Lucene search
K
UbuntuRecent

10888 matches found

Ubuntu
Ubuntu
added 2024/07/31 3:41 a.m.412 views

USN-6929-1: OpenJDK 8 vulnerabilities

It was discovered that the Hotspot component of OpenJDK 8 was not properly bounding certain UTF-8 strings, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2024-21131 It was discovered that the Hotspot...

7.4CVSS7.5AI score0.01257EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/30 1:20 p.m.369 views

USN-6928-1: Python vulnerabilities

It was discovered that the Python ssl module contained a memory race condition when handling the APIs to obtain the CA certificates and certificate store statistics. This could possibly result in applications obtaining wrong results, leading to various SSL issues. CVE-2024-0397 It was discovered...

7.5CVSS6.8AI score0.01034EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/30 12:4 p.m.59 views

USN-6924-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM SCMI message protocol; - InfiniBand drivers; - TTY drivers; - TLS protocol; CVE-2022-48655, CVE-2024-36016,...

8.1CVSS6.8AI score0.00737EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/30 11:26 a.m.104 views

USN-6927-1: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Gui-Dong Han discovered that the...

9.1CVSS7.8AI score0.01401EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/30 10:59 a.m.45 views

USN-6923-2: Linux kernel vulnerabilities

Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...

8.1CVSS7.7AI score0.00814EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/30 10:33 a.m.62 views

USN-6921-2: Linux kernel vulnerabilities

Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...

7.7CVSS7.6AI score0.00276EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/29 4:21 p.m.390 views

USN-6926-1: Linux kernel vulnerabilities

黄思聪 discovered that the NFC Controller Interface NCI implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash...

8.8CVSS7.5AI score0.00829EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/29 2:55 p.m.22 views

USN-6925-1: Linux kernel vulnerability

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - IPv4 networking; CVE-2024-26882...

7.8CVSS7.1AI score0.00829EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/29 1:55 p.m.67 views

USN-6924-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM SCMI message protocol; - InfiniBand drivers; - TTY drivers; - TLS protocol; CVE-2024-26584, CVE-2024-36016,...

8.1CVSS6.8AI score0.00737EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/29 12:51 p.m.63 views

USN-6921-1: Linux kernel vulnerabilities

Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...

7.7CVSS7.6AI score0.00276EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/29 10:38 a.m.58 views

USN-6923-1: Linux kernel vulnerabilities

Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...

8.1CVSS7.7AI score0.00814EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/29 9:54 a.m.48 views

USN-6922-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. CVE-2024-24857, CVE-2024-24858, CVE-2024-24859 Chenyuan Yang discovered...

6.8CVSS6.7AI score0.00712EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/29 4:27 a.m.108 views

USN-6916-1: Lua vulnerabilities

It was discovered that Lua did not properly generate code when "ENV" is constant. An attacker could possibly use this issue to cause a denial of service or execute arbitrary unstrusted lua code. CVE-2022-28805 It was discovered that Lua did not properly handle C stack overflows during error...

9.1CVSS7.5AI score0.02919EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/07/29 4:18 a.m.37 views

USN-6920-1: EDK II vulnerabilities

It was discovered that EDK II was not properly performing bounds checks in Tianocompress, which could lead to a buffer overflow. An authenticated user could use this issue to potentially escalate their privileges via local access. CVE-2017-5731 It was discovered that EDK II had an insufficient...

9.8CVSS7.4AI score0.01338EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/26 3:11 p.m.76 views

USN-6919-1: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 It was discovered that the ATA over...

9.1CVSS7.5AI score0.01635EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/26 2:39 p.m.45 views

USN-6918-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker...

9.1CVSS7AI score0.01401EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/26 1:52 p.m.77 views

USN-6917-1: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Gui-Dong Han discovered that the...

9.8CVSS7.1AI score0.01401EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/25 11:55 p.m.56 views

USN-6200-2: ImageMagick vulnerabilities

USN-6200-1 fixed vulnerabilities in ImageMagick. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. This update fixes the problem. Original advisory details: It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected...

5.5CVSS7AI score0.01018EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/07/24 8:7 p.m.22 views

USN-6915-1: poppler vulnerability

It was discovered that poppler incorrectly handled certain malformed PDF. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.4AI score0.00785EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/24 7:22 p.m.33 views

USN-6914-1: OCS Inventory vulnerability

Filip Hejsek discovered that the phpCAS library included in OCS Inventory was using HTTP headers to determine the service URL used to validate tickets. A remote attacker could possibly use this issue to gain access to a victim's account...

8CVSS7.6AI score0.01064EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/24 6:45 p.m.43 views

USN-6913-1: phpCAS vulnerability

Filip Hejsek discovered that phpCAS was using HTTP headers to determine the service URL used to validate tickets. A remote attacker could possibly use this issue to gain access to a victim's account on a vulnerable CASified service. This security update introduces an incompatible API change. Afte...

8CVSS7.5AI score0.01064EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/24 8:18 a.m.15 views

USN-6912-1: provd vulnerability

James Henstridge discovered that provd incorrectly handled environment variables. A local attacker could possibly use this issue to run arbitrary programs and escalate privileges...

8.8CVSS5.3AI score0.00263EPSS
Exploits1References1
Ubuntu
Ubuntu
added 2024/07/24 4:36 a.m.399 views

USN-6906-1: python-zipp vulnerability

It was discovered that python-zipp did not properly handle the zip files with malformed names. An attacker could possibly use this issue to cause a denial of service...

6.2CVSS6.8AI score0.00236EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/23 8:39 p.m.66 views

USN-6910-1: Apache ActiveMQ vulnerabilities

Chess Hazlett discovered that Apache ActiveMQ incorrectly handled certain commands. A remote attacker could possibly use this issue to terminate the program, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2015-7559 Peter Stöckli discovered that Apache ActiveMQ...

10CVSS7AI score0.99654EPSS
Exploits33
Ubuntu
Ubuntu
added 2024/07/23 4:55 p.m.29 views

USN-6530-2: HAProxy vulnerability

Seth Manesse and Paul Plasil discovered that HAProxy incorrectly handled URI components containing the hash character . A remote attacker could possibly use this issue to obtain sensitive information, or to bypass certain pathend rules...

8.2CVSS6.8AI score0.01526EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/23 4:41 p.m.33 views

USN-6911-1: Nova vulnerability

Arnaud Morin discovered that Nova incorrectly handled certain raw format images. An authenticated user could use this issue to access arbitrary files on the server, possibly exposing sensitive information...

6.5CVSS5.7AI score0.00941EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/23 3:24 p.m.31 views

USN-6907-1: Squid vulnerability

Joshua Rogers discovered that Squid did not properly handle multi-byte characters during Edge Side Includes ESI processing. A remote attacker could possibly use this issue to cause a memory corruption error, leading to a denial of service...

6.3CVSS6.5AI score0.06255EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/23 2:19 p.m.387 views

USN-6909-1: Bind vulnerabilities

It was discovered that Bind incorrectly handled a flood of DNS messages over TCP. A remote attacker could possibly use this issue to cause Bind to become unstable, resulting in a denial of service. CVE-2024-0760 Toshifumi Sakaguchi discovered that Bind incorrectly handled having a very large numb...

7.5CVSS7.5AI score0.0468EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/23 2:3 p.m.54 views

USN-6908-1: Tomcat vulnerabilities

It was discovered that the Tomcat SSI printenv command echoed user provided data without escaping it. An attacker could possibly use this issue to perform an XSS attack. CVE-2019-0221 It was discovered that Tomcat incorrectly handled certain uncommon PersistenceManager with FileStore...

7CVSS7.2AI score0.56636EPSS
Exploits18
Ubuntu
Ubuntu
added 2024/07/23 9:43 a.m.58 views

USN-6898-4: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Gui-Dong Han discovered that the...

9.1CVSS7.1AI score0.01401EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/23 9:12 a.m.54 views

USN-6893-3: Linux kernel vulnerabilities

It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. CVE-2024-24857, CVE-2024-24858, CVE-2024-24859 Several security issues we...

9.1CVSS7AI score0.01401EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/23 7:58 a.m.39 views

USN-6896-5: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

9.1CVSS7.5AI score0.01635EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/23 12:16 a.m.30 views

USN-6905-1: Rack vulnerabilities

It was discovered that Rack incorrectly handled certain regular expressions. A remote attacker could possibly use this issue to cause Rack to consume resources, leading to a denial of service. CVE-2023-27539 It was discovered that Rack incorrectly handled Multipart MIME parsing. A remote attacker...

7.5CVSS6.6AI score0.0183EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/22 2:30 p.m.22 views

USN-6904-1: PyMongo vulnerability

It was discovered that PyMongo incorrectly handled certain BSON. An attacker could possibly use this issue to read sensitive information or cause a crash...

8.1CVSS6.3AI score0.00663EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/22 2:59 a.m.51 views

USN-6903-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

9.8CVSS7.7AI score0.00977EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/19 10:36 a.m.74 views

USN-6896-4: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

9.1CVSS7.5AI score0.01635EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/19 9:39 a.m.99 views

USN-6898-3: Linux kernel kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Gui-Dong Han discovered that the...

9.1CVSS7.1AI score0.01401EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/19 9:4 a.m.292 views

USN-6895-3: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the HugeTLB file syst...

7.8CVSS7.4AI score0.00756EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/18 11:49 a.m.84 views

USN-6902-1: Apache HTTP Server vulnerability

It was discovered that the Apache HTTP Server incorrectly handled certain handlers configured via AddType. A remote attacker could possibly use this issue to obtain source code...

5.3CVSS7.1AI score0.04134EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/07/18 5:18 a.m.29 views

USN-6901-1: stunnel vulnerability

It was discovered that stunnel did not properly validate client certificates when configured to use both the redirect and verifyChain options. A remote attacker could potentially use this issue to obtain sensitive information by accessing the tunneled service...

7.5CVSS7.2AI score0.01179EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/17 4:22 p.m.85 views

USN-6896-3: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

9.1CVSS7.5AI score0.01635EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/17 3:48 p.m.79 views

USN-6900-1: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the HugeTLB file syst...

7.8CVSS7.4AI score0.01287EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/17 3:9 p.m.49 views

USN-6898-2: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Gui-Dong Han discovered that the...

9.1CVSS7.1AI score0.01401EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/16 1:3 p.m.373 views

USN-6899-1: GTK vulnerability

It was discovered that GTK would attempt to load modules from the current directory, contrary to expectations. If users started GTK applications from shared directories, a local attacker could use this issue to execute arbitrary code, and possibly escalate privileges...

7CVSS7AI score0.00464EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/16 12:18 p.m.29 views

LSN-0105-1: Kernel Live Patch Security Notice

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.CVE-2023-6270 It was discovered that the netfilter connecti...

7CVSS7AI score0.01287EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/16 11:47 a.m.84 views

USN-6896-2: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

9.1CVSS7.5AI score0.01635EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/16 10:12 a.m.73 views

USN-6895-2: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the HugeTLB file syst...

7.8CVSS7.4AI score0.00756EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/16 9:17 a.m.72 views

USN-6893-2: Linux kernel vulnerabilities

It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. CVE-2024-24857, CVE-2024-24858, CVE-2024-24859 Several security issues we...

9.1CVSS7AI score0.01401EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/15 4:13 p.m.322 views

USN-6898-1: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Gui-Dong Han discovered that the...

9.1CVSS7.1AI score0.01401EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/15 11:27 a.m.302 views

USN-6897-1: Ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly handled certain long PDF filter names. An attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. CVE-2024-29506 It was discovered that...

8.8CVSS6.5AI score0.01446EPSS
Exploits0
Total number of security vulnerabilities10888