10875 matches found
USN-7509-1: .NET vulnerability
It was discovered that .NET did not properly handle file names and paths under certain conditions. An attacker could possibly use this issue to perform spoofing over a network...
USN-7508-1: Open VM Tools vulnerability
It was discovered that Open VM Tools incorrectly handled certain file operations. An attacker in a guest could use this issue to perform insecure file operations and possibly elevate privileges in the guest...
USN-7506-4: Linux kernel (Xenial HWE) vulnerabilities
Demi Marie Obenour and Simon Gaiser discovered that several Xen para- virtualization device frontends did not properly restrict the access rights of device backends. An attacker could possibly use a malicious Xen backend to gain access to memory pages of a guest VM or cause a denial of service in...
USN-7506-3: Linux kernel (FIPS) vulnerabilities
Demi Marie Obenour and Simon Gaiser discovered that several Xen para- virtualization device frontends did not properly restrict the access rights of device backends. An attacker could possibly use a malicious Xen backend to gain access to memory pages of a guest VM or cause a denial of service in...
USN-7507-1: Rack vulnerabilities
It was discovered that Rack incorrectly handled deleted rack sessions. An attacker could possibly use this issue to expose sensitive information or to gain unauthorized access to user accounts. CVE-2025-32441 It was discovered that Rack incorrectly limited the number of parameters in a web reques...
USN-7506-2: Linux kernel (AWS) vulnerabilities
Demi Marie Obenour and Simon Gaiser discovered that several Xen para- virtualization device frontends did not properly restrict the access rights of device backends. An attacker could possibly use a malicious Xen backend to gain access to memory pages of a guest VM or cause a denial of service in...
USN-7506-1: Linux kernel vulnerabilities
Demi Marie Obenour and Simon Gaiser discovered that several Xen para- virtualization device frontends did not properly restrict the access rights of device backends. An attacker could possibly use a malicious Xen backend to gain access to memory pages of a guest VM or cause a denial of service in...
USN-7505-1: Abseil vulnerability
It was discovered that Abseil incorrectly handled memory with the upper bound of the size argument. An attacker could possibly use this issue to cause a denial of service or memory corruption...
USN-7504-1: LibreOffice vulnerability
Juraj Å arinay discovered that LibreOffice incorrectly handled verifying PDF signatures. A remote attacker could possibly use this issue to generate PDF files that appear to have a valid signature...
USN-7503-1: h11 vulnerability
Jeppe Bonde Weikop discovered that h11 incorrectly handled crafted HTTP requests. A remote attacker could possibly use this issue to smuggle malicious HTTP requests, which could potentially lead to security control bypass and information leakage...
USN-7501-2: Django vulnerability
USN-7501-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Elias Myllymäki discovered that Django incorrectly handled stripping large sequences of incomplete HTML tags. A remote attacker could possibly use this issue ...
USN-7502-1: Horde Css Parser vulnerability
It was discovered that Horde Css Parser did not correctly handle parsing uncontrolled CSS data. An attacker could possibly use this issue to perform remote code execution. CVE-2020-13756...
USN-7501-1: Django vulnerability
Elias Myllymäki discovered that Django incorrectly handled stripping large sequences of incomplete HTML tags. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service...
USN-7490-3: libsoup vulnerabilities
USN-7490-1 fixed vulnerabilities in libsoup2.4. This update provides the corresponding updates for libsoup3. Original advisory details: Tan Wei Chong discovered that libsoup incorrectly handled memory when parsing HTTP request headers. An attacker could possibly use this issue to send a malicious...
USN-7489-2: Linux kernel (Real-time) vulnerability
A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystems: - Timer subsystem; CVE-2025-21813...
USN-7500-2: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Bluetooth drivers; - Microsoft Azure Network Adapter MANA driver; CVE-2024-56653, CVE-2025-21953...
USN-7496-5: Linux kernel (Azure FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - Character device driver; - Hardware crypto device drivers; - GPU drivers; - Media drivers;...
USN-7496-4: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - Character device driver; - Hardware crypto device drivers; - GPU drivers; - Media drivers;...
USN-7496-3: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - Character device driver; - Hardware crypto device drivers; - GPU drivers; - Media drivers;...
USN-7495-3: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Ceph distributed file system; - Netfilter; CVE-2023-52664, CVE-2024-26689, CVE-2023-52927...
USN-7494-5: Linux kernel (Azure FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Netfilter; CVE-2023-52664, CVE-2023-52927...
USN-7494-4: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Netfilter; CVE-2023-52927, CVE-2023-52664...
USN-7500-1: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Bluetooth drivers; - Microsoft Azure Network Adapter MANA driver; CVE-2025-21953, CVE-2024-56653...
USN-7499-1: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Microsoft Azure Network Adapter MANA driver; - Timer subsystem; CVE-2025-21813, CVE-2025-21953...
USN-7498-1: Linux kernel vulnerability
A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystems: - JFS file system; CVE-2024-56598...
USN-7496-2: Linux kernel (FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - Character device driver; - Hardware crypto device drivers; - GPU drivers; - Media drivers;...
USN-7496-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - Character device driver; - Hardware crypto device drivers; - GPU drivers; - Media drivers;...
USN-7497-1: CarrierWave vulnerabilities
Rikita Ishikawa discovered that CarrierWave did not correctly sanitize certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2021-21305 Norihide Saito discovered that CarrierWave did not correctly...
USN-7490-2: libsoup regression
USN-7490-1 fixed vulnerabilities in libsoup. It was discovered that the fix for CVE-2025-32912 was incomplete. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Tan Wei Chong discovered that libsoup incorrectly handled memory when parsing HTTP request...
USN-7488-1: Python vulnerabilities
It was discovered that Python incorrectly handled parsing bracketed hosts. A remote attacker could possibly use this issue to perform a Server-Side Request Forgery SSRF attack. This issue only affected python 2.7 and python3.4 on Ubuntu 14.04 LTS; python2.7 on Ubuntu 16.04 LTS; python2.7,...
USN-7495-2: Linux kernel (FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Ceph distributed file system; - Netfilter; CVE-2023-52664, CVE-2024-26689, CVE-2023-52927...
USN-7495-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Ceph distributed file system; - Netfilter; CVE-2023-52927, CVE-2023-52664, CVE-2024-26689...
USN-7494-3: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Netfilter; CVE-2023-52664, CVE-2023-52927...
USN-7494-2: Linux kernel (FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Netfilter; CVE-2023-52927, CVE-2023-52664...
USN-7494-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Netfilter; CVE-2023-52664, CVE-2023-52927...
USN-7493-1: Linux kernel (Raspberry Pi) vulnerabilities
A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystems: - Clock framework and drivers; CVE-2024-58081...
USN-7492-2: Linux kernel (Real-time) vulnerability
A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystems: - Bluetooth drivers; CVE-2024-56653...
USN-7492-1: Linux kernel vulnerability
A security issues was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystems: - Bluetooth drivers; CVE-2024-56653...
USN-7490-1: libsoup vulnerabilities
Tan Wei Chong discovered that libsoup incorrectly handled memory when parsing HTTP request headers. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service. CVE-2025-32906 Alon Zahavi discovered that libsoup incorrectly parse...
USN-7491-1: Linux kernel (OEM) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - USB Type-C Connector System Software Interface driver; - Timer subsystem; CVE-2025-21902, CVE-2025-21813...
USN-7489-1: Linux kernel vulnerability
One security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystems: - Timer subsystem; CVE-2025-21813...
USN-7486-1: FastCGI vulnerability
It was discovered that FastCGI incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code...
USN-7485-1: LibRaw vulnerabilities
It was discovered that LibRaw could be made to read out of bounds. An attacker could possibly use this issue to cause applications using LibRaw to crash, resulting in a denial of service. CVE-2025-43961, CVE-2025-43962, CVE-2025-43963, CVE-2025-43964...
USN-7484-1: OpenJDK 24 vulnerabilities
Alicja Kario discovered that the JSSE component of OpenJDK 24 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of OpenJDK 24 incorrectly handled compiler transformations. An...
USN-7483-1: OpenJDK 21 vulnerabilities
Alicja Kario discovered that the JSSE component of OpenJDK 21 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of OpenJDK 21 incorrectly handled compiler transformations. An...
USN-7482-1: OpenJDK 17 vulnerabilities
Alicja Kario discovered that the JSSE component of OpenJDK 17 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of OpenJDK 17 incorrectly handled compiler transformations. An...
USN-7481-1: OpenJDK 11 vulnerabilities
Alicja Kario discovered that the JSSE component of OpenJDK 11 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of OpenJDK 11 incorrectly handled compiler transformations. An...
USN-7480-1: OpenJDK 8 vulnerabilities
Alicja Kario discovered that the JSSE component of OpenJDK 8 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of OpenJDK 8 incorrectly handled compiler transformations. An...
USN-7479-1: MySQL vulnerabilities
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.42 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. Ubuntu 25.04 has been updated to MySQL 8.4.5. In addition to...
USN-7476-1: Scrapy vulnerabilities
It was discovered that Scrapy improperly exposed HTTP authentication credentials to request targets, including during redirects. An attacker could use this issue to gain unauthorized access to user accounts. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2021-41125 It was...