Lucene search
K
UbuntuRecent

10875 matches found

Ubuntu
Ubuntu
•added 2025/07/21 11:29 p.m.•4 views

USN-7659-1: Nokogiri vulnerabilities

It was discovered Nokogiri did not correctly parse XML Schemas. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. CVE-2020-26247 Agustin Gianni discovere...

8.2CVSS7AI score0.22791EPSS
Exploits3
Ubuntu
Ubuntu
•added 2025/07/21 1:42 p.m.•6 views

USN-7658-1: Drupal vulnerabilities

It was discovered that Drupal incorrectly parsed untrusted HTML. A remote attacker could possibly use this issue to execute arbitrary code...

6.9CVSS7.1AI score0.99019EPSS
Exploits11
Ubuntu
Ubuntu
•added 2025/07/21 1:39 p.m.•5 views

USN-7611-4: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; - Network traffic control; CVE-2025-38000, CVE-2025-37890, CVE-2025-38001, CVE-2025-37997, CVE-2025-3793...

7.8CVSS7.1AI score0.00369EPSS
Exploits3
Ubuntu
Ubuntu
•added 2025/07/21 12:5 p.m.•10 views

USN-7657-1: jq vulnerabilities

It was discovered that jq incorrectly handled certain values when parsing JSON data. A remote attacker could possibly use this issue to cause jq to crash, resulting in a denial of service. CVE-2024-23337 It was discovered that jq incorrectly handled NaN values when parsing JSON data. A remote...

8.7CVSS7AI score0.00443EPSS
Exploits3
Ubuntu
Ubuntu
•added 2025/07/21 11:51 a.m.•6 views

USN-7656-1: Erlang vulnerabilities

It was discovered that Erlang OTP’s SSH module incorrectly enforced strict KEX handshake hardening measures. A remote attacker able to intercept communications could possibly use this issue to insert optional messages into connections during the handshake. CVE-2025-46712 It was discovered that...

4.8CVSS6.5AI score0.00442EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/07/21 10:18 a.m.•18 views

USN-6885-5: Apache HTTP Server vulnerabilities

USN-6885-1 fixed vulnerabilities in Apache. This update provides the corresponding updates for Ubuntu 14.04 LTS. Original advisory details: Orange Tsai discovered that the Apache HTTP Server modrewrite module incorrectly handled certain substitutions. A remote attacker could possibly use this iss...

9.8CVSS8.1AI score0.99957EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/07/18 10:6 a.m.•7 views

USN-7651-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Block layer subsystem; - Serial ATA and Parallel ATA drivers; - Driver...

7.8CVSS7.3AI score0.00259EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/07/18 9:55 a.m.•18 views

USN-7655-1: Linux kernel (Intel IoTG) vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 It was discovered that the CIFS network file system...

9.8CVSS7.3AI score0.02033EPSS
Exploits3
Ubuntu
Ubuntu
•added 2025/07/18 9:43 a.m.•17 views

USN-7654-3: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

9.8CVSS7.1AI score0.01483EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/07/18 9:32 a.m.•8 views

USN-7654-2: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

9.8CVSS7.1AI score0.01483EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/07/18 9:0 a.m.•13 views

USN-7654-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

9.8CVSS7.1AI score0.01483EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/07/17 4:36 p.m.•13 views

USN-7653-1: Linux kernel (HWE) vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

7.8CVSS7.5AI score0.00571EPSS
Exploits4
Ubuntu
Ubuntu
•added 2025/07/17 4:21 p.m.•5 views

USN-7652-1: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Block layer subsystem; - Serial ATA and Parallel ATA drivers; - Driver...

7.8CVSS7.3AI score0.00259EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/07/17 4:2 p.m.•10 views

USN-7651-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Block layer subsystem; - Serial ATA and Parallel ATA drivers; - Driver...

7.8CVSS7.3AI score0.00259EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/07/17 3:44 p.m.•10 views

USN-7650-1: Linux kernel (OEM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PA-RISC architecture; - PowerPC architecture; - S390 architecture; - x86 architecture; -...

9.8CVSS7.2AI score0.09796EPSS
Exploits3
Ubuntu
Ubuntu
•added 2025/07/17 3:38 p.m.•9 views

USN-7645-1: PHP vulnerabilities

It was discovered that PHP incorrectly parsed certain HTTP response headers. An attacker could possibly use this issue to cause incorrect MIME type parsing which could result in unexpected behavior. CVE-2025-1217 It was discovered that PHP did not properly validate certain HTTP headers. An attack...

9.8CVSS6.2AI score0.00821EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/07/17 3:25 p.m.•13 views

USN-7648-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain hostnames containing null characters. A remote attacker could possibly use this issue to bypass certain hostname validation checks. CVE-2025-1220 It was discovered that PHP incorrectly handled the pgsql and pdopgsql escaping functions. A remo...

7.5CVSS6.8AI score0.00953EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/07/17 3:24 p.m.•10 views

USN-7649-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PA-RISC architecture; - PowerPC architecture; - S390 architecture; - x86 architecture; -...

9.8CVSS7.2AI score0.09796EPSS
Exploits3
Ubuntu
Ubuntu
•added 2025/07/17 2:39 p.m.•3 views

USN-7647-1: LedgerSMB vulnerabilities

It was discovered that LedgerSMB did not check the origin of HTML fragments. An attacker could possibly use this issue to send a maliciously crafted URL to the server and obtain sensitive information, or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubun...

9.6CVSS6.6AI score0.03014EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/07/17 2:22 p.m.•7 views

USN-7646-1: Rails vulnerability

It was discovered that Rails did not correctly handle headers. An attacker could potentially use this issue to view arbitrary files on a target server. CVE-2019-5418...

7.5CVSS7.7AI score0.98507EPSS
Exploits18
Ubuntu
Ubuntu
•added 2025/07/17 2:18 p.m.•7 views

USN-7609-5: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - InfiniBand drivers; - Netfilter; - Network traffic control; CVE-2025-38001, CVE-2025-37798, CVE-2025-37932,...

7.8CVSS7.1AI score0.00369EPSS
Exploits3
Ubuntu
Ubuntu
•added 2025/07/17 1:45 p.m.•9 views

USN-7591-6: Linux kernel (Raspberry Pi) vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 It was discovered that the CIFS network file system...

8.8CVSS7.3AI score0.02033EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/07/17 1:12 p.m.•7 views

USN-7443-3: Erlang vulnerability

USN-7443-1 fixed a vulnerability in Erlang. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Fabian Bäumer, Marcel Maehren, Marcus Brinkmann, and Jörg Schwenk discovered that Erlang OTP’s SSH module incorrect handled authenticatio...

10CVSS8.4AI score0.97673EPSS
Exploits36
Ubuntu
Ubuntu
•added 2025/07/17 12:30 p.m.•5 views

USN-7643-1: libsoup vulnerabilities

Jan Różański discovered that libsoup incorrectly handled range headers in an HTTP request. An attacker could possibly use this issue to cause libsoup to consume excessive memory, resulting in a denial of service. CVE-2025-32907 Alon Zahavi discovered that libsoup incorrectly handled memory when...

7.5CVSS6.8AI score0.00729EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/07/17 12:20 p.m.•7 views

USN-7611-3: Linux kernel (AWS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; - Network traffic control; CVE-2025-38000, CVE-2025-37890, CVE-2025-38001, CVE-2025-37997, CVE-2025-3793...

7.8CVSS7.1AI score0.00369EPSS
Exploits3
Ubuntu
Ubuntu
•added 2025/07/17 5:56 a.m.•7 views

USN-7642-1: AIOHTTP vulnerabilities

Ben Kallus discovered that AIOHTTP did not correctly parse HTTP headers. A remote attacker could possibly use this issue to perform request smuggling. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2023-47627 Ivan Novikov discovered that AIOHTTP did not properly validate...

7.5CVSS7.3AI score0.01085EPSS
Exploits4
Ubuntu
Ubuntu
•added 2025/07/16 9:0 p.m.•2 views

USN-7638-1: Libmobi vulnerabilities

It was discovered that Libmobi did not correctly handle certain memory operations, which could lead to a buffer overflow. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-1907, CVE-2022-1908 It was discovered that Libmobi could dereference a NULL...

8.1CVSS6.1AI score0.00795EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/07/16 5:42 p.m.•4 views

USN-7641-1: Bind vulnerability

It was discovered that Bind incorrectly handled configurations where the stale-answer-client-timeout option is set to 0. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service...

7.5CVSS7.5AI score0.00877EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/07/16 5:30 p.m.•4 views

USN-7640-1: Linux kernel (IoT) vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

7.8CVSS7.3AI score0.08906EPSS
Exploits3
Ubuntu
Ubuntu
•added 2025/07/16 5:25 p.m.•14 views

USN-7639-1: Apache HTTP Server vulnerabilities

It was discovered that the Apache HTTP Server incorrectly handled certain Content-Type response headers. A remote attacker could possibly use this issue to perform HTTP response splitting attacks. CVE-2024-42516 xiaojunjie discovered that the Apache HTTP Server modproxy module incorrectly handled...

9.1CVSS7.5AI score0.04409EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/07/16 5:23 p.m.•4 views

USN-7585-7: Linux kernel (Raspberry Pi) vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

7.8CVSS7.1AI score0.00246EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/07/15 12:5 a.m.•12 views

USN-7610-3: Linux kernel (Low Latency) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; - Network traffic control; CVE-2025-38001, CVE-2025-37997, CVE-2025-37798, CVE-2025-38000, CVE-2025-3793...

7.8CVSS7.1AI score0.00369EPSS
Exploits3
Ubuntu
Ubuntu
•added 2025/07/14 4:31 p.m.•5 views

USN-7637-1: libjxl vulnerabilities

It was discovered that libjxl did not perform proper bounds checking when parsing Exif tags. An attacker could possibly use this issue to cause libjxl to crash, resulting in a denial of service. CVE-2023-0645 It was discovered that libjxl did not perform proper bounds checking when decoding...

9.8CVSS7.2AI score0.00802EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/07/14 2:36 p.m.•3 views

USN-7636-1: Roundcube Webmail vulnerability

It was discovered that Roundcube Webmail incorrectly handled sanitization in the messagebody function. A remote attacker could possibly use this issue to send and receive emails as another user...

9.3CVSS8.6AI score0.82853EPSS
Exploits6
Ubuntu
Ubuntu
•added 2025/07/14 12:47 p.m.•5 views

USN-7545-3: Apport regression

USN-7545-1 fixed vulnerabilities in Apport. The update introduced a regression that raised an error if a crashing process was killed while Apport was analyzing it. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Qualys discovered that Apport incorrect...

5.5AI score
Exploits0
Ubuntu
Ubuntu
•added 2025/07/14 12:23 p.m.•8 views

USN-7635-1: GnuTLS vulnerabilities

It was discovered that GnuTLS incorrectly handled exporting Subject Alternative Name SAN entries containing an otherName. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2025-32988 It was discovered that...

8.2CVSS7.2AI score0.01185EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/07/14 12:13 p.m.•5 views

USN-7634-1: GNU C Library vulnerabilities

It was discovered that the GNU C Library incorrectly handled the strcmp implementation optimized for Power10 processors. This could cause applications to crash, compute wrong results, or leak confidential information. CVE-2025-5702 It was discovered that the GNU C Library incorrectly handled the...

5.6CVSS6.7AI score0.00248EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/07/14 12:19 a.m.•6 views

USN-7633-1: Nix vulnerabilities

Linus Heckemann discovered that Nix did not correctly handle certain binaries. An attacker could possibly use this issue to execute arbitrary code. CVE-2024-38531 Pierre-Etienne Meunier discovered that Nix did not correctly handle TLS certificates. A remote attacker could possibly use this issue ...

9CVSS6.8AI score0.00586EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/07/11 3:40 p.m.•9 views

USN-7608-6: Linux kernel (Xilinx ZynqMP) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Memory management; - Netfilter; - Network traffic control; CVE-2025-37890...

7.8CVSS7AI score0.00369EPSS
Exploits3
Ubuntu
Ubuntu
•added 2025/07/10 6:48 p.m.•9 views

USN-7626-3: Git regression

USN-7626-1 fixed vulnerabilities in Git. The updates for CVE-2025-27613 and CVE-2025-46835 caused Gitk and Git GUI to not work properly on Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS, and were disabled in USN-7626-2. The problematic updates for the aforementioned CV...

8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2025/07/10 2:30 p.m.•7 views

USN-7630-1: RESTEasy vulnerabilities

It was discovered that RESTEasy made insufficient use of random values in asynchronous jobs. An attacker could possibly use this issue to steal user data. This issue only affected Ubuntu 14.04 LTS. CVE-2016-6345 It was discovered that RESTEasy enabled a vulnerable GZIP decompression module by...

9.8CVSS7.2AI score0.04913EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/07/10 11:32 a.m.•4 views

LSN-0113-1: Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption large read crashes with a slab-use-after-free way down in the crypto API. In the Linux kernel, the following vulnerability has been resolved: ubifs: authenticatio...

7.8CVSS6.5AI score0.00285EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/07/09 4:22 p.m.•8 views

USN-7626-2: Git regression

USN-7626-1 fixed vulnerabilities in Git. The update introduced a regression in gitk and git-gui. This update reverts the corresponding fixes for CVE-2025-27613 and CVE-2025-46835 pending further investigation. We apologize for the inconvenience. Original advisory details: Avi Halachmi discovered...

8.2AI score0.02775EPSS
Exploits9References1
Ubuntu
Ubuntu
•added 2025/07/09 3:6 p.m.•3 views

USN-7632-1: YAML-LibYAML vulnerability

It was discovered that YAML-LibYAML incorrectly handled certain file names. An attacker could possibly use this issue to overwrite arbitrary files...

9.1CVSS8.2AI score0.00368EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/07/09 12:20 p.m.•7 views

USN-7631-1: DjVuLibre vulnerability

It was discovered that DjVuLibre incorrectly handled certain memory operations. If a user or automated system were tricked into processing a specially crafted DjVu file, a remote attacker could cause applications to stop responding or crash, resulting in a denial of service, or possibly execute...

8.4CVSS7.5AI score0.00741EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/07/09 12:8 p.m.•10 views

USN-7629-1: Protocol Buffers vulnerabilities

It was discovered that Protocol Buffers incorrectly handled memory when receiving malicious input using the Python bindings. An attacker could possibly use this issue to cause a denial of service. CVE-2025-4565 It was discovered that Protocol Buffers incorrectly handled memory when receiving...

8.7CVSS6.7AI score0.02772EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/07/08 11:0 p.m.•8 views

USN-7609-4: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - InfiniBand drivers; - Netfilter; - Network traffic control; CVE-2025-38001, CVE-2025-37798, CVE-2025-37932,...

7.8CVSS7.1AI score0.00369EPSS
Exploits3
Ubuntu
Ubuntu
•added 2025/07/08 10:59 p.m.•5 views

USN-7611-2: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; - Network traffic control; CVE-2025-38000, CVE-2025-37890, CVE-2025-38001, CVE-2025-37997, CVE-2025-3793...

7.8CVSS7.1AI score0.00369EPSS
Exploits3
Ubuntu
Ubuntu
•added 2025/07/08 10:32 p.m.•5 views

USN-7607-3: Linux kernel (KVM) vulnerabilities

It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-3640 Several security issues were discovered in the Linux kernel. An...

8.8CVSS7.5AI score0.03558EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/07/08 10:30 p.m.•12 views

USN-7628-1: Linux kernel (Azure) vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

8.8CVSS7.4AI score0.23278EPSS
Exploits3
Total number of security vulnerabilities10875