Lucene search
K
UbuntuRecent

10888 matches found

Ubuntu
Ubuntu
added 2024/08/19 3:54 p.m.59 views

USN-6951-3: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - User-Mode Linux UML; - x86 architecture; - Accessibility subsystem; -...

9.8CVSS7.3AI score0.02701EPSS
Exploits4
Ubuntu
Ubuntu
added 2024/08/19 3:4 p.m.360 views

USN-6968-1: PostgreSQL vulnerability

Noah Misch discovered that PostgreSQL incorrectly handled certain SQL objects. An attacker could possibly use this issue to execute arbitrary SQL functions as the superuser...

8.8CVSS7.5AI score0.01565EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/08/19 3:36 a.m.38 views

USN-6966-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2024-7518, CVE-2024-7521,...

9.8CVSS7.8AI score0.00602EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/08/19 12:28 a.m.40 views

USN-6837-2: Rack vulnerabilities

It was discovered that Rack incorrectly parsed certain media types. A remote attacker could possibly use this issue to cause Rack to consume resources, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2024-25126 It was discovered that Rack...

7.5CVSS6.5AI score0.35376EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/08/15 7:9 p.m.30 views

USN-6909-3: Bind vulnerabilities

USN-6909-1 fixed vulnerabilities in Bind. This update provides the corresponding updates for Ubuntu 16.04 LTS. Original advisory details: Toshifumi Sakaguchi discovered that Bind incorrectly handled having a very large number of RRs existing at the same time. A remote attacker could possibly use...

7.5CVSS7.7AI score0.02114EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/08/15 7:0 p.m.304 views

USN-6964-1: ORC vulnerability

Noriko Totsuka discovered that ORC incorrectly handled certain crafted file. An attacker could possibly use this issue to execute arbitrary code...

7CVSS7AI score0.00379EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/08/15 1:19 p.m.327 views

USN-6963-1: GNOME Shell vulnerability

It was discovered that GNOME Shell incorrectly opened the portal helper automatically when detecting a captive network portal. A remote attacker could possibly use this issue to load arbitrary web pages containing JavaScript, leading to resource consumption or other attacks...

6.5CVSS6.9AI score0.00299EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/08/15 11:55 a.m.16 views

USN-6962-1: LibreOffice vulnerability

It was discovered that LibreOffice incorrectly allowed users to enable macros when a cryptographic signature failed to validate. If a user were tricked into opening a specially crafted document, a remote attacker could possibly execute arbitrary macros...

7.8CVSS7.6AI score0.00238EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/08/14 6:58 p.m.424 views

USN-6961-1: BusyBox vulnerabilities

It was discovered that BusyBox did not properly validate user input when performing certain arithmetic operations. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to cause a denial of service, or execute arbitrary code...

9.8CVSS7.2AI score0.02979EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/08/14 5:25 p.m.59 views

USN-6951-2: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - User-Mode Linux UML; - x86 architecture; - Accessibility subsystem; -...

9.8CVSS7.3AI score0.02701EPSS
Exploits4
Ubuntu
Ubuntu
added 2024/08/14 4:16 p.m.31 views

USN-6960-1: RMagick vulnerability

Nick Browning discovered that RMagick incorrectly handled memory under certain operations. An attacker could possibly use this issue to cause a denial of service through memory exhaustion...

5.3CVSS5.4AI score0.00669EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/08/13 6:31 p.m.22 views

USN-6959-1: .NET vulnerability

It was discovered that .NET suffered from an information disclosure vulnerability. An attacker could potentially use this issue to read targeted email messages...

6.5CVSS6.4AI score0.0131EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/08/13 5:30 p.m.92 views

USN-6949-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - M68K architecture; - OpenRISC architecture; - PowerPC architecture; -...

9.8CVSS7.1AI score0.01483EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/08/13 3:39 p.m.33 views

USN-6958-1: Libcroco vulnerabilities

It was discovered that Libcroco was incorrectly accessing data structures when reading bytes from memory, which could cause a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2017-7960 It was discovered th...

7.1CVSS6.8AI score0.12996EPSS
Exploits7
Ubuntu
Ubuntu
added 2024/08/13 2:11 p.m.51 views

USN-6950-3: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - Block layer subsystem; - Bluetooth drivers; - Clock framework and...

9.8CVSS6.9AI score0.01305EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/08/13 6:44 a.m.376 views

USN-6954-1: QEMU vulnerabilities

Markus Frank and Fiona Ebner discovered that QEMU did not properly handle certain memory operations, leading to a NULL pointer dereference. An authenticated user could potentially use this issue to cause a denial of service. CVE-2023-6683 Xiao Lei discovered that QEMU did not properly handle...

8.8CVSS7AI score0.01397EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/08/13 12:30 a.m.51 views

USN-6950-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - Block layer subsystem; - Bluetooth drivers; - Clock framework and...

9.8CVSS6.9AI score0.01305EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/08/13 12:13 a.m.63 views

USN-6957-1: Linux kernel (Oracle) vulnerabilities

Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...

9.8CVSS7.7AI score0.01305EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/08/12 11:56 p.m.56 views

USN-6956-1: Linux kernel (Azure) vulnerabilities

Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...

8.1CVSS7.7AI score0.01305EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/08/12 6:5 p.m.100 views

USN-6955-1: Linux kernel (OEM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - M68K architecture; - OpenRISC architecture; - PowerPC architecture; -...

9.8CVSS7.1AI score0.01483EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/08/09 1:38 p.m.56 views

USN-6926-3: Linux kernel (Azure) vulnerabilities

黄思聪 discovered that the NFC Controller Interface NCI implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash...

8.8CVSS7.5AI score0.00829EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/08/09 12:8 a.m.56 views

USN-6953-1: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - User-Mode Linux UML; - x86 architecture; - Accessibility subsystem; -...

9.8CVSS7.3AI score0.02701EPSS
Exploits4
Ubuntu
Ubuntu
added 2024/08/09 12:6 a.m.117 views

USN-6952-1: Linux kernel vulnerabilities

Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...

9.8CVSS7.8AI score0.01483EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/08/08 10:45 p.m.404 views

USN-6951-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - User-Mode Linux UML; - x86 architecture; - Accessibility subsystem; -...

9.8CVSS7.3AI score0.02701EPSS
Exploits4
Ubuntu
Ubuntu
added 2024/08/08 10:9 p.m.396 views

USN-6950-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - Block layer subsystem; - Bluetooth drivers; - Clock framework and...

9.8CVSS6.9AI score0.01305EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/08/08 9:48 p.m.165 views

USN-6949-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - M68K architecture; - OpenRISC architecture; - PowerPC architecture; -...

9.8CVSS7.1AI score0.01483EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/08/08 7:21 p.m.37 views

USN-6948-1: Salt vulnerabilities

It was discovered that Salt incorrectly handled crafted web requests. A remote attacker could possibly use this issue to run arbitrary commands. CVE-2020-16846 It was discovered that Salt incorrectly created certificates with weak file permissions. CVE-2020-17490 It was discovered that Salt...

9.8CVSS7.3AI score0.99585EPSS
Exploits13
Ubuntu
Ubuntu
added 2024/08/08 2:20 a.m.390 views

USN-6947-1: Kerberos vulnerabilities

It was discovered that Kerberos incorrectly handled GSS message tokens where an unwrapped token could appear to be truncated. An attacker could possibly use this issue to cause a denial of service. CVE-2024-37370 It was discovered that Kerberos incorrectly handled GSS message tokens when sent a...

9.1CVSS7.2AI score0.01863EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/08/06 4:21 p.m.359 views

USN-6946-1: Django vulnerabilities

It was discovered that Django incorrectly handled certain strings in floatformat function. An attacker could possibly use this issue to cause a memory exhaustion. CVE-2024-41989 It was discovered that Django incorrectly handled very large inputs. An attacker could possibly use this issue to cause...

9.8CVSS7AI score0.01258EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/08/06 4:18 p.m.380 views

USN-6945-1: wpa_supplicant and hostapd vulnerability

Rory McNamara discovered that wpasupplicant could be made to load arbitrary shared objects by unprivileged users that have access to the control interface. An attacker could use this to escalate privileges to root...

8.8CVSS7.3AI score0.00658EPSS
Exploits1References1
Ubuntu
Ubuntu
added 2024/08/05 11:21 a.m.371 views

USN-6944-1: curl vulnerability

Dov Murik discovered that curl incorrectly handled parsing ASN.1 Generalized Time fields. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive memory contents...

6.5CVSS7AI score0.16212EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/08/02 9:36 a.m.231 views

USN-6895-4: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the HugeTLB file syst...

7.8CVSS7.4AI score0.00756EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/08/01 8:25 p.m.58 views

USN-6943-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly handled certain uncommon PersistenceManager with FileStore configurations. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected tomcat8 for Ubuntu 18.04 LTS CVE-2020-9484 It was discovered that Tomcat...

7.5CVSS7.6AI score0.71653EPSS
Exploits20
Ubuntu
Ubuntu
added 2024/08/01 4:54 p.m.27 views

USN-6909-2: Bind vulnerabilities

USN-6909-1 fixed several vulnerabilities in Bind. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Toshifumi Sakaguchi discovered that Bind incorrectly handled having a very large number of RRs existing at the same time. A remote attacker could possib...

7.5CVSS7.7AI score0.02114EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/08/01 3:9 p.m.44 views

USN-6926-2: Linux kernel vulnerabilities

黄思聪 discovered that the NFC Controller Interface NCI implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash...

8.8CVSS7.5AI score0.00829EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/08/01 2:27 p.m.18 views

USN-6942-1: Gross vulnerability

It was discovered that Gross incorrectly handled memory when composing log entries. An attacker could possibly use this issue to cause Gross to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.7AI score0.01055EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/08/01 1:39 p.m.46 views

USN-6922-2: Linux kernel vulnerabilities

It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. CVE-2024-24857, CVE-2024-24858, CVE-2024-24859 Chenyuan Yang discovered...

6.8CVSS6.7AI score0.00712EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/08/01 11:32 a.m.35 views

USN-6941-1: Python vulnerability

It was discovered that the Python ipaddress module contained incorrect information about which IP address ranges were considered “private” or “globally reachable”. This could possibly result in applications applying incorrect security policies...

7.5CVSS6.8AI score0.01034EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/08/01 6:35 a.m.363 views

USN-6940-1: snapd vulnerabilities

Neil McPhail discovered that snapd did not properly restrict writes to the $HOME/bin path in the AppArmor profile for snaps using the home plug. An attacker who could convince a user to install a malicious snap could use this vulnerability to escape the snap sandbox. CVE-2024-1724 Zeyad Gouda...

8.2CVSS7.6AI score0.00306EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/31 6:40 p.m.23 views

USN-6939-1: Exim vulnerability

Phillip Szelat discovered that Exim misparses multiline MIME header filenames. A remote attacker could use this issue to bypass a MIME filename extension-blocking protection mechanism and possibly deliver executable attachments to the mailboxes of end users...

5.4CVSS6.9AI score0.41225EPSS
Exploits5
Ubuntu
Ubuntu
added 2024/07/31 6:33 p.m.31 views

USN-6936-1: Apache Commons Collections vulnerability

It was discovered that Apache Commons Collections allowed serialization support for unsafe classes by default. A remote attacker could possibly use this issue to execute arbitrary code...

9.8CVSS8.4AI score0.96032EPSS
Exploits17
Ubuntu
Ubuntu
added 2024/07/31 6:1 p.m.35 views

USN-6913-2: phpCAS vulnerability

USN-6913-1 fixed CVE-2022-39369 for Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. This update provides the corresponding fix for Ubuntu 16.04 LTS. Original advisory details: Filip Hejsek discovered that phpCAS was using HTTP headers to determine the service URL used to validate tickets. A remote attacke...

8CVSS7.6AI score0.01064EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/31 4:1 p.m.83 views

USN-6938-1: Linux kernel vulnerabilities

It was discovered that the device input subsystem in the Linux kernel did not properly handle the case when an event code falls outside of a bitmap. A local attacker could use this to cause a denial of service system crash. CVE-2022-48619 黄思聪 discovered that the NFC Controller Interface NCI...

7.8CVSS7.2AI score0.00829EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/31 3:46 p.m.431 views

USN-6937-1: OpenSSL vulnerabilities

It was discovered that OpenSSL incorrectly handled TLSv1.3 sessions when certain non-default TLS server configurations were in use. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, leading to a denial of service. CVE-2024-2511 It was discovered that OpenSSL...

9.1CVSS7.3AI score0.54026EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/31 3:7 p.m.22 views

USN-6935-1: Prometheus Alertmanager vulnerability

It was discovered that prometheus-alertmanager didn't properly sanitize input it received through an API endpoint. An attacker with permission to send requests to this endpoint could potentially inject arbitrary code. On Ubuntu 20.04 LTS and Ubuntu 22.04 LTS, this vulnerability is only present if...

7.5CVSS7.3AI score0.00568EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/31 10:51 a.m.344 views

USN-6934-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.39 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. In addition to security fixes, the updated packages contain bug fixes, new...

6.5CVSS5.8AI score0.00904EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/31 8:17 a.m.40 views

USN-6933-1: ClickHouse vulnerabilities

It was discovered that ClickHouse incorrectly handled memory, leading to a heap out-of-bounds data read. An attacker could possibly use this issue to cause a denial of service, or leak sensitive information. CVE-2021-42387, CVE-2021-41388 It was discovered that ClickHouse incorrectly handled...

8.8CVSS8.5AI score0.01646EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/07/31 5:7 a.m.77 views

USN-6932-1: OpenJDK 21 vulnerabilities

It was discovered that the Hotspot component of OpenJDK 21 was not properly bounding certain UTF-8 strings, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2024-21131 It was discovered that the Hotspot...

7.4CVSS7.5AI score0.01257EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/31 5:6 a.m.51 views

USN-6931-1: OpenJDK 17 vulnerabilities

It was discovered that the Hotspot component of OpenJDK 17 was not properly bounding certain UTF-8 strings, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2024-21131 It was discovered that the Hotspot...

7.4CVSS7.5AI score0.01257EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/31 5:4 a.m.366 views

USN-6930-1: OpenJDK 11 vulnerabilities

It was discovered that the Hotspot component of OpenJDK 11 was not properly bounding certain UTF-8 strings, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2024-21131 It was discovered that the Hotspot...

7.4CVSS7.5AI score0.01257EPSS
Exploits0
Total number of security vulnerabilities10888