10711 matches found
USN-7743-1: libxml2 vulnerability
Nikita Sveshnikov discovered that libxml2 incorrectly handled recursion when processing XPath expressions. An attacker could possibly use this issue to cause a denial of service...
USN-7742-1: GnuTLS vulnerabilities
It was discovered that GnuTLS incorrectly handled exporting Subject Alternative Name SAN entries containing an otherName. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LT...
USN-7741-1: PostgreSQL vulnerabilities
Dean Rasheed discovered that PostgreSQL incorrectly handled access control lists. An attacker could possibly use this issue to obtain sensitive information. CVE-2025-8713 Martin Rakhmanov, Matthieu Denais, and RyotaK discovered that the PostgreSQL pgdump utility allowed untrusted data inclusion. ...
USN-7740-1: LibEtPan vulnerability
It was discovered that LibEtPan incorrectly handled memory when parsing IMAP STATUS responses. A remote attacker could possibly use this issue to cause LibEtPan to crash, resulting in a denial of service...
USN-7739-1: Bind vulnerabilities
Greg Kuechle discovered that Bind incorrectly handled certain incremental zone updates. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. CVE-2021-25214 Siva Kakarla discovered that Bind incorrectly handled certain DNAME records. A remote...
USN-7648-3: PHP regression
USN-7648-2 fixed vulnerabilities in PHP. The patch for CVE-2025-1735 caused a regression in php7.0, php7.2 and php7.4. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that PHP incorrectly handled certain hostnames containing null...
USN-7738-1: FFmpeg vulnerability
It was discovered that FFmpeg incorrectly handled the calculation of LPC order, which could lead to a stack-based buffer overflow. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service...
USN-7737-1: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; -...
USN-7736-1: Django vulnerability
It was discovered that Django incorrectly handled certain inputs. An attacker could possibly use this issue to perform a SQL injection...
USN-7735-1: RubyGems vulnerabilities
It was discovered that RubyGems incorrectly handled certain regular expressions. An attacker could use this issue to cause RubyGems to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS. CVE-2023-28755 It was discovered that RubyGems incorrectly handled decompresse...
USN-7734-1: Ruby vulnerabilities
It was discovered that Ruby incorrectly handled certain IO stream methods. A remote attacker could use this issue to cause Ruby to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 18.04 LTS. CVE-2024-27280 It was discovered that th...
USN-7629-2: Protocol Buffers vulnerabilities
USN-7435-1 and USN-7629-1 fixed vulnerabilities in Protocol Buffers for several releases of Ubuntu. This update provides the corresponding fixes for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that Protocol Buffers incorrectly handled...
USN-7732-1: KMail Account Wizard vulnerability
It was discovered that KMail Account Wizard used HTTP rather than HTTPS when retrieving certain email server configurations. An attacker could possibly use this issue to cause email clients to use an attacker-controlled email server...
USN-7731-1: KMail vulnerabilities
Damian Poddebniak, Christian Dresen, Jens Müller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, and Jörg Schwenk discovered that KMail could be made to leak the plaintext of S/MIME encrypted emails when retrieving external content in emails. Under certain configurations, ...
USN-7725-3: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Overlay file system; - Network traffic control; CVE-2025-21887, CVE-2024-57996, CVE-2025-38350, CVE-2025-37752...
USN-7730-1: PIM Messagelib vulnerabilities
Damian Poddebniak, Christian Dresen, Jens Müller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, and Jörg Schwenk discovered that PIM Messagelib could be made to leak the plaintext of S/MIME encrypted emails when retrieving external content in emails. Under certain...
USN-7726-4: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - NTFS3 file system; - Network traffic control; CVE-2024-27407, CVE-2024-57996, CVE-2025-37752, CVE-2025-38350...
USN-7729-1: KDE PIM vulnerabilities
Damian Poddebniak, Christian Dresen, Jens Müller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, and Jörg Schwenk discovered that the KMail application of KDE PIM could be made to leak the plaintext of S/MIME encrypted emails when retrieving external content in emails. Und...
USN-7727-3: Linux kernel (AWS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - InfiniBand drivers; - Media drivers; - SPI subsystem; - USB core drivers; - NILFS2 file system; - IPv6 networking; ...
USN-7712-2: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...
USN-7728-1: ImageMagick vulnerabilities
It was discovered that ImageMagick did not properly process certain format strings when interpreting image filenames. An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service. CVE-2025-53014 It was discovered that ImageMagick did not properly proce...
USN-7710-2: Python 2.7 vulnerability
USN-7710-1 fixed vulnerabilities in Python. This update provides the corresponding fix for CVE-2025-8194 for Python 2.7. Original advisory details: It was discovered that Python inefficiently parsed maliciously crafted HTML input. An attacker could possibly use this issue to cause a denial of...
USN-7726-3: Linux kernel (FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - NTFS3 file system; - Network traffic control; CVE-2024-27407, CVE-2024-57996, CVE-2025-37752, CVE-2025-38350...
USN-7725-2: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Overlay file system; - Network traffic control; CVE-2025-21887, CVE-2024-57996, CVE-2025-38350, CVE-2025-37752...
USN-7726-2: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - NTFS3 file system; - Network traffic control; CVE-2024-27407, CVE-2024-57996, CVE-2025-37752, CVE-2025-38350...
USN-7727-2: Linux kernel (FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - InfiniBand drivers; - Media drivers; - SPI subsystem; - USB core drivers; - NILFS2 file system; - IPv6 networking; ...
USN-7727-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - InfiniBand drivers; - Media drivers; - SPI subsystem; - USB core drivers; - NILFS2 file system; - IPv6 networking; ...
USN-7726-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - NTFS3 file system; - Network traffic control; CVE-2024-27407, CVE-2024-57996, CVE-2025-37752, CVE-2025-38350...
USN-7725-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Overlay file system; - Network traffic control; CVE-2025-21887, CVE-2024-57996, CVE-2025-38350, CVE-2025-37752...
USN-7704-5: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-AFFA; - Multiple devices driver; - Media drivers; - Network...
USN-7703-4: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...
USN-7724-1: Linux kernel (OEM) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Thunderbolt and USB4 drivers; - Network traffic control; CVE-2025-38350, CVE-2025-38174...
USN-7723-1: UDisks vulnerability
Michael Imfeld discovered that UDisks did not check the validity of input data correctly when handling files for loop devices. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...
USN-7722-1: Linux kernel vulnerability
A security issues was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystem: - Network traffic control; CVE-2025-38350...
USN-7721-1: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PA-RISC architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x...
USN-7720-1: Linux kernel vulnerabilities
It was discovered a race condition existed in the Unix domain socket implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-0920 Several security issues...
USN-7719-1: Linux kernel (Raspberry Pi Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...
USN-7718-1: GNU binutils vulnerability
It was discovered that GNU binutils incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash...
USN-7717-1: GStreamer Good Plugins vulnerabilities
Shaun Mirani discovered that GStreamer Good Plugins incorrectly handled certain malformed media files. An attacker could use these issues to cause GStreamer Good Plugins to crash, resulting in a denial of service, or possibly disclose sensitive information...
USN-7716-1: GStreamer Base Plugins vulnerabilities
Shaun Mirani discovered that GStreamer Base Plugins incorrectly handled certain malformed media files. An attacker could use these issues to cause GStreamer Base Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-7715-1: nginx vulnerability
It was discovered that the nginx ngxmailsmtpmodule module incorrectly handled certain memory operations when doing SMTP authentication. This could possibly result in sensitive information being sent to the authentication server...
USN-7714-1: Open VM Tools vulnerabilities
Matthias Gerstner discovered that Open VM Tools incorrectly handled file descriptors when dropping privileges. A local attacker could possibly use this issue to hijack /dev/uinput and simulate user inputs. CVE-2023-34059 Dolev Farhi discovered that Open VM Tools incorrectly handled certain file...
USN-7713-1: OpenLDAP vulnerabilities
It was discovered that OpenLDAP incorrectly handled X.509 DN parsing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. CVE-2020-36229, CVE-2020-36230 Pasi Saarinen discovered that OpenLDAP incorrectly handled certain short timestamps. A...
USN-7712-1: Linux kernel (Azure FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...
USN-7711-1: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...
USN-7703-3: Linux kernel (Oracle) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...
USN-7704-4: Linux kernel (NVIDIA) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-AFFA; - Multiple devices driver; - Media drivers; - Network...
USN-7648-2: PHP vulnerabilities
USN-7648-1 fixed several vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled certain hostnames containing null characters. A remote attacker...
USN-7710-1: Python vulnerabilities
It was discovered that Python inefficiently parsed maliciously crafted HTML input. An attacker could possibly use this issue to cause a denial of service. CVE-2025-6069 It was discovered that Python incorrectly parsed maliciously crafted Tar archives. An attacker could possibly use this issue to...
USN-7709-1: WEBrick vulnerability
It was discovered that WEBrick incorrectly parsed HTTP headers. In configurations where WEBrick is placed behind an HTTP proxy, a remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack...