Lucene search
K
UbuntuRecent

10875 matches found

Ubuntu
Ubuntu
added 2025/06/25 6:48 p.m.7 views

USN-7599-1: urllib3 vulnerabilities

Jacob Sandum discovered that urllib3 handled redirects even when they were explicitly disabled while using the PoolManager. An attacker could possibly use this issue to obtain sensitive information. CVE-2025-50181 Illia Volochii discovered that urllib3 incorrectly handled retry and redirect...

6.1CVSS6.5AI score0.004EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/06/25 6:0 p.m.5 views

USN-7595-3: Linux kernel (Raspberry Pi Real-time) vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

7.8CVSS7.1AI score0.00571EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/06/25 5:18 p.m.7 views

USN-7596-2: Linux kernel (Azure, N-Series) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPIO subsystem; - GPU drivers; - InfiniBand drivers; - IRQ chip drivers; - Network drivers; - Mellanox network...

7.8CVSS7AI score0.00571EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/06/25 3:14 p.m.5 views

USN-7585-4: Linux kernel (Azure) vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

7.8CVSS7.1AI score0.00246EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/06/25 3:5 p.m.4 views

USN-7585-3: Linux kernel (FIPS) vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

7.8CVSS7.1AI score0.00246EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/06/24 7:19 p.m.3 views

USN-7598-1: Linux kernel (Azure) vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 Several security issues were discovered in the Linu...

8.8CVSS7.2AI score0.02033EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/06/24 6:35 p.m.4 views

USN-7597-2: Linux kernel (Azure FIPS) vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 Several security issues were discovered in the Linu...

8.8CVSS7.2AI score0.02033EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/06/24 6:29 p.m.3 views

USN-7597-1: Linux kernel (Azure) vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 Several security issues were discovered in the Linu...

8.8CVSS7.2AI score0.02033EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/06/24 6:24 p.m.6 views

USN-7591-4: Linux kernel (AWS) vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 It was discovered that the CIFS network file system...

8.8CVSS7.3AI score0.02033EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/06/24 5:50 p.m.9 views

USN-7595-2: Linux kernel (Real-time) vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

7.8CVSS7.1AI score0.00571EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/06/24 5:16 p.m.6 views

USN-7596-1: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPIO subsystem; - GPU drivers; - InfiniBand drivers; - IRQ chip drivers; - Network drivers; - Mellanox network...

7.8CVSS7AI score0.00571EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/06/24 5:8 p.m.7 views

USN-7595-1: Linux kernel vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

7.8CVSS7.1AI score0.00571EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/06/24 1:16 p.m.5 views

USN-7594-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - PowerPC architecture; - RISC-V architecture; - User-Mode Linux UML; - x...

8.8CVSS7.1AI score0.23278EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/06/24 12:49 a.m.5 views

USN-7593-1: Linux kernel (HWE) vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 It was discovered that the CIFS network file system...

8.8CVSS7.6AI score0.13626EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/06/24 12:36 a.m.6 views

USN-7592-1: Linux kernel vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 It was discovered that the CIFS network file system...

8.8CVSS7.3AI score0.02033EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/06/24 12:25 a.m.5 views

USN-7591-3: Linux kernel (Real-time) vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 It was discovered that the CIFS network file system...

8.8CVSS7.3AI score0.02033EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/06/24 12:11 a.m.10 views

USN-7591-2: Linux kernel (FIPS) vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 It was discovered that the CIFS network file system...

8.8CVSS7.3AI score0.02033EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/06/23 11:53 p.m.12 views

USN-7591-1: Linux kernel vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 It was discovered that the CIFS network file system...

8.8CVSS7.3AI score0.02033EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/06/23 12:22 p.m.10 views

USN-7590-1: Apache Log4j vulnerabilities

It was discovered that several deserialization issues existed within Apache Log4j. An attacker could possibly use these issues to enable the execution of arbitrary code. CVE-2022-23302, CVE-2022-23305, CVE-2022-23307...

9.8CVSS7.9AI score0.66537EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/06/23 12:12 p.m.5 views

USN-7589-1: Gnuplot vulnerabilities

Tim Blazytko, Cornelius Aschermann, Sergej Schumilo, and Nils Bars discovered that Gnuplot had several memory-related issues. An attacker could possibly use these issues to cause Gnuplot to experience a buffer overflow, resulting in a denial of service or arbitrary code execution. These issues on...

9.8CVSS7.5AI score0.02528EPSS
Exploits7
Ubuntu
Ubuntu
added 2025/06/23 9:59 a.m.5 views

USN-7588-1: GSS NTLMSSP vulnerabilities

Phil Turnbull discovered that GSS NTLMSSP may perform out-of-bounds reads when decoding NTLM fields and target information. An attacker could possibly use this issue to cause GSS NTLMSSP to crash, resulting in a denial of service. CVE-2023-25563, CVE-2023-25567 Phil Turnbull discovered that GSS...

8.2CVSS7.4AI score0.01942EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/06/23 2:35 a.m.6 views

USN-7587-1: Fig2dev vulnerabilities

Suhwan Song discovered that Fig2dev did not correctly handle certain memory operations. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu...

6.6CVSS6.1AI score0.00853EPSS
Exploits6
Ubuntu
Ubuntu
added 2025/06/23 2:10 a.m.3 views

USN-7586-1: Botan vulnerabilities

It was discovered that Botan could have compiler dependent operations induced under certain circumstances. An attacker could possibly use this issue to cause undefined behavior. CVE-2024-50382, CVE-2024-50383 Bing Shi discovered that Botan did not limit the size of certain inputs when checking...

7.5CVSS7.3AI score0.00845EPSS
Exploits2
Ubuntu
Ubuntu
added 2025/06/19 9:8 p.m.8 views

USN-7585-2: Linux kernel (FIPS) vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

7.8CVSS7.1AI score0.00246EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/06/19 8:15 p.m.17 views

USN-7585-1: Linux kernel vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

7.8CVSS7.1AI score0.00246EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/06/19 7:14 p.m.6 views

USN-7584-1: Roundcube vulnerability

It was discovered that Roundcube Webmail did not properly sanitize the from parameter in a URL, leading to PHP Object Deserialization. A remote attacker could possibly use this issue to execute arbitrary code...

9.9CVSS8.8AI score0.89462EPSS
Exploits29
Ubuntu
Ubuntu
added 2025/06/19 12:22 p.m.11 views

USN-7583-1: Python vulnerabilities

It was discovered that Python incorrectly handled tar archive extraction with the filtering option. An attacker could possibly use this issue to modify files in arbitrary filesystem locations and cause data loss...

9.4CVSS7AI score0.01184EPSS
Exploits14
Ubuntu
Ubuntu
added 2025/06/19 10:33 a.m.4 views

USN-7582-1: Samba vulnerabilities

Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. CVE-2022-3437 Greg Hudson discovered that Samba incorrectly handled PAC parsing. On...

9.8CVSS7.4AI score0.62015EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/06/19 4:31 a.m.2 views

USN-7581-1: Express vulnerabilities

It was discovered that Express incorrectly handled certain URLs, leading to an open redirect attack. A remote attacker could possibly use this issue to perform phishing attacks. CVE-2024-29041 Adam Korcz discovered that Express did not properly sanitize certain inputs. A remote attacker could...

6.1CVSS6.2AI score0.00786EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/06/18 5:21 p.m.9 views

USN-7577-2: libblockdev vulnerability

USN-7577-1 fixed a vulnerability in libblockdev. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that libblockdev incorrectly handled mount options when resizing certain filesystems. A local attacker with an...

7CVSS7.6AI score0.00423EPSS
Exploits18
Ubuntu
Ubuntu
added 2025/06/18 4:32 p.m.9 views

USN-7578-2: UDisks vulnerability

USN-7578-1 fixed a vulnerability in UDisks. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that UDisks incorrectly handled mount options when resizing certain filesystems. A local attacker with an active sessio...

7CVSS7.6AI score0.00423EPSS
Exploits18
Ubuntu
Ubuntu
added 2025/06/18 4:28 p.m.9 views

USN-7580-1: PAM vulnerability

Olivier BAL-PETRE discovered that the PAM pamnamespace module incorrectly handled user-controlled paths. In environments where pamnamespace is used, a local attacker could possibly use this issue to escalate their privileges to root...

7.8CVSS7.5AI score0.0039EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/06/18 3:50 p.m.3 views

USN-7579-1: Godot Engine vulnerabilities

It was discovered that the Godot Engine did not properly handle certain malformed WebM media files. If the Godot Engine opened a specially crafted WebM file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. CVE-2019-2126 It was discovered that the Godot Engin...

9.3CVSS7.9AI score0.05392EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/06/18 11:25 a.m.9 views

USN-7578-1: UDisks vulnerability

It was discovered that UDisks incorrectly handled mount options when resizing certain filesystems. A local attacker with an active session on the console can use this issue to escalate their privileges to root...

7CVSS7.6AI score0.00423EPSS
Exploits18
Ubuntu
Ubuntu
added 2025/06/18 11:15 a.m.9 views

USN-7577-1: libblockdev vulnerability

It was discovered that libblockdev incorrectly handled mount options when resizing certain filesystems. A local attacker with an active session on the console can use this issue to escalate their privileges to root...

7CVSS7.6AI score0.00423EPSS
Exploits18
Ubuntu
Ubuntu
added 2025/06/18 9:54 a.m.4 views

USN-7573-2: X.Org X Server vulnerabilities

USN-7573-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: Nils Emmerich discovered that the X.Org X Server incorrectly handled certain memory operations. An attacker coul...

7.8CVSS7.1AI score0.00299EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/06/18 3:11 a.m.12 views

USN-7574-1: Go vulnerabilities

Kyle Seely discovered that the Go net/http module did not properly handle sensitive headers during repeated redirects. An attacker could possibly use this issue to obtain sensitive information. CVE-2024-45336 Juho Forsén discovered that the Go crypto/x509 module incorrectly handled IPv6 addresses...

6.8CVSS6.6AI score0.00647EPSS
Exploits2
Ubuntu
Ubuntu
added 2025/06/18 1:39 a.m.3 views

USN-7576-1: dwarfutils vulnerabilities

It was discovered that dwarfutils did not correctly certain memory operations, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

7.8CVSS7.8AI score0.00925EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/06/18 1:26 a.m.3 views

USN-7575-1: MuJS vulnerabilities

It was discovered that MuJS did not correctly handle try/finally statements, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2021-45005 Han Zheng discovered that MuJS did not correctly handle recursion,...

9.8CVSS7.2AI score0.01433EPSS
Exploits2
Ubuntu
Ubuntu
added 2025/06/17 2:31 p.m.5 views

USN-7573-1: X.Org X Server vulnerabilities

Nils Emmerich discovered that the X.Org X Server incorrectly handled certain memory operations. An attacker could use these issues to cause the X Server to crash, leading to a denial of service, obtain sensitive information, or possibly execute arbitrary code...

7.8CVSS6.9AI score0.00361EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/06/17 8:34 a.m.4 views

USN-7555-3: Django vulnerability

USN-7555-1 fixed a vulnerability in Django. This update provides an additional fix for Ubuntu 20.04 LTS. Original advisory details: It was discovered that Django incorrectly handled certain unescaped request paths. An attacker could possibly use this issue to perform a log injection...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2025/06/17 12:46 a.m.4 views

USN-7572-1: KaTeX vulnerabilities

Juho Forsén discovered that KaTeX did not correctly handle certain inputs, which could lead to an infinite loop. If a user or application were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22....

7.2CVSS6.5AI score0.01414EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/06/16 1:40 p.m.6 views

USN-7571-1: c3p0 vulnerability

Aaron Massey discovered that c3p0 could be made to crash when parsing certain input. An attacker able to modify the application’s XML configuration file could possibly use this issue to cause a denial of service...

7.5CVSS7AI score0.04882EPSS
Exploits1
Ubuntu
Ubuntu
added 2025/06/16 12:41 p.m.4 views

USN-7555-2: Django vulnerability

USN-7555-1 fixed vulnerabilities in Django. The fix was incomplete. This update applies an additional patch to fix it properly. Original advisory details: It was discovered that Django incorrectly handled certain unescaped request paths. An attacker could possibly use this issue to perform a log...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2025/06/16 12:31 p.m.7 views

USN-7570-1: Python vulnerabilities

It was discovered that Python incorrectly handled certain unicode characters during decoding. An attacker could possibly use this issue to cause a denial of service. CVE-2025-4516 It was discovered that Python incorrectly handled unicode encoding of email headers with list separators in folded...

5.9CVSS6.5AI score0.00561EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/06/16 11:33 a.m.5 views

USN-7536-2: cifs-utils regression

USN-7536-1 fixed vulnerabilities in cifs-utils. This update introduced a regression in certain environments. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that cifs-utils incorrectly handled namespaces when obtaining Kerberos...

5.5AI score
Exploits0References2
Ubuntu
Ubuntu
added 2025/06/16 2:55 a.m.4 views

USN-7569-1: Dojo vulnerabilities

It was discovered that Dojo did not correctly handle DataGrids. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2018-15494 It was discovered that Dojo was vulnerable to prototype pollution. An attacker could...

9.8CVSS7.5AI score0.30367EPSS
Exploits4
Ubuntu
Ubuntu
added 2025/06/16 1:37 a.m.8 views

USN-7568-1: Requests vulnerabilities

Dennis Brinkrolf and Tobias Funke discovered that Requests did not correctly handle certain HTTP headers. A remote attacker could possibly use this issue to leak sensitive information. This issue only affected Ubuntu 14.04 LTS. CVE-2023-32681 Juho Forsén discovered that Requests did not correctly...

6.1CVSS7.2AI score0.02782EPSS
Exploits2
Ubuntu
Ubuntu
added 2025/06/13 8:12 a.m.3 views

USN-7550-7: Linux kernel (NVIDIA Tegra IGX) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Sun RPC protocol; CVE-2024-56551, CVE-2024-56608, CVE-2024-53168...

7.8CVSS7.1AI score0.00234EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/06/13 5:0 a.m.6 views

USN-7567-1: ModSecurity vulnerabilities

Simon Studer discovered that ModSecurity incorrectly handled certain JSON objects. An attacker could possibly use this issue to cause a denial of service. CVE-2025-47947 It was discovered that ModSecurity incorrectly handled requests when parsing certain form data. An attacker could possibly use...

7.5CVSS7.8AI score0.0076EPSS
Exploits2
Total number of security vulnerabilities10875