Lucene search
K
UbuntuRecent

10927 matches found

Ubuntu
Ubuntu
•added 2012/01/13 5:36 a.m.•72 views

USN-1329-1: Linux kernel (OMAP4) vulnerability

Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user who can mount a FUSE file system could cause a denial of service...

5.5CVSS5.6AI score0.00391EPSS
Exploits0
Ubuntu
Ubuntu
•added 2012/01/13 5:28 a.m.•72 views

USN-1328-1: Linux kernel (Marvell DOVE) vulnerabilities

Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. CVE-2011-2203 A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. CVE-2011-4110...

2.1CVSS7.4AI score0.00489EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/01/11 3:1 p.m.•54 views

USN-1326-1: Nova vulnerability

Nachi Ueno, Rohit Karajgi, and Venkatesan Ravikumar discovered that when Nova is configured to use the OpenStack API, it would not correctly enforce access controls on certain incoming requests. A remote authenticated attacker could exploit this to change resources of arbitrary tenants...

4.9CVSS5.5AI score0.01758EPSS
Exploits0
Ubuntu
Ubuntu
•added 2012/01/11 11:30 a.m.•64 views

USN-1324-1: Linux kernel (EC2) vulnerabilities

Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. CVE-2011-2203 A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. CVE-2011-4110...

2.1CVSS7.4AI score0.00489EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/01/11 10:56 a.m.•83 views

USN-1325-1: Linux kernel (OMAP4) vulnerabilities

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel...

7.8CVSS6.5AI score0.03228EPSS
Exploits4
Ubuntu
Ubuntu
•added 2012/01/11 10:20 a.m.•62 views

USN-1323-1: Linux kernel vulnerabilities

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel...

7.8CVSS7.1AI score0.03228EPSS
Exploits4
Ubuntu
Ubuntu
•added 2012/01/09 3:9 p.m.•57 views

USN-1322-1: Linux kernel vulnerability

Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops...

5.5CVSS5.6AI score0.00456EPSS
Exploits1
Ubuntu
Ubuntu
•added 2012/01/09 1:53 p.m.•76 views

USN-1319-1: Linux kernel (OMAP4) vulnerabilities

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel...

2.1CVSS7.4AI score0.00489EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/01/06 8:46 p.m.•61 views

USN-1306-2: Mozvoikko and ubufox update

USN-1306-1 fixed vulnerabilities in Firefox. This update provides updated Mozvoikko and ubufox packages for use with Firefox 9. Original advisory details: Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman,...

8.9AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2012/01/06 7:34 p.m.•61 views

USN-1306-1: Firefox vulnerabilities

Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia Knous, and Rober Longson discovered several memory safety issues which could possibly be exploited to crash Firefox or execute arbitrary code as the...

10CVSS8.8AI score0.69882EPSS
Exploits11References1
Ubuntu
Ubuntu
•added 2012/01/05 3:21 p.m.•74 views

USN-1320-1: FFmpeg vulnerabilities

Steve Manzuik discovered that FFmpeg incorrectly handled certain malformed Matroska files. If a user were tricked into opening a crafted Matroska file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking th...

9.3CVSS8.8AI score0.06597EPSS
Exploits0
Ubuntu
Ubuntu
•added 2012/01/05 12:54 p.m.•70 views

USN-1318-1: Linux kernel (FSL-IMX51) vulnerabilities

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel...

2.1CVSS7.4AI score0.00489EPSS
Exploits3
Ubuntu
Ubuntu
•added 2012/01/04 2:29 p.m.•60 views

USN-1317-1: Ghostscript vulnerabilities

It was discovered that Ghostscript did not correctly handle memory allocation when parsing certain malformed JPEG-2000 images. If a user or automated system were tricked into opening a specially crafted image, an attacker could cause a denial of service and possibly execute arbitrary code with us...

10CVSS7.8AI score0.10618EPSS
Exploits1
Ubuntu
Ubuntu
•added 2011/12/22 6:28 p.m.•68 views

USN-1254-1: Thunderbird vulnerabilities

It was discovered that CVE-2011-3004, which addressed possible privilege escalation in addons, also affected Thunderbird 3.1. An attacker could potentially exploit a user who had installed an add-on that used loadSubscript in vulnerable ways. CVE-2011-3647 Yosuke Hasegawa discovered that the...

9.3CVSS8.3AI score0.0233EPSS
Exploits0
Ubuntu
Ubuntu
•added 2011/12/21 4:52 p.m.•55 views

USN-1316-1: t1lib vulnerability

Jonathan Brossard discovered that t1lib did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause t1lib to crash or possibly execute arbitrary code with user privileges...

6.8CVSS5.6AI score0.13055EPSS
Exploits0
Ubuntu
Ubuntu
•added 2011/12/20 2:45 p.m.•63 views

USN-1315-1: JasPer vulnerabilities

Jonathan Foote discovered that JasPer incorrectly handled certain malformed JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges...

6.8CVSS7.8AI score0.10618EPSS
Exploits0
Ubuntu
Ubuntu
•added 2011/12/19 11:19 p.m.•67 views

USN-1314-1: Python 3 vulnerabilities

Giampaolo Rodola discovered that the smtpd module in Python 3 did not properly handle certain error conditions. A remote attacker could exploit this to cause a denial of service via daemon outage. This issue only affected Ubuntu 10.04 LTS. CVE-2010-3493 Niels Heinen discovered that the urllib...

6.4CVSS7.9AI score0.04266EPSS
Exploits0
Ubuntu
Ubuntu
•added 2011/12/19 8:4 p.m.•54 views

USN-1313-1: Linux Kernel (Oneiric backport) vulnerability

Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops...

5.5CVSS5.6AI score0.00456EPSS
Exploits1
Ubuntu
Ubuntu
•added 2011/12/19 7:57 p.m.•61 views

USN-1312-1: Linux kernel vulnerabilities

A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. CVE-2011-4077 Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions...

7.2CVSS6.1AI score0.00556EPSS
Exploits5
Ubuntu
Ubuntu
•added 2011/12/19 7:53 p.m.•65 views

USN-1311-1: Linux kernel vulnerabilities

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 Zheng Liu discovered a flaw in how the ext4 filesystem splits extents. A local unprivileged attacker could...

7.2CVSS6.6AI score0.03212EPSS
Exploits7
Ubuntu
Ubuntu
•added 2011/12/19 1:55 p.m.•56 views

USN-1310-1: libarchive vulnerabilities

It was discovered that libarchive incorrectly handled certain ISO 9660 image files. If a user were tricked into using a specially crafted ISO 9660 image file, a remote attacker could cause libarchive to crash or possibly execute arbitrary code with user privileges. CVE-2011-1777 It was discovered...

6.8CVSS6AI score0.04246EPSS
Exploits0
Ubuntu
Ubuntu
•added 2011/12/15 2:10 p.m.•71 views

USN-1309-1: DHCP vulnerability

It was discovered that the DHCP server incorrectly handled certain malformed packets when configured to evaluate regular expressions. A remote attacker could use this issue to cause DHCP to crash, resulting in a denial of service...

5CVSS6.3AI score0.15478EPSS
Exploits0
Ubuntu
Ubuntu
•added 2011/12/14 10:38 p.m.•43 views

USN-1308-1: bzip2 vulnerability

vladz discovered that executables compressed by bzexe insecurely create temporary files when they are ran. A local attacker could exploit this issue to execute arbitrary code as the user running a compressed executable...

4.6CVSS5.6AI score0.01045EPSS
Exploits2
Ubuntu
Ubuntu
•added 2011/12/14 6:14 p.m.•58 views

USN-1307-1: PHP vulnerability

Florent Hochwelker discovered that PHP incorrectly handled certain EXIF headers in JPEG files. A remote attacker could exploit this issue to view sensitive information or cause the PHP server to crash...

6.4CVSS8.2AI score0.06801EPSS
Exploits2
Ubuntu
Ubuntu
•added 2011/12/13 3:39 p.m.•50 views

USN-1305-1: Nova vulnerability

David Black discovered that Nova did not properly perform input validation during image registration. An attacker could exploit this by registering a crafted image using the EC2 API or S3/RegisterImage method and overwrite files as the nova user...

6CVSS5.3AI score0.01941EPSS
Exploits0
Ubuntu
Ubuntu
•added 2011/12/13 1:18 p.m.•82 views

USN-1304-1: Linux kernel (OMAP4) vulnerabilities

A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. CVE-2011-4077 Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions...

7.5CVSS6.5AI score0.03212EPSS
Exploits7
Ubuntu
Ubuntu
•added 2011/12/13 1:11 p.m.•65 views

USN-1303-1: Linux kernel (Marvell DOVE) vulnerabilities

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to...

7.2CVSS6.2AI score0.03212EPSS
Exploits6
Ubuntu
Ubuntu
•added 2011/12/13 1:5 p.m.•81 views

USN-1302-1: Linux kernel (OMAP4) vulnerabilities

A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. CVE-2011-4077 Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions...

7.2CVSS6.2AI score0.03212EPSS
Exploits6
Ubuntu
Ubuntu
•added 2011/12/13 12:56 p.m.•92 views

USN-1301-1: Linux kernel (Natty backport) vulnerabilities

A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. CVE-2011-4077 Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions...

7.2CVSS6.1AI score0.00556EPSS
Exploits5
Ubuntu
Ubuntu
•added 2011/12/13 12:41 p.m.•86 views

USN-1300-1: Linux kernel (FSL-IMX51) vulnerabilities

A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. CVE-2011-4077 A flaw was found in the Journaling Block Device JBD. A local attacker able to mount ext3 or ext4 file...

7.2CVSS7.8AI score0.00556EPSS
Exploits4
Ubuntu
Ubuntu
•added 2011/12/13 10:25 a.m.•72 views

USN-1299-1: Linux kernel (EC2) vulnerabilities

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 Zheng Liu discovered a flaw in how the ext4 filesystem splits extents. A local unprivileged attacker could...

7.2CVSS6.6AI score0.03212EPSS
Exploits7
Ubuntu
Ubuntu
•added 2011/12/12 4:41 p.m.•67 views

USN-1298-1: Apache Commons Daemon vulnerability

Wilfried Weissmann discovered that Apache Commons Daemon incorrectly dropped capabilities after starting. A remote attacker could possibly use this flaw to read certain files, bypassing the intended permissions...

5CVSS5AI score0.07243EPSS
Exploits0
Ubuntu
Ubuntu
•added 2011/12/09 3:25 a.m.•78 views

USN-1297-1: Django vulnerabilities

Pall McMillan discovered that Django used the root namespace when storing cached session data. A remote attacker could exploit this to modify sessions. CVE-2011-4136 Paul McMillan discovered that Django would not timeout on arbitrary URLs when the application used URLFields. This could be exploit...

5.8CVSS5.7AI score0.03024EPSS
Exploits0
Ubuntu
Ubuntu
•added 2011/12/08 11:26 p.m.•103 views

USN-1296-1: acpid vulnerabilities

Oliver-Tobias Ripka discovered that an ACPI script incorrectly handled power button events. A local attacker could use this to execute arbitrary code, and possibly escalate privileges. CVE-2011-2777 Helmut Grohne and Michael Biebl discovered that ACPI scripts were executed with a permissive file...

4.6CVSS5.7AI score0.00612EPSS
Exploits5
Ubuntu
Ubuntu
•added 2011/12/08 7:31 p.m.•51 views

USN-1295-1: Dovecot vulnerability

It was discovered that Dovecot incorrectly validated certificate hostnames when being used as a POP3 and IMAP proxy. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to view sensitive information...

5.8CVSS5.5AI score0.01321EPSS
Exploits0
Ubuntu
Ubuntu
•added 2011/12/08 1:46 p.m.•93 views

USN-1294-1: Linux kernel (Oneiric backport) vulnerabilities

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit...

7.5CVSS7.8AI score0.03212EPSS
Exploits4
Ubuntu
Ubuntu
•added 2011/12/08 11:36 a.m.•79 views

USN-1293-1: Linux kernel vulnerabilities

A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. CVE-2011-4077 Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions...

7.2CVSS6.2AI score0.03212EPSS
Exploits6
Ubuntu
Ubuntu
•added 2011/12/08 11:24 a.m.•75 views

USN-1292-1: Linux kernel (Maverick backport) vulnerabilities

A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. CVE-2011-4077 Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions...

7.2CVSS6.2AI score0.03212EPSS
Exploits6
Ubuntu
Ubuntu
•added 2011/12/08 10:50 a.m.•71 views

USN-1291-1: Linux kernel vulnerabilities

A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. CVE-2011-4077 A flaw was found in the Journaling Block Device JBD. A local attacker able to mount ext3 or ext4 file...

7.2CVSS7.8AI score0.00556EPSS
Exploits4
Ubuntu
Ubuntu
•added 2011/12/08 12:27 a.m.•56 views

USN-1290-1: Kerberos vulnerability

Simo Sorce discovered that a NULL pointer dereference existed in the Kerberos Key Distribution Center KDC. An authenticated remote attacker could use this to cause a denial of service...

6.8CVSS7AI score0.02473EPSS
Exploits0
Ubuntu
Ubuntu
•added 2011/12/07 7:21 p.m.•40 views

USN-1289-1: colord vulnerability

It was discovered that colord incorrectly handled certain SQL queries. A local attacker could exploit this to modify arbitrary sqlite databases. On Ubuntu, colord runs as its own user by default, so standard file permissions would limit which databases could be altered...

4.6CVSS5.7AI score0.00474EPSS
Exploits0
Ubuntu
Ubuntu
•added 2011/12/07 12:48 a.m.•68 views

USN-1288-1: vsftpd vulnerability

It was discovered that the 2.6.35 and earlier Linux kernel does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service memory consumption in applications that require a separate namespace per connectio...

7.8CVSS7.2AI score0.17841EPSS
Exploits1
Ubuntu
Ubuntu
•added 2011/12/05 7:43 p.m.•67 views

USN-1287-1: Linux (OMAP4) vulnerability

Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops...

5.5CVSS5.6AI score0.00456EPSS
Exploits1
Ubuntu
Ubuntu
•added 2011/12/03 1:59 a.m.•98 views

USN-1286-1: Linux kernel vulnerabilities

Vasily Averin discovered that the NFS Lock Manager NLM incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. CVE-2011-2491 Robert Swiecki discovered that mapping extensions were incorrectly handled. A local attacker could exploit this to crash the...

7.8CVSS7.3AI score0.00496EPSS
Exploits2
Ubuntu
Ubuntu
•added 2011/11/29 6:16 p.m.•87 views

USN-1285-1: Linux kernel vulnerabilities

Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. CVE-2011-2183 Vasily Averin discovered that the NFS Lock Manager NLM incorrectly handled unlock requests. A...

7.2CVSS7.6AI score0.00541EPSS
Exploits2
Ubuntu
Ubuntu
•added 2011/11/28 3:32 p.m.•50 views

USN-1284-1: Update Manager vulnerabilities

David Black discovered that Update Manager incorrectly extracted the downloaded upgrade tarball before verifying its GPG signature. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could potentially be used to replace arbitrary files. CVE-2011-3152 David Black...

6.4CVSS5.6AI score0.02291EPSS
Exploits1
Ubuntu
Ubuntu
•added 2011/11/28 2:35 p.m.•56 views

USN-1283-1: APT vulnerability

It was discovered that APT incorrectly handled the Verify-Host configuration option. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could potentially be used to steal repository credentials. This issue only affected Ubuntu 10.04 LTS and 10.10. CVE-2011-3634...

2.6CVSS5.5AI score0.00799EPSS
Exploits0
Ubuntu
Ubuntu
•added 2011/11/28 9:25 a.m.•68 views

USN-1282-1: Thunderbird vulnerabilities

Yosuke Hasegawa discovered that the Mozilla browser engine mishandled invalid sequences in the Shift-JIS encoding. It may be possible to trigger this crash without the use of debugging APIs, which might allow malicious websites to exploit this vulnerability. An attacker could possibly use this fl...

10CVSS9AI score0.05657EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2011/11/24 2:54 p.m.•72 views

USN-1281-1: Linux (OMAP4) vulnerabilities

Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. CVE-2011-2183 It was discovered that an mmap call with the MAPPRIVATE flag on "/dev/zero" was incorrectly...

7.2CVSS6.8AI score0.00837EPSS
Exploits4
Ubuntu
Ubuntu
•added 2011/11/24 2:43 p.m.•68 views

USN-1280-1: Linux (OMAP4) vulnerabilities

It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password. CVE-2011-1585 Robert Swiecki discovered that mapping extensions were incorrectly handled...

4.9CVSS8.1AI score0.00494EPSS
Exploits4
Total number of security vulnerabilities10927