Lucene search
K
UbuntuRecent

10876 matches found

Ubuntu
Ubuntu
•added 2024/11/01 11:48 a.m.•28 views

USN-7089-1: Linux kernel vulnerabilities

Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. CVE-2024-25741 Several security issues were discovered in the Linux kernel. An...

7.8CVSS7AI score0.00478EPSS
Exploits4
Ubuntu
Ubuntu
•added 2024/10/31 3:50 p.m.•36 views

USN-7088-1: Linux kernel vulnerabilities

Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2022-36402 Several security issues were discovered in the Linux kernel. An attacker could...

8.8CVSS7.1AI score0.00879EPSS
Exploits6
Ubuntu
Ubuntu
•added 2024/10/31 1:4 p.m.•27 views

USN-7076-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Microsoft Azure Network Adapter MANA driver; - Watchdog drivers; - Netfilter; - Network traffic control;...

7.8CVSS6.9AI score0.00257EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/10/31 12:7 p.m.•33 views

USN-7021-5: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - BTRFS file system; - F2FS file system; - GFS2 file system; - BPF subsystem; - Netfilter; - RxRPC...

7.8CVSS6.9AI score0.00306EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/31 9:9 a.m.•14 views

USN-7086-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2024-10458 CVE-2024-10459,...

9.8CVSS7.7AI score0.00815EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/31 8:55 a.m.•240 views

USN-7087-1: libarchive vulnerability

It was discovered that libarchive incorrectly handled certain RAR archive files. If a user or automated system were tricked into processing a specially crafted RAR archive, an attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitra...

7.3CVSS7.4AI score0.03154EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/30 1:21 p.m.•12 views

USN-7085-2: X.Org X Server vulnerability

USN-7085-1 fixed a vulnerability in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations in the X Keyboard Extension. An attacker...

7.8CVSS7.8AI score0.00894EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/30 11:55 a.m.•240 views

USN-7084-2: pip vulnerability

USN-7084-1 fixed vulnerability in urllib3. This update provides the corresponding update for the urllib3 module bundled into pip. Original advisory details: It was discovered that urllib3 didn't strip HTTP Proxy-Authorization header on cross-origin redirects. A remote attacker could possibly use...

6.5CVSS6.8AI score0.01141EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/10/30 8:52 a.m.•80 views

USN-7085-1: X.Org X Server vulnerability

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations in the X Keyboard Extension. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code...

7.8CVSS7.8AI score0.00894EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/29 3:4 p.m.•241 views

USN-7084-1: urllib3 vulnerability

It was discovered that urllib3 didn't strip HTTP Proxy-Authorization header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information...

6.5CVSS6.8AI score0.01141EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/10/29 11:15 a.m.•15 views

USN-7064-2: nano vulnerability

USN-7064-1 fixed a vulnerability in nano. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: It was discovered that nano allowed a possible privilege escalation through an insecure temporary file. If nano was killed while editing, the permissions grante...

6.7CVSS7.2AI score0.00346EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/23 6:46 a.m.•246 views

USN-7082-1: libheif vulnerability

Gerrard Tai discovered that libheif did not properly validate certain images, leading to out-of-bounds read and write vulnerability. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or to obtai...

8.1CVSS7.8AI score0.00825EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/10/23 2:47 a.m.•24 views

USN-7081-1: Go vulnerabilities

It was discovered that the Go net/http module did not properly handle responses to requests with an "Expect: 100-continue" header under certain circumstances. An attacker could possibly use this issue to cause a denial of service. CVE-2024-24791 It was discovered that the Go parser module did not...

7.5CVSS6.9AI score0.01414EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/22 1:9 p.m.•240 views

USN-7080-1: Unbound vulnerability

Toshifumi Sakaguchi discovered that Unbound incorrectly handled name compression for large RRsets, which could lead to excessive CPU usage. An attacker could potentially use this issue to cause a denial of service by sending specially crafted DNS responses...

5.3CVSS6.7AI score0.00806EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/22 11:42 a.m.•6 views

USN-7079-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

6.5CVSS7AI score0.00915EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/22 4:28 a.m.•13 views

USN-7078-1: Firefox vulnerability

Atte Kettunen discovered that Firefox did not properly validate before inserting ranges into the selection node cache. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

6.5CVSS7.9AI score0.00258EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/21 5:21 p.m.•32 views

USN-7072-2: Linux kernel (GKE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Watchdog drivers; - Netfilter; - Network traffic control; CVE-2024-38630, CVE-2024-27397, CVE-2024-45016...

7.8CVSS6.9AI score0.00257EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/10/21 12:38 p.m.•9 views

USN-7062-2: libgsf vulnerabilities

USN-7062-1 fixed vulnerabilities in libgsf. This update provides the corresponding updates for Ubuntu 24.10. Original advisory details: It was discovered that libgsf incorrectly handled certain Compound Document Binary files. If a user or automated system were tricked into opening a specially...

8.4CVSS6.8AI score0.00457EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/21 12:33 p.m.•16 views

USN-7042-3: cups-browsed vulnerability

USN-7042-2 released an improved fix for cups-browsed. This update provides the corresponding update for Ubuntu 24.10. Original advisory details: Simone Margaritelli discovered that cups-browsed could be used to create arbitrary printers from outside the local network. In combination with issues i...

5.3CVSS7.9AI score0.62269EPSS
Exploits14
Ubuntu
Ubuntu
•added 2024/10/21 12:6 a.m.•258 views

USN-7077-1: AMD Microcode vulnerability

Enrique Nissim and Krzysztof Okupski discovered that some AMD processors did not properly restrict access to the System Management Mode SMM configuration when the SMM Lock was enabled. A privileged local attacker could possibly use this issue to further escalate their privileges and execute...

7.5CVSS7.8AI score0.00622EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/17 5:19 p.m.•33 views

USN-7069-2: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - Cryptographic API; - CPU frequency scaling framework; - HW tracing; - ISDN/mISDN subsystem; -...

7.8CVSS7.3AI score0.02701EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/10/17 4:44 p.m.•27 views

USN-7028-2: Linux kernel (Azure) vulnerabilities

It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service system crash. Several security issues were discovered in the Linux kernel. An attacker could possibly use...

7.8CVSS6.9AI score0.00757EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/10/17 4:19 p.m.•32 views

USN-7076-1: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Microsoft Azure Network Adapter MANA driver; - Watchdog drivers; - Netfilter; - Network traffic control;...

7.8CVSS6.9AI score0.00257EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/10/17 4:10 p.m.•13 views

USN-7059-2: OATH Toolkit vulnerability

USN-7059-1 fixed a vulnerability in OATH Toolkit library. This update provides the corresponding update for Ubuntu 24.10. Original advisory details: Fabian Vogt discovered that OATH Toolkit incorrectly handled file permissions. A remote attacker could possibly use this issue to overwrite root own...

7.1CVSS7AI score0.00341EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/17 4:10 p.m.•29 views

USN-7073-2: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Watchdog drivers; - Netfilter; - Memory management; - Network traffic control; CVE-2024-27397, CVE-2024-38630,...

7.8CVSS6.9AI score0.00257EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/10/17 2:34 p.m.•34 views

USN-7074-1: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Microsoft Azure Network Adapter MANA driver; - Network traffic control; CVE-2024-45016, CVE-2024-45001...

5.5CVSS7.1AI score0.00239EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/16 10:52 p.m.•29 views

USN-7073-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Watchdog drivers; - Netfilter; - Memory management; - Network traffic control; CVE-2024-27397, CVE-2024-38630,...

7.8CVSS6.9AI score0.00257EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/10/16 10:46 p.m.•27 views

USN-7072-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Watchdog drivers; - Netfilter; - Network traffic control; CVE-2024-38630, CVE-2024-27397, CVE-2024-45016...

7.8CVSS6.9AI score0.00257EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/10/16 10:39 p.m.•26 views

USN-7071-1: Linux kernel vulnerability

A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystems: - Network traffic control; CVE-2024-45016...

5.5CVSS7AI score0.00239EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/16 4:46 a.m.•8 views

USN-7048-2: Vim vulnerability

USN-7048-1 fixed a vulnerability in Vim. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: Suyue Guo discovered that Vim incorrectly handled memory when flushing the typeahead buffer, leading to heap-buffer-overflow. An attacker could possibly use this...

4.5CVSS5.7AI score0.00296EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/16 4:36 a.m.•245 views

USN-7070-1: libarchive vulnerabilities

It was discovered that libarchive mishandled certain memory checks, which could result in a NULL pointer dereference. An attacker could potentially use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubun...

9.8CVSS6.5AI score0.01936EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/10/16 4:33 a.m.•10 views

USN-7038-2: APR vulnerability

USN-7038-1 fixed a vulnerability in Apache Portable Runtime APR library. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: Thomas Stangner discovered a permission vulnerability in the Apache Portable Runtime APR library. A local attacker could possibly...

5.5CVSS6.5AI score0.00332EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/15 10:13 p.m.•24 views

USN-7069-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - Cryptographic API; - CPU frequency scaling framework; - HW tracing; - ISDN/mISDN subsystem; -...

7.8CVSS7.3AI score0.02701EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/10/15 12:29 p.m.•241 views

USN-7064-1: nano vulnerability

It was discovered that nano allowed a possible privilege escalation through an insecure temporary file. If nano was killed while editing, the permissions granted to the emergency save file could be used by an attacker to escalate privileges using a malicious symlink...

6.7CVSS7.2AI score0.00346EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/15 8:18 a.m.•18 views

USN-7068-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into processing a specially crafted file, an attacker could exploit this to cause a denial of service or affect the reliability of the system. The...

8.8CVSS6.9AI score0.05916EPSS
Exploits24
Ubuntu
Ubuntu
•added 2024/10/14 3:57 p.m.•9 views

USN-7040-2: ConfigObj vulnerability

USN-7040-1 fixed a vulnerability in ConfigObj. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: It was discovered that ConfigObj contains regex that is susceptible to catastrophic backtracking. An attacker could possibly use this issue to cause a...

5.9CVSS5.5AI score0.01259EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/10/14 3:48 p.m.•12 views

USN-7014-3: nginx vulnerability

USN-7014-1 fixed a vulnerability in nginx. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: It was discovered that the nginx ngxhttpmp4 module incorrectly handled certain malformed mp4 files. In environments where the mp4 directive is in use, a remote...

5.7CVSS7.1AI score0.0032EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/14 2:0 p.m.•12 views

USN-6968-3: PostgreSQL vulnerability

USN-6968-1 fixed CVE-2024-7348 in PostgreSQL-12, PostgreSQL-14, and PostgreSQL-16. This update provides the corresponding updates for PostgreSQL-9.3 in Ubuntu 14.04 LTS and PostgreSQL-10 in Ubuntu 18.04 LTS. Original advisory details: Noah Misch discovered that PostgreSQL incorrectly handled...

8.8CVSS7.6AI score0.01565EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/14 12:54 p.m.•24 views

USN-7015-4: Python vulnerability

USN-7015-1 fixed several vulnerabilities in Python. This update provides the corresponding update for CVE-2023-27043 for python2.7 and python3.5 in Ubuntu 14.04 LTS. Original advisory details: It was discovered that the Python email module incorrectly parsed email addresses that contain special...

5.3CVSS6.8AI score0.02507EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/10/14 12:54 p.m.•25 views

USN-7067-1: HAProxy vulnerability

It was discovered that HAProxy did not properly limit the creation of new HTTP/2 streams. A remote attacker could possibly use this issue to cause HAProxy to consume excessive resources, leading to a denial of service...

7.5CVSS7.2AI score0.99999EPSS
Exploits19
Ubuntu
Ubuntu
•added 2024/10/14 6:21 a.m.•10 views

USN-7066-1: Thunderbird vulnerability

Damien Schaeffer discovered that Thunderbird did not properly manage certain memory operations when processing content in the Animation timelines. An attacker could potentially exploit this issue to achieve arbitrary code execution...

9.8CVSS8.6AI score0.32568EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/10/14 3:51 a.m.•11 views

USN-7065-1: Firefox vulnerability

Damien Schaeffer discovered that Firefox did not properly manage memory in the content process when handling Animation timelines, leading to a use after free vulnerability. An attacker could possibly use this issue to achieve remote code execution...

9.8CVSS8.9AI score0.32568EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/10/11 4:51 p.m.•13 views

USN-7063-1: Ubuntu Advantage Desktop Daemon vulnerability

Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon leaked the Pro token to unprivileged users by passing the token as an argument in plaintext. An attacker could use this issue to gain unauthorized access to an Ubuntu Pro subscription. CVE-2024-6388...

5.9CVSS5.4AI score0.00147EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/11 9:9 a.m.•24 views

USN-7020-4: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - SCSI drivers; - F2FS file system; - BPF subsystem; - IPv4 networking;...

7.8CVSS6.9AI score0.00261EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/10 12:55 p.m.•33 views

USN-7061-1: Go vulnerabilities

Hunter Wittenborn discovered that Go incorrectly handled the sanitization of environment variables. An attacker could possibly use this issue to run arbitrary commands. CVE-2023-24531 Sohom Datta discovered that Go did not properly validate backticks as Javascript string delimiters, and did not...

9.8CVSS7.3AI score0.03796EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/10 12:6 p.m.•7 views

USN-7062-1: libgsf vulnerabilities

It was discovered that libgsf incorrectly handled certain Compound Document Binary files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary code...

8.4CVSS6.7AI score0.00457EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/10 8:26 a.m.•19 views

USN-7022-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Modular ISDN driver; - MMC subsystem; - SCSI drivers; - F2FS file system; - GFS2 file system; -...

7.8CVSS6.9AI score0.00306EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/10 3:41 a.m.•17 views

USN-7060-1: EDK II vulnerabilities

It was discovered that EDK II did not check the buffer length in XHCI, which could lead to a stack overflow. A local attacker could potentially use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2019-0161 Laszlo Ersek discovered that E...

10CVSS7.7AI score0.83223EPSS
Exploits8
Ubuntu
Ubuntu
•added 2024/10/09 3:1 p.m.•9 views

USN-7059-1: OATH Toolkit vulnerability

Fabian Vogt discovered that OATH Toolkit incorrectly handled file permissions. A remote attacker could possibly use this issue to overwrite root owned files, leading to a privilege escalation attack. CVE-2024-47191...

7.1CVSS7AI score0.00341EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/09 12:0 p.m.•16 views

USN-7043-4: cups-filters vulnerabilities

USN-7043-1 fixed vulnerabilities in cups-filters. This update improves the fix for CVE-2024-47176 by removing support for the legacy CUPS printer discovery protocol entirely. Original advisory details: Simone Margaritelli discovered that the cups-filters cups-browsed component could be used to...

8.6CVSS7.9AI score0.8344EPSS
Exploits15
Total number of security vulnerabilities10876