Lucene search
K
UbuntuRecent

10888 matches found

Ubuntu
Ubuntu
•added 2024/09/25 10:21 p.m.•260 views

USN-7035-1: AppArmor vulnerability

It was discovered that the AppArmor policy compiler incorrectly generated looser restrictions than expected for rules allowing mount operations. A local attacker could possibly use this to bypass AppArmor restrictions in applications where some mount operations were permitted...

9.8CVSS5.7AI score0.01034EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2024/09/25 4:32 p.m.•236 views

USN-7034-1: ca-certificates update

The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.64 version of the Mozilla certificate authority bundle...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2024/09/25 8:27 a.m.•31 views

USN-7009-2: Linux kernel vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Chenyuan Yang discovered that the USB Gadget subsystem in...

9.8CVSS7.5AI score0.02701EPSS
Exploits4
Ubuntu
Ubuntu
•added 2024/09/25 1:16 a.m.•12 views

USN-7033-1: Intel Microcode vulnerabilities

It was discovered that some IntelR Processors did not properly restrict access to the Running Average Power Limit RAPL interface. This may allow a local privileged attacker to obtain sensitive information. CVE-2024-23984 It was discovered that some IntelR Processors did not properly implement...

6.8CVSS6.3AI score0.00209EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/24 8:19 p.m.•6 views

USN-7032-1: Tomcat vulnerability

It was discovered that Tomcat incorrectly handled HTTP trailer headers. A remote attacker could possibly use this issue to perform HTTP request smuggling...

7.5CVSS7.1AI score0.02651EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/24 3:4 p.m.•16 views

USN-7031-2: Puma vulnerability

USN-7031-1 fixed CVE-2024-45614 in Puma for Ubuntu 24.04 LTS. This update fixes the CVE for Ubuntu 22.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that Puma incorrectly handled parsing certain headers. A remote attacker could possibly use this issue to overwrite heade...

5.4CVSS6.5AI score0.00646EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/24 1:16 p.m.•18 views

USN-7031-1: Puma vulnerability

It was discovered that Puma incorrectly handled parsing certain headers. A remote attacker could possibly use this issue to overwrite header values set by intermediate proxies by providing duplicate headers containing underscore characters...

5.4CVSS6.5AI score0.00646EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/24 8:8 a.m.•11 views

USN-7030-1: py7zr vulnerability

It was discovered that py7zr was vulnerable to path traversal attacks. If a user or automated system were tricked into extracting a specially crafted 7z archive, an attacker could possibly use this issue to write arbitrary files outside the target directory on the host...

9.1CVSS8.2AI score0.02242EPSS
Exploits3
Ubuntu
Ubuntu
•added 2024/09/23 5:2 p.m.•19 views

USN-7021-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - BTRFS file system; - F2FS file system; - GFS2 file system; - BPF subsystem; - Netfilter; - RxRPC...

7.8CVSS6.9AI score0.00306EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/23 4:18 p.m.•27 views

USN-7029-1: Linux kernel vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 It was discovered that the JFS file system contained an...

9.8CVSS7.5AI score0.02701EPSS
Exploits3
Ubuntu
Ubuntu
•added 2024/09/23 3:52 p.m.•32 views

USN-7007-3: Linux kernel vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Chenyuan Yang discovered that the USB Gadget subsystem in...

9.8CVSS7.5AI score0.02701EPSS
Exploits4
Ubuntu
Ubuntu
•added 2024/09/23 3:33 p.m.•34 views

USN-6999-2: Linux kernel vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 It was discovered that the JFS file system contained an...

9.8CVSS7.5AI score0.02701EPSS
Exploits3
Ubuntu
Ubuntu
•added 2024/09/23 10:54 a.m.•40 views

USN-7028-1: Linux kernel vulnerabilities

It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service system crash. Several security issues were discovered in the Linux kernel. An attacker could possibly use...

7.8CVSS6.9AI score0.00757EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/09/23 10:23 a.m.•21 views

USN-7020-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - SCSI drivers; - F2FS file system; - BPF subsystem; - IPv4 networking;...

7.8CVSS6.9AI score0.00261EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/23 9:59 a.m.•27 views

USN-7007-2: Linux kernel vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Chenyuan Yang discovered that the USB Gadget subsystem in...

9.8CVSS7.5AI score0.02701EPSS
Exploits4
Ubuntu
Ubuntu
•added 2024/09/23 12:56 a.m.•9 views

USN-6992-2: Firefox regressions

USN-6992-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...

8.2AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2024/09/19 7:42 p.m.•14 views

USN-6968-2: PostgreSQL vulnerability

USN-6968-1 fixed CVE-2024-7348 in PostgreSQL-12, PostgreSQL-14, and PostgreSQL-16 This update provides the corresponding updates for PostgreSQL-9.5 in Ubuntu 16.04 LTS. Original advisory details: Noah Misch discovered that PostgreSQL incorrectly handled certain SQL objects. An attacker could...

8.8CVSS7.6AI score0.01565EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/19 5:36 p.m.•19 views

USN-7015-2: Python vulnerabilities

USN-7015-1 fixed several vulnerabilities in Python. This update provides one of the corresponding updates for python2.7 for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS, and a second for python3.5 for Ubuntu 16.04 LTS. Original advisory details: It was discovered tha...

7.5CVSS6.9AI score0.02303EPSS
Exploits3
Ubuntu
Ubuntu
•added 2024/09/19 5:16 p.m.•15 views

USN-7027-1: Emacs vulnerabilities

It was discovered that Emacs incorrectly handled input sanitization. An attacker could possibly use this issue to execute arbitrary commands. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2022-45939 Xi Lu discovered that Emacs incorrectly handled input...

9.8CVSS6.9AI score0.01639EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2024/09/19 4:11 p.m.•9 views

USN-7024-1: tgt vulnerability

It was discovered that tgt attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical...

5.9CVSS5.2AI score0.00547EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/19 12:28 p.m.•8 views

USN-7025-1: LibreOffice vulnerability

It was discovered that LibreOffice would incorrectly handle digital signature verification after repairing a corrupted document. A remote attacker could possibly use this issue to forge valid signatures...

7.8CVSS7.2AI score0.00196EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/19 3:56 a.m.•27 views

USN-7023-1: Git vulnerabilities

Maxime Escourbiac and Yassine Bengana discovered that Git incorrectly handled some gettext machinery. An attacker could possibly use this issue to allows the malicious placement of crafted messages. This issue was fixed in Ubuntu 16.04 LTS. CVE-2023-25815 It was discovered that Git incorrectly...

9CVSS7.5AI score0.25334EPSS
Exploits34
Ubuntu
Ubuntu
•added 2024/09/18 6:34 p.m.•40 views

USN-7022-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Modular ISDN driver; - MMC subsystem; - SCSI drivers; - F2FS file system; - GFS2 file system; -...

7.8CVSS6.9AI score0.00306EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/18 4:21 p.m.•34 views

USN-7021-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - BTRFS file system; - F2FS file system; - GFS2 file system; - BPF subsystem; - Netfilter; - RxRPC...

7.8CVSS6.9AI score0.00306EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/18 3:1 p.m.•26 views

USN-7020-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - SCSI drivers; - F2FS file system; - BPF subsystem; - IPv4 networking;...

7.8CVSS6.9AI score0.00261EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/18 10:0 a.m.•11 views

USN-7019-1: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Gui-Dong Han discovered that the...

9.8CVSS8.1AI score0.02701EPSS
Exploits7
Ubuntu
Ubuntu
•added 2024/09/18 9:36 a.m.•55 views

USN-6885-3: Apache HTTP Server vulnerabilities

USN-6885-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Orange Tsai discovered that the Apache HTTP Server modrewrite module incorrectly handled certain substitutions. A remote attacker...

9.8CVSS7.6AI score0.99957EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/09/18 12:38 a.m.•14 views

USN-7018-1: OpenSSL vulnerabilities

Robert Merget, Marcus Brinkmann, Nimrod Aviram, and Juraj Somorovsky discovered that certain Diffie-Hellman ciphersuites in the TLS specification and implemented by OpenSSL contained a flaw. A remote attacker could possibly use this issue to eavesdrop on encrypted communications. This was fixed i...

10CVSS7.3AI score0.95764EPSS
Exploits6
Ubuntu
Ubuntu
•added 2024/09/17 1:11 p.m.•14 views

USN-7017-1: Quagga vulnerability

Iggy Frankovic discovered that Quagga incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause Quagga to crash, resulting in a denial of service...

9.8CVSS8AI score0.00641EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/17 1:7 p.m.•7 views

USN-7016-1: FRR vulnerability

Iggy Frankovic discovered that FRR incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service...

9.8CVSS8AI score0.00641EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/17 12:19 p.m.•154 views

USN-7000-2: Expat vulnerabilities

USN-7000-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: Shang-Hung Wan discovered that Expat did not properly handle certain function calls when a negative input length was provided. An attacker could use this issu...

9.8CVSS7.5AI score0.01686EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/17 11:54 a.m.•18 views

USN-7001-2: xmltok library vulnerabilities

USN-7001-1 fixed vulnerabilities in xmltol library. This update provides the corresponding updates for Ubuntu 24.04 LTS. Original advisory details: Shang-Hung Wan discovered that Expat, contained within the xmltok library, did not properly handle certain function calls when a negative input lengt...

9.8CVSS7.5AI score0.01686EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/17 8:41 a.m.•9 views

USN-7011-2: ClamAV vulnerabilities

USN-7011-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that ClamAV incorrectly handled certain PDF files. A remote attacker could possibly use this issue to cause...

7.5CVSS6.4AI score0.00555EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/17 5:18 a.m.•15 views

USN-7010-1: DCMTK vulnerabilities

Jinsheng Ba discovered that DCMTK incorrectly handled certain requests. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS...

7.5CVSS6.8AI score0.01692EPSS
Exploits5
Ubuntu
Ubuntu
•added 2024/09/16 12:15 p.m.•252 views

USN-7015-1: Python vulnerabilities

It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could possibly use this issue to bypass certain protection mechanisms. CVE-2023-27043 It was discovered that Python allowed excessive backtracking while parsing...

8.7CVSS6.8AI score0.02507EPSS
Exploits4
Ubuntu
Ubuntu
•added 2024/09/16 12:2 p.m.•261 views

USN-7014-1: nginx vulnerability

It was discovered that the nginx ngxhttpmp4 module incorrectly handled certain malformed mp4 files. In environments where the mp4 directive is in use, a remote attacker could possibly use this issue to cause nginx to crash, resulting in a denial of service...

5.7CVSS7.1AI score0.0032EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/16 11:52 a.m.•10 views

USN-7013-1: Dovecot vulnerabilities

It was discovered that Dovecot incorrectly handled a large number of address headers. A remote attacker could possibly use this issue to cause Dovecot to consume resources, leading to a denial of service. CVE-2024-23184 It was discovered that Dovecot incorrectly handled very large headers. A remo...

7.5CVSS7.3AI score0.01284EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/09/16 11:44 a.m.•10 views

USN-7012-1: curl vulnerability

Hiroki Kurosawa discovered that curl incorrectly handled certain OCSP responses. This could result in bad certificates not being checked properly, contrary to expectations...

6.5CVSS7AI score0.00729EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/09/16 11:34 a.m.•14 views

USN-7011-1: ClamAV vulnerabilities

It was discovered that ClamAV incorrectly handled certain PDF files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. CVE-2024-20505 It was discovered that ClamAV incorrectly handled logfile privileges. A local attacker could use this iss...

7.5CVSS6.3AI score0.00555EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/16 9:59 a.m.•17 views

USN-6560-3: OpenSSH vulnerability

USN-6560-2 fixed a vulnerability in OpenSSH. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: It was discovered that OpenSSH incorrectly handled user names or host names with shell metacharacters. An attacker could possibly use this issue to perform O...

6.5CVSS7.4AI score0.19753EPSS
Exploits7
Ubuntu
Ubuntu
•added 2024/09/13 11:47 a.m.•29 views

USN-7009-1: Linux kernel vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Chenyuan Yang discovered that the USB Gadget subsystem in...

9.8CVSS7.5AI score0.02701EPSS
Exploits4
Ubuntu
Ubuntu
•added 2024/09/13 11:22 a.m.•20 views

USN-7005-2: Linux kernel vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 It was discovered that the JFS file system contained an...

9.8CVSS7.5AI score0.02701EPSS
Exploits3
Ubuntu
Ubuntu
•added 2024/09/13 10:51 a.m.•20 views

USN-7008-1: Linux kernel vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 It was discovered that the JFS file system contained an...

9.8CVSS7.5AI score0.02701EPSS
Exploits3
Ubuntu
Ubuntu
•added 2024/09/13 9:38 a.m.•170 views

USN-7007-1: Linux kernel vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Chenyuan Yang discovered that the USB Gadget subsystem in...

9.8CVSS7.5AI score0.02701EPSS
Exploits4
Ubuntu
Ubuntu
•added 2024/09/13 8:1 a.m.•23 views

USN-7003-3: Linux kernel vulnerabilities

It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service system crash. CVE-2024-40902 Several security issues were discovered in the Linux kernel. An attacker could...

7.8CVSS7AI score0.00322EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/09/12 2:7 p.m.•18 views

USN-7006-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service system crash. CVE-2024-24860 It was discovered that the JFS file...

8.4CVSS6.7AI score0.00798EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/09/12 1:47 p.m.•25 views

USN-7005-1: Linux kernel vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 It was discovered that the JFS file system contained an...

9.8CVSS7.5AI score0.02701EPSS
Exploits3
Ubuntu
Ubuntu
•added 2024/09/12 1:23 p.m.•33 views

USN-7004-1: Linux kernel vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 It was discovered that the JFS file system contained an...

9.8CVSS7.5AI score0.02701EPSS
Exploits3
Ubuntu
Ubuntu
•added 2024/09/12 11:7 a.m.•248 views

USN-7002-1: Setuptools vulnerability

It was discovered that setuptools was vulnerable to remote code execution. An attacker could possibly use this issue to execute arbitrary code...

8.8CVSS7AI score0.01939EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/09/12 10:47 a.m.•31 views

USN-7003-2: Linux kernel vulnerabilities

It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service system crash. CVE-2024-40902 Several security issues were discovered in the Linux kernel. An attacker could...

7.8CVSS7AI score0.00322EPSS
Exploits1
Total number of security vulnerabilities10888