Lucene search
K
UbuntuRecent

10888 matches found

Ubuntu
Ubuntu
•added 2024/06/28 3:0 a.m.•353 views

USN-6855-1: libcdio vulnerability

Mansour Gashasbi discovered that libcdio incorrectly handled certain memory operations when parsing an ISO file, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code...

8.4CVSS8AI score0.00363EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/06/27 3:52 p.m.•39 views

USN-5615-3: SQLite vulnerability

USN-5615-1 fixed several vulnerabilities in SQLite. This update provides the corresponding fix for CVE-2020-35525 for Ubuntu 14.04 LTS. Original advisory details: It was discovered that SQLite incorrectly handled INTERSEC query processing. An attacker could use this issue to cause SQLite to crash...

7.5CVSS7.9AI score0.00928EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/27 10:48 a.m.•72 views

USN-6857-1: Squid vulnerabilities

Joshua Rogers discovered that Squid incorrectly handled requests with the urn: scheme. A remote attacker could possibly use this issue to cause Squid to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2021-28651 It was discovered that Squid...

8.6CVSS6.9AI score0.88864EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/06/27 10:42 a.m.•27 views

USN-6852-2: Wget vulnerability

USN-6852-1 fixed a vulnerability in Wget. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that Wget incorrectly handled semicolons in the userinfo subcomponent of a URI. A remote attacker could possibly trick a...

9.1CVSS7AI score0.00672EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/27 9:52 a.m.•30 views

USN-6856-1: FontForge vulnerabilities

It was discovered that FontForge incorrectly handled filenames. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform a command injection. CVE-2024-25081 It was discovered that FontForge incorrectly...

6.5CVSS6.2AI score0.0187EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/06/27 3:5 a.m.•42 views

USN-6854-1: OpenSSL vulnerability

It was discovered that OpenSSL failed to choose an appropriately short private key size when computing shared-secrets in the Diffie-Hellman Key Agreement Protocol. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service...

7.5CVSS7AI score0.02301EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/26 7:45 p.m.•378 views

USN-6566-2: SQLite vulnerability

USN-6566-1 fixed several vulnerabilities in SQLite. This update provides the corresponding fix for CVE-2023-7104 for Ubuntu 18.04 LTS. Original advisory details: It was discovered that SQLite incorrectly handled certain memory operations in the sessions extension. A remote attacker could possibly...

7.3CVSS6.4AI score0.01249EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/06/26 1:45 p.m.•356 views

USN-6851-1: Netplan vulnerabilities

Andreas Hasenack discovered that netplan incorrectly handled the permissions for netdev files containing wireguard configuration. An attacker could use this to obtain wireguard secret keys. It was discovered that netplan configuration could be manipulated into injecting arbitrary commands while...

6.5CVSS5.8AI score0.00264EPSS
Exploits1References3
Ubuntu
Ubuntu
•added 2024/06/26 1:1 p.m.•117 views

USN-6819-4: Linux kernel (Oracle) vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 Chenyuan...

7.8CVSS6.9AI score0.78388EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/06/26 12:27 p.m.•35 views

USN-6853-1: Ruby vulnerability

It was discovered that Ruby incorrectly handled the ungetbyte and ungetc methods. A remote attacker could use this issue to cause Ruby to crash, resulting in a denial of service, or possibly obtain sensitive information...

9.8CVSS7.1AI score0.02364EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/26 12:20 p.m.•214 views

USN-6852-1: Wget vulnerability

It was discovered that Wget incorrectly handled semicolons in the userinfo subcomponent of a URI. A remote attacker could possibly trick a user into connecting to a different host than expected...

9.1CVSS7AI score0.00672EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/26 12:12 p.m.•22 views

USN-6843-1: Plasma Workspace vulnerability

Fabian Vogt discovered that Plasma Workspace incorrectly handled connections via ICE. A local attacker could possibly use this issue to gain access to another user's session manager and execute arbitrary code...

7.8CVSS7.6AI score0.00293EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/26 1:6 a.m.•30 views

USN-6850-1: OpenVPN vulnerability

It was discovered that OpenVPN incorrectly handled certain configurations with multiple authentication plugins. A remote attacker could possibly use this issue to bypass authentication using incomplete credentials...

9.8CVSS7.4AI score0.03519EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/25 7:30 p.m.•36 views

USN-6849-1: Salt vulnerabilities

It was discovered that Salt incorrectly validated method calls and sanitized paths. A remote attacker could possibly use this issue to access some methods without authentication. CVE-2020-11651, CVE-2020-11652...

9.8CVSS8AI score0.96405EPSS
Exploits25
Ubuntu
Ubuntu
•added 2024/06/25 6:42 p.m.•39 views

USN-6746-2: Google Guest Agent and Google OS Config Agent vulnerability

USN-6746-1 fixed vulnerabilities in Google Guest Agent and Google OS Config Agent. This update provides the corresponding update for Ubuntu 24.04 LTS. Original advisory details: It was discovered that Google Guest Agent and Google OS Config Agent incorrectly handled certain JSON files. An attacke...

7.5CVSS7.1AI score0.01262EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/25 6:16 p.m.•56 views

USN-6848-1: Roundcube vulnerabilities

Matthieu Faou and Denys Klymenko discovered that Roundcube incorrectly handled certain SVG images. A remote attacker could possibly use this issue to load arbitrary JavaScript code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.10. CVE-2023-5631 Rene...

6.1CVSS7.1AI score0.73445EPSS
Exploits7References1
Ubuntu
Ubuntu
•added 2024/06/25 4:50 p.m.•441 views

USN-6847-1: libheif vulnerabilities

It was discovered that libheif incorrectly handled certain image data. An attacker could possibly use this issue to crash the program, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2019-11471 Reza Mirzazade Farkhani discovered that libheif incorrectly handled...

8.8CVSS7.2AI score0.01838EPSS
Exploits7
Ubuntu
Ubuntu
•added 2024/06/25 11:7 a.m.•80 views

USN-6846-1: Ansible vulnerabilities

It was discovered that Ansible incorrectly handled certain inputs when using towercallback parameter. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. This issue only affecte...

7.8CVSS7.4AI score0.00712EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/24 10:11 a.m.•374 views

USN-6844-1: CUPS vulnerability

Rory McNamara discovered that when starting the cupsd server with a Listen configuration item, the cupsd process fails to validate if bind call passed. An attacker could possibly trick cupsd to perform an arbitrary chmod of the provided argument, providing world-writable access to the target...

6.7CVSS6AI score0.02421EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/06/24 10:8 a.m.•22 views

USN-6845-1: Hibernate vulnerability

It was discovered that Hibernate incorrectly handled certain inputs with unsanitized literals. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information...

5.5AI score
Exploits0
Ubuntu
Ubuntu
•added 2024/06/20 6:7 a.m.•62 views

USN-6842-1: gdb vulnerabilities

It was discovered that gdb incorrectly handled certain memory operations when parsing an ELF file. An attacker could possibly use this issue to cause a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. This issue only affected Ubuntu 22.04 LTS. CVE-2022-4285 It...

7AI score
Exploits0
Ubuntu
Ubuntu
•added 2024/06/19 11:13 a.m.•20 views

USN-6841-1: PHP vulnerability

It was discovered that PHP could early return in the filtervar function resulting in invalid user information being treated as valid user information. An attacker could possibly use this issue to expose raw user input information...

5.6AI score
Exploits0
Ubuntu
Ubuntu
•added 2024/06/19 7:27 a.m.•122 views

USN-6839-1: MariaDB vulnerability

A security issue was discovered in MariaDB and this update includes new upstream MariaDB versions to fix the issue. MariaDB has been updated to 10.6.18 in Ubuntu 22.04 LTS and to 10.11.8 in Ubuntu 23.10 and Ubuntu 24.04 LTS. In addition to security fixes, the updated packages contain bug fixes, n...

4.9CVSS6.4AI score0.00424EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/19 2:46 a.m.•38 views

USN-6840-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

8.6CVSS7.7AI score0.0107EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/06/18 11:24 p.m.•200 views

USN-6818-4: Linux kernel (HWE) vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 It was...

7.8CVSS6.9AI score0.78388EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/06/18 5:47 p.m.•329 views

USN-6793-2: Git vulnerability

USN-6793-1 fixed vulnerabilities in Git. The CVE-2024-32002 was pending further investigation. This update fixes the problem. Original advisory details: It was discovered that Git incorrectly handled certain submodules. An attacker could possibly use this issue to execute arbitrary code. This iss...

9CVSS8AI score0.25334EPSS
Exploits32
Ubuntu
Ubuntu
•added 2024/06/17 5:35 p.m.•60 views

USN-6835-1: Ghostscript vulnerabilities

It was discovered that Ghostscript did not properly restrict eexec seeds to those specified by the Type 1 Font Format standard when SAFER mode is used. An attacker could use this issue to bypass SAFER restrictions and cause unspecified impact. CVE-2023-52722 This issue only affected Ubuntu 20.04...

8.8CVSS7.4AI score0.27992EPSS
Exploits6
Ubuntu
Ubuntu
•added 2024/06/17 2:24 p.m.•37 views

USN-6838-1: Ruby vulnerabilities

It was discovered that Ruby RDoc incorrectly parsed certain YAML files. If a user or automated system were tricked into parsing a specially crafted .rdocoptions file, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2024-27281 It was discovered that the Ruby regex...

6.6CVSS7.3AI score0.01571EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/17 1:12 p.m.•49 views

USN-6837-1: Rack vulnerabilities

It was discovered that Rack incorrectly handled Multipart MIME parsing. A remote attacker could possibly use this issue to cause Rack to consume resources, leading to a denial of service. This issue only affected Ubuntu 23.10. CVE-2023-27530 It was discovered that Rack incorrectly parsed certain...

7.5CVSS6.5AI score0.35376EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/06/17 1:0 p.m.•371 views

USN-6836-1: SSSD vulnerability

It was discovered that SSSD did not always correctly apply the GPO policy for authenticated users, contrary to expectations. This could result in improper authorization or improper access to resources...

7.1CVSS7AI score0.01033EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/06/14 5:24 p.m.•133 views

USN-6817-3: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...

9.1CVSS7.5AI score0.01635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/14 3:59 p.m.•52 views

USN-6818-3: Linux kernel (NVIDIA) vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 It was...

7.8CVSS6.9AI score0.78388EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/06/14 3:39 p.m.•123 views

USN-6821-4: Linux kernel (Azure) vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

9.1CVSS7.5AI score0.01635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/13 2:44 p.m.•43 views

USN-6834-1: H2 vulnerabilities

It was discovered that H2 was vulnerable to deserialization of untrusted data. An attacker could possibly use this issue to execute arbitrary code. CVE-2021-42392 It was discovered that H2 incorrectly handled some specially crafted connection URLs. An attacker could possibly use this issue to...

10CVSS8.8AI score0.64766EPSS
Exploits6
Ubuntu
Ubuntu
•added 2024/06/13 12:35 p.m.•365 views

USN-6833-1: VTE vulnerability

Siddharth Dushantha discovered that VTE incorrectly handled large window resize escape sequences. An attacker could possibly use this issue to consume resources, leading to a denial of service...

4.4CVSS5.7AI score0.00238EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/13 8:32 a.m.•24 views

USN-6832-1: Virtuoso Open-Source Edition vulnerabilities

Jingzhou Fu discovered that Virtuoso Open-Source Edition incorrectly handled certain crafted SQL statements. An attacker could possibly use this issue to crash the program, resulting in a denial of service. CVE-2023-31607, CVE-2023-31608, CVE-2023-31609, CVE-2023-31610, CVE-2023-31611,...

7.5CVSS7.4AI score0.00909EPSS
Exploits16
Ubuntu
Ubuntu
•added 2024/06/13 4:57 a.m.•12 views

USN-6829-1: matio vulnerability

It was discovered that matio incorrectly handled certain malformed files. An attacker could possibly use this issue to cause a denial of service...

5.5CVSS6.2AI score0.00669EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/06/12 6:10 p.m.•111 views

USN-6819-3: Linux kernel (OEM) vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 Chenyuan...

7.8CVSS6.9AI score0.78388EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/06/12 3:51 p.m.•50 views

USN-6831-1: Linux kernel vulnerabilities

It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service. CVE-2024-0841 Several security issues were discovered in the Linux kernel. An attacker...

7.8CVSS6.8AI score0.01287EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/12 11:59 a.m.•27 views

USN-6830-1: libndp vulnerability

It was discovered that libndp incorrectly handled certain malformed IPv6 router advertisement packets. A local attacker could use this issue to cause NetworkManager to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.1CVSS7.4AI score0.01165EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/11 10:9 p.m.•134 views

USN-6819-2: Linux kernel vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 Chenyuan...

7.8CVSS6.9AI score0.78388EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/06/11 8:53 p.m.•113 views

USN-6821-3: Linux kernel (AWS) vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

9.1CVSS7.5AI score0.01635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/11 8:5 p.m.•66 views

USN-6820-2: Linux kernel (NVIDIA) vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

9.1CVSS7.4AI score0.01635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/11 5:45 p.m.•90 views

USN-6828-1: Linux kernel (Intel IoTG) vulnerabilities

Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service system crash. CVE-2023-47233 It was...

9.1CVSS7.7AI score0.78388EPSS
Exploits2
Ubuntu
Ubuntu
•added 2024/06/11 12:37 p.m.•32 views

USN-6826-1: mod_jk vulnerability

Karl von Randow discovered that modjk was vulnerable to an authentication bypass. If the configuration did not provide explicit mounts for all possible proxied requests, an attacker could possibly use this vulnerability to bypass security constraints configured in httpd...

7.5CVSS7.2AI score0.01257EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/11 12:24 p.m.•64 views

USN-6823-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.37 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.10, and Ubuntu 24.04 LTS. In addition to security fixes, the updated packages contain bug...

5.3CVSS6.4AI score0.01107EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/11 12:15 p.m.•185 views

USN-6817-2: Linux kernel (OEM) vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...

9.1CVSS7.5AI score0.01635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/11 3:4 a.m.•361 views

USN-6827-1: LibTIFF vulnerability

It was discovered that LibTIFF incorrectly handled memory when performing certain cropping operations, leading to a heap buffer overflow. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code...

5.5CVSS7.2AI score0.00317EPSS
Exploits0
Ubuntu
Ubuntu
•added 2024/06/10 8:41 p.m.•55 views

USN-6825-1: ADOdb vulnerabilities

It was discovered that the PDO driver in ADOdb was incorrectly handling string quotes. A remote attacker could possibly use this issue to perform SQL injection attacks. This issue only affected Ubuntu 16.04 LTS. CVE-2016-7405 It was discovered that ADOdb was incorrectly handling GET parameters in...

9.8CVSS7.9AI score0.02984EPSS
Exploits1
Ubuntu
Ubuntu
•added 2024/06/10 5:13 p.m.•52 views

USN-6821-2: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

9.1CVSS7.5AI score0.01635EPSS
Exploits0
Total number of security vulnerabilities10888