Lucene search
K
UbuntuRecent

10930 matches found

Ubuntu
Ubuntu
•added 8 hours ago•3 views

USN-8548-1: Linux kernel vulnerabilities

It was discovered that a logic flaw existed in the XFRM ESP-in-TCP subsystem in the Linux kernel when handling socket buffer fragments. This flaw is known as Fragnesia. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-43503 Several security issues...

9.8CVSS6.9AI score0.00563EPSS
Exploits11
Ubuntu
Ubuntu
•added 9 hours ago•8 views

USN-8547-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - Cryptographic API; - InfiniBand drivers; - IOMMU subsystem; - Network drivers; -...

9.8CVSS6.8AI score0.09796EPSS
Exploits4
Ubuntu
Ubuntu
•added 12 hours ago•2 views

USN-8546-1: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...

9.8CVSS6.9AI score0.00817EPSS
Exploits8
Ubuntu
Ubuntu
•added 2 days ago•4 views

USN-8533-1: OpenSSH vulnerabilities

It was discovered that OpenSSH sftp did not properly constrain the location of downloaded files when connecting to an attacker-controlled server. An attacker could possibly use this issue to write files to unintended locations on the file system. CVE-2026-59995 It was discovered that OpenSSH scp...

9.4CVSS6.3AI score0.00407EPSS
Exploits0
Ubuntu
Ubuntu
•added 2 days ago•4 views

USN-8532-1: libssh2 vulnerabilities

It was discovered that libssh2 incorrectly handled certain publickey subsystem attributes. A remote attacker controlling a malicious SSH server could use this issue to cause a denial of service or possibly execute arbitrary code. CVE-2026-58050 It was discovered that libssh2 did not properly...

8.3CVSS6.8AI score0.00333EPSS
Exploits0
Ubuntu
Ubuntu
•added 2 days ago•4 views

USN-8496-3: cifs-utils vulnerability

USN-8496-1 fixed vulnerabilities in cifs-utils. The update caused a regression and was backed out in USN-8496-2. This update reintroduces the security fix, along with a fix for the regression. Original advisory details: It was discovered that cifs-utils incorrectly dropped root privileges before...

7.8CVSS6.3AI score0.0012EPSS
Exploits0
Ubuntu
Ubuntu
•added 2 days ago•4 views

USN-8531-1: libexif vulnerabilities

It was discovered that libexif had an integer overflow in its MakerNote decoder when called with a zero-length buffer. An attacker could possibly use this issue to cause a denial of service or obtain sensitive information. CVE-2026-32775 It was discovered that libexif had an integer overflow in i...

7.8CVSS6.7AI score0.00193EPSS
Exploits1
Ubuntu
Ubuntu
•added 5 days ago•7 views

USN-8530-1: Linux kernel (AWS) vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

9.8CVSS6.9AI score0.93235EPSS
Exploits42
Ubuntu
Ubuntu
•added 5 days ago•5 views

USN-8529-1: Linux kernel vulnerabilities

It was discovered that a logic flaw existed in the XFRM ESP-in-TCP subsystem in the Linux kernel when handling socket buffer fragments. This flaw is known as Fragnesia. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-43503 Several security issues...

9.8CVSS6.9AI score0.00563EPSS
Exploits11
Ubuntu
Ubuntu
•added 5 days ago•5 views

USN-8528-1: Linux kernel (Xilinx ZynqMP) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

9.8CVSS6.9AI score0.96267EPSS
Exploits287
Ubuntu
Ubuntu
•added 5 days ago•7 views

USN-8527-1: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - Cryptographic API; - InfiniBand drivers; - IOMMU subsystem; - Network drivers; -...

9.8CVSS6.8AI score0.09796EPSS
Exploits4
Ubuntu
Ubuntu
•added 5 days ago•5 views

USN-8492-5: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...

9.8CVSS6.6AI score0.00686EPSS
Exploits4
Ubuntu
Ubuntu
•added 6 days ago•5 views

USN-8526-1: libheif vulnerabilities

Xianrui Dong discovered that libheif had an out-of-bounds read in its HEIF sequence track parser. An attacker could possibly use this issue to cause a denial of service or obtain sensitive information. This issue only affected Ubuntu 26.04 LTS. CVE-2026-47254 Junyi Liu discovered that libheif had...

5.9AI score0.00089EPSS
Exploits0
Ubuntu
Ubuntu
•added 6 days ago•5 views

USN-8525-1: curl vulnerabilities

Harry Sintonen discovered that curl incorrectly handled credentials when following HTTP redirects in conjunction with .netrc files. An attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS...

9.8CVSS6.8AI score0.01378EPSS
Exploits10
Ubuntu
Ubuntu
•added 6 days ago•5 views

USN-8524-1: Python vulnerability

It was discovered that Python did not use sufficient entropy for Expat hash-flooding protection in the xml.parsers.expat and xml.etree.ElementTree modules. An attacker could use this to cause a denial of service via a crafted XML document...

7.5CVSS6AI score0.0079EPSS
Exploits0
Ubuntu
Ubuntu
•added 6 days ago•5 views

USN-8523-1: libsoup vulnerabilities

Eric Su and Samuel Dainard discovered that libsoup incorrectly handled content with zero-length resources. An attacker could possibly use this issue to trigger a buffer over-read, resulting in information disclosure or a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04...

9.1CVSS6.8AI score0.0042EPSS
Exploits1
Ubuntu
Ubuntu
•added 6 days ago•5 views

USN-8522-1: LibRaw vulnerabilities

It was discovered that LibRaw incorrectly handled certain Nikon RAW image files. An attacker could possibly use this issue to cause LibRaw to crash, resulting in a denial of service. CVE-2026-5342 It was discovered that LibRaw had an integer overflow in its DNG image loader. An attacker could...

9.8CVSS6.4AI score0.00746EPSS
Exploits6
Ubuntu
Ubuntu
•added 6 days ago•5 views

USN-8521-1: Libidn vulnerability

It was discovered that Libidn incorrectly handled certain internationalized domain name strings. An attacker could possibly use this issue to obtain sensitive information or cause a denial of service...

4CVSS6AI score0.0011EPSS
Exploits1
Ubuntu
Ubuntu
•added 6 days ago•6 views

USN-8520-1: Expat vulnerability

It was discovered that Expat used insufficient entropy when generating hash salt values for its internal hash table. An attacker could use this to craft an XML document that triggers hash flooding, leading to a denial of service...

7.5CVSS6AI score0.00379EPSS
Exploits0
Ubuntu
Ubuntu
•added 6 days ago•6 views

USN-8519-1: Go Cryptography vulnerabilities

Jakub Ciolek and Nicola Murino discovered that Go Cryptography incorrectly handled SSH agent responses. An attacker could use this to cause a denial of service. CVE-2025-47913 Yuichi Watanabe discovered that Go Cryptography incorrectly handled SSH key exchanges. An attacker could use this to caus...

7.5CVSS6.8AI score0.00868EPSS
Exploits1
Ubuntu
Ubuntu
•added 6 days ago•6 views

USN-8492-4: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...

9.8CVSS6.6AI score0.00686EPSS
Exploits4
Ubuntu
Ubuntu
•added 6 days ago•4 views

USN-8490-2: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...

9.8CVSS7AI score0.00817EPSS
Exploits8
Ubuntu
Ubuntu
•added 2026/07/08 5:15 p.m.•5 views

USN-8518-1: mailcap vulnerability

Aaron Rainbolt discovered that the cautious-launcher utility in the mailcap package did not properly restrict the execution of certain file types. An attacker could use this issue to escape a sandboxed application and execute arbitrary code on the host operating system...

8.8CVSS6.5AI score0.0012EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/07/08 2:7 p.m.•6 views

USN-8517-1: ClamAV vulnerabilities

It was discovered that ClamAV incorrectly handled certain PE files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. CVE-2026-20213, CVE-2026-20214, CVE-2026-20217 It was discovered that ClamAV incorrectly handled certain 7z archive files...

7.5CVSS7.1AI score0.00463EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/07/08 1:49 p.m.•7 views

USN-8516-1: Apache HTTP Server vulnerabilities

It was discovered that Apache HTTP Server's modldap module incorrectly handled memory when processing per-directory configurations. An attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2026-29167 It was discovered...

9.8CVSS6.4AI score0.00805EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/07/07 10:46 a.m.•10 views

USN-8515-1: Addressable vulnerability

It was discovered that Addressable incorrectly handled certain URI templates, generating regular expressions vulnerable to catastrophic backtracking. An attacker could use this issue to craft a URI that, when matched against a vulnerable template, causes excessive resource consumption, leading to...

7.5CVSS6AI score0.0036EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/07/06 2:32 p.m.•5 views

USN-8514-1: OpenSSH vulnerability

It was discovered that OpenSSH incorrectly handled file permissions when downloading files as root using the legacy scp protocol without the preserve-mode option. An attacker could use this to install setuid or setgid files on a system, possibly leading to privilege escalation...

8.1CVSS7.1AI score0.00419EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/07/06 1:37 p.m.•6 views

USN-8502-1: GnuTLS vulnerabilities

It was discovered that GnuTLS had a timing side-channel when processing malformed ciphertexts in RSA-PSK ClientKeyExchange. A remote attacker could possibly use this issue to recover sensitive information. This issue only affected Ubuntu 18.04 LTS. CVE-2024-0553 Bing Shi discovered that GnuTLS...

9.8CVSS7AI score0.01614EPSS
Exploits3
Ubuntu
Ubuntu
•added 2026/07/06 1:22 p.m.•6 views

USN-8513-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled SOAP object deduplication when processing apache:Map nodes with duplicate keys. An attacker could possibly use this to cause a use-after-free, resulting in remote code execution. CVE-2026-6722 It was discovered that PHP incorrectly handled SOAP reque...

9.8CVSS7.3AI score0.00739EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/07/06 12:52 p.m.•6 views

USN-8512-1: Gzip vulnerabilities

It was discovered that Gzip's gzexe utility handled temporary files in an insecure manner. When the mktemp utility was not available, gzexe constructed a temporary file path based on the process ID, which could be predicted. A local attacker could possibly use this issue to overwrite arbitrary...

7.5CVSS6AI score0.00294EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/07/06 12:37 p.m.•6 views

USN-8511-1: socat vulnerabilities

It was discovered that socat incorrectly handled the SOCKS5 proxy server reply parser. A remote attacker could possibly use this issue to execute arbitrary code. CVE-2026-56123 It was discovered that socat incorrectly handled a sample script. A local attacker could possibly use this issue to...

9.8CVSS6.9AI score0.008EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/07/06 11:57 a.m.•6 views

USN-8510-1: tar vulnerability

It was discovered that tar incorrectly handled symlinks when extracting archives. An attacker could possibly use this issue to overwrite arbitrary files...

4.1CVSS6.5AI score0.00433EPSS
Exploits1
Ubuntu
Ubuntu
•added 2026/07/06 11:48 a.m.•7 views

USN-8509-1: Python vulnerabilities

It was discovered that Python incorrectly normalized paths in the tarfile module. An attacker could possibly use this issue to bypass path restrictions. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. CVE-2025-13462 It was discovered that Python's HTMLParser incorrectly handled...

9.1CVSS7.3AI score0.02602EPSS
Exploits2
Ubuntu
Ubuntu
•added 2026/07/06 11:15 a.m.•6 views

USN-8506-1: Request Tracker vulnerabilities

Aleksander Iwicki discovered that Request Tracker did not properly sanitize the search "Page" URL parameter. A remote attacker could possibly use this issue to conduct a reflected cross-site scripting attack. CVE-2026-6841 It was discovered that Request Tracker did not properly sanitize user-...

8.8CVSS5.9AI score0.00392EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/07/06 11:3 a.m.•7 views

USN-8505-1: Parsl vulnerability

It was discovered that Parsl incorrectly constructed SQL queries using unsafe string formatting with user-supplied input in the parsl-visualize component. A remote attacker could possibly use this issue to perform SQL injection attacks, leading to data exfiltration or a denial of service...

7.3CVSS6.1AI score0.00235EPSS
Exploits1
Ubuntu
Ubuntu
•added 2026/07/06 9:33 a.m.•8 views

USN-8492-3: Linux kernel (Raspberry Pi Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...

9.8CVSS6.6AI score0.00686EPSS
Exploits4
Ubuntu
Ubuntu
•added 2026/07/06 8:48 a.m.•7 views

USN-8508-1: Linux kernel (NVIDIA) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - S390 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - GP...

9.8CVSS7AI score0.00817EPSS
Exploits9
Ubuntu
Ubuntu
•added 2026/07/06 8:20 a.m.•8 views

USN-8507-1: Linux kernel (NVIDIA) vulnerabilities

It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker could use this to expose sensitive information. CVE-2025-54505 Several security issues were discovered in the Linux kernel. An attacker could...

9.8CVSS6.8AI score0.00675EPSS
Exploits23
Ubuntu
Ubuntu
•added 2026/07/05 11:1 p.m.•12 views

USN-8504-1: SOGo vulnerabilities

It was discovered that SOGo did not properly sanitize categories used for events, tasks, and contacts. A remote authenticated attacker could possibly use this issue to perform cross-site scripting attacks. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu...

8.6CVSS6.5AI score0.00987EPSS
Exploits3
Ubuntu
Ubuntu
•added 2026/07/03 6:49 p.m.•14 views

USN-8496-2: cifs-utils regression

USN-8496-1 fixed a vulnerability in cifs-utils. Unfortunately, the fix introduced a regression with Kerberos mounts. This update reverts the security update until a complete fix is available. We apologize for the inconvenience. Original advisory details: It was discovered that cifs-utils...

6.3AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2026/07/02 10:4 p.m.•8 views

USN-8503-1: ncurses vulnerability

It was discovered that ncurses incorrectly handled certain terminfo entries in the infocmp tool. An attacker could possibly use this issue to cause a denial of service via a crafted terminfo file. The default compiler options for affected releases should reduce the vulnerability to a denial of...

9.8CVSS6AI score0.00414EPSS
Exploits1
Ubuntu
Ubuntu
•added 2026/07/02 4:46 p.m.•16 views

USN-8500-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled path traversal in the zip.vim plugin. An attacker could possibly use this issue to overwrite arbitrary files. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. CVE-2026-35177 It was...

8.4CVSS5.9AI score0.00154EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/07/02 4:14 p.m.•14 views

USN-8501-1: Linux kernel vulnerabilities

It was discovered that a logic flaw existed in the XFRM ESP-in-TCP subsystem in the Linux kernel when handling socket buffer fragments. This flaw is known as Fragnesia. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-43503 Several security issues...

9.8CVSS6.4AI score0.00563EPSS
Exploits11
Ubuntu
Ubuntu
•added 2026/07/02 4:7 p.m.•12 views

USN-8493-2: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - Cryptographic API; - InfiniBand drivers; - IOMMU subsystem; - Network drivers; -...

9.8CVSS7.1AI score0.09796EPSS
Exploits4
Ubuntu
Ubuntu
•added 2026/07/02 3:56 p.m.•12 views

USN-8499-1: Linux kernel (Xilinx) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

9.8CVSS7.5AI score0.96267EPSS
Exploits287
Ubuntu
Ubuntu
•added 2026/07/02 3:49 p.m.•13 views

USN-8498-1: Linux kernel (NVIDIA Tegra) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...

9.8CVSS6.4AI score0.00686EPSS
Exploits4
Ubuntu
Ubuntu
•added 2026/07/02 3:40 p.m.•16 views

USN-8497-1: Linux kernel (Low Latency) vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

9.8CVSS7.2AI score0.93235EPSS
Exploits61
Ubuntu
Ubuntu
•added 2026/07/02 3:24 p.m.•15 views

USN-8492-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...

9.8CVSS6.4AI score0.00686EPSS
Exploits4
Ubuntu
Ubuntu
•added 2026/07/02 3:11 p.m.•7 views

USN-8496-1: cifs-utils vulnerability

It was discovered that cifs-utils incorrectly dropped root privileges before looking up user information. A local attacker could possibly use this issue to execute arbitrary code as the root user...

7.8CVSS6.1AI score0.0012EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/07/02 3:2 p.m.•13 views

USN-8488-2: Linux kernel (Raspberry Pi) vulnerabilities

It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker could use this to expose sensitive information. CVE-2025-54505 Several security issues were discovered in the Linux kernel. An attacker could...

9.8CVSS5.9AI score0.00675EPSS
Exploits23
Total number of security vulnerabilities10930