Lucene search
K
UbuntuRecent

10875 matches found

Ubuntu
Ubuntu
•added 2025/08/26 9:47 p.m.•6 views

USN-7719-1: Linux kernel (Raspberry Pi Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...

7.8CVSS6.9AI score0.13626EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/08/26 5:11 p.m.•6 views

USN-7718-1: GNU binutils vulnerability

It was discovered that GNU binutils incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash...

7.8CVSS5.6AI score0.00254EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/26 1:18 p.m.•6 views

USN-7717-1: GStreamer Good Plugins vulnerabilities

Shaun Mirani discovered that GStreamer Good Plugins incorrectly handled certain malformed media files. An attacker could use these issues to cause GStreamer Good Plugins to crash, resulting in a denial of service, or possibly disclose sensitive information...

8.1CVSS6.5AI score0.00578EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/08/26 1:11 p.m.•5 views

USN-7716-1: GStreamer Base Plugins vulnerabilities

Shaun Mirani discovered that GStreamer Base Plugins incorrectly handled certain malformed media files. An attacker could use these issues to cause GStreamer Base Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code...

5.6CVSS8.2AI score0.00428EPSS
Exploits3
Ubuntu
Ubuntu
•added 2025/08/25 12:14 p.m.•4 views

USN-7715-1: nginx vulnerability

It was discovered that the nginx ngxmailsmtpmodule module incorrectly handled certain memory operations when doing SMTP authentication. This could possibly result in sensitive information being sent to the authentication server...

6.3CVSS5.2AI score0.00371EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/24 11:40 p.m.•4 views

USN-7714-1: Open VM Tools vulnerabilities

Matthias Gerstner discovered that Open VM Tools incorrectly handled file descriptors when dropping privileges. A local attacker could possibly use this issue to hijack /dev/uinput and simulate user inputs. CVE-2023-34059 Dolev Farhi discovered that Open VM Tools incorrectly handled certain file...

7.4CVSS6.5AI score0.00405EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/08/24 10:57 p.m.•5 views

USN-7713-1: OpenLDAP vulnerabilities

It was discovered that OpenLDAP incorrectly handled X.509 DN parsing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. CVE-2020-36229, CVE-2020-36230 Pasi Saarinen discovered that OpenLDAP incorrectly handled certain short timestamps. A...

7.5CVSS7AI score0.64147EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/08/22 2:48 p.m.•7 views

USN-7712-1: Linux kernel (Azure FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

9.8CVSS7.3AI score0.01483EPSS
Exploits3
Ubuntu
Ubuntu
•added 2025/08/22 2:39 p.m.•2 views

USN-7711-1: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

9.8CVSS7.3AI score0.01483EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/21 9:24 p.m.•8 views

USN-7703-3: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...

7.8CVSS6.9AI score0.13626EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/08/21 8:29 p.m.•7 views

USN-7704-4: Linux kernel (NVIDIA) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-AFFA; - Multiple devices driver; - Media drivers; - Network...

7.8CVSS7.3AI score0.00204EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/21 7:18 p.m.•10 views

USN-7648-2: PHP vulnerabilities

USN-7648-1 fixed several vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled certain hostnames containing null characters. A remote attacker...

7.5CVSS6.8AI score0.00953EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/08/21 6:30 p.m.•7 views

USN-7710-1: Python vulnerabilities

It was discovered that Python inefficiently parsed maliciously crafted HTML input. An attacker could possibly use this issue to cause a denial of service. CVE-2025-6069 It was discovered that Python incorrectly parsed maliciously crafted Tar archives. An attacker could possibly use this issue to...

7.5CVSS6.5AI score0.00611EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/21 1:53 p.m.•4 views

USN-7709-1: WEBrick vulnerability

It was discovered that WEBrick incorrectly parsed HTTP headers. In configurations where WEBrick is placed behind an HTTP proxy, a remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack...

6.5CVSS6.9AI score0.00422EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/21 7:29 a.m.•7 views

USN-7701-3: Linux kernel (IoT) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - SMB network file system; - Bluetooth...

9.8CVSS7AI score0.01483EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/20 7:12 p.m.•6 views

USN-7704-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-AFFA; - Multiple devices driver; - Media drivers; - Network...

7.8CVSS7.3AI score0.00204EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/20 6:55 p.m.•9 views

USN-7703-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...

7.8CVSS6.9AI score0.13626EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/08/20 6:37 p.m.•6 views

USN-7699-2: Linux kernel (HWE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - RISC-V architecture; - x86 architecture; - Buffer Sharing and Synchronization framework; - DM...

7.8CVSS6.9AI score0.00204EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/08/20 3:35 p.m.•3 views

USN-7708-1: poppler vulnerability

It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service...

6.5CVSS5.3AI score0.0035EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/08/20 2:45 p.m.•7 views

USN-7707-1: LibTIFF vulnerabilities

It was discovered that LibTIFF incorrectly handled certain memory operations when using tiffmedian tool. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to cause a denial of service. CVE-2025-8176 It was discovered that LibTIFF did...

7.8CVSS6AI score0.00271EPSS
Exploits3
Ubuntu
Ubuntu
•added 2025/08/20 7:43 a.m.•8 views

USN-7701-2: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - SMB network file system; - Bluetooth...

9.8CVSS7AI score0.01483EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/20 7:28 a.m.•8 views

USN-7682-6: Linux kernel (IBM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network traffic control; CVE-2025-38083, CVE-2025-37797...

7.8CVSS7.1AI score0.00167EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/20 5:36 a.m.•12 views

USN-7706-1: Ceph vulnerabilities

It was discovered that Ceph incorrectly handled read-only permissions. An authenticated attacker could use this issue to obtain dm-crypt encryption keys. This issue only affected Ubuntu 14.04 LTS. CVE-2018-14662 Sergey Bobrov discovered that Ceph’s RadosGW Ceph Object Gateway allowed the injectio...

6.5CVSS6.5AI score0.01612EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/20 12:52 a.m.•10 views

USN-7705-1: Tomcat vulnerabilities

It was discovered that Tomcat did not correctly handle case sensitivity. An attacker could possibly use this issue to bypass authentication mechanisms. CVE-2025-46701 Elysee Franchuk discovered that Tomcat did not correctly limit the number of attributes for a session. An attacker could possibly...

9.8CVSS7.9AI score0.66933EPSS
Exploits21
Ubuntu
Ubuntu
•added 2025/08/20 12:0 a.m.•9 views

USN-7704-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-AFFA; - Multiple devices driver; - Media drivers; - Network...

7.8CVSS7.3AI score0.00204EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/19 11:38 p.m.•14 views

USN-7704-2: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-AFFA; - Multiple devices driver; - Media drivers; - Network...

7.8CVSS7.3AI score0.00204EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/19 9:22 p.m.•14 views

USN-7703-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...

7.8CVSS6.9AI score0.13626EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/08/19 3:20 p.m.•7 views

USN-7702-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS6.8AI score0.09185EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/19 1:11 p.m.•6 views

USN-7700-1: GCC vulnerability

It was discovered that the -fstack-protector hardening feature in GCC for AArch64 did not properly protect dynamically-sized local variables such as those created using C99 variable length arrays or alloca. As a result, an attacker who was able to trigger a buffer overflow in such cases could...

4.8CVSS6.8AI score0.00666EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/08/19 10:40 a.m.•15 views

USN-7639-2: Apache HTTP Server vulnerabilities

USN-7639-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and addressed a regression fix LP: 2119395. CVE-2025-49630 and CVE-2025-53020 only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original...

9.1CVSS7.5AI score0.04409EPSS
Exploits2References1
Ubuntu
Ubuntu
•added 2025/08/19 9:41 a.m.•7 views

USN-7701-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - SMB network file system; - Bluetooth...

9.8CVSS7AI score0.01483EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/18 8:35 p.m.•12 views

USN-7699-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - RISC-V architecture; - x86 architecture; - Buffer Sharing and Synchronization framework; - DM...

7.8CVSS6.9AI score0.00204EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/08/18 10:14 a.m.•9 views

LSN-0114-1: Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: bfq: fix use-after-free in bfqdispatchrequest KASAN reports a use-after-free report when doing normal scsi-mq test . In the Linux kernel, the following vulnerability has been resolved: block, bfq: don't move oombfqq Our test repo...

7.8CVSS6.8AI score0.03558EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/17 11:37 p.m.•3 views

USN-7698-1: OpenLDAP vulnerabilities

It was discovered that OpenLDAP incorrectly handled Certificate Exact Assertion processing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. CVE-2020-36221 It was discovered that OpenLDAP incorrectly handled saslAuthzTo processing. A...

7.5CVSS7.5AI score0.84224EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/14 3:17 p.m.•5 views

USN-7697-1: AIDE vulnerabilities

Rajesh Pangare discovered that AIDE incorrectly handled filenames. A local attacker could possibly use this issue to bypass the detection of malicious files. CVE-2025-54389 Rajesh Pangare discovered that AIDE incorrectly handled extended file attributes. A local attacker could possibly use this...

6.2CVSS7.4AI score0.00216EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/08/14 6:35 a.m.•7 views

USN-7696-1: libssh vulnerabilities

Ronald Crane discovered that libssh incorrectly handled certain base64 conversions. An attacker could use this issue to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2025-4877 Ronald Crane discovered that libssh incorrectly handled the...

8.1CVSS7.2AI score0.02394EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/14 5:45 a.m.•8 views

USN-7695-1: Sidekiq vulnerabilities

Anas Roubi discovered that Sidekiq did not correctly sanitize certain inputs. An attacker could possibly use this issue to execute a cross-site scripting XSS attack. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. CVE-2021-30151 It was discovered that Sidekiq did not correctly...

7.5CVSS6.8AI score0.05258EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/08/14 4:48 a.m.•4 views

USN-7694-1: libxml2 vulnerabilities

Ahmed Lekssays discovered that libxml2 did not properly perform certain mathematical operations, leading to an integer overflow. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2025-6021 Ahmed Lekssays discovere...

9.1CVSS7.4AI score0.01437EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/08/14 1:40 a.m.•4 views

USN-7693-1: qs vulnerability

Nathanael Braun and Johan Brissaud discovered that qs was vulnerable to prototype pollution. A remote attacker could possibly use this issue to cause a denial of service...

7.5CVSS8AI score0.14663EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/08/13 3:40 p.m.•4 views

USN-7692-1: Request Tracker vulnerabilities

It was discovered that Request Tracker was susceptible to timing attacks. An attacker could possibly use this issue to access sensitive information. This issue only affected Ubuntu 22.04 LTS. CVE-2021-38562 It was discovered that Request Tracker was susceptible to cross-site scripting attacks whe...

7.5CVSS7.3AI score0.01707EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/13 2:57 p.m.•6 views

USN-6885-6: Apache HTTP Server regression

USN-6885-1 fixed vulnerabilities in Apache. The patch for CVE-2024-38474 was incomplete and caused a regression. This update provides the fix for this issue. Original advisory details: Orange Tsai discovered that the Apache HTTP Server modrewrite module incorrectly handled certain substitutions. ...

7.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2025/08/13 12:33 p.m.•13 views

USN-7691-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.43 in Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. Ubuntu 25.04 has been updated to MySQL 8.4.6. In addition to security fixes, the updated packages...

6.5CVSS7AI score0.00559EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/13 7:36 a.m.•11 views

USN-7685-5: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - Ext4 file system; - SMB network file syste...

9.8CVSS7AI score0.01483EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/12 8:4 a.m.•4 views

USN-7682-5: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network traffic control; CVE-2025-38083, CVE-2025-37797...

7.8CVSS7.1AI score0.00167EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/12 7:56 a.m.•3 views

USN-7681-3: Linux kernel (Oracle) vulnerability

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network traffic control; CVE-2025-38083...

4.7CVSS7AI score0.00111EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/11 11:27 p.m.•5 views

USN-7690-1: OpenJDK 17 vulnerabilities

It was discovered that the 2D component of OpenJDK 17 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...

8.6CVSS6.9AI score0.01058EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/08/11 7:20 a.m.•3 views

USN-7689-1: Dnsmasq vulnerability

Xu Mingjie discovered that Dnsmasq did not correctly handle certain memory operations. A remote attacker could possibly use this issue to cause a denial of service...

4.3CVSS5.7AI score0.02664EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/08/07 9:24 a.m.•5 views

USN-7688-1: cifs-utils vulnerabilities

Aurélien Aptel discovered that cifs-utils invoked a shell when requesting a password. In certain environments, a local attacker could possibly use this issue to escalate privileges. CVE-2020-14342 It was discovered that cifs-utils incorrectly used host credentials when mounting a krb5 CIFS file...

7.8CVSS6.5AI score0.01804EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/08/06 2:6 p.m.•4 views

USN-7687-1: poppler vulnerabilities

Jieyong Ma discovered that poppler incorrectly handled certain malformed PDF files. A remote attacker could possibly use this issue to cause poppler to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2022-27337 Kevin Backhouse discovere...

6.9CVSS7.9AI score0.01547EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/08/05 3:18 p.m.•9 views

USN-7686-1: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

9.8CVSS7.1AI score0.01483EPSS
Exploits3
Total number of security vulnerabilities10875