Lucene search
K
UbuntuRecent

10888 matches found

Ubuntu
Ubuntu
•added 2025/01/13 12:47 p.m.•13 views

USN-7201-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS6.8AI score0.14492EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/13 11:51 a.m.•14 views

USN-7200-1: Roundcube vulnerability

It was discovered that Roundcube incorrectly handled certain file-based attachment plugins. An attacker could exploit this to gain unauthorized access to arbitrary files on the host’s file system...

7.8CVSS7.8AI score0.42831EPSS
Exploits5
Ubuntu
Ubuntu
•added 2025/01/13 10:16 a.m.•19 views

USN-6940-2: snapd vulnerabilities

USN-6940-1 fixed vulnerabilities in snapd. This update provides the corresponding updates for Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Original advisory details: Neil McPhail discovered that snapd did not properly restrict writes to the /home/jslarraz/bin path in the AppArmor profile for snaps usin...

8.2CVSS7.6AI score0.00306EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/13 1:2 a.m.•22 views

USN-7199-1: xmltok library vulnerabilities

It was discovered that Expat, contained within the xmltok library, incorrectly handled malformed XML data. If a user or application were tricked into opening a crafted XML file, an attacker could cause a denial of service, or possibly execute arbitrary code. CVE-2015-1283, CVE-2016-0718,...

9.8CVSS8AI score0.19069EPSS
Exploits6
Ubuntu
Ubuntu
•added 2025/01/10 7:36 p.m.•29 views

USN-7169-5: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-49967, CVE-2024-53057, CVE-2024-502...

7.8CVSS7.1AI score0.00352EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/10 1:11 a.m.•14 views

USN-7198-1: rlottie vulnerabilities

Paolo Giai discovered a series of stack-based overflow vulnerabilities in the blit and grayrendercubic functions of a custom fork of the rlottie library. An attacker could possibly use this issue to leak sensitive information. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS...

7.1CVSS7.1AI score0.01425EPSS
Exploits7
Ubuntu
Ubuntu
•added 2025/01/09 4:31 p.m.•15 views

USN-7197-1: Go Networking vulnerability

Guido Vranken discovered that Go Networking handled input to the Parse functions inefficiently. An attacker could possibly use this issue to cause denial of service. This update addresses the issue in the golang-golang-x-net and golang-golang-x-net-dev packages, as well as the library vendored...

5.3CVSS7.1AI score0.00856EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/09 1:12 p.m.•15 views

USN-7185-2: Linux kernel (Azure) vulnerabilities

Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2022-36402 Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in th...

7.8CVSS7.1AI score0.00879EPSS
Exploits3
Ubuntu
Ubuntu
•added 2025/01/09 1:0 p.m.•28 views

USN-7169-4: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-49967, CVE-2024-53057, CVE-2024-502...

7.8CVSS7.1AI score0.00352EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/09 12:34 p.m.•24 views

USN-7196-1: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; -...

8.8CVSS7.5AI score0.00879EPSS
Exploits13
Ubuntu
Ubuntu
•added 2025/01/09 12:19 p.m.•27 views

USN-7195-1: Linux kernel (Azure) vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Several security issues were discover...

7.8CVSS7AI score0.0059EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/09 11:58 a.m.•37 views

USN-7194-1: Linux kernel (Azure) vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

9.1CVSS8.5AI score0.07693EPSS
Exploits15
Ubuntu
Ubuntu
•added 2025/01/09 11:22 a.m.•19 views

USN-7186-2: Linux kernel vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

9.1CVSS8.4AI score0.07693EPSS
Exploits7
Ubuntu
Ubuntu
•added 2025/01/09 3:54 a.m.•10 views

USN-7193-1: Thunderbird vulnerability

Masato Kinugawa discovered that Thunderbird did not properly validate the CSP policy in the Web Compatibility extension. An attacker could potentially exploit this issue to perform a cross-site scripting attack...

6.1CVSS7.5AI score0.00495EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/09 3:48 a.m.•12 views

USN-7192-1: xfpt vulnerability

It was discovered that xfpt did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause the application to crash or execute arbitrary code...

7.8CVSS7.3AI score0.00258EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/09 1:37 a.m.•9 views

USN-7191-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2025-0237, CVE-2025-0239,...

9.8CVSS7.2AI score0.1307EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/08 6:44 a.m.•18 views

USN-7190-1: Tinyproxy vulnerability

It was discovered that Tinyproxy did not properly manage memory during the parsing of HTTP connection headers. An attacker could use this issue to cause a DoS or possibly execute arbitrary code...

9.8CVSS6.3AI score0.63076EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/01/08 1:23 a.m.•10 views

USN-7189-1: HTMLDOC vulnerabilities

It was discovered that HTMLDOC incorrectly handled certain inputs, which could lead to an integer overflow. An attacker could potentially use this issue to cause a denial of service or execute arbitrary code. CVE-2021-20308 It was discovered that HTMLDOC incorrectly handled memory in pspdfexport,...

9.8CVSS7.5AI score0.07349EPSS
Exploits13
Ubuntu
Ubuntu
•added 2025/01/08 12:32 a.m.•11 views

USN-7188-1: FFmpeg vulnerability

It was discovered that FFmpeg incorrectly handled certain input, which could lead to an integer overflow. An attacker could possibly use this issue to cause a denial of service by crashing the application...

6.2CVSS6.8AI score0.00238EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/07 4:6 p.m.•27 views

USN-7179-3: Linux kernel (GKE) vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

8.8CVSS8.1AI score0.07693EPSS
Exploits7
Ubuntu
Ubuntu
•added 2025/01/07 2:39 p.m.•27 views

USN-7169-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-49967, CVE-2024-53057, CVE-2024-502...

7.8CVSS7.1AI score0.00352EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/07 2:23 p.m.•20 views

USN-7167-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-50264, CVE-2024-49967, CVE-2024-530...

7.8CVSS7.1AI score0.00352EPSS
Exploits1
Ubuntu
Ubuntu
•added 2025/01/06 10:10 p.m.•13 views

USN-7187-1: Linux kernel (OEM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Intel ASoC drivers; CVE-2024-50011, CVE-2024-47715...

5.5CVSS7AI score0.00218EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/06 9:5 p.m.•31 views

USN-7186-1: Linux kernel (Intel IoTG) vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

9.1CVSS8.4AI score0.07693EPSS
Exploits7
Ubuntu
Ubuntu
•added 2025/01/06 8:57 p.m.•25 views

USN-7179-2: Linux kernel vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

8.8CVSS8.1AI score0.07693EPSS
Exploits7
Ubuntu
Ubuntu
•added 2025/01/06 7:37 p.m.•15 views

USN-7185-1: Linux kernel vulnerabilities

Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2022-36402 Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in th...

7.8CVSS7.1AI score0.00879EPSS
Exploits3
Ubuntu
Ubuntu
•added 2025/01/06 7:14 p.m.•21 views

USN-7184-1: Linux kernel vulnerabilities

Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2022-36402 Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in th...

7.8CVSS7AI score0.00879EPSS
Exploits2
Ubuntu
Ubuntu
•added 2025/01/06 7:7 p.m.•22 views

USN-7183-1: Linux kernel vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

8.8CVSS8.2AI score0.07693EPSS
Exploits8
Ubuntu
Ubuntu
•added 2025/01/06 2:44 p.m.•22 views

USN-7159-5: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - S390 architecture; - x86 architecture; - Power management core; - GPU...

7.8CVSS7AI score0.00289EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/06 2:27 p.m.•22 views

USN-7154-2: Linux kernel (HWE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; -...

8.8CVSS7.5AI score0.00879EPSS
Exploits12
Ubuntu
Ubuntu
•added 2025/01/06 1:41 p.m.•155 views

USN-7182-1: Ceph vulnerability

It was discovered that Ceph incorrectly handled unsupported JWT algorithms in the RadosGW gateway. An attacker could possibly use this issue to bypass certain authentication checks and restrictions...

8.1CVSS7.5AI score0.00192EPSS
Exploits0
Ubuntu
Ubuntu
•added 2025/01/06 1:9 p.m.•9 views

USN-7181-1: Salt vulnerability

It was discovered that Salt incorrectly handled web requests when the SSH client was enabled. An attacker could possibly use this issue to achieve remote code execution or obtain sensitive information...

9.8CVSS8.8AI score0.99585EPSS
Exploits5
Ubuntu
Ubuntu
•added 2025/01/06 11:34 a.m.•179 views

USN-7180-1: Python vulnerabilities

It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code or cause a crash. CVE-2022-48560 It was discovered that Python did not properly handle XML entity declarations in plist files. An attacker could possibly use this...

9.8CVSS7.9AI score0.20459EPSS
Exploits8
Ubuntu
Ubuntu
•added 2025/01/06 8:56 a.m.•8 views

USN-7140-2: Tinyproxy vulnerability

USN-7140-1 fixed CVE-2022-40468 in tinyproxy. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: It was discovered that Tinyproxy did not properly manage memory under certain circumstances. An attacker could possibly use this issue to leak left-over hea...

7.5CVSS6.2AI score0.01413EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/12/20 8:33 p.m.•254 views

USN-7179-1: Linux kernel vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

8.8CVSS8.1AI score0.07693EPSS
Exploits7
Ubuntu
Ubuntu
•added 2024/12/20 7:43 p.m.•46 views

USN-7173-2: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Several security issues were discover...

7.8CVSS7AI score0.0059EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/12/20 12:51 p.m.•57 views

USN-7166-3: Linux kernel (HWE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - ACPI...

9.1CVSS7.4AI score0.01367EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/12/20 12:33 p.m.•33 views

USN-7159-4: Linux kernel (IoT) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - S390 architecture; - x86 architecture; - Power management core; - GPU...

7.8CVSS7AI score0.00289EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/12/19 2:10 p.m.•16 views

USN-7178-1: DPDK vulnerability

It was discovered that DPDK incorrectly handled the Vhost library checksum offload feature. An malicious guest could possibly use this issue to cause the hypervisor's vSwitch to crash, resulting in a denial of service...

7.4CVSS7.2AI score0.00551EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/12/19 11:12 a.m.•34 views

LSN-0108-1: Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request goes to the backlog and cryptoaeaddecrypt returns -EBUSY, tlsdodecryption will wait until all async decryptions have completed. If one of them fails,...

8.4CVSS6.9AI score0.00757EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/12/18 6:38 p.m.•9 views

USN-7177-1: YARA vulnerability

It was discovered that YARA did not properly sanitize its configuration settings. An attacker could potentially exploit this issue to cause a denial of service...

5.5CVSS5.7AI score0.0084EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/12/18 6:26 p.m.•35 views

USN-7169-2: Linux kernel (GCP) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-49967, CVE-2024-53057, CVE-2024-502...

7.8CVSS7.1AI score0.00352EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/12/18 3:34 p.m.•14 views

USN-7172-1: libvpx vulnerability

It was discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a specially crafted file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, and...

8.8CVSS8.1AI score0.34401EPSS
Exploits3
Ubuntu
Ubuntu
•added 2024/12/18 1:29 p.m.•154 views

USN-7176-1: GStreamer Good Plugins vulnerabilities

Antonio Morales discovered that GStreamer Good Plugins incorrectly handled certain malformed media files. An attacker could use these issues to cause GStreamer Good Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.2AI score0.01344EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/12/18 1:24 p.m.•156 views

USN-7175-1: GStreamer Base Plugins vulnerabilities

Antonio Morales discovered that GStreamer Base Plugins incorrectly handled certain malformed media files. An attacker could use these issues to cause GStreamer Base Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.4AI score0.01298EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/12/18 1:12 p.m.•153 views

USN-7174-1: GStreamer vulnerability

Antonio Morales discovered that GStreamer incorrectly handled allocating memory for certain buffers. An attacker could use this issue to cause GStreamer to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.5AI score0.01344EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/12/18 1:5 p.m.•21 views

USN-7171-1: PHPUnit vulnerability

It was discovered that PHPUnit incorrectly handled web requests if exposed to the internet. An attacker could possibly use this issue to achive remote code execution or obtain sensitive information...

9.8CVSS8.1AI score0.99999EPSS
Exploits19
Ubuntu
Ubuntu
•added 2024/12/18 9:48 a.m.•17 views

USN-7168-1: EditorConfig vulnerabilities

It was discovered that EditorConfig improperly managed memory when handling certain inputs, leading to overflows. An attacker could possibly use these issues to cause a denial of service, or execute arbitrary code...

7.8CVSS7.6AI score0.00965EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/12/17 11:40 p.m.•51 views

USN-7159-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - S390 architecture; - x86 architecture; - Power management core; - GPU...

7.8CVSS7AI score0.00289EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/12/17 11:22 p.m.•29 views

USN-7166-2: Linux kernel (AWS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - ACPI...

9.1CVSS7.4AI score0.01367EPSS
Exploits0
Total number of security vulnerabilities10888