Lucene search
K
UbuntuRecent

10876 matches found

Ubuntu
Ubuntu
•added 2025/01/28 2:49 p.m.•16 views

USN-7231-1: Tcpreplay vulnerabilities

It was discovered that Tcpreplay incorrectly handled memory when using the tcprewrite utility. A remote attacker could possibly use this issue to cause Tcpreplay to crash, resulting in a denial of service. CVE-2023-27783 It was discovered that Tcpreplay incorrectly validated external input. A...

7.5CVSS6.6AI score0.01506EPSS
Exploits9
Ubuntu
Ubuntu
•added 2025/01/28 1:0 p.m.•11 views

USN-7206-3: rsync vulnerabilities

USN-7206-1 fixed vulnerabilities in Ubuntu 14.04 LTS to Ubuntu 24.04 LTS. This update provides the corresponding updates for Ubuntu 24.10. Original advisory details: Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync did not properly handle checksum lengths. An attacker coul...

9.8CVSS7.7AI score0.72059EPSS
Exploits8
Ubuntu
Ubuntu
•added 2025/01/27 7:4 p.m.•24 views

USN-7179-4: Linux kernel (Xilinx ZynqMP) vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

8.8CVSS8.1AI score0.07693EPSS
Exploits7
Ubuntu
Ubuntu
•added 2025/01/27 4:2 p.m.•6 views

USN-7230-2: FRR vulnerabilities

Iggy Frankovic discovered that FRR incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. CVE-2024-44070 It was discovered that FRR re-validated all routes in...

9.8CVSS7.4AI score0.00823EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/27 4:2 p.m.•7 views

USN-7230-1: Quagga vulnerability

Iggy Frankovic discovered that Quagga incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause Quagga to crash, resulting in a denial of service...

9.8CVSS8AI score0.00641EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/27 3:6 p.m.•4 views

USN-7229-1: ClamAV vulnerability

It was discovered that ClamAV incorrectly handled decrypting OLE2 content. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service...

7.5CVSS6.7AI score0.01509EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/27 2:24 p.m.•153 views

USN-7228-1: LibreOffice vulnerabilities

Thomas Rinsma discovered that LibreOffice incorrectly handled paths when processing embedded font files. If a user or automated system were tricked into opening a specially crafted LibreOffice file, a remote attacker could possibly use this issue to create arbitrary files ending with ".ttf"...

6.7CVSS5.5AI score0.00528EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/23 11:53 p.m.•9 views

USN-7227-1: PCL vulnerability

It was discovered that PCL incorrectly handled certain malformed files. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly exploit this to cause a denial of service...

7.5CVSS5.4AI score0.00684EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/23 2:27 p.m.•12 views

USN-7226-1: Cacti vulnerability

It was discovered that Cacti did not properly sanitize the 'pollerid' parameter in the "remoteagent.php" file. A remote attacker could possibly use this issue to achieve remote code execution...

9.8CVSS8.9AI score0.99826EPSS
Exploits48
Ubuntu
Ubuntu
•added 2025/01/23 10:22 a.m.•6 views

USN-7205-2: Django vulnerability

USN-7205-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: It was discovered that Django incorrectly handled certain IPv6 strings. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS6.7AI score0.01854EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/22 11:44 p.m.•17 views

USN-7225-1: HTMLDOC vulnerabilities

It was discovered that HTMLDOC incorrectly handled memory in the imagesetmask, gitreadlzw, writeheader and writenode functions, which could lead to a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected...

9.8CVSS7.4AI score0.01208EPSS
Exploits9
Ubuntu
Ubuntu
•added 2025/01/22 8:39 p.m.•15 views

USN-7224-1: Cyrus IMAP Server vulnerabilities

It was discovered that non-authentication-related HTTP requests could be interpreted in an authentication context by a Cyrus IMAP Server when multiple requests arrived over the same connection. An unauthenticated attacker could possibly use this issue to perform a privilege escalation attack. Thi...

9.8CVSS7.1AI score0.0307EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/22 3:35 p.m.•157 views

USN-7223-1: OpenJPEG vulnerabilities

Frank Zeng discovered that OpenJPEG incorrectly handled memory when using the decompression utility. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2024-56826, CVE-2024-56827...

5.6CVSS7.2AI score0.00309EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/22 2:41 p.m.•13 views

USN-7222-1: BlueZ vulnerabilities

Lucas Leong discovered that BlueZ incorrectly handled the Phone Book Access profile. If a user were tricked into connecting to a malicious Bluetooth device, a remote attacker could possibly use this issue to execute arbitrary code...

8CVSS7.1AI score0.0229EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/21 11:7 p.m.•18 views

USN-7221-1: Linux kernel (OEM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystem: - Bluetooth drivers; CVE-2024-53238, CVE-2024-56757...

5.5CVSS7AI score0.00238EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/21 3:15 p.m.•169 views

USN-7220-1: Vim vulnerability

It was discovered that Vim incorrectly handled memory when closing buffers with the visual mode active. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

5.5CVSS5.8AI score0.00367EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/20 3:13 p.m.•151 views

USN-7219-1: Python vulnerability

It was discovered that Python incorrectly handled asyncio write buffers. A remote attacker could possibly use this issue to cause Python to consume memory, leading to a denial of service...

8.7CVSS7.6AI score0.0188EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/20 3:6 p.m.•161 views

USN-7218-1: Python vulnerability

It was discovered that Python incorrectly handled parsing bracketed hosts. A remote attacker could possibly use this issue to perform a Server-Side Request Forgery SSRF attack...

6.3CVSS6.8AI score0.0067EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/20 12:52 p.m.•31 views

USN-7166-4: Linux kernel (Xilinx ZynqMP) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - ACPI...

9.1CVSS7.4AI score0.01367EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/20 4:29 a.m.•15 views

USN-7217-1: PoDoFo library vulnerabilities

It was discovered that the PoDoFo library could dereference a NULL pointer when getting the number of pages in a PDF. If a user or application were tricked into opening a crafted PDF file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.0...

8.8CVSS7.5AI score0.08458EPSS
Exploits13
Ubuntu
Ubuntu
•added 2025/01/16 10:21 p.m.•5 views

USN-7216-1: tqdm vulnerability

It was discovered that tqdm did not properly sanitize non-boolean CLI Arguments. A local attacker could possibly use this issue to execute arbitrary code on the host. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. CVE-2024-34062...

4.8CVSS6.7AI score0.00432EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/16 5:0 p.m.•160 views

USN-7206-2: rsync regression

USN-7206-1 fixed vulnerabilities in rsync. The update introduced a regression in rsync. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync did not properly handle checksum lengths. ...

7.7AI score0.72059EPSS
Exploits8References1
Ubuntu
Ubuntu
•added 2025/01/16 3:43 p.m.•9 views

USN-7215-1: libxml2 vulnerability

Xisco Fauli discovered that libxml2 incorrectly handled custom SAX handlers. A remote attacker could possibly use this issue to perform XML External Entity XXE attacks...

9.1CVSS7.1AI score0.01192EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/16 3:37 p.m.•19 views

USN-7214-1: HarfBuzz vulnerability

It was discovered that HarfBuzz incorrecty handled certain memory operations. A remote attacker could use this issue to cause HarfBuzz to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.3CVSS5.5AI score0.00643EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/16 2:12 p.m.•149 views

USN-7213-1: poppler vulnerability

It was discovered that poppler incorrectly handled memory when opening certain PDF files. An attacker could possibly use this issue to cause denial of service or obtain sensitive information...

4.3CVSS6.6AI score0.0062EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/16 1:53 p.m.•208 views

USN-7212-1: Python 2.7 vulnerabilities

It was discovered that Python incorrectly handled certain ZIP files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. CVE-2019-9674 It was discovered that Python incorrectly handled certain inputs. If a user or an automated system...

7.5CVSS7.1AI score0.0549EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/16 1:12 p.m.•17 views

USN-7211-1: Audacity vulnerability

Mike Salvatore discovered that Audacity incorrectly handled default permissions of temporary files created by the application. An attacker could possibly use this issue to obtain sensitive information...

3.3CVSS4.8AI score0.00469EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/16 12:50 p.m.•4 views

USN-7209-1: GIMP DDS Plugin vulnerabilities

Jacob Boerema discovered that the GIMP DDS Plugin incorrectly processed DDS files due to a memory issue. An attacker could exploit this through a specifically crafted DDS file to cause GIMP to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS7.4AI score0.27307EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/16 12:40 p.m.•9 views

USN-7208-1: Apache Commons BCEL vulnerability

Felix Wilhelm discovered that Apache Commons BCEL APIs incorrectly handled parameters due to a memory issue. An attacker supplying malicious input could exploit this to generate and execute arbitrary bytecode...

9.8CVSS7.6AI score0.02836EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/16 12:30 p.m.•153 views

USN-7210-1: .NET vulnerabilities

It was discovered that .NET did not properly handle input provided to its Convert.TryToHexString method. An attacker could possibly use this issue to execute arbitrary code. CVE-2025-21171 It was discovered that .NET did not properly handle an integer overflow when processing certain specially...

8.8CVSS8.1AI score0.02262EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/15 9:29 p.m.•38 views

USN-7173-3: Linux kernel (Raspberry Pi) vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Several security issues were discover...

7.8CVSS7AI score0.0059EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/15 4:7 p.m.•12 views

USN-7204-1: NeoMutt vulnerabilities

Jeriko One discovered that NeoMutt incorrectly handled certain IMAP and POP3 responses. An attacker could possibly use this issue to cause NeoMutt to crash, resulting in a denial of service, or the execution of arbitrary code. This issue only affected Ubuntu 18.04 LTS. CVE-2018-14349,...

9.8CVSS7.5AI score0.06229EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/01/14 11:32 p.m.•171 views

USN-7206-1: rsync vulnerabilities

Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync did not properly handle checksum lengths. An attacker could use this issue to execute arbitrary code. CVE-2024-12084 Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync compared checksums with...

9.8CVSS7.7AI score0.72059EPSS
Exploits8
Ubuntu
Ubuntu
•added 2025/01/14 7:55 p.m.•152 views

USN-7207-1: Git vulnerabilities

It was discovered that Git incorrectly handled certain URLs when asking for credentials. An attacker could possibly use this issue to mislead the user into typing passwords for trusted sites that would then be sent to untrusted sites instead. CVE-2024-50349 It was discovered that git incorrectly...

7.5CVSS7.4AI score0.01019EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/14 5:27 p.m.•35 views

USN-7195-2: Linux kernel (Azure) vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Several security issues were discover...

7.8CVSS7AI score0.0059EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/14 4:10 p.m.•7 views

USN-7205-1: Django vulnerability

It was discovered that Django incorrectly handled certain IPv6 strings. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS6.7AI score0.01854EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/14 1:40 p.m.•20 views

USN-7203-1: PowerDNS vulnerabilities

Wei Hao discovered that PowerDNS Authoritative Server incorrectly handled memory when accessing certain files. An attacker could possibly use this issue to achieve arbitrary code execution. CVE-2018-1046 It was discovered that PowerDNS Authoritative Server and PowerDNS Recursor incorrectly handle...

9.3CVSS7AI score0.06041EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/13 12:54 p.m.•7 views

USN-7202-1: HPLIP vulnerability

Kevin Backhouse discovered that HPLIP incorrectly handled certain MDNS responses. A remote attacker could use this issue to cause HPLIP to crash, resulting in a denial of service, or possibly execute arbitrary code...

5.7CVSS5.8AI score0.00298EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/13 12:47 p.m.•13 views

USN-7201-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS6.8AI score0.14492EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/13 11:51 a.m.•14 views

USN-7200-1: Roundcube vulnerability

It was discovered that Roundcube incorrectly handled certain file-based attachment plugins. An attacker could exploit this to gain unauthorized access to arbitrary files on the host’s file system...

7.8CVSS7.8AI score0.42831EPSS
Exploits5
Ubuntu
Ubuntu
•added 2025/01/13 10:16 a.m.•19 views

USN-6940-2: snapd vulnerabilities

USN-6940-1 fixed vulnerabilities in snapd. This update provides the corresponding updates for Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Original advisory details: Neil McPhail discovered that snapd did not properly restrict writes to the /home/jslarraz/bin path in the AppArmor profile for snaps usin...

8.2CVSS7.6AI score0.00306EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/13 1:2 a.m.•22 views

USN-7199-1: xmltok library vulnerabilities

It was discovered that Expat, contained within the xmltok library, incorrectly handled malformed XML data. If a user or application were tricked into opening a crafted XML file, an attacker could cause a denial of service, or possibly execute arbitrary code. CVE-2015-1283, CVE-2016-0718,...

9.8CVSS8AI score0.19069EPSS
Exploits6
Ubuntu
Ubuntu
•added 2025/01/10 7:36 p.m.•28 views

USN-7169-5: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-49967, CVE-2024-53057, CVE-2024-502...

7.8CVSS7.1AI score0.00352EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/10 1:11 a.m.•13 views

USN-7198-1: rlottie vulnerabilities

Paolo Giai discovered a series of stack-based overflow vulnerabilities in the blit and grayrendercubic functions of a custom fork of the rlottie library. An attacker could possibly use this issue to leak sensitive information. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS...

7.1CVSS7.1AI score0.01425EPSS
Exploits7
Ubuntu
Ubuntu
•added 2025/01/09 4:31 p.m.•15 views

USN-7197-1: Go Networking vulnerability

Guido Vranken discovered that Go Networking handled input to the Parse functions inefficiently. An attacker could possibly use this issue to cause denial of service. This update addresses the issue in the golang-golang-x-net and golang-golang-x-net-dev packages, as well as the library vendored...

5.3CVSS7.1AI score0.00856EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/09 1:12 p.m.•15 views

USN-7185-2: Linux kernel (Azure) vulnerabilities

Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2022-36402 Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in th...

7.8CVSS7.1AI score0.00879EPSS
Exploits3
Ubuntu
Ubuntu
•added 2025/01/09 1:0 p.m.•28 views

USN-7169-4: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-49967, CVE-2024-53057, CVE-2024-502...

7.8CVSS7.1AI score0.00352EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/09 12:34 p.m.•23 views

USN-7196-1: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; -...

8.8CVSS7.5AI score0.00879EPSS
Exploits13
Ubuntu
Ubuntu
•added 2025/01/09 12:19 p.m.•27 views

USN-7195-1: Linux kernel (Azure) vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Several security issues were discover...

7.8CVSS7AI score0.0059EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/09 11:58 a.m.•37 views

USN-7194-1: Linux kernel (Azure) vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

9.1CVSS8.5AI score0.07693EPSS
Exploits15
Total number of security vulnerabilities10876