Lucene search
K
UbuntuRecent

10888 matches found

Ubuntu
Ubuntu
added 2024/07/12 2:12 p.m.310 views

USN-6896-1: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

9.1CVSS7.5AI score0.01635EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/12 10:2 a.m.63 views

USN-6895-1: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the HugeTLB file syst...

7.8CVSS7.4AI score0.00756EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/11 9:29 p.m.45 views

USN-6864-3: Linux kernel (GKE) vulnerabilities

It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. CVE-2024-21823 A security issue was discovere...

7.5CVSS6.8AI score0.01287EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/11 8:8 p.m.35 views

USN-6894-1: Apport vulnerabilities

Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. CVE-2021-3899 Gerrit Venema discovered that Apport incorrectly handled connections to...

7.8CVSS7AI score0.00384EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/11 7:1 p.m.139 views

USN-6893-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. CVE-2024-24857, CVE-2024-24858, CVE-2024-24859 Several security issues we...

9.1CVSS7AI score0.01401EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/11 5:25 p.m.90 views

USN-6885-2: Apache HTTP Server regression

USN-6885-1 fixed vulnerabilities in Apache HTTP Server. One of the security fixes introduced a regression when proxying requests to a HTTP/2 server. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Marc Stern discovered that the Apache HTTP Server...

7.6AI score
Exploits0References1
Ubuntu
Ubuntu
added 2024/07/11 11:54 a.m.488 views

USN-6891-1: Python vulnerabilities

It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. CVE-2015-20107 It was discovered that Python incorrectly used regular expressions vulnerable to...

9.8CVSS7.7AI score0.23293EPSS
Exploits27
Ubuntu
Ubuntu
added 2024/07/11 10:41 a.m.44 views

USN-6888-2: Django vulnerabilities

USN-6888-1 fixed several vulnerabilities in Django. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Elias Myllymäki discovered that Django incorrectly handled certain inputs with a large number of brackets. A remote attacker could possibly use this...

7.5CVSS6.8AI score0.28637EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/10 9:11 p.m.62 views

USN-6866-3: Linux kernel (Azure) vulnerabilities

It was discovered that the ext4 file system implementation in the Linux kernel did not properly validate data state on write operations. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service system crash. CVE-2021-33631 It w...

7.8CVSS7.7AI score0.08555EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/10 9:9 p.m.49 views

USN-6868-2: Linux kernel (AWS) vulnerabilities

Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida discovered that the Linux kernel mitigations for the initial Branch History Injection vulnerability CVE-2022-0001 were insufficient for Intel processors. A local attacker could potentially use this to expose sensitive...

5.5CVSS7.2AI score0.08555EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/10 9:6 p.m.72 views

USN-6892-1: Linux kernel (IBM) vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

9.1CVSS7.4AI score0.01635EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/10 6:7 a.m.284 views

USN-6889-1: .NET vulnerabilities

It was discovered that .NET did not properly handle object deserialization. An attacker could possibly use this issue to cause a denial of service. CVE-2024-30105 Radek Zikmund discovered that .NET did not properly manage memory. An attacker could use this issue to cause a denial of service or...

8.1CVSS7.8AI score0.02915EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/10 5:51 a.m.82 views

USN-6890-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2024-6601, CVE-2024-6604,...

9.8CVSS7.7AI score0.00977EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/09 5:5 p.m.41 views

USN-6888-1: Django vulnerabilities

Elias Myllymäki discovered that Django incorrectly handled certain inputs with a large number of brackets. A remote attacker could possibly use this issue to cause Django to consume resources or stop responding, resulting in a denial of service. CVE-2024-38875 It was discovered that Django...

7.5CVSS6.7AI score0.28637EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/09 2:4 p.m.37 views

USN-6887-1: OpenSSH vulnerability

Philippos Giavridis, Jacky Wei En Kung, Daniel Hugenroth, and Alastair Beresford discovered that the OpenSSH ObscureKeystrokeTiming feature did not work as expected. A remote attacker could possibly use this issue to determine timing information about keystrokes...

7.5CVSS6AI score0.01634EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/09 12:12 p.m.73 views

USN-6886-1: Go vulnerabilities

It was discovered that the Go net/http module did not properly handle the requests when request's headers exceed MaxHeaderBytes. An attacker could possibly use this issue to cause a panic resulting into a denial of service. This issue only affected Go 1.21 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS...

9.8CVSS7.3AI score0.91969EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/09 1:11 a.m.38 views

USN-6880-1: Tomcat vulnerability

Sam Shahsavar discovered that Apache Tomcat did not properly reject HTTP requests with an invalid Content-Length header. A remote attacker could possibly use this issue to perform HTTP request smuggling attacks...

7.5CVSS7.2AI score0.01448EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/08 5:56 p.m.403 views

USN-6885-1: Apache HTTP Server vulnerabilities

Marc Stern discovered that the Apache HTTP Server incorrectly handled serving WebSocket protocol upgrades over HTTP/2 connections. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. CVE-2024-36387 Orange Tsai discovered that the Apache...

9.8CVSS7.6AI score0.99957EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/07/08 11:59 a.m.38 views

USN-6884-1: Nova vulnerability

Martin Kaesberger discovered that Nova incorrectly handled QCOW2 image processing. An authenticated user could use this issue to access arbitrary files on the server, possibly exposing sensitive information...

6.5CVSS6.7AI score0.00835EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/08 11:55 a.m.32 views

USN-6883-1: OpenStack Glance vulnerability

Martin Kaesberger discovered that Glance incorrectly handled QCOW2 image processing. An authenticated user could use this issue to access arbitrary files on the server, possibly exposing sensitive information...

6.5CVSS6.7AI score0.00835EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/08 11:49 a.m.32 views

USN-6882-1: Cinder vulnerability

Martin Kaesberger discovered that Cinder incorrectly handled QCOW2 image processing. An authenticated user could use this issue to access arbitrary files on the server, possibly exposing sensitive information...

6.5CVSS6.7AI score0.00835EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/08 9:37 a.m.23 views

USN-6881-1: Exim vulnerability

It was discovered that Exim did not enforce STARTTLS sync point on client side. An attacker could possibly use this issue to perform response injection during MTA SMTP sending...

7.5CVSS7.5AI score0.01996EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/04 8:25 p.m.40 views

USN-6879-1: Virtuoso Open-Source Edition vulnerabilities

Jingzhou Fu discovered that Virtuoso Open-Source Edition incorrectly handled certain crafted SQL statements. An attacker could possibly use this issue to crash the program, resulting in a denial of service. CVE-2023-31620, CVE-2023-31622, CVE-2023-31624, CVE-2023-31626, CVE-2023-31627,...

8.8CVSS7.4AI score0.00905EPSS
Exploits13
Ubuntu
Ubuntu
added 2024/07/04 7:11 p.m.62 views

USN-6866-2: Linux kernel (Azure) vulnerabilities

It was discovered that the ext4 file system implementation in the Linux kernel did not properly validate data state on write operations. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service system crash. CVE-2021-33631 It w...

7.8CVSS7.7AI score0.08555EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/04 5:50 p.m.65 views

USN-6870-2: Linux kernel (AWS) vulnerabilities

It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. CVE-2024-21823 Several security issues were...

7.5CVSS6.8AI score0.01287EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/04 4:56 p.m.59 views

USN-6873-2: Linux kernel (StarFive) vulnerabilities

It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. CVE-2024-21823 Several security issues were...

7.5CVSS6.8AI score0.01287EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/04 4:43 p.m.62 views

USN-6864-2: Linux kernel vulnerabilities

It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. CVE-2024-21823 A security issue was discovere...

7.5CVSS6.8AI score0.01287EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/04 4:35 p.m.50 views

USN-6872-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystem: - Netfilter; CVE-2024-26809, CVE-2024-26643, CVE-2024-26925, CVE-2024-26924...

5.9CVSS6.8AI score0.01287EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/04 4:25 p.m.27 views

USN-6876-1: Kopano Core vulnerabilities

It was discovered that Kopano Core allowed out-of-bounds access. An attacker could use this issue to expose private information. This issue only affected Ubuntu 18.04 LTS. CVE-2019-19907 It was discovered that Kopano Core allowed possible authentication with expired passwords. An attacker could u...

9.8CVSS8.3AI score0.02192EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/07/04 3:29 p.m.155 views

USN-6878-1: Linux kernel (Oracle) vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...

9.1CVSS7.4AI score0.01635EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/04 1:18 p.m.24 views

USN-6877-1: LibreOffice vulnerability

It was discovered that LibreOffice incorrectly performed TLS certificate verification when the LibreOfficeKit library is being used by third-party components. A remote attacker could possibly use this issue to obtain sensitive information...

10CVSS5.8AI score0.00428EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/04 2:24 a.m.64 views

USN-6875-1: Linux kernel (Azure) vulnerabilities

It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. CVE-2024-21823 Several security issues were...

7.5CVSS6.8AI score0.01287EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/04 2:21 a.m.51 views

USN-6864-1: Linux kernel vulnerabilities

It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. CVE-2024-21823 A security issue was discovere...

7.5CVSS6.8AI score0.01287EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/04 2:18 a.m.51 views

USN-6863-1: Linux kernel vulnerability

A security issue was discovered in the Linux kernel. An attacker could possibly use it to compromise the system. This update corrects flaws in the following subsystem: - Netfilter; CVE-2024-26924...

5.9CVSS6.8AI score0.01287EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/04 2:0 a.m.57 views

USN-6874-1: Linux kernel (Azure) vulnerabilities

It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. CVE-2024-21823 Several security issues were...

7.5CVSS6.8AI score0.01287EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/04 1:58 a.m.50 views

USN-6873-1: Linux kernel vulnerabilities

It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. CVE-2024-21823 Several security issues were...

7.5CVSS6.8AI score0.01287EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/04 1:55 a.m.50 views

USN-6872-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystem: - Netfilter; CVE-2024-26809, CVE-2024-26643, CVE-2024-26925, CVE-2024-26924...

5.9CVSS6.8AI score0.01287EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/04 1:32 a.m.152 views

USN-6871-1: Linux kernel (HWE) vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

9.1CVSS7.4AI score0.01635EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/04 1:25 a.m.39 views

USN-6870-1: Linux kernel vulnerabilities

It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. CVE-2024-21823 Several security issues were...

7.5CVSS6.8AI score0.01287EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/04 1:6 a.m.56 views

USN-6869-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystem: - Netfilter; CVE-2024-26924, CVE-2024-26643...

5.9CVSS6.8AI score0.01287EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/03 11:4 p.m.56 views

USN-6868-1: Linux kernel vulnerabilities

Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida discovered that the Linux kernel mitigations for the initial Branch History Injection vulnerability CVE-2022-0001 were insufficient for Intel processors. A local attacker could potentially use this to expose sensitive...

5.5CVSS7.2AI score0.08555EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/03 8:45 p.m.52 views

USN-6866-1: Linux kernel vulnerabilities

It was discovered that the ext4 file system implementation in the Linux kernel did not properly validate data state on write operations. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service system crash. CVE-2021-33631 It w...

7.8CVSS7.7AI score0.08555EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/03 8:42 p.m.53 views

USN-6305-3: PHP regression

USN-6305-2 fixed a vulnerability in PHP. The update caused a regression in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. This update fix it. Original advisory details: It was discovered that PHP incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive...

7.9AI score0.08003EPSS
Exploits4References1
Ubuntu
Ubuntu
added 2024/07/03 8:23 p.m.52 views

USN-6865-1: Linux kernel vulnerabilities

It was discovered that the ext4 file system implementation in the Linux kernel did not properly validate data state on write operations. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service system crash. CVE-2021-33631 It w...

7.8CVSS7.7AI score0.08555EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/03 5:46 a.m.49 views

USN-6862-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2024-5689, CVE-2024-5690,...

9.8CVSS7.7AI score0.0107EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/07/02 1:44 p.m.45 views

USN-6860-1: OpenVPN vulnerabilities

Reynir Björnsson discovered that OpenVPN incorrectly handled terminating client connections. A remote authenticated client could possibly use this issue to keep the connection active, bypassing certain security policies. This issue only affected Ubuntu 23.10, and Ubuntu 24.04 LTS. CVE-2024-28882...

9.1CVSS6.6AI score0.00805EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/01 9:6 a.m.1529 views

USN-6859-1: OpenSSH vulnerability

It was discovered that OpenSSH incorrectly handled signal management. A remote attacker could use this issue to bypass authentication and remotely access systems without proper credentials...

8.1CVSS7.2AI score0.99506EPSS
Exploits68
Ubuntu
Ubuntu
added 2024/07/01 4:21 a.m.32 views

USN-6858-1: eSpeak NG vulnerabilities

It was discovered that eSpeak NG did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. CVE-2023-49990, CVE-2023-49991, CVE-2023-49992, CVE-2023-49993, CVE-2023-49994...

5.5CVSS6AI score0.00405EPSS
Exploits5
Ubuntu
Ubuntu
added 2024/06/28 7:14 p.m.323 views

USN-6851-2: Netplan regression

USN-6851-1 fixed vulnerabilities in Netplan. The update lead to the discovery of a regression in netplan which caused systemctl enable to fail on systems where systemd is not running. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Andreas Hasenack...

6AI score
Exploits0References1
Ubuntu
Ubuntu
added 2024/06/28 4:8 p.m.350 views

USN-6844-2: CUPS regression

USN-6844-1 fixed vulnerabilities in the CUPS package. The update lead to the discovery of a regression in CUPS with regards to how the cupsd daemon handles Listen configuration directive. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Rory McNamara...

5.7AI score
Exploits0References1
Total number of security vulnerabilities10888