10905 matches found
USN-8515-1: Addressable vulnerability
It was discovered that Addressable incorrectly handled certain URI templates, generating regular expressions vulnerable to catastrophic backtracking. An attacker could use this issue to craft a URI that, when matched against a vulnerable template, causes excessive resource consumption, leading to...
USN-8514-1: OpenSSH vulnerability
It was discovered that OpenSSH incorrectly handled file permissions when downloading files as root using the legacy scp protocol without the preserve-mode option. An attacker could use this to install setuid or setgid files on a system, possibly leading to privilege escalation...
USN-8502-1: GnuTLS vulnerabilities
It was discovered that GnuTLS had a timing side-channel when processing malformed ciphertexts in RSA-PSK ClientKeyExchange. A remote attacker could possibly use this issue to recover sensitive information. This issue only affected Ubuntu 18.04 LTS. CVE-2024-0553 Bing Shi discovered that GnuTLS...
USN-8513-1: PHP vulnerabilities
It was discovered that PHP incorrectly handled SOAP object deduplication when processing apache:Map nodes with duplicate keys. An attacker could possibly use this to cause a use-after-free, resulting in remote code execution. CVE-2026-6722 It was discovered that PHP incorrectly handled SOAP reque...
USN-8512-1: Gzip vulnerabilities
It was discovered that Gzip's gzexe utility handled temporary files in an insecure manner. When the mktemp utility was not available, gzexe constructed a temporary file path based on the process ID, which could be predicted. A local attacker could possibly use this issue to overwrite arbitrary...
USN-8511-1: socat vulnerabilities
It was discovered that socat incorrectly handled the SOCKS5 proxy server reply parser. A remote attacker could possibly use this issue to execute arbitrary code. CVE-2026-56123 It was discovered that socat incorrectly handled a sample script. A local attacker could possibly use this issue to...
USN-8510-1: tar vulnerability
It was discovered that tar incorrectly handled symlinks when extracting archives. An attacker could possibly use this issue to overwrite arbitrary files...
USN-8509-1: Python vulnerabilities
It was discovered that Python incorrectly normalized paths in the tarfile module. An attacker could possibly use this issue to bypass path restrictions. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. CVE-2025-13462 It was discovered that Python's HTMLParser incorrectly handled...
USN-8506-1: Request Tracker vulnerabilities
Aleksander Iwicki discovered that Request Tracker did not properly sanitize the search "Page" URL parameter. A remote attacker could possibly use this issue to conduct a reflected cross-site scripting attack. CVE-2026-6841 It was discovered that Request Tracker did not properly sanitize user-...
USN-8505-1: Parsl vulnerability
It was discovered that Parsl incorrectly constructed SQL queries using unsafe string formatting with user-supplied input in the parsl-visualize component. A remote attacker could possibly use this issue to perform SQL injection attacks, leading to data exfiltration or a denial of service...
USN-8492-3: Linux kernel (Raspberry Pi Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...
USN-8508-1: Linux kernel (NVIDIA) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - S390 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - GP...
USN-8507-1: Linux kernel (NVIDIA) vulnerabilities
It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker could use this to expose sensitive information. CVE-2025-54505 Several security issues were discovered in the Linux kernel. An attacker could...
USN-8504-1: SOGo vulnerabilities
It was discovered that SOGo did not properly sanitize categories used for events, tasks, and contacts. A remote authenticated attacker could possibly use this issue to perform cross-site scripting attacks. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu...
USN-8496-2: cifs-utils regression
USN-8496-1 fixed a vulnerability in cifs-utils. Unfortunately, the fix introduced a regression with Kerberos mounts. This update reverts the security update until a complete fix is available. We apologize for the inconvenience. Original advisory details: It was discovered that cifs-utils...
USN-8503-1: ncurses vulnerability
It was discovered that ncurses incorrectly handled certain terminfo entries in the infocmp tool. An attacker could possibly use this issue to cause a denial of service via a crafted terminfo file. The default compiler options for affected releases should reduce the vulnerability to a denial of...
USN-8500-1: Vim vulnerabilities
It was discovered that Vim incorrectly handled path traversal in the zip.vim plugin. An attacker could possibly use this issue to overwrite arbitrary files. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. CVE-2026-35177 It was...
USN-8501-1: Linux kernel vulnerabilities
It was discovered that a logic flaw existed in the XFRM ESP-in-TCP subsystem in the Linux kernel when handling socket buffer fragments. This flaw is known as Fragnesia. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-43503 Several security issues...
USN-8493-2: Linux kernel (Oracle) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - Cryptographic API; - InfiniBand drivers; - IOMMU subsystem; - Network drivers; -...
USN-8499-1: Linux kernel (Xilinx) vulnerabilities
It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...
USN-8498-1: Linux kernel (NVIDIA Tegra) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...
USN-8497-1: Linux kernel (Low Latency) vulnerabilities
It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...
USN-8492-2: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...
USN-8496-1: cifs-utils vulnerability
It was discovered that cifs-utils incorrectly dropped root privileges before looking up user information. A local attacker could possibly use this issue to execute arbitrary code as the root user...
USN-8488-2: Linux kernel (Raspberry Pi) vulnerabilities
It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker could use this to expose sensitive information. CVE-2025-54505 Several security issues were discovered in the Linux kernel. An attacker could...
USN-8495-1: nghttp2 vulnerability
It was discovered that the nghttp2 nghttpx proxy incorrectly handled HTTP/1.1 Upgrade requests that included a Content-Length header and body. A remote attacker could possibly use this issue to perform HTTP request and response smuggling attacks against backend services...
USN-8494-1: LibVNCServer vulnerability
It was discovered that LibVNCServer incorrectly handled the Tight decoder in libvncclient. A remote attacker could use this issue to cause LibVNCServer to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-8398-4: nginx vulnerability
USN-8398-3 fixed a vulnerability in nginx. This update provides the corresponding fix for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that nginx incorrectly handled certain cookie headers in the HTTP/2 implementation. A...
USN-8467-2: Perl vulnerabilities
USN-8467-1 fixed vulnerabilities in Perl. This update provides the corresponding fix for Perl on Ubuntu 25.10. Original advisory details: It was discovered that Perl's Archive::Tar module incorrectly handled symlink and hardlink targets during extraction. An attacker could use this issue to read ...
USN-8493-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - Cryptographic API; - InfiniBand drivers; - IOMMU subsystem; - Network drivers; -...
USN-8492-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...
USN-8488-1: Linux kernel vulnerabilities
It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker could use this to expose sensitive information. CVE-2025-54505 Several security issues were discovered in the Linux kernel. An attacker could...
USN-8491-1: Linux kernel (OEM) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; -...
USN-8490-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...
USN-8489-1: Linux kernel (OEM) vulnerabilities
It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...
USN-8487-1: curl vulnerabilities
Andrew Nesbitt discovered that curl could reuse an existing live connection during STARTTLS-based connection upgrades even when the TLS configuration did not match. A remote attacker could possibly use this issue to cause curl to use an unintended TLS configuration. CVE-2026-8286 Muhamad Arga...
USN-8486-1: libssh2 vulnerabilities
It was discovered that libssh2 incorrectly handled the sftpsymlink function. A malicious SSH server or machine-in-the-middle attacker could possibly use this issue to obtain sensitive information or cause a denial of service. CVE-2025-15661 It was discovered that libssh2 had a pre-authentication...
USN-8485-1: libyang vulnerability
It was discovered that libyang incorrectly handled certain metadata list pointers. An attacker could use this issue to cause libyang to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-8484-1: GD.pm vulnerability
It was discovered that GD.pm incorrectly handled filename arguments. An attacker could possibly use this issue to execute arbitrary commands or overwrite files...
USN-8483-1: HPLIP vulnerabilities
It was discovered that HPLIP incorrectly handled certain print data. An attacker could possibly use this issue to cause HPLIP to execute arbitrary code. CVE-2026-8631 It was discovered that HPLIP incorrectly handled certain inputs. A local attacker could possibly use this issue to execute arbitra...
USN-8482-1: Roundcube Webmail vulnerability
It was discovered that Roundcube Webmail was prone to a Cross-Site-Scripting XSS vulnerability via the animate tag in an SVG document. An attacker could use this issue to execute arbitrary web script in the context of an affected user's session...
USN-8481-1: NSS vulnerability
Haruto Kimura discovered that NSS had incorrecty handled parsing PKCS11 URI escape sequences. An attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service, or obtain sensitive information...
USN-8480-1: SQLite vulnerabilities
It was discovered that SQLite incorrectly handled certain memory operations in the FTS5 full-text search extension. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-8479-1: libheif vulnerabilities
It was discovered that libheif incorrectly handled certain crafted HEIF files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2026-47178 It was discovered that libheif incorrectly validated offsets when decoding certain crafted HEIF files. An...
USN-8478-1: Ruby vulnerabilities
It was discovered that Ruby's Net::IMAP library did not properly verify that TLS encryption was started after issuing a STARTTLS command. A remote attacker could use this to perform a machine-in-the-middle attack and silently bypass TLS encryption. CVE-2026-42246 It was discovered that Ruby's...
USN-8412-3: QEMU regression
USN-8412-1 fixed vulnerabilities QEMU. On Ubuntu 20.04 LTS, the fix for CVE-2024-4467 was incomplete and prevented the creation of boot volumes from qcow2 images. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Felipe Franciosi, Raphael Norwitz, and...
USN-8477-1: tar vulnerability
It was discovered that tar incorrectly handled certain crafted archive files. An attacker could possibly use this to inject hidden files with attacker-controlled content, bypassing pre-extraction inspection mechanisms...
USN-8475-1: AMD Microcode vulnerabilities
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to...
USN-8476-1: xrdp vulnerabilities
It was discovered that xrdp incorrectly handled bounds checking when processing user domain information during the connection sequence. An unauthenticated remote attacker could use this issue to cause xrdp to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-8472-1: containerd vulnerabilities
It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibly use this issue to cause containerd to enter an infinite loop, resulting in a denial of service. CVE-2026-33814 Jakub Ciolek and Kyle Elliott discovered that containerd incorrectly handle...