Lucene search
K
UbuntuRecent

10869 matches found

Ubuntu
Ubuntu
•added 2026/05/26 7:8 p.m.•24 views

USN-8305-2: Linux kernel (Low Latency) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS6.1AI score0.96775EPSS
Exploits228
Ubuntu
Ubuntu
•added 2026/05/26 7:0 p.m.•16 views

USN-8278-2: Linux kernel (Azure) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS6.8AI score0.96775EPSS
Exploits228
Ubuntu
Ubuntu
•added 2026/05/26 6:56 p.m.•22 views

USN-8310-1: Linux kernel (Azure) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS6.1AI score0.96775EPSS
Exploits228
Ubuntu
Ubuntu
•added 2026/05/26 6:27 p.m.•80 views

USN-8309-1: libssh2 vulnerability

It was discovered that libssh2 incorrectly handled username and password length values during SSH password authentication. A remote attacker could possibly use this issue to cause a denial of service...

9.1CVSS5.8AI score0.00466EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/26 6:25 p.m.•17 views

USN-8167-2: xdg-dbus-proxy vulnerability

USN-8167-1 fixed a vulnerability in xdg-dbus-proxy. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: It was discovered that xdg-dbus-proxy incorrectly handled eavesdropping in policy rules. A local attacker could possibly use this issue to intercept...

6.8CVSS5.8AI score0.00175EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/26 6:19 p.m.•17 views

USN-8308-1: Dnsmasq vulnerability

It was discovered that Dnsmasq incorrectly handled BOOTREPLY packets when configured with the --dhcp-split-relay option. A remote attacker could use this issue to cause Dnsmasq to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS6.1AI score0.00482EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/26 5:51 p.m.•16 views

USN-8307-1: ONNX vulnerability

It was discovered that ONNX did not properly validate paths when extracting tar archives during model downloads. An attacker could possibly use this issue to overwrite arbitrary files on the system...

8.8CVSS6AI score0.01168EPSS
Exploits1
Ubuntu
Ubuntu
•added 2026/05/26 1:32 p.m.•18 views

USN-8306-1: Samba vulnerabilities

Asim Viladi Oglu Manizada discovered that Samba incorrectly handled access checks on reparse point operations. An attacker could possibly use this issue to modify reparse point extended attributes on files that should have been read-only. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS...

9.8CVSS6.2AI score0.12797EPSS
Exploits7
Ubuntu
Ubuntu
•added 2026/05/25 11:21 p.m.•27 views

USN-8305-1: Linux kernel (Intel IoTG Real-time) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS7.3AI score0.96775EPSS
Exploits228
Ubuntu
Ubuntu
•added 2026/05/25 10:51 p.m.•18 views

USN-8279-3: Linux kernel (NVIDIA Tegra IGX) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS7AI score0.96775EPSS
Exploits228
Ubuntu
Ubuntu
•added 2026/05/25 6:2 p.m.•14 views

USN-8304-1: Vim vulnerabilities

Joshua Rogers discovered that Vim incorrectly handled certain URL schemes in the netrw plugin. An attacker could possibly use this issue to execute arbitrary commands. CVE-2026-42307 It was discovered that Vim incorrectly handled command-line completion for the :find command. An attacker could...

6.6CVSS6AI score0.00917EPSS
Exploits1
Ubuntu
Ubuntu
•added 2026/05/25 5:48 p.m.•17 views

USN-8289-2: Linux kernel (NVIDIA) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS6.8AI score0.96775EPSS
Exploits228
Ubuntu
Ubuntu
•added 2026/05/25 4:52 p.m.•23 views

USN-8291-3: Linux kernel (Low Latency) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; - Netfilter; - iouring subsystem; CVE-2024-35862, CVE-2024-50060, CVE-2026-23274,...

7.8CVSS6.8AI score0.00239EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/25 4:46 p.m.•27 views

USN-8296-2: Linux kernel (NVIDIA Tegra) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Drivers core; - Null block device drive...

9.8CVSS6.8AI score0.0071EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/25 3:53 p.m.•15 views

USN-8302-1: NLTK vulnerabilities

It was discovered that NLTK incorrectly validated file paths when opening files using the nltk.util module. An attacker could possibly use this issue to obtain sensitive information. CVE-2026-0846 It was discovered that NLTK incorrectly validated file paths in multiple CorpusReader classes. An...

10CVSS7AI score0.00924EPSS
Exploits10
Ubuntu
Ubuntu
•added 2026/05/25 3:9 p.m.•11 views

USN-8301-1: SimpleEval vulnerability

Byambadalai Sumiya discovered that SimpleEval did not properly restrict attribute access and callback handling inside a sandbox. An attacker could possibly use this issue to execute arbitrary code...

9.8CVSS7.6AI score0.00512EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/25 10:58 a.m.•16 views

USN-8300-1: ngtcp2 vulnerability

Zou Dikai discovered that ngtcp2 serialized peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog was enabled, a remote attacker could possibly use this issue to execute arbitrary code...

7.5CVSS5.9AI score0.00776EPSS
Exploits1
Ubuntu
Ubuntu
•added 2026/05/25 8:24 a.m.•17 views

USN-8299-1: Rclone vulnerabilities

It was discovered that Rclone incorrectly handled authorization in the remote control API. An attacker could possibly use this issue to obtain sensitive information. CVE-2026-41176 It was discovered that Rclone incorrectly handled backend instantiation via the remote control API. An attacker coul...

9.8CVSS5.8AI score0.34734EPSS
Exploits3
Ubuntu
Ubuntu
•added 2026/05/25 8:10 a.m.•12 views

USN-8298-1: .NET vulnerability

Muhammad Abdul Rehman discovered that .NET incorrectly handled certain network requests, leading to a loop with an unreachable exit condition. A remote attacker could possibly use this issue to consume excessive resources, resulting in a denial of service...

7.5CVSS5.8AI score0.0243EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/22 9:14 p.m.•21 views

USN-8279-2: Linux kernel (GCP) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS7AI score0.96775EPSS
Exploits228
Ubuntu
Ubuntu
•added 2026/05/22 8:56 p.m.•17 views

USN-8297-1: Linux kernel (GCP) vulnerabilities

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 Shir Tamari and Sagi Tzadik...

9.8CVSS7AI score0.15783EPSS
Exploits14
Ubuntu
Ubuntu
•added 2026/05/22 7:27 p.m.•21 views

USN-8280-2: Linux kernel (Azure)vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS7.3AI score0.96775EPSS
Exploits228
Ubuntu
Ubuntu
•added 2026/05/22 7:17 p.m.•18 views

USN-8281-2: Linux kernel (Azure) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

7.8CVSS7.3AI score0.96775EPSS
Exploits228
Ubuntu
Ubuntu
•added 2026/05/22 2:5 p.m.•23 views

USN-8277-2: Linux kernel (Oracle) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS6.1AI score0.96775EPSS
Exploits228
Ubuntu
Ubuntu
•added 2026/05/22 1:47 p.m.•15 views

USN-8291-2: Linux kernel (Low Latency) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; - Netfilter; - iouring subsystem; CVE-2024-35862, CVE-2024-50060, CVE-2026-23274,...

7.8CVSS5.9AI score0.00239EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/22 1:39 p.m.•17 views

USN-8296-1: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Drivers core; - Null block device drive...

9.8CVSS6.1AI score0.0071EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/22 1:16 p.m.•14 views

USN-8295-1: Evince vulnerability

It was discovered that Evince did not properly sanitize command-line arguments in PDF /GoToR actions. If a user opened a specially crafted PDF file, an attacker could possibly use this issue to execute arbitrary code...

8.4CVSS6.1AI score0.00529EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/21 8:39 p.m.•13 views

USN-8294-1: PostgreSQL vulnerabilities

It was discovered that PostgreSQL did not correctly enforce authorization for CREATE TYPE. An attacker could possibly use this issue to execute arbitrary SQL functions. CVE-2026-6472 It was discovered that PostgreSQL incorrectly handled large user input in multiple server features. An attacker...

8.8CVSS6.3AI score0.00668EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/21 7:11 p.m.•11 views

USN-8293-1: Bind vulnerabilities

Vitaly Simonovich discovered that Bind could exhaust memory during GSS-API TKEY negotiation. A remote attacker could possibly use this issue to cause Bind to use excessive resources, leading to a denial of service. CVE-2026-3039 Shuhan Zhang discovered that Bind incorrectly handled self-pointed...

9.8CVSS6AI score0.01844EPSS
Exploits1
Ubuntu
Ubuntu
•added 2026/05/21 2:28 p.m.•12 views

USN-8292-1: libarchive vulnerabilities

It was discovered that libarchive incorrectly handled certain RAR archives. An attacker could possibly use this issue to cause an out-of-bounds read via a crafted RAR archive, leading to sensitive memory disclosure. CVE-2026-4424 It was discovered that libarchive incorrectly handled certain ISO...

9.8CVSS7.6AI score0.01073EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/21 1:9 p.m.•21 views

USN-8291-1: Linux kernel (Intel IoTG Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; - Netfilter; - iouring subsystem; CVE-2024-35862, CVE-2024-50060, CVE-2026-23274,...

7.8CVSS6.8AI score0.00239EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/21 11:27 a.m.•13 views

USN-8290-1: Path-to-Regexp vulnerability

It was discovered that Path-to-Regexp incorrectly handled route patterns containing multiple named parameters separated by non-delimiter characters such as hyphens. An attacker could possibly use this issue to cause a denial of service via catastrophic backtracking in the generated regular...

7.5CVSS5.8AI score0.00932EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/21 5:15 a.m.•14 views

USN-8202-3: jq regression

USN-8202-1 fixed vulnerabilities in jq. The update caused a regression for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that jq did not correctly handle certain string concatenations. An...

7.5CVSS6AI score0.00366EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2026/05/20 11:6 p.m.•17 views

USN-8289-1: Linux kernel (NVIDIA) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS6.8AI score0.96775EPSS
Exploits228
Ubuntu
Ubuntu
•added 2026/05/20 6:16 p.m.•13 views

USN-8288-1: Bubblewrap vulnerability

It was discovered that Bubblewrap incorrectly handled the sandbox setup phase when installed in setuid mode. A local attacker could possibly use this issue to bypass sandbox restrictions...

8.7CVSS5.8AI score0.00274EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/20 6:2 p.m.•11 views

USN-8287-1: XDG Desktop Portal vulnerability

It was discovered that XDG Desktop Portal incorrectly handled trashing files. A local attacker could possibly use this issue to delete arbitrary files on the host file system via a symlink attack...

6.3CVSS5.9AI score0.00128EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/20 1:16 p.m.•9 views

USN-8286-1: OpenVPN vulnerabilities

Guannan Wang, Zhanpeng Liu, Guancheng Li, and Emma Reuter discovered that OpenVPN incorrectly handled suitably malformed packets with valid tls-crypt-v2 keys. An attacker could possibly use this issue to cause OpenVPN to crash, resulting in a denial of service. CVE-2026-35058 Guannan Wang, Zhanpe...

6.9CVSS5.8AI score0.00317EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/20 1:4 p.m.•15 views

USN-8285-1: GStreamer Good Plugins vulnerability

It was discovered that GStreamer Good Plugins incorrectly handled certain MOV/MP4 media files. A remote attacker could use this issue to cause GStreamer Good Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.4AI score
Exploits0
Ubuntu
Ubuntu
•added 2026/05/20 12:57 p.m.•22 views

USN-8284-1: GnuTLS vulnerabilities

Joshua Rogers discovered that GnuTLS did not properly handle malformed DTLS handshake fragments in certain cases. A remote attacker could possibly use this issue to obtain sensitive information, or cause a denial of service. CVE-2026-33845 Haruto Kimura, Oscar Reparaz, and Zou Dikai discovered th...

9.8CVSS6.1AI score0.01335EPSS
Exploits2
Ubuntu
Ubuntu
•added 2026/05/20 12:41 p.m.•11 views

USN-8283-1: rsync vulnerabilities

Calum Hutton discovered that rsync contained a heap-based out-of-bounds read when handling file transfers. A remote attacker with read access to an rsync server could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 25.1...

8.1CVSS5.9AI score0.0078EPSS
Exploits1
Ubuntu
Ubuntu
•added 2026/05/20 12:20 p.m.•20 views

USN-8282-1: Unbound vulnerabilities

Andrew Griffiths discovered that Unbound did not properly handle certain DNSCrypt packets. A remote attacker could possibly use this issue to cause Unbound to crash, resulting in a denial of service. CVE-2026-32792 Qifan Zhang discovered that Unbound incorrectly handled DNSSEC validation in certa...

10CVSS6.1AI score0.01272EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/19 10:56 p.m.•18 views

USN-8281-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

7.8CVSS7.3AI score0.96775EPSS
Exploits228
Ubuntu
Ubuntu
•added 2026/05/19 10:51 p.m.•18 views

USN-8280-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS7.3AI score0.96775EPSS
Exploits228
Ubuntu
Ubuntu
•added 2026/05/19 10:44 p.m.•41 views

USN-8279-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS7AI score0.96775EPSS
Exploits228
Ubuntu
Ubuntu
•added 2026/05/19 10:33 p.m.•17 views

USN-8278-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS6.8AI score0.96775EPSS
Exploits228
Ubuntu
Ubuntu
•added 2026/05/19 10:20 p.m.•29 views

USN-8277-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS7AI score0.96775EPSS
Exploits228
Ubuntu
Ubuntu
•added 2026/05/19 6:38 p.m.•9 views

USN-8276-1: Highlight.js vulnerability

It was discovered that Highlight.js used plain JavaScript objects for internal language name lookups, making them susceptible to prototype pollution attacks. An attacker could use this to cause a denial of service or unexpected application behaviour...

8.7CVSS6.9AI score0.01296EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/19 9:19 a.m.•16 views

USN-8275-1: Linux kernel (Xilinx ZynqMP) vulnerabilities

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 Shir Tamari and Sagi Tzadik...

9.8CVSS7.1AI score0.15783EPSS
Exploits14
Ubuntu
Ubuntu
•added 2026/05/19 9:12 a.m.•14 views

USN-8255-3: Linux kernel vulnerabilities

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 Shir Tamari and Sagi Tzadik...

9.8CVSS6.9AI score0.15783EPSS
Exploits14
Ubuntu
Ubuntu
•added 2026/05/19 9:4 a.m.•20 views

USN-8254-3: Linux kernel (NVIDIA Tegra) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - NVME drivers; - Netfilter; CVE-2026-23112, CVE-2026-23231, CVE-2026-23273...

9.8CVSS5.9AI score0.00812EPSS
Exploits1
Total number of security vulnerabilities10869