Lucene search
K
UbuntuRecent

10888 matches found

Ubuntu
Ubuntu
•added 2024/10/14 12:54 p.m.•24 views

USN-7015-4: Python vulnerability

USN-7015-1 fixed several vulnerabilities in Python. This update provides the corresponding update for CVE-2023-27043 for python2.7 and python3.5 in Ubuntu 14.04 LTS. Original advisory details: It was discovered that the Python email module incorrectly parsed email addresses that contain special...

5.3CVSS6.8AI score0.02507EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/10/14 12:54 p.m.•25 views

USN-7067-1: HAProxy vulnerability

It was discovered that HAProxy did not properly limit the creation of new HTTP/2 streams. A remote attacker could possibly use this issue to cause HAProxy to consume excessive resources, leading to a denial of service...

7.5CVSS7.2AI score0.99999EPSS
Exploits19
Ubuntu
Ubuntu
•added 2024/10/14 6:21 a.m.•10 views

USN-7066-1: Thunderbird vulnerability

Damien Schaeffer discovered that Thunderbird did not properly manage certain memory operations when processing content in the Animation timelines. An attacker could potentially exploit this issue to achieve arbitrary code execution...

9.8CVSS8.6AI score0.32568EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/10/14 3:51 a.m.•11 views

USN-7065-1: Firefox vulnerability

Damien Schaeffer discovered that Firefox did not properly manage memory in the content process when handling Animation timelines, leading to a use after free vulnerability. An attacker could possibly use this issue to achieve remote code execution...

9.8CVSS8.9AI score0.32568EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/10/11 4:51 p.m.•13 views

USN-7063-1: Ubuntu Advantage Desktop Daemon vulnerability

Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon leaked the Pro token to unprivileged users by passing the token as an argument in plaintext. An attacker could use this issue to gain unauthorized access to an Ubuntu Pro subscription. CVE-2024-6388...

5.9CVSS5.4AI score0.00147EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/11 9:9 a.m.•24 views

USN-7020-4: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - SCSI drivers; - F2FS file system; - BPF subsystem; - IPv4 networking;...

7.8CVSS6.9AI score0.00261EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/10 12:55 p.m.•33 views

USN-7061-1: Go vulnerabilities

Hunter Wittenborn discovered that Go incorrectly handled the sanitization of environment variables. An attacker could possibly use this issue to run arbitrary commands. CVE-2023-24531 Sohom Datta discovered that Go did not properly validate backticks as Javascript string delimiters, and did not...

9.8CVSS7.3AI score0.03796EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/10 12:6 p.m.•7 views

USN-7062-1: libgsf vulnerabilities

It was discovered that libgsf incorrectly handled certain Compound Document Binary files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary code...

8.4CVSS6.7AI score0.00457EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/10 8:26 a.m.•19 views

USN-7022-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Modular ISDN driver; - MMC subsystem; - SCSI drivers; - F2FS file system; - GFS2 file system; -...

7.8CVSS6.9AI score0.00306EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/10 3:41 a.m.•18 views

USN-7060-1: EDK II vulnerabilities

It was discovered that EDK II did not check the buffer length in XHCI, which could lead to a stack overflow. A local attacker could potentially use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2019-0161 Laszlo Ersek discovered that E...

10CVSS7.7AI score0.83223EPSS
Exploits8
Ubuntu
Ubuntu
•added 2024/10/09 3:1 p.m.•10 views

USN-7059-1: OATH Toolkit vulnerability

Fabian Vogt discovered that OATH Toolkit incorrectly handled file permissions. A remote attacker could possibly use this issue to overwrite root owned files, leading to a privilege escalation attack. CVE-2024-47191...

7.1CVSS7AI score0.00341EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/09 12:0 p.m.•17 views

USN-7043-4: cups-filters vulnerabilities

USN-7043-1 fixed vulnerabilities in cups-filters. This update improves the fix for CVE-2024-47176 by removing support for the legacy CUPS printer discovery protocol entirely. Original advisory details: Simone Margaritelli discovered that the cups-filters cups-browsed component could be used to...

8.6CVSS7.9AI score0.8344EPSS
Exploits15
Ubuntu
Ubuntu
•added 2024/10/09 11:55 a.m.•21 views

USN-7042-2: cups-browsed vulnerability

USN-7042-1 fixed a vulnerability in cups-browsed. This update improves the fix by removing support for the legacy CUPS printer discovery protocol entirely. Original advisory details: Simone Margaritelli discovered that cups-browsed could be used to create arbitrary printers from outside the local...

5.3CVSS7.9AI score0.62269EPSS
Exploits14
Ubuntu
Ubuntu
•added 2024/10/08 7:17 p.m.•236 views

USN-7058-1: .NET vulnerabilities

Brennan Conroy discovered that the .NET Kestrel web server did not properly handle closing HTTP/3 streams under certain circumstances. An attacker could possibly use this issue to achieve remote code execution. This vulnerability only impacted .NET8. CVE-2024-38229 It was discovered that .NET...

8.1CVSS8.4AI score0.03009EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/08 4:35 p.m.•12 views

USN-7057-2: WEBrick vulnerability

USN-7057-1 fixed a vulnerability in WEBrick. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: It was discovered that WEBrick incorrectly handled having both a Content- Length header and a Transfer-Encoding header. A remote attacker could possibly use...

6.9AI score0.00393EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/08 2:18 p.m.•20 views

USN-7014-2: nginx vulnerability

USN-7014-1 fixed a vulnerability in nginx. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that the nginx ngxhttpmp4 module incorrectly handled certain malformed mp4 files. In environments where the mp4 directi...

5.7CVSS7.1AI score0.0032EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/07 11:29 a.m.•12 views

USN-7057-1: WEBrick vulnerability

It was discovered that WEBrick incorrectly handled having both a Content- Length header and a Transfer-Encoding header. A remote attacker could possibly use this issue to perform a HTTP request smuggling attack...

6.9AI score0.00393EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/07 9:41 a.m.•18 views

USN-7043-3: cups-filters vulnerability

USN-7043-1 fixed a vulnerability in cups-filters. This update provides the corresponding update for Ubuntu 16.04 LTS Original advisory details: Simone Margaritelli discovered that the cups-filters cups-browsed component could be used to create arbitrary printers from outside the local network. In...

5.3CVSS7.7AI score0.62269EPSS
Exploits14
Ubuntu
Ubuntu
•added 2024/10/07 8:42 a.m.•14 views

USN-7041-3: CUPS vulnerability

USN-7041-1 fixed a vulnerability in CUPS. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: Simone Margaritelli discovered that CUPS incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate P...

9.8CVSS7.9AI score0.73062EPSS
Exploits5
Ubuntu
Ubuntu
•added 2024/10/07 3:43 a.m.•5 views

USN-7056-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2024-9392, CVE-2024-9396,...

9.8CVSS7.8AI score0.00738EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/03 2:24 p.m.•14 views

USN-7055-1: FreeRADIUS vulnerability

Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc Stevens, and Adam Suhl discovered that FreeRADIUS incorrectly authenticated certain responses. An attacker able to intercept communications between a RADIUS client and server could possibly use this issue to forge responses,...

9CVSS7.9AI score0.14859EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/10/03 2:10 p.m.•22 views

USN-7053-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or potentially leak sensitive information. These...

9.8CVSS7AI score0.04352EPSS
Exploits23
Ubuntu
Ubuntu
•added 2024/10/03 11:53 a.m.•12 views

USN-7054-1: unzip vulnerability

It was discovered that unzip did not properly handle unicode strings under certain circumstances. If a user were tricked into opening a specially crafted zip file, an attacker could possibly use this issue to cause unzip to crash, resulting in a denial of service, or possibly execute arbitrary co...

3.3CVSS6.2AI score0.0057EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/10/03 10:48 a.m.•14 views

USN-7021-4: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - BTRFS file system; - F2FS file system; - GFS2 file system; - BPF subsystem; - Netfilter; - RxRPC...

7.8CVSS6.9AI score0.00306EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/03 5:14 a.m.•14 views

USN-7052-1: GNOME Shell vulnerabilities

It was discovered that GNOME Shell mishandled extensions that fail to reload, possibly leading to extensions staying enabled on the lock screen. An attacker could possibly use this issue to launch applications, view sensitive information, or execute arbitrary commands. CVE-2017-8288 It was...

8.1CVSS6.3AI score0.0294EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/10/02 3:58 a.m.•10 views

USN-7051-1: AsyncSSH vulnerability

Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being...

5.9CVSS7AI score0.93305EPSS
Exploits4
Ubuntu
Ubuntu
•added 2024/10/01 2:47 p.m.•11 views

USN-7050-1: Devise-Two-Factor vulnerabilities

Benoit Côté-Jodoin and Michael Nipper discovered that Devise-Two-Factor incorrectly handled one-time password validation. An attacker could possibly use this issue to intercept and re-use a one-time password. CVE-2021-43177 Garrett Rappaport discovered that Devise-Two-Factor incorrectly handled...

6CVSS5.7AI score0.00846EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/01 1:54 p.m.•26 views

USN-7022-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Modular ISDN driver; - MMC subsystem; - SCSI drivers; - F2FS file system; - GFS2 file system; -...

7.8CVSS6.9AI score0.00306EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/01 1:46 p.m.•14 views

USN-7043-2: cups-filters vulnerability

USN-7043-1 fixed a vulnerability in cups-filters. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Simone Margaritelli discovered that the cups-filters cups-browsed component could be used to create arbitrary printers from outside the local network. I...

5.3CVSS7.9AI score0.62269EPSS
Exploits14
Ubuntu
Ubuntu
•added 2024/10/01 1:24 p.m.•18 views

USN-7049-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled parsing multipart form data. A remote attacker could possibly use this issue to inject payloads and cause PHP to ignore legitimate data. CVE-2024-8925 It was discovered that PHP incorrectly handled the cgi.forceredirect configuration option due to...

7.5CVSS7.1AI score0.01077EPSS
Exploits3
Ubuntu
Ubuntu
•added 2024/10/01 1:21 p.m.•36 views

USN-7003-5: Linux kernel vulnerabilities

It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service system crash. CVE-2024-40902 Several security issues were discovered in the Linux kernel. An attacker could...

7.8CVSS7AI score0.00322EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/10/01 12:25 p.m.•237 views

USN-7048-1: Vim vulnerability

Suyue Guo discovered that Vim incorrectly handled memory when flushing the typeahead buffer, leading to heap-buffer-overflow. An attacker could possibly use this issue to cause a denial of service...

4.5CVSS5.6AI score0.00296EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/01 11:15 a.m.•11 views

USN-7041-2: CUPS vulnerability

USN-7041-1 fixed a vulnerability in CUPS. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Simone Margaritelli discovered that CUPS incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate P...

9.8CVSS7.9AI score0.73062EPSS
Exploits5
Ubuntu
Ubuntu
•added 2024/10/01 11:11 a.m.•11 views

USN-6964-2: ORC vulnerability

USN-6964-1 fixed a vulnerability in ORC. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Noriko Totsuka discovered that ORC incorrectly handled certain specially crafted files. An attacker could possibly use this issue to execut...

7CVSS7.5AI score0.00379EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/10/01 7:4 a.m.•25 views

USN-7015-3: Python vulnerability

USN-7015-1 fixed several vulnerabilities in Python. This update provides the corresponding updates for CVE-2023-27043 for python2.7 in Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS, and for python3.5 in Ubuntu 16.04 LTS. Original advisory details: It was discovered th...

5.3CVSS6.8AI score0.02507EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/09/30 6:14 p.m.•242 views

USN-7046-1: Flatpak and Bubblewrap vulnerability

It was discovered that Flatpak incorrectly handled certain persisted directories. An attacker could possibly use this issue to read and write files in locations it would not normally have access to. A patch was also needed to Bubblewrap in order to avoid race conditions caused by this fix...

10CVSS8.1AI score0.01283EPSS
Exploits1References1
Ubuntu
Ubuntu
•added 2024/09/26 8:40 p.m.•16 views

USN-7045-1: libppd vulnerability

Simone Margaritelli discovered that libppd incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used...

9.8CVSS7.9AI score0.73062EPSS
Exploits5
Ubuntu
Ubuntu
•added 2024/09/26 8:35 p.m.•16 views

USN-7044-1: libcupsfilters vulnerability

Simone Margaritelli discovered that libcupsfilters incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used...

8.6CVSS7.9AI score0.8344EPSS
Exploits5
Ubuntu
Ubuntu
•added 2024/09/26 8:30 p.m.•16 views

USN-7043-1: cups-filters vulnerabilities

Simone Margaritelli discovered that the cups-filters cups-browsed component could be used to create arbitrary printers from outside the local network. In combination with issues in other printing components, a remote attacker could possibly use this issue to connect to a system, created manipulat...

8.6CVSS7.9AI score0.8344EPSS
Exploits15
Ubuntu
Ubuntu
•added 2024/09/26 8:24 p.m.•19 views

USN-7042-1: cups-browsed vulnerability

Simone Margaritelli discovered that cups-browsed could be used to create arbitrary printers from outside the local network. In combination with issues in other printing components, a remote attacker could possibly use this issue to connect to a system, created manipulated PPD files, and execute...

5.3CVSS7.7AI score0.62269EPSS
Exploits14
Ubuntu
Ubuntu
•added 2024/09/26 8:12 p.m.•242 views

USN-7041-1: CUPS vulnerability

Simone Margaritelli discovered that CUPS incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used...

9.8CVSS7.9AI score0.73062EPSS
Exploits5
Ubuntu
Ubuntu
•added 2024/09/26 4:19 p.m.•237 views

USN-7040-1: ConfigObj vulnerability

It was discovered that ConfigObj contains regex that is susceptible to catastrophic backtracking. An attacker could possibly use this issue to cause a regular expression denial of service...

5.9CVSS5.5AI score0.01259EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/09/26 11:58 a.m.•45 views

USN-7039-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Input Device Tablet drivers; - Modular ISDN driver; - Multiple devices driver; - Network drivers; -...

7.8CVSS6.8AI score0.00689EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/09/26 11:24 a.m.•21 views

USN-7021-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - BTRFS file system; - F2FS file system; - GFS2 file system; - BPF subsystem; - Netfilter; - RxRPC...

7.8CVSS6.9AI score0.00306EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/26 10:57 a.m.•29 views

USN-7020-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - SCSI drivers; - F2FS file system; - BPF subsystem; - IPv4 networking;...

7.8CVSS6.9AI score0.00261EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/26 10:9 a.m.•11 views

USN-7034-2: ca-certificates update

USN-7034-1 updated ca-certificates. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.64...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2024/09/26 9:55 a.m.•19 views

USN-7003-4: Linux kernel vulnerabilities

It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service system crash. CVE-2024-40902 Several security issues were discovered in the Linux kernel. An attacker could...

7.8CVSS7AI score0.00322EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/09/26 9:9 a.m.•237 views

USN-7038-1: APR vulnerability

Thomas Stangner discovered a permission vulnerability in the Apache Portable Runtime APR library. A local attacker could possibly use this issue to read named shared memory segments, potentially exposing sensitive application data...

5.5CVSS6.5AI score0.00332EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/26 6:38 a.m.•240 views

USN-7037-1: OpenJPEG vulnerability

It was discovered that OpenJPEG could enter a large loop and continuously print warning messages when given specially crafted input. An attacker could potentially use this issue to cause a denial of service...

4.3CVSS5.7AI score0.00528EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/26 4:19 a.m.•24 views

USN-7036-1: Rack vulnerabilities

It was discovered that Rack was not properly parsing data when processing multipart POST requests. If a user or automated system were tricked into sending a specially crafted multipart POST request to an application using Rack, a remote attacker could possibly use this issue to cause a denial of...

10CVSS8AI score0.35376EPSS
Exploits2References1
Total number of security vulnerabilities10888