Lucene search
K
UbuntuRecent

10869 matches found

Ubuntu
Ubuntu
•added 2026/06/08 10:16 a.m.•10 views

USN-8396-1: Apache HTTP Server vulnerabilities

It was discovered that the Apache HTTP Server modrewrite module incorrectly handled certain privileges. A local attacker could possibly use this issue to obtain sensitive information. CVE-2026-24072 Andrew Lacambra, Elhanan Haenel, Tianshuo Han, and Tristan Madani discovered that the Apache HTTP...

9.8CVSS5.7AI score0.01325EPSS
Exploits1
Ubuntu
Ubuntu
•added 2026/06/05 8:11 a.m.•10 views

USN-8394-1: YARD vulnerability

It was discovered that YARD incorrectly sanitized paths in its built-in documentation server. An attacker could possibly use this issue to read arbitrary files from the server host...

7.5CVSS5.5AI score0.00388EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/04 11:16 p.m.•13 views

USN-8387-1: Inetutils vulnerabilities

It was discovered that the Inetutils telnet daemon incorrectly handled the CREDENTIALSDIRECTORY environment variable. An attacker could possibly use this issue to escalate privileges. CVE-2026-28372 It was discovered that the Inetutils telnet daemon did not properly validate buffer bounds when...

9.8CVSS7.5AI score0.23674EPSS
Exploits13
Ubuntu
Ubuntu
•added 2026/06/04 10:10 p.m.•12 views

USN-8393-1: Linux kernel (Azure FIPS) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

9.8CVSS7.5AI score0.96775EPSS
Exploits281
Ubuntu
Ubuntu
•added 2026/06/04 10:5 p.m.•7 views

USN-8361-2: Linux kernel (FIPS) vulnerability

A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystem: - Packet sockets; CVE-2026-31504...

7.8CVSS5.3AI score0.00129EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/04 9:28 p.m.•12 views

USN-8392-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

9.8CVSS6.6AI score0.96775EPSS
Exploits260
Ubuntu
Ubuntu
•added 2026/06/04 9:23 p.m.•12 views

USN-8391-1: Linux kernel (Raspberry Pi) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

9.8CVSS7.2AI score0.96775EPSS
Exploits260
Ubuntu
Ubuntu
•added 2026/06/04 9:13 p.m.•14 views

USN-8390-1: Linux kernel vulnerability

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS6.1AI score0.93235EPSS
Exploits31
Ubuntu
Ubuntu
•added 2026/06/04 9:9 p.m.•15 views

USN-8389-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS6AI score0.93235EPSS
Exploits36
Ubuntu
Ubuntu
•added 2026/06/04 9:3 p.m.•15 views

USN-8388-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS6.1AI score0.93235EPSS
Exploits57
Ubuntu
Ubuntu
•added 2026/06/04 5:0 p.m.•15 views

USN-8386-1: Nano vulnerabilities

Michał Majchrowicz and Marcin Wyczechowski discovered that Nano created the /.local directory with incorrect permissions. In environments with permissive umask settings, a local attacker could possibly use this issue to inject a malicious launcher file, resulting in information disclosure or othe...

5.5CVSS5.5AI score0.00108EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/04 1:59 p.m.•10 views

USN-8385-1: Robocode vulnerabilities

It was discovered that Robocode could be tricked into making network requests to attacker-controlled systems. An attacker could possibly use this issue to cause external service interaction, resulting in information disclosure. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS...

10CVSS5.8AI score0.02226EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/04 1:15 p.m.•11 views

USN-8383-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly handled digest authentication. A remote attacker could possibly use this issue to bypass authentication restrictions. CVE-2026-43512 It was discovered that Tomcat incorrectly handled case sensitivity in LockOutRealm. A remote attacker could possibly use...

9.8CVSS7.6AI score0.01233EPSS
Exploits2
Ubuntu
Ubuntu
•added 2026/06/04 12:29 p.m.•15 views

USN-8384-1: Apache HTTP Server vulnerability

It was discovered that Apache HTTP Server incorrectly handled certain cookie headers in the HTTP/2 implementation. A remote attacker could possibly use this issue to cause Apache HTTP Server to consume excessive resources, resulting in a denial of service...

7.5CVSS5.5AI score0.11471EPSS
Exploits7
Ubuntu
Ubuntu
•added 2026/06/03 8:22 p.m.•11 views

USN-8253-2: Postfix vulnerability

USN-8253-1 fixed a vulnerability in Postfix. This update provides the corresponding fix for Postfix on Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: Kamil Frankowicz discovered that Postfix incorrectly handled certain enhanced status codes....

7.5CVSS5.6AI score0.00415EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/03 4:29 p.m.•9 views

USN-8382-1: Exim vulnerabilities

Timo Longin discovered that Exim incorrectly handled certain SMTP messages in PIPELINING/CHUNKING configurations. A remote attacker could possibly use this issue to perform SMTP smuggling. This issue only affected Ubuntu 14.04 LTS. CVE-2023-51766 It was discovered that Exim incorrectly handled...

9.8CVSS7.7AI score0.01225EPSS
Exploits3
Ubuntu
Ubuntu
•added 2026/06/03 1:59 p.m.•7 views

USN-8380-1: Twisted vulnerability

It was discovered that Twisted incorrectly handled DNS name decompression. A remote attacker could possibly use this issue to cause Twisted to consume excessive resources, leading to a denial of service...

7.5CVSS5.5AI score0.00433EPSS
Exploits1
Ubuntu
Ubuntu
•added 2026/06/03 1:50 p.m.•9 views

USN-8379-1: urllib3 vulnerabilities

It was discovered that urllib3 incorrectly handled cross-origin redirects in ProxyManager. A remote attacker could possibly use this issue to obtain sensitive information. CVE-2026-44431 It was discovered that urllib3 incorrectly handled decompression of specially crafted responses. A remote...

8.9CVSS5.5AI score0.0068EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/03 1:33 p.m.•9 views

USN-8378-1: libwww-perl vulnerability

It was discovered that libwww-perl incorrectly handled redirects. A remote attacker could possibly use this issue to obtain sensitive information by causing Authorization headers to be sent to a different host...

6.5CVSS5.4AI score0.00266EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/03 1:24 p.m.•9 views

USN-8377-1: Template-Toolkit vulnerability

It was discovered that Template-Toolkit did not properly escape single quotes in the htmlfilter function of Template::Plugin::HTML. An attacker could possibly use this issue to inject arbitrary HTML and JavaScript into generated output...

6.1CVSS5.6AI score0.00282EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/03 1:15 p.m.•10 views

USN-8376-1: FRR vulnerabilities

It was discovered that FRR incorrectly handled certain OSPF Traffic Engineering and Segment Routing TLVs. An attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. CVE-2026-28532 It was discovered that FRR incorrectly handled certain BGP FlowSpec component...

7.5CVSS5.5AI score0.00389EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/03 9:16 a.m.•14 views

USN-8344-3: pip vulnerability

USN-8344-1 introduced a regression in pip. This update provides a complete fix for this issue.. We apologize for the inconvenience. Original advisory details: It was discovered that pip's bundled urllib3 library improperly handled streaming decompression of highly compressed data. A remote attack...

8.9CVSS6.8AI score0.00622EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/03 7:43 a.m.•9 views

USN-8363-2: MySQL vulnerabilities

USN-8363-1 fixed several vulnerabilities in MySQL. This update provides the corresponding fixes for MySQL on Ubuntu 20.04 LTS. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been...

6.5CVSS7.1AI score0.00323EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/03 7:11 a.m.•14 views

USN-8375-1: nginx vulnerabilities

It was discovered that the nginx ngxmailsmtpmodule module incorrectly handled certain memory operations when doing SMTP authentication. This could possibly result in sensitive information being sent to the authentication server. CVE-2025-53859 It was discovered that nginx incorrectly handled...

9.2CVSS7.7AI score0.61469EPSS
Exploits42
Ubuntu
Ubuntu
•added 2026/06/03 4:50 a.m.•13 views

USN-8348-1: GoBGP vulnerabilities

It was discovered that GoBGP incorrectly handled certain specially crafted BGP UPDATE messages. A remote attacker could possibly use this issue to cause GoBGP to crash, resulting in a denial of service. CVE-2026-37461 Yanlei Wang discovered that GoBGP incorrectly handled certain malformed BGP...

7.5CVSS6.5AI score0.00631EPSS
Exploits1
Ubuntu
Ubuntu
•added 2026/06/02 6:26 p.m.•15 views

USN-8282-2: Unbound vulnerabilities

USN-8282-1 fixed vulnerabilities in Unbound. This update provides the corresponding updates for CVE-2026-41292 in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS and CVE-2026-42959, CVE-2026-42960 in Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: Andr...

10CVSS6.1AI score0.00779EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/02 6:0 p.m.•26 views

USN-8374-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

9.8CVSS6.9AI score0.96775EPSS
Exploits281
Ubuntu
Ubuntu
•added 2026/06/02 5:12 p.m.•21 views

USN-8373-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS6.5AI score0.93235EPSS
Exploits57
Ubuntu
Ubuntu
•added 2026/06/02 4:24 p.m.•12 views

USN-8372-1: age vulnerability

It was discovered that age did not properly validate plugin names. An attacker could possibly use this issue to cause execution of an arbitrary program by supplying a crafted recipient or identity string...

9.8CVSS5.9AI score0.00472EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/02 2:46 p.m.•23 views

USN-8371-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS6.3AI score0.93235EPSS
Exploits57
Ubuntu
Ubuntu
•added 2026/06/02 2:5 p.m.•13 views

USN-8238-2: EditorConfig vulnerability

USN-8238-1 fixed a vulnerability in EditorConfig. This update contains the corresponding fix for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. Original advisory details: It was discovered that EditorConfig incorrectly handled specially crafted configuration files. A...

8.6CVSS5.8AI score0.00151EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/02 1:52 p.m.•18 views

USN-8370-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS6.3AI score0.93235EPSS
Exploits57
Ubuntu
Ubuntu
•added 2026/06/02 1:16 p.m.•9 views

USN-8369-1: Apache Tomcat Connectors vulnerability

It was discovered that Apache Tomcat Connectors used incorrect default permissions for shared memory on Unix-like systems. A local attacker could possibly use this issue to view or modify modjk configuration data in shared memory, resulting in sensitive information exposure or a denial of service...

5.9CVSS6.3AI score0.00326EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/02 1:9 p.m.•10 views

USN-8368-1: libeconf vulnerability

It was discovered that libeconf did not properly check the size of input when copying data to a buffer. An attacker could possibly use this issue to cause libeconf to crash, resulting in a denial of service...

6.5CVSS6.6AI score0.00636EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/02 1:0 p.m.•8 views

USN-8367-1: tar-fs vulnerabilities

It was discovered that tar-fs did not properly limit paths when extracting crafted tar files. An attacker could possibly use this issue to write or overwrite files outside the intended extraction directory. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. CVE-2024-12905 It was...

8.7CVSS6.2AI score0.02186EPSS
Exploits2
Ubuntu
Ubuntu
•added 2026/06/02 12:48 p.m.•11 views

USN-8366-1: Luanti vulnerabilities

It was discovered that Luanti, when using LuaJIT, did not properly enforce Lua sandbox restrictions. An attacker could possibly use this issue to execute arbitrary code. CVE-2026-40959 It was discovered that Luanti did not properly restrict access to insecure environments. An attacker could...

9.3CVSS6.1AI score0.00182EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/02 12:42 p.m.•12 views

USN-8365-1: Dovecot vulnerabilities

It was discovered that Dovecot incorrectly treated some variable expansion pipelines as safe in authentication filters. An attacker could possibly use this issue to perform SQL or LDAP injection attacks. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS. CVE-2026-27851 It was discovered...

9.1CVSS5.9AI score0.00454EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/02 12:42 p.m.•11 views

USN-8364-1: Apache Commons Lang vulnerability

It was discovered that Apache Commons Lang incorrectly handled recursion in the ClassUtils.getClass method. An attacker could possibly use this issue to cause Apache Commons Lang to crash, resulting in a denial of service...

5.3CVSS6.6AI score0.02164EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/02 12:24 p.m.•18 views

USN-8363-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.46 in Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. Ubuntu 25.10 and Ubuntu 26.04 LTS have been updated to MySQL 8.4.9. In addition to security fixes,...

6.5CVSS7.1AI score0.00323EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/02 11:59 a.m.•9 views

USN-8130-2: GStreamer Base Plugins vulnerability

USN-8130-1 fixed a vulnerability in GStreamer Base Plugins. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that GStreamer Base Plugins incorrectly handled certain AVI media files. A remote attacker could use th...

7.8CVSS7.4AI score0.00867EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/02 9:17 a.m.•14 views

USN-8362-1: XZ Utils vulnerability

It was discovered that XZ Utils did not properly manage memory when attempting to append data to a decoded index that contained no records. An attacker could possibly use this issue to cause XZ Utils to crash, resulting in a denial of service, or execute arbitrary code...

6.3CVSS6AI score0.00351EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/01 10:6 p.m.•14 views

USN-8361-1: Linux kernel vulnerability

A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystem: - Packet sockets; CVE-2026-31504...

7.8CVSS5.9AI score0.00129EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/01 4:24 p.m.•13 views

USN-8209-2: Little CMS vulnerability

USN-8209-1 fixed vulnerabilities in Little CMS. This update contains the fixes for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that Little CMS incorrectly handled certain malformed ICC profiles. An attacker could use thi...

7.5CVSS6.1AI score0.00365EPSS
Exploits1
Ubuntu
Ubuntu
•added 2026/06/01 3:12 p.m.•12 views

USN-8360-1: sslh vulnerability

It was discovered that sslh did not properly handle symbolic links when writing its PID file. A local attacker could possibly use this issue to overwrite arbitrary files...

9.3CVSS5.9AI score0.00158EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/01 3:4 p.m.•14 views

USN-8359-1: NNCP vulnerability

It was discovered that NNCP did not properly sanitize file paths in packet data during file requesting and file saving operations. A remote attacker could possibly use this issue to read or write arbitrary files outside of the intended directory...

6.4CVSS5.8AI score0.00243EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/01 2:58 p.m.•12 views

USN-8358-1: haveged vulnerability

It was discovered that haveged incorrectly handled credential checks on its control socket. A local attacker could possibly use this issue to execute privileged commands...

7.8CVSS5.9AI score0.00185EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/01 2:51 p.m.•15 views

USN-8055-2: Evolution Data Server vulnerability

USN-8055-1 fixed a vulnerability in Evolution Data Server. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that Evolution Data Server incorrectly handled removing local cache files. An attacker could possibly us...

5.6CVSS6AI score0.00189EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/01 2:46 p.m.•15 views

USN-8357-1: Qt Declarative vulnerability

It was discovered that Qt Declarative did not properly validate the width and height attributes of image tags in the Text component of Qt Quick. An attacker could possibly use this issue to cause Qt Declarative to use excessive resources, leading to a denial of service...

8.7CVSS5.8AI score0.00263EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/01 2:22 p.m.•12 views

USN-8356-1: GNU SASL vulnerability

It was discovered that GNU SASL did not properly handle certain DIGEST-MD5 tokens. An attacker could possibly use this issue to cause GNU SASL to crash, resulting in a denial of service...

7.5CVSS5.8AI score0.00455EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/06/01 2:5 p.m.•11 views

USN-8355-1: SSSD vulnerability

It was discovered that SSSD did not properly handle raw bytes in the PAM passkey responder. A local attacker could possibly use this issue to cause the SSSD PAM responder to crash, resulting in a denial of service...

5.5CVSS5.8AI score0.00141EPSS
Exploits0
Total number of security vulnerabilities10869