1.9CVSS7.5AI score0.00362EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/07/07 9:31 a.m.•67 views

USN-2660-1: Linux kernel vulnerability

A race condition was discovered in the Linux kernel's filehandle size verification. A local user could exploit this flaw to read potentially sensative memory locations...

1.9CVSS7.5AI score0.00362EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/07/06 12:14 p.m.•91 views

USN-2658-1: PHP vulnerabilities

Neal Poole and Tomas Hoger discovered that PHP incorrectly handled NULL bytes in file paths. A remote attacker could possibly use this issue to bypass intended restrictions and create or obtain access to sensitive files. CVE-2015-3411, CVE-2015-3412, CVE-2015-4025, CVE-2015-4026, CVE-2015-4598...

10CVSS7.5AI score0.50129EPSS
Exploits19
Ubuntu
Ubuntu
•added 2015/07/06 12:13 p.m.•59 views

USN-2659-1: cups-filters vulnerabilities

Petr Sklenar discovered that the cups-filters texttopdf filter incorrectly handled line sizes. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code as the lp user. CVE-2015-3258, CVE-2015-3279...

7.5CVSS7.8AI score0.08295EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/06/30 11:28 a.m.•68 views

USN-2652-1: Oxide vulnerabilities

It was discovered that Chromium did not properly consider the scheme when determining whether a URL is associated with a WebUI SiteInstance. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass security restrictions. CVE-2015-1266 ...

5CVSS8.2AI score0.02306EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/06/29 5:6 p.m.•49 views

USN-2657-1: unattended-upgrades vulnerability

It was discovered that unattended-upgrades incorrectly performed authentication checks in certain configurations. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could potentially be used to install altered packages...

6.8CVSS5.4AI score0.01435EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/06/25 12:33 p.m.•73 views

USN-2655-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly handled data with malformed chunked transfer coding. A remote attacker could possibly use this issue to conduct HTTP request smuggling attacks, or cause Tomcat to consume resources, resulting in a denial of service. CVE-2014-0227 It was discovered that...

7.8CVSS6.6AI score0.21045EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/06/25 12:32 p.m.•90 views

USN-2654-1: Tomcat vulnerabilities

It was discovered that the Tomcat XML parser incorrectly handled XML External Entities XXE. A remote attacker could possibly use this issue to read arbitrary files. This issue only affected Ubuntu 14.04 LTS. CVE-2014-0119 It was discovered that Tomcat incorrectly handled data with malformed chunk...

7.8CVSS6.8AI score0.21045EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/06/25 11:58 a.m.•122 views

USN-2653-1: Python vulnerabilities

It was discovered that multiple Python protocol libraries incorrectly limited certain data when connecting to servers. A malicious ftp, http, imap, nntp, pop or smtp server could use this issue to cause a denial of service. CVE-2013-1752 It was discovered that the Python xmlrpc library did not...

9.8CVSS7.9AI score0.247EPSS
Exploits8
Ubuntu
Ubuntu
•added 2015/06/22 11:50 p.m.•72 views

USN-2651-1: GNU patch vulnerabilities

Jakub Wilk discovered that GNU patch did not correctly handle file paths in patch files. An attacker could specially craft a patch file that could overwrite arbitrary files with the privileges of the user invoking the program. This issue only affected Ubuntu 12.04 LTS. CVE-2010-4651 László...

7.8CVSS6.7AI score0.11199EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/06/21 6:58 p.m.•65 views

USN-2646-2: Linux kernel regression

The Fix for CVE-2015-1328 introduced a regression into the Linux kernel's overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. We apologize for the inconvenience. Original advisory details: Philip Pettersson discovered a privilege...

7.3AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2015/06/21 6:54 p.m.•61 views

USN-2644-2: Linux kernel (Utopic HWE) regression

The Fix for CVE-2015-1328 introduced a regression into the Linux kernel's overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. We apologize for the inconvenience. Original advisory details: Philip Pettersson discovered a privilege...

7.3AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2015/06/21 6:47 p.m.•60 views

USN-2643-2: Linux kernel regression

The Fix for CVE-2015-1328 introduced a regression into the Linux kernel's overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. We apologize for the inconvenience. Original advisory details: Philip Pettersson discovered a privilege...

7.3AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2015/06/21 6:44 p.m.•55 views

USN-2642-2: Linux kernel (Trusty HWE) regression

The Fix for CVE-2015-1328 introduced a regression into the Linux kernel's overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. We apologize for the inconvenience. Original advisory details: Philip Pettersson discovered a privilege...

7.3AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2015/06/21 6:38 p.m.•57 views

USN-2641-2: Linux kernel (OMAP4) regression

The Fix for CVE-2015-1328 introduced a regression into the Linux kernel's overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. We apologize for the inconvenience. Original advisory details: Philip Pettersson discovered a privilege...

7.3AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2015/06/21 6:34 p.m.•71 views

USN-2640-2: Linux kernel regression

The Fix for CVE-2015-1328 introduced a regression into the Linux kernel's overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. We apologize for the inconvenience. Original advisory details: Philip Pettersson discovered a privilege...

7.3AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2015/06/16 5:21 p.m.•71 views

USN-2650-1: wpa_supplicant and hostapd vulnerabilities

Kostya Kortchinsky discovered multiple flaws in wpasupplicant and hostapd. A remote attacker could use these issues to cause wpasupplicant or hostapd to crash, resulting in a denial of service. CVE-2015-4141, CVE-2015-4142, CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146...

5CVSS6.2AI score0.04198EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/06/16 5:13 p.m.•43 views

USN-2649-1: devscripts vulnerability

It was discovered that the uupdate tool incorrectly handled symlinks. If a user or automated system were tricked into processing specially crafted files, a remote attacker could possibly replace arbitrary files, leading to a privilege escalation...

5CVSS5.6AI score0.0373EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/06/16 5:6 p.m.•57 views

USN-2648-1: Aptdaemon vulnerability

Tavis Ormandy discovered that Aptdeamon incorrectly handled the simulate dbus method. A local attacker could use this issue to possibly expose sensitive information, or perform other file access as the root user...

5.5CVSS5.7AI score0.004EPSS
Exploits3
Ubuntu
Ubuntu
•added 2015/06/15 10:1 p.m.•97 views

USN-2647-1: Linux kernel vulnerability

Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system...

7.8CVSS7.4AI score0.37679EPSS
Exploits22
Ubuntu
Ubuntu
•added 2015/06/15 9:59 p.m.•56 views

USN-2646-1: Linux kernel vulnerability

Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system...

7.8CVSS7.4AI score0.37679EPSS
Exploits22
Ubuntu
Ubuntu
•added 2015/06/15 9:57 p.m.•54 views

USN-2645-1: Linux kernel (Vivid HWE) vulnerability

Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system...

7.8CVSS7.4AI score0.37679EPSS
Exploits22
Ubuntu
Ubuntu
•added 2015/06/15 9:54 p.m.•56 views

USN-2644-1: Linux kernel (Utopic HWE) vulnerability

Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system...

7.8CVSS7.4AI score0.37679EPSS
Exploits22
Ubuntu
Ubuntu
•added 2015/06/15 9:47 p.m.•83 views

USN-2643-1: Linux kernel vulnerability

Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system...

7.8CVSS7.4AI score0.37679EPSS
Exploits22
Ubuntu
Ubuntu
•added 2015/06/15 9:44 p.m.•62 views

USN-2642-1: Linux kernel (Trusty HWE) vulnerability

Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system...

7.8CVSS7.4AI score0.37679EPSS
Exploits22
Ubuntu
Ubuntu
•added 2015/06/15 9:41 p.m.•60 views

USN-2641-1: Linux kernel (OMAP4) vulnerability

Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system...

7.8CVSS7.4AI score0.37679EPSS
Exploits22
Ubuntu
Ubuntu
•added 2015/06/15 9:37 p.m.•71 views

USN-2640-1: Linux kernel vulnerability

Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system...

7.8CVSS7.4AI score0.37679EPSS
Exploits22
Ubuntu
Ubuntu
•added 2015/06/11 6:7 p.m.•101 views

USN-2639-1: OpenSSL vulnerabilities

Praveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered that OpenSSL incorrectly handled memory when buffering DTLS data. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2014-8176 Joseph...

7.5CVSS7.1AI score0.74483EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/06/10 9:56 p.m.•91 views

USN-2638-1: Linux kernel vulnerabilities

Xiong Zhou discovered a bug in the way the EXT4 filesystem handles fallocate zero range functionality when the page size is greater than the block size. A local attacker could exploit this flaw to cause a denial of service system crash. CVE-2015-0275 Wen Xu discovered a use-after-free flaw in the...

7.2CVSS7.1AI score0.02472EPSS
Exploits7
Ubuntu
Ubuntu
•added 2015/06/10 9:53 p.m.•90 views

USN-2637-1: Linux kernel vulnerabilities

Xiong Zhou discovered a bug in the way the EXT4 filesystem handles fallocate zero range functionality when the page size is greater than the block size. A local attacker could exploit this flaw to cause a denial of service system crash. CVE-2015-0275 Wen Xu discovered a use-after-free flaw in the...

4.9CVSS7.5AI score0.02472EPSS
Exploits6
Ubuntu
Ubuntu
•added 2015/06/10 9:51 p.m.•81 views

USN-2636-1: Linux kernel (Vivid HWE) vulnerabilities

Xiong Zhou discovered a bug in the way the EXT4 filesystem handles fallocate zero range functionality when the page size is greater than the block size. A local attacker could exploit this flaw to cause a denial of service system crash. CVE-2015-0275 Wen Xu discovered a use-after-free flaw in the...

7.2CVSS7.1AI score0.02472EPSS
Exploits7
Ubuntu
Ubuntu
•added 2015/06/10 9:49 p.m.•91 views

USN-2635-1: Linux kernel (Utopic HWE) vulnerabilities

Xiong Zhou discovered a bug in the way the EXT4 filesystem handles fallocate zero range functionality when the page size is greater than the block size. A local attacker could exploit this flaw to cause a denial of service system crash. CVE-2015-0275 Wen Xu discovered a use-after-free flaw in the...

4.9CVSS7.5AI score0.02472EPSS
Exploits6
Ubuntu
Ubuntu
•added 2015/06/10 9:47 p.m.•109 views

USN-2634-1: Linux kernel vulnerabilities

Wen Xu discovered a use-after-free flaw in the Linux kernel's ipv4 ping support. A local user could exploit this flaw to cause a denial of service system crash or gain administrative privileges on the system. CVE-2015-3636 A memory corruption flaw was discovered in the Linux kernel's scsi...

7.2CVSS7AI score0.02472EPSS
Exploits7
Ubuntu
Ubuntu
•added 2015/06/10 9:44 p.m.•61 views

USN-2633-1: Linux kernel (Trusty HWE) vulnerabilities

Wen Xu discovered a use-after-free flaw in the Linux kernel's ipv4 ping support. A local user could exploit this flaw to cause a denial of service system crash or gain administrative privileges on the system. CVE-2015-3636 A memory corruption flaw was discovered in the Linux kernel's scsi...

7.2CVSS7AI score0.02472EPSS
Exploits7
Ubuntu
Ubuntu
•added 2015/06/10 9:41 p.m.•74 views

USN-2632-1: Linux kernel (OMAP4) vulnerabilities

Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service host crash. CVE-2015-2150 A privilege escalation was discovered in the fork syscall via t...

9.3CVSS7.3AI score0.10108EPSS
Exploits6
Ubuntu
Ubuntu
•added 2015/06/10 9:39 p.m.•68 views

USN-2631-1: Linux kernel vulnerabilities

Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service host crash. CVE-2015-2150 A privilege escalation was discovered in the fork syscall via t...

9.3CVSS7.3AI score0.10108EPSS
Exploits6
Ubuntu
Ubuntu
•added 2015/06/10 2:30 p.m.•75 views

USN-2630-1: QEMU vulnerabilities

Matt Tait discovered that QEMU incorrectly handled the virtual PCNET driver. A malicious guest could use this issue to cause a denial of service, or possibly execute arbitrary code on the host as the user running the QEMU process. In the default installation, when QEMU is used with libvirt,...

7.8CVSS8.2AI score0.09668EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/06/10 12:52 p.m.•55 views

USN-2629-1: CUPS vulnerabilities

It was discovered that CUPS incorrectly handled reference counting when handling localized strings. A remote attacker could use this issue to escalate permissions, upload a replacement CUPS configuration file, and execute arbitrary code. CVE-2015-1158 It was discovered that the CUPS templating...

10CVSS6.7AI score0.29913EPSS
Exploits9
Ubuntu
Ubuntu
•added 2015/06/08 4:48 p.m.•49 views

USN-2628-1: strongSwan vulnerability

Alexander E. Patrakov discovered that strongSwan incorrectly handled certain IKEv2 setups. A malicious server could possibly use this issue to obtain user credentials...

2.6CVSS7.8AI score0.02028EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/06/03 5:52 p.m.•44 views

USN-2627-1: t1utils vulnerability

Jakub Wilk discovered that t1utils incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially crafted font, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges...

7.5CVSS6AI score0.06905EPSS
Exploits1
Ubuntu
Ubuntu
•added 2015/06/03 1:33 p.m.•71 views

USN-2626-1: Qt vulnerabilities

Wolfgang Schenk discovered that Qt incorrectly handled certain malformed GIF images. If a user or automated system were tricked into opening a specially crafted GIF image, a remote attacker could use this issue to cause Qt to crash, resulting in a denial of service. This issue only applied to...

6.8CVSS7.3AI score0.08736EPSS
Exploits0
Ubuntu
Ubuntu
•added 2015/06/02 12:43 p.m.•29 views

USN-2625-1: Apache HTTP Server update

As a security improvement, this update makes the following changes to the Apache package in Ubuntu 12.04 LTS: Added support for ECC keys and ECDH ciphers. The SSLProtocol configuration directive now allows specifying the TLSv1.1 and TLSv1.2 protocols. Ephemeral key handling has been improved,...

5.3AI score
Exploits0References2
Total number of security vulnerabilities10923