Lucene search
K
UbuntuRecent

10876 matches found

Ubuntu
Ubuntu
•added 2025/02/12 6:9 p.m.•50 views

USN-7236-3: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; - Network traffic control; - VMware vSockets driver; CVE-2024-53164, CVE-2024-53103, CVE-2024-53141...

7.8CVSS7.1AI score0.00396EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/02/12 5:58 p.m.•12 views

USN-7238-4: Linux kernel (AWS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network traffic control; - VMware vSockets driver; CVE-2024-53103, CVE-2024-53164...

7.8CVSS7.1AI score0.00249EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/02/12 6:51 a.m.•9 views

USN-7265-1: BlueZ vulnerabilities

Julian Rauchberger discovered that BlueZ did not correctly handle certain memory operations. An attacker could possibly use this issue to leak sensitive information or execute arbitrary code. CVE-2019-8921, CVE-2019-8922...

8.8CVSS7.1AI score0.0143EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/02/11 4:9 p.m.•17 views

USN-7264-1: OpenSSL vulnerabilities

It was discovered that OpenSSL clients incorrectly handled authenticating servers using RFC7250 Raw Public Keys. In certain cases, the connection will not abort as expected, possibly causing the communication to be intercepted. CVE-2024-12797 George Pantelakis and Alicja Kario discovered that...

6.3CVSS7.3AI score0.05966EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/02/11 12:55 a.m.•17 views

USN-7263-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2025-1011, CVE-2025-1013,...

9.8CVSS7.2AI score0.01163EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/02/10 5:54 p.m.•8 views

USN-6838-2: Ruby vulnerability

USN-6838-1 fixed CVE-2024-27281 in Ruby 2.7, Ruby 3.0, Ruby 3.1, and Ruby 3.2. This update provides the corresponding updates for Ruby 2.3 and Ruby 2.5. Original advisory details: It was discovered that Ruby RDoc incorrectly parsed certain YAML files. If a user or automated system were tricked in...

4.5CVSS7.5AI score0.01571EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/02/10 5:40 p.m.•22 views

USN-7262-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Multiple devices driver; - Network drivers; - Sonic Silicon Backplane drivers; - File systems infrastructure; -...

7.8CVSS7AI score0.00396EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/02/10 2:47 p.m.•18 views

USN-7259-3: GNU C Library vulnerability

USN-7259-1 fixed a vulnerability in GNU C Library. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: It was discovered that GNU C Library incorrectly handled memory when using the assert function. An attacker could possibly use this issue to cause a...

6.2CVSS7.1AI score0.00349EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/02/10 2:26 p.m.•15 views

USN-7259-2: GNU C Library vulnerability

USN-7259-1 fixed a vulnerability in GNU C Library. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: It was discovered that GNU C Library incorrectly handled memory when using the assert function. An attacker could possibly use this issue to cause a...

6.2CVSS7.1AI score0.00349EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/02/10 2:20 p.m.•80 views

USN-7261-1: Vim vulnerability

It was discovered that Vim incorrectly handled certain internal calls when scrolling a window. An attacker could possibly use this issue to cause a denial of service...

5.5CVSS5.4AI score0.00261EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/02/10 9:41 a.m.•13 views

USN-7206-4: rsync regression

USN-7206-3 fixed vulnerabilities in rsync for Ubuntu 24.10. The update introduced a regression in rsync. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync did not properly handle...

7.7AI score0.72059EPSS
Exploits8References1
Ubuntu
Ubuntu
•added 2025/02/10 3:32 a.m.•21 views

USN-7260-1: OpenRefine vulnerabilities

It was discovered that OpenRefine did not properly handle opening tar files. If a user or application were tricked into opening a crafted tar file, an attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. CVE-2023-37476 It was discovered that...

9.8CVSS7.8AI score0.45473EPSS
Exploits8
Ubuntu
Ubuntu
•added 2025/02/06 1:12 p.m.•178 views

USN-7259-1: GNU C Library vulnerability

It was discovered that GNU C Library incorrectly handled memory when using the assert function. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

6.2CVSS7.1AI score0.00349EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/02/06 3:10 a.m.•13 views

USN-7256-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML characters in an attribute value using REXML gem. An attacker could use this issue to cause Ruby to crash, resulting in a denial of service...

5.9CVSS6.9AI score0.01493EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/02/06 1:26 a.m.•10 views

USN-7258-1: CKEditor vulnerabilities

Kevin Backhouse discovered that CKEditor did not properly sanitize HTML content. An attacker could possibly use this issue to perform cross site scripting and obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS...

6.1CVSS6.5AI score0.01652EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/02/05 5:8 a.m.•172 views

USN-7257-1: Kerberos vulnerability

Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc Stevens, and Adam Suhl discovered that Kerberos incorrectly authenticated certain responses. An attacker able to intercept communications between a RADIUS client and server could possibly use this issue to forge responses, bypas...

9CVSS8AI score0.14859EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/02/05 4:28 a.m.•8 views

USN-7255-1: OpenJDK 23 vulnerability

It was discovered that the Hotspot component of OpenJDK 23 did not properly handle API access under certain circumstances. An unauthenticated attacker could possibly use this issue to access unauthorized resources and expose sensitive information...

4.8CVSS6.7AI score0.00971EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/02/05 4:27 a.m.•150 views

USN-7254-1: OpenJDK 21 vulnerability

It was discovered that the Hotspot component of OpenJDK 21 did not properly handle API access under certain circumstances. An unauthenticated attacker could possibly use this issue to access unauthorized resources and expose sensitive information...

4.8CVSS6.7AI score0.00971EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/02/05 4:26 a.m.•155 views

USN-7253-1: OpenJDK 17 vulnerability

It was discovered that the Hotspot component of OpenJDK 17 did not properly handle API access under certain circumstances. An unauthenticated attacker could possibly use this issue to access unauthorized resources and expose sensitive information...

4.8CVSS6.7AI score0.00971EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/02/05 4:24 a.m.•151 views

USN-7252-1: OpenJDK 11 vulnerability

It was discovered that the Hotspot component of OpenJDK 11 did not properly handle API access under certain circumstances. An unauthenticated attacker could possibly use this issue to access unauthorized resources and expose sensitive information...

4.8CVSS6.7AI score0.00971EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/02/05 4:20 a.m.•148 views

USN-7096-2: OpenJDK 8 regressions

USN-7096-1 fixed vulnerabilities in OpenJDK 8. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Andy Boothe discovered that the Networking component of OpenJDK 8 did not properly handle access under...

7.8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2025/02/04 3:48 p.m.•10 views

USN-7238-3: Linux kernel (Low Latency) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network traffic control; - VMware vSockets driver; CVE-2024-53103, CVE-2024-53164...

7.8CVSS7.1AI score0.00249EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/02/04 3:31 p.m.•20 views

USN-7234-3: Linux kernel (Azure) vulnerabilities

Ye Zhang and Nicolas Wu discovered that the iouring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.4AI score0.00396EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/02/03 2:36 p.m.•16 views

USN-7233-3: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Multiple devices driver; - Network drivers; - Mellanox network drivers; - S/390 drivers; - SCSI subsystem; - Sonic...

7.8CVSS7AI score0.00396EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/02/03 2:22 p.m.•4 views

USN-7249-1: libvpx vulnerability

Xiantong Hou discovered that libvpx would overflow when attempting to allocate memory for very large images. If an application using libvpx opened a specially crafted file, a remote attacker could possibly use this issue to cause the application to crash, resulting in a denial of service, or the...

9.1CVSS8.2AI score0.00814EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/02/03 2:21 p.m.•8 views

USN-7248-1: libndp vulnerability

It was discovered that libndp incorrectly handled certain malformed IPv6 router advertisement packets. A local attacker could possibly use this issue to cause NetworkManager to crash, resulting in a denial of service, or the execution of arbitrary code...

8.1CVSS7.4AI score0.01165EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/02/03 1:46 p.m.•14 views

USN-7247-1: OpenCV vulnerabilities

It was discovered that OpenCV did not properly manage certain XML data, leading to a NULL pointer dereference. If a user were tricked into loading a specially crafted file, a remote attacker could possibly use this issue to make OpenCV crash, resulting in a denial of service. This issue only...

7.5CVSS6.7AI score0.0337EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/02/03 1:11 p.m.•150 views

USN-7251-1: HarfBuzz vulnerability

It was discovered that HarfBuzz incorrectly handled shaping certain fonts. A remote attacker could possibly use this issue to cause HarfBuzz to consume resources, leading to a denial of service...

7.5CVSS6.5AI score0.01812EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/02/03 5:37 a.m.•13 views

USN-7250-1: Netdata vulnerabilities

It was discovered that Netdata incorrectly handled parsing JSON input, which could lead to a JSON injection. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. CVE-2018-18836 It was discovered that Netdata incorrectly handled parsing HT...

9.1CVSS7.4AI score0.02172EPSS
Exploits8
Ubuntu
Ubuntu
•added 2025/01/30 8:34 p.m.•15 views

USN-7238-2: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network traffic control; - VMware vSockets driver; CVE-2024-53103, CVE-2024-53164...

7.8CVSS7.1AI score0.00249EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/30 7:51 p.m.•23 views

USN-7235-2: Linux kernel (Azure) Unknown kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; - Network traffic control; - VMware vSockets driver; CVE-2024-53164, CVE-2024-53103, CVE-2024-53141...

7.8CVSS7.1AI score0.00396EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/30 7:12 p.m.•26 views

USN-7234-2: Linux kernel (HWE) vulnerabilities

Ye Zhang and Nicolas Wu discovered that the iouring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.4AI score0.00396EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/01/30 6:51 p.m.•15 views

USN-7233-2: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Multiple devices driver; - Network drivers; - Mellanox network drivers; - S/390 drivers; - SCSI subsystem; - Sonic...

7.8CVSS7AI score0.00396EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/30 1:45 p.m.•14 views

USN-7246-1: jQuery vulnerabilities

It was discovered that jQuery incorrectly handled parsing untrusted HTML. A remote attacker could possibly use this issue to execute arbitrary code...

6.9CVSS7.1AI score0.99019EPSS
Exploits11
Ubuntu
Ubuntu
•added 2025/01/30 1:39 p.m.•166 views

USN-7245-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.41 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. In addition to security fixes, the updated packages contain bug...

6.5CVSS6.3AI score0.01236EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/30 8:8 a.m.•14 views

USN-7242-1: Tomcat vulnerability

Pierre Ernst discovered that the Tomcat JmxRemoteLifecycleListener did not implement a recommended fix. A remote attacker could possibly use this issue to execute arbitrary code...

9.8CVSS7.8AI score0.90338EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/30 1:13 a.m.•154 views

USN-7244-1: Jinja2 vulnerabilities

It was discovered that Jinja2 incorrectly handled certain filenames when compiling template content. An attacker could possibly use this issue to execute arbitrary code. CVE-2024-56201 It was discovered that Jinja2 incorrectly handled string formatting calls. An attacker could possibly use this...

8.8CVSS7.5AI score0.005EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/30 12:18 a.m.•19 views

USN-7243-1: VLC vulnerability

It was discovered that VLC incorrectly handled memory when reading an MMS stream. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

8CVSS8AI score0.00573EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/29 6:40 p.m.•14 views

USN-7236-2: Linux kernel (Low Latency) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; - Network traffic control; - VMware vSockets driver; CVE-2024-53164, CVE-2024-53103, CVE-2024-53141...

7.8CVSS7.1AI score0.00396EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/29 5:33 p.m.•158 views

USN-7241-1: Bind vulnerabilities

Toshifumi Sakaguchi discovered that Bind incorrectly handled many records in the additional section. A remote attacker could possibly use this issue to cause Bind to consume CPU resources, leading to a denial of service. CVE-2024-11187 Jean-François Billaud discovered that the Bind DNS-over-HTTPS...

7.5CVSS7AI score0.16182EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/29 3:58 p.m.•18 views

USN-7157-3: PHP vulnerabilities

USN-7157-1 fixed vulnerabilities in PHP versions 7.4, 8.1, and 8.3. This update provides the corresponding updates for PHP version 7.0. Original advisory details: It was discovered that PHP incorrectly handled certain inputs when processed with convert.quoted-printable decode filters. An attacker...

9.8CVSS7.8AI score0.02286EPSS
Exploits3
Ubuntu
Ubuntu
•added 2025/01/29 3:20 p.m.•157 views

USN-7240-1: libxml2 vulnerabilities

It was discovered that libxml2 incorrectly handled certain memory operations. A remote attacker could use this issue to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2022-49043 It was discovered that the libxml2 xmllint tool incorrectly handled...

8.1CVSS6.9AI score0.02298EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/28 11:36 p.m.•12 views

USN-7239-1: libmicrodns vulnerabilities

It was discovered that libmicrodns could recursively follow the same compression pointer, leading to an infinite loop. An attacker could possibly use this issue to cause a denial of service. CVE-2020-6071 It was discovered that libmicrodns did not check the return value of the rrdecode function,...

9.8CVSS8.6AI score0.03636EPSS
Exploits7
Ubuntu
Ubuntu
•added 2025/01/28 9:44 p.m.•36 views

USN-7238-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network traffic control; - VMware vSockets driver; CVE-2024-53103, CVE-2024-53164...

7.8CVSS7.1AI score0.00249EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/28 9:30 p.m.•12 views

USN-7237-1: Linux kernel (OEM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Netfilter; - Network traffic control; - VMware vSockets driver; CVE-2024-47715, CVE-2024-53103,...

7.8CVSS7.1AI score0.00396EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/28 8:53 p.m.•162 views

USN-7236-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; - Network traffic control; - VMware vSockets driver; CVE-2024-53164, CVE-2024-53103, CVE-2024-53141...

7.8CVSS7.1AI score0.00396EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/28 8:4 p.m.•162 views

USN-7235-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; - Network traffic control; - VMware vSockets driver; CVE-2024-53164, CVE-2024-53103, CVE-2024-53141...

7.8CVSS7.1AI score0.00396EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/28 7:30 p.m.•157 views

USN-7234-1: Linux kernel vulnerabilities

Ye Zhang and Nicolas Wu discovered that the iouring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.4AI score0.00396EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/01/28 6:56 p.m.•16 views

USN-7233-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Multiple devices driver; - Network drivers; - Mellanox network drivers; - S/390 drivers; - SCSI subsystem; - Sonic...

7.8CVSS7AI score0.00396EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/28 5:52 p.m.•11 views

USN-7232-1: Linux kernel vulnerability

A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystem: - Netfilter; CVE-2024-53141...

7.8CVSS7AI score0.00396EPSS
Exploits0
Total number of security vulnerabilities10876