Lucene search
K
UbuntuRecent

10869 matches found

Ubuntu
Ubuntu
added 2025/12/03 2:18 p.m.8 views

USN-7907-2: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - Hardware monitoring drivers; - InfiniBand drivers; - Mailbox framework; -...

7.8CVSS7.1AI score0.00261EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/12/03 2:0 p.m.7 views

USN-7908-1: PostgreSQL vulnerabilities

Jelte Fennema-Nio discovered that the PostgreSQL CREATE STATISTICS command did not correctly check for schema CREATE privileges. An authenticated attacker could possibly use this issue to create a denial of service against other CREATE STATISTICS users. CVE-2025-12817 Aleksey Solovev discovered...

5.9CVSS5.8AI score0.00301EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/12/03 12:14 p.m.6 views

USN-7907-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - Hardware monitoring drivers; - InfiniBand drivers; - Mailbox framework; -...

7.8CVSS7.1AI score0.00261EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/12/03 11:34 a.m.5 views

USN-7906-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - Cryptographic API; - Android drivers; - TTY drivers; - F2FS file system; - 9P file system netwo...

7.3AI score0.00241EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/12/03 9:46 a.m.4 views

USN-7905-1: KDE Connect vulnerability

It was discovered that KDE Connect incorrectly handled device IDs. An attacker could possibly use this issue to bypass authentication and connect an unpaired device...

4.7CVSS5.3AI score0.00176EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/12/03 8:6 a.m.5 views

USN-7904-1: Ghostscript vulnerabilities

Piotr Kajda discovered that Ghostscript incorrectly handled writing certain files. An attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service...

5.5CVSS5AI score0.00188EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/12/02 3:14 p.m.4 views

USN-7903-1: Django vulnerabilities

It was discovered that Django incorrectly handled certain characters in the FilteredRelation object. An attacker could possibly use this issue to execute arbitrary SQL commands. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 25.04, and Ubuntu 25.10...

7.5CVSS8AI score0.02106EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/12/02 1:15 p.m.8 views

USN-7855-2: Unbound regression

USN-7855-1 fixed vulnerabilities in Unbound. It was discovered that the fix for CVE-2025-11411 was incomplete. This update fixes the problem. Original advisory details: Yuxiao Wu, Yunyi Zhang, Baojun Liu, and Haixin Duan discovered that Unbound incorrectly handled certain promiscuous NS RRSets. A...

7.1CVSS6.7AI score0.00311EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2025/12/01 2:48 p.m.8 views

USN-7902-1: CRaC JDK 25 vulnerabilities

Jinfeng Guo discovered that the Security component of CRaC JDK 25 did not correctly handle certain representations of encoded strings. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. CVE-2025-53057 Darius Bohni discovered that the JA...

7.5CVSS7.4AI score0.00633EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/12/01 2:42 p.m.4 views

USN-7901-1: CRaC JDK 21 vulnerabilities

Jinfeng Guo discovered that the Security component of CRaC JDK 21 did not correctly handle certain representations of encoded strings. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. CVE-2025-53057 Darius Bohni discovered that the JA...

7.5CVSS7.4AI score0.00633EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/12/01 2:37 p.m.5 views

USN-7900-1: CRaC JDK 17 vulnerabilities

Jinfeng Guo discovered that the Security component of CRaC JDK 17 did not correctly handle certain representations of encoded strings. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. CVE-2025-53057 Darius Bohni discovered that the JA...

7.5CVSS7.4AI score0.00633EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/12/01 2:21 p.m.10 views

USN-7899-1: GNU binutils vulnerabilities

It was discovered that GNU binutils could be forced to perform an out- of-bounds read in certain instances. An attacker with local access to a system could possibly use this issue to cause a denial of service. CVE-2025-11839, CVE-2025-11840 It was discovered that GNU binutils incorrectly handled...

7.8CVSS6.3AI score0.01252EPSS
Exploits10
Ubuntu
Ubuntu
added 2025/11/28 2:58 p.m.7 views

USN-7894-2: EDK II regression

USN-7894-1 fixed vulnerabilities in EDK II. The update introduced a regression in the UEFI network boot. This update reverts the corresponding fixes for CVE-2023-45236 and CVE-2023-45237 pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovere...

7.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2025/11/27 4:34 p.m.6 views

USN-7898-1: OpenVPN vulnerability

Joshua Rogers discovered that OpenVPN incorrectly handled HMAC verification checks. A remote attacker could possibly use this issue to bypass source IP address validation...

8.2CVSS8AI score0.0061EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/11/27 3:59 p.m.5 views

USN-7897-1: CUPS vulnerability

It was discovered that CUPS incorrectly handled input from users in the web configuration settings. An attacker could use this issue to insert malicious configuration options, causing a denial of service or possibly executing arbitrary code...

6.7CVSS5.5AI score0.00409EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/11/27 2:21 p.m.5 views

USN-7896-1: libxml2 vulnerabilities

It was discovered that the libxml2 Python bindings incorrectly handled certain return values. An attacker could possibly use this issue to cause libxml2 to crash, resulting in a denial of service. CVE-2025-32414 It was discovered that libxml2 incorrectly handled certain memory operations. A remot...

7.8CVSS7AI score0.00527EPSS
Exploits3
Ubuntu
Ubuntu
added 2025/11/27 2:12 p.m.6 views

USN-7852-2: libxml2 vulnerability

USN-7582-1 fixed a vulnerability in libxml2. This update provides the corresponding fix for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that libxslt, used by libxml2, incorrectly handled certain attributes. An attacker could use this issue...

7.8CVSS7AI score0.00339EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/11/27 1:39 p.m.8 views

USN-7895-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

9.8CVSS7.5AI score0.00718EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/11/26 8:22 p.m.6 views

USN-7886-2: Python vulnerabilities

USN-7886-1 fixed vulnerabilities in Python. This update provides the corresponding updates for python3.13 in Ubuntu 25.04 and Ubuntu 25.10. Original advisory details: It was discovered that Python inefficiently handled expanding system environment variables. An attacker could possibly use this...

5.5CVSS6.8AI score0.00345EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/11/26 3:5 p.m.16 views

USN-7894-1: EDK II vulnerabilities

It was discovered that EDK II was susceptible to a predictable TCP Initial Sequence Number. An attacker could possibly use this issue to gain unauthorized access. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. CVE-2023-45236, CVE-2023-45237 It was discovered that EDK II...

9.1CVSS7.4AI score0.73461EPSS
Exploits3
Ubuntu
Ubuntu
added 2025/11/26 1:51 p.m.8 views

USN-7893-1: Valkey vulnerabilities

Benny Isaacs, Nir Brakha, and Sagi Tzadik discovered that Valkey incorrectly handled memory when running Lua scripts. An authenticated attacker could use this vulnerability to trigger a use-after-free condition, and potentially achieve remote code execution on the Valkey server. CVE-2025-49844 It...

9.9CVSS8.9AI score0.86767EPSS
Exploits15
Ubuntu
Ubuntu
added 2025/11/26 1:24 p.m.12 views

USN-7892-1: H2O vulnerability

It was discovered that H2O exhibited poor server resource management in its HTTP/2 protocol. An attacker could possibly use this issue to cause H2O to crash, resulting in a denial of service...

7.5CVSS7.2AI score0.99999EPSS
Exploits19
Ubuntu
Ubuntu
added 2025/11/26 12:56 p.m.4 views

USN-7891-1: rust-openssl vulnerabilities

Matt Mastracci discovered that rust-openssl was incorrectly handling server lifetimes in certain functions. An attacker could possibly use this issue to cause a denial of service or run arbitrary memory content to the client. CVE-2025-24898 It was discovered that rust-openssl was incorrectly...

9.1CVSS5.2AI score0.00623EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/11/26 11:40 a.m.7 views

USN-7890-1: FFmpeg vulnerability

It was discovered that FFmpeg did not properly handle the parsing of certain malformed HLS playlists. If a user were tricked into opening a specially crafted HLS playlist, an attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service...

7.5CVSS5.9AI score0.00534EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/11/26 9:41 a.m.6 views

USN-7889-3: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - Network drivers; - Netfilter; - TLS protocol; CVE-2025-21729, CVE-2025-38227, CVE-2025-38616,...

7.8CVSS7.1AI score0.00202EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/11/26 8:54 a.m.3 views

USN-7889-2: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - Network drivers; - Netfilter; - TLS protocol; CVE-2025-21729, CVE-2025-38227, CVE-2025-38616,...

7.8CVSS7.1AI score0.00202EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/11/26 8:34 a.m.9 views

USN-7879-3: Linux kernel vulnerabilities

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Several security issues were discovered in the Linux kernel. An attacker could possibly use...

8.5CVSS7.4AI score0.07142EPSS
Exploits3
Ubuntu
Ubuntu
added 2025/11/25 4:2 p.m.6 views

USN-7889-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - Network drivers; - Netfilter; - TLS protocol; CVE-2025-21729, CVE-2025-38227, CVE-2025-38616,...

7.8CVSS7.1AI score0.00202EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/11/25 12:54 p.m.7 views

USN-7887-2: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

8.8CVSS7AI score0.00571EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/11/25 4:59 a.m.5 views

USN-7888-1: MuPDF vulnerabilities

It was discovered that MuPDF could be made to divide by zero. An attacker could possibly use this issue to cause a denial of service. CVE-2023-51103, CVE-2023-51104, CVE-2023-51105, CVE-2023-51106 It was discovered that MuPDF incorrectly handled memory under certain circumstances, which could lea...

7.5CVSS7.2AI score0.00914EPSS
Exploits6
Ubuntu
Ubuntu
added 2025/11/24 5:27 p.m.8 views

USN-7887-1: Linux kernel (Raspberry Pi Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

8.8CVSS7AI score0.00571EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/11/24 2:53 p.m.7 views

USN-7886-1: Python vulnerabilities

It was discovered that Python inefficiently handled expanding system environment variables. An attacker could possibly use this issue to cause Python to consume excessive resources, leading to a denial of service. CVE-2025-6075 Caleb Brown discovered that Python incorrectly handled the ZIP64 End ...

5.5CVSS6.8AI score0.00345EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/11/24 12:40 p.m.3 views

USN-7878-2: cups-filters vulnerabilities

USN-7878-1 fixed vulnerabilities in cups-filters, This update provides the corresponding update for CVE-2025-64524 for Ubuntu 25.04. Original advisory details: It was discovered that cups-filters incorrectly handled certain malformed TIFF image files. A remote attacker could use this issue to cau...

5.5CVSS5.8AI score0.00181EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/11/24 12:14 p.m.5 views

USN-7885-1: OpenJDK 21 vulnerabilities

Jinfeng Guo discovered that the Security component of OpenJDK 21 did not correctly handle certain representations of encoded strings. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. CVE-2025-53057 Darius Bohni discovered that the JAX...

7.5CVSS7.4AI score0.00633EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/11/24 12:8 p.m.5 views

USN-7884-1: OpenJDK 25 vulnerabilities

Jinfeng Guo discovered that the Security component of OpenJDK 25 did not correctly handle certain representations of encoded strings. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. CVE-2025-53057 Darius Bohni discovered that the JAX...

7.5CVSS7.4AI score0.00633EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/11/24 11:21 a.m.7 views

USN-7851-2: runC regression

USN-7851-1 fixed vulnerabilities in runC. The introduction of a new upstream release has caused regressions in runc-app and runc-stable. This update fixes the problem. Original advisory details: Lei Wang and Li Fubang discovered that runC incorrectly handled masked paths. An attacker could possib...

7.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2025/11/24 12:55 a.m.7 views

USN-7883-1: OpenJDK 17 vulnerabilities

Jinfeng Guo discovered that the Security component of OpenJDK 17 did not correctly handle certain representations of encoded strings. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. CVE-2025-53057 Darius Bohni discovered that the JAX...

7.5CVSS7.4AI score0.00633EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/11/24 12:52 a.m.4 views

USN-7882-1: OpenJDK 11 vulnerabilities

Jinfeng Guo discovered that the Security component of OpenJDK 11 did not correctly handle certain representations of encoded strings. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. CVE-2025-53057 Darius Bohni discovered that the JAX...

7.5CVSS7.4AI score0.00633EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/11/24 12:36 a.m.3 views

USN-7881-1: OpenJDK 8 vulnerabilities

Jinfeng Guo discovered that the Security component of OpenJDK 8 did not correctly handle certain representations of encoded strings. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. CVE-2025-53057 Darius Bohni discovered that the JAXP...

7.5CVSS7.4AI score0.00633EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/11/21 3:57 p.m.7 views

USN-7880-1: Linux kernel (OEM) vulnerabilities

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Several security issues were discovered in the Linux kernel. An attacker could possibly use...

8.5CVSS7.4AI score0.07142EPSS
Exploits3
Ubuntu
Ubuntu
added 2025/11/21 3:45 p.m.9 views

USN-7879-2: Linux kernel (Real-time) vulnerabilities

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Several security issues were discovered in the Linux kernel. An attacker could possibly use...

8.5CVSS7.4AI score0.07142EPSS
Exploits3
Ubuntu
Ubuntu
added 2025/11/21 3:26 p.m.9 views

USN-7879-1: Linux kernel vulnerabilities

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Several security issues were discovered in the Linux kernel. An attacker could possibly use...

8.5CVSS7.4AI score0.07142EPSS
Exploits3
Ubuntu
Ubuntu
added 2025/11/20 5:46 p.m.5 views

USN-7876-1: ImageMagick vulnerability

It was discovered that ImageMagick did not properly handle memory when encoding BMP images. An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue exists due to an incomplete fix for CVE-2025-57803...

7.5CVSS7.4AI score0.00738EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/11/20 4:4 p.m.6 views

USN-7878-1: cups-filters vulnerabilities

It was discovered that cups-filters incorrectly handled certain malformed TIFF image files. A remote attacker could use this issue to cause cups-filters to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS,...

5.5CVSS5.5AI score0.00412EPSS
Exploits3
Ubuntu
Ubuntu
added 2025/11/20 3:50 p.m.3 views

USN-7877-1: libcupsfilters vulnerabilities

It was discovered that libcupsfilters incorrectly handled certain malformed TIFF image files. A remote attacker could use this issue to cause libcupsfilters to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2025-57812 It was discovered that libcupsfilters...

4CVSS5.5AI score0.00412EPSS
Exploits2
Ubuntu
Ubuntu
added 2025/11/19 9:6 p.m.4 views

USN-7861-4: Linux kernel (AWS) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

7.8CVSS7.4AI score0.01345EPSS
Exploits8
Ubuntu
Ubuntu
added 2025/11/19 9:1 p.m.5 views

USN-7875-1: Linux kernel (Oracle) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

9.1CVSS7.5AI score0.01367EPSS
Exploits8
Ubuntu
Ubuntu
added 2025/11/19 5:27 p.m.4 views

USN-7874-2: Linux kernel (FIPS) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

7.8CVSS7.5AI score0.01345EPSS
Exploits8
Ubuntu
Ubuntu
added 2025/11/19 5:17 p.m.4 views

USN-7874-1: Linux kernel vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

7.8CVSS7.5AI score0.01345EPSS
Exploits8
Ubuntu
Ubuntu
added 2025/11/19 12:53 p.m.6 views

USN-7873-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.44 in Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. Ubuntu 25.04 and Ubuntu 25.10 have been updated to MySQL 8.4.7. In addition to security fixes, the...

5.5CVSS7.1AI score0.00533EPSS
Exploits0
Total number of security vulnerabilities10869