Lucene search
K
UbuntuRecent

10875 matches found

Ubuntu
Ubuntu
•added 2025/04/22 11:56 p.m.•16 views

USN-7402-5: Linux kernel (GCP) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - GPU drivers; - HID subsystem; - Media drivers; - JFS file system; - Network namespace; -...

7.8CVSS7.4AI score0.00809EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/04/22 5:24 p.m.•18 views

USN-7444-1: Synapse vulnerabilities

It was discovered that Synapse network policies could be bypassed via specially crafted URLs. An attacker could possibly use this issue to bypass authentication mechanisms. CVE-2023-32683 It was discovered that Synapse exposed cached device information. An attacker could possibly use this issue t...

9.1CVSS6.8AI score0.01463EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/17 2:4 p.m.•88 views

USN-7443-1: Erlang vulnerability

Fabian Bäumer, Marcel Maehren, Marcus Brinkmann, and Jörg Schwenk discovered that Erlang OTP’s SSH module incorrect handled authentication. A remote attacker could use this issue to execute arbitrary commands without authentication, possibly leading to a system compromise...

10CVSS8.4AI score0.97673EPSS
Exploits36
Ubuntu
Ubuntu
•added 2025/04/17 12:51 p.m.•13 views

USN-7442-1: Ruby vulnerabilities

It was discovered that the Ruby CGI gem incorrectly handled parsing certain cookies. A remote attacker could possibly use this issue to consume resources, leading to a denial of service. CVE-2025-27219 It was discovered that the Ruby CGI gem incorrectly handled parsing certain regular expressions...

8.7CVSS7.1AI score0.01429EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/16 11:26 p.m.•13 views

USN-7441-1: Eclipse Mosquitto vulnerabilities

It was discovered that Eclipse Mosquitto client incorrectly handled memory when receiving a SUBACK packet. An attacker with a malicious broker could possibly use this issue to execute arbitrary code or cause a denial of service. CVE-2024-10525 Xiangpu Song discovered that Eclipse Mosquitto broker...

9.8CVSS7.8AI score0.579EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/04/16 2:21 p.m.•7 views

USN-7440-1: ImageMagick regression

USN-6200-2 fixed a vulnerability in ImageMagick. It was discovered that the fix for CVE-2023-34151 was incomplete. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that ImageMagick incorrectly handled memory under certain circumstance...

5.5CVSS6.5AI score0.01018EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2025/04/16 10:1 a.m.•44 views

LSN-0111-1: Kernel Live Patch Security Notice

It was discovered that the watchqueue event notification system contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or escalate their privileges.CVE-2022-0995 In the Linux kernel, the following vulnerability has been resolved: smb: client:...

7.8CVSS7.1AI score0.06197EPSS
Exploits11
Ubuntu
Ubuntu
•added 2025/04/15 6:24 p.m.•6 views

USN-7439-1: QuickJS vulnerabilities

It was discovered that QuickJS could be forced to reference uninitialized memory in certain instances. An attacker could possibly use this issue to cause QuickJS to crash, resulting in a denial of service, or execute arbitrary code. CVE-2023-48183 It was discovered that QuickJS incorrectly manage...

7.5CVSS5.1AI score0.00641EPSS
Exploits3
Ubuntu
Ubuntu
•added 2025/04/15 6:23 p.m.•9 views

USN-7438-1: 7-Zip vulnerabilities

Igor Pavlov discovered that 7-Zip had several memory-related issues. An attacker could possibly use these issues to cause 7-Zip to crash, resulting in a denial of service, or execute arbitrary code. CVE-2023-52168, CVE-2023-52169...

8.4CVSS8AI score0.00989EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/04/15 2:5 p.m.•15 views

USN-7161-3: Docker vulnerability

USN-7161-1 and USN-7161-2 fixed CVE-2024-41110 for source package docker.io in Ubuntu 18.04 LTS and for source package docker.io-app in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. This update fixes it for source package docker.io in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS,...

9.9CVSS7.5AI score0.16496EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/15 2:4 a.m.•11 views

USN-7437-1: CImg library vulnerabilities

It was discovered that the CImg library did not properly check the size of images before loading them. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. CVE-2022-1325 It was discovered that the CImg library did not correctly handle...

7.8CVSS6.6AI score0.00397EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/04/14 4:27 p.m.•71 views

USN-7436-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

9.8CVSS6.9AI score0.0082EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/14 1:31 p.m.•72 views

USN-7435-1: Protocol Buffers vulnerability

It was discovered that Protocol Buffers incorrectly handled memory when receiving malicious input using the Java bindings. An attacker could possibly use this issue to cause a denial of service...

8.7CVSS7.2AI score0.02772EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/14 11:48 a.m.•85 views

USN-7434-1: Perl vulnerability

It was discovered that Perl incorrectly handled transliterating non-ASCII bytes. A remote attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.4CVSS7.8AI score0.00473EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/14 12:21 a.m.•16 views

USN-7433-1: GraphicsMagick vulnerabilities

It was discovered that GraphicsMagick did not properly limit image dimensions, which could lead to excessive memory consumption. An attacker could possibly use this issue to cause a denial of service. CVE-2025-27795 It was discovered that GraphicsMagick did not properly handle certain memory...

9.8CVSS5AI score0.00413EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/10 8:38 p.m.•84 views

USN-7432-1: libsoup vulnerabilities

It was discovered that libsoup could be made to read out of bounds. An attacker could possibly use this issue to cause applications using libsoup to crash, resulting in a denial of service. CVE-2025-2784, CVE-2025-32050, CVE-2025-32052, CVE-2025-32053 It was discovered that libsoup could be made ...

7CVSS6.9AI score0.0067EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/04/10 12:8 p.m.•12 views

USN-7431-1: HAProxy vulnerability

Aleandro Prudenzano and Edoardo Geraci discovered that HAProxy incorrectly handled certain uncommon configurations that replace multiple short patterns with a longer one. A remote attacker could use this issue to cause HAProxy to crash, resulting in a denial of service, or possibly execute...

6.8CVSS6.2AI score0.00688EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/09 11:46 p.m.•6 views

USN-7430-1: Dino vulnerability

Kim Alvefur discovered that Dino did not correctly sanitize certain messages. A remote attacker could possibly use this issue to leak sensitive information...

7.1CVSS7AI score0.00699EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/09 11:41 p.m.•19 views

USN-7346-3: OpenSC vulnerabilities

USN-7346-1 fixed vulnerabilities in OpenSC. The update introduced a regression which broke smartcard based authentication. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that OpenSC did not correctly handle certain memory operations...

7.1CVSS7AI score0.02598EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2025/04/09 9:39 p.m.•10 views

USN-7426-2: poppler vulnerabilities

USN-7426-1 fixed several vulnerabilities in poppler. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that poppler incorrectly handled memory when opening certain PDF files. An attacker could possibly use this...

7.1CVSS5.8AI score0.00218EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/04/09 7:3 p.m.•17 views

USN-7429-2: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Drivers core; - HID subsystem; - Network drivers; - SCSI subsystem; - SuperH / SH-Mobile drivers; - File systems...

7.8CVSS7.4AI score0.00809EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/04/09 6:36 p.m.•20 views

USN-7429-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Drivers core; - HID subsystem; - Network drivers; - SCSI subsystem; - SuperH / SH-Mobile drivers; - File systems...

7.8CVSS7.4AI score0.00809EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/04/09 6:2 p.m.•21 views

USN-7428-2: Linux kernel (FIPS) vulnerabilities

Demi Marie Obenour and Simon Gaiser discovered that several Xen para- virtualization device frontends did not properly restrict the access rights of device backends. An attacker could possibly use a malicious Xen backend to gain access to memory pages of a guest VM or cause a denial of service in...

9.1CVSS7.5AI score0.01401EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/09 5:32 p.m.•20 views

USN-7428-1: Linux kernel vulnerabilities

Demi Marie Obenour and Simon Gaiser discovered that several Xen para- virtualization device frontends did not properly restrict the access rights of device backends. An attacker could possibly use a malicious Xen backend to gain access to memory pages of a guest VM or cause a denial of service in...

9.1CVSS7.5AI score0.01401EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/08 5:26 p.m.•88 views

USN-7426-1: poppler vulnerabilities

It was discovered that poppler incorrectly handled memory when opening certain PDF files. An attacker could possibly use this issue to cause poppler to crash, resulting in a denial of service...

7.1CVSS5.8AI score0.00218EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/04/08 1:48 p.m.•89 views

USN-7425-1: Erlang vulnerability

It was discovered that Erlang OTP's SSH module did not limit the size of certain data in initialization messages. An attacker could possibly use this issue to consume large amount of memory leading to a denial of service...

7.5CVSS7.3AI score0.00436EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/08 11:46 a.m.•82 views

USN-7424-1: Expat vulnerability

It was discovered that Expat could crash due to stack overflow when processing XML documents with deeply nested entity references. If a user or automated system were tricked into processing specially crafted XML input, an attacker could use this issue to cause a denial of service...

7.5CVSS6.8AI score0.01569EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/07 7:29 p.m.•85 views

USN-7423-1: GNU binutils vulnerabilities

It was discovered that GNU binutils incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash, expose sensitive information or execute arbitrary code. CVE-2025-1153, CVE-2025-1182 It was discovered that ld in GNU binutils incorrectly handled certain files. An...

6.3CVSS5.8AI score0.01252EPSS
Exploits5
Ubuntu
Ubuntu
•added 2025/04/07 7:4 p.m.•25 views

USN-7406-6: Linux kernel (NVIDIA Tegra IGX) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Network namespace; - Networking core; CVE-2024-26928, CVE-2024-56658,...

7.8CVSS6.9AI score0.00276EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/07 7:0 p.m.•29 views

USN-7402-4: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - GPU drivers; - HID subsystem; - Media drivers; - JFS file system; - Network namespace; -...

7.8CVSS7.4AI score0.00809EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/04/07 5:22 p.m.•31 views

USN-7408-4: Linux kernel (HWE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; - Network namespace; - Networking core; CVE-2024-56658, CVE-2024-35864, CVE-2024-26928...

7.8CVSS6.9AI score0.00276EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/07 5:17 p.m.•22 views

USN-7408-3: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; - Network namespace; - Networking core; CVE-2024-56658, CVE-2024-35864, CVE-2024-26928...

7.8CVSS6.9AI score0.00276EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/07 5:10 p.m.•14 views

USN-7422-1: FIS-GT.M vulnerabilities

It was discovered that FIS-GT.M could incorrectly dereference memory in certain instances. An attacker could possibly use this issue to cause FIS-GT.M to crash, resulting in a denial of service. CVE-2021-44492, CVE-2021-44498, CVE-2021-44508 It was discovered that FIS-GT.M could perform a divisio...

7.5CVSS7.6AI score0.01552EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/07 2:40 p.m.•27 views

USN-7421-1: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

8.1CVSS7.5AI score0.03558EPSS
Exploits3
Ubuntu
Ubuntu
•added 2025/04/07 2:30 p.m.•29 views

USN-7420-1: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Microsoft Azure Network Adapter MANA driver; - SMB network file system; - Network namespace; -...

7.8CVSS7AI score0.00276EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/07 2:26 p.m.•21 views

USN-7406-5: Linux kernel (NVIDIA) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Network namespace; - Networking core; CVE-2024-26928, CVE-2024-56658,...

7.8CVSS6.9AI score0.00276EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/07 1:55 p.m.•81 views

USN-7418-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML characters in an attribute value using REXML gem. An attacker could use this issue to cause Ruby to crash, resulting in a denial of service. This issue only affected in Ubuntu 22.04 LTS, Ubuntu 24.04...

7.5CVSS7.1AI score0.02064EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/04/07 1:1 p.m.•86 views

USN-7419-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled memory when using invalid input with the log option. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. CVE-2025-1215 It was discovered that Vim incorrectly handled memo...

7.8CVSS5.5AI score0.00492EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/04/07 9:18 a.m.•27 views

USN-7410-1: Tomcat vulnerability

It was discovered that Tomcat incorrectly handled request cancellation. A remote attacker could possibly use this issue to cause tomcat9 to consume resources, leading to a denial of service...

7.5CVSS7.2AI score0.99999EPSS
Exploits19
Ubuntu
Ubuntu
•added 2025/04/07 8:46 a.m.•105 views

USN-6885-4: Apache HTTP Server regression

USN-6885-1 fixed a vulnerability in Apache. The patch for CVE-2024-38474 was incomplete and caused regressions. This update provides the fix for that issue. Original advisory details: Orange Tsai discovered that the Apache HTTP Server modrewrite module incorrectly handled certain substitutions. A...

7.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2025/04/07 1:37 a.m.•17 views

USN-7417-1: libdbd-mysql-perl vulnerabilities

It was discovered that libdbd-mysql-perl did not correctly handle certain SQL queries. An attacker could possibly use this issue to cause a denial of service. CVE-2016-1249 It was discovered that libdbd-mysql-perl did not correctly handle certain memory operations, which could lead to a...

9.8CVSS7AI score0.04629EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/07 1:35 a.m.•14 views

USN-7416-1: Kamailio vulnerabilities

Stelios Tsampas discovered that Kamailio did not correctly handle certain memory operations, which could lead to a buffer overflow. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. CVE-2016-2385...

10CVSS7.9AI score0.30518EPSS
Exploits6
Ubuntu
Ubuntu
•added 2025/04/04 6:9 p.m.•27 views

USN-7402-3: Linux kernel (NVIDIA) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - GPU drivers; - HID subsystem; - Media drivers; - JFS file system; - Network namespace; -...

7.8CVSS7.4AI score0.00809EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/04/03 11:36 p.m.•16 views

USN-7415-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Drivers core; - Ext4 file system; - JFS file system; - Network namespace; - CAIF protocol; - Networking core; - IPv...

7.8CVSS6.8AI score0.00257EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/03 5:36 p.m.•84 views

USN-7414-1: XZ Utils vulnerability

Harri K. Koskinen discovered that XZ Utils incorrectly handled the threaded xz decoder. If a user or automated system were tricked into processing an xz file, a remote attacker could use this issue to cause XZ Utils to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.7CVSS7.2AI score0.00618EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/03 1:9 p.m.•22 views

USN-7413-1: Linux kernel (IoT) vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Ye Zhang and Nicolas Wu discovered th...

9.1CVSS8AI score0.03558EPSS
Exploits4
Ubuntu
Ubuntu
•added 2025/04/03 12:33 p.m.•19 views

USN-7406-4: Linux kernel (Azure FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Network namespace; - Networking core; CVE-2024-26928, CVE-2024-56658,...

7.8CVSS6.9AI score0.00276EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/03 12:17 p.m.•82 views

USN-7412-1: GnuPG vulnerability

It was discovered that GnuPG incorrectly handled importing keys with certain crafted subkey data. If a user or automated system were tricked into importing a specially crafted key, a remote attacker may prevent users from importing other keys in the future...

4.7CVSS4.9AI score0.00179EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/04/03 11:45 a.m.•49 views

USN-7411-1: OpenVPN vulnerability

It was discovered that OpenVPN incorrectly handled certain malformed packets. A remote attacker could possibly use this issue to cause OpenVPN to crash, resulting in a denial of service...

7.5CVSS6.6AI score0.00784EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/04/02 8:31 p.m.•13 views

USN-7409-1: RubySAML vulnerabilities

It was discovered that ruby-saml did not correctly handle XML parsing. An attacker could possibly use this issue to perform a signature wrapping attack and bypass authentication. CVE-2025-25291 and CVE-2025-25292 It was discovered that ruby-saml did not correctly handle decompressing SAML...

9.8CVSS8.6AI score0.63792EPSS
Exploits3
Total number of security vulnerabilities10875