Lucene search
K
UbuntuRecent

10888 matches found

Ubuntu
Ubuntu
added 2024/03/27 8:38 p.m.35 views

USN-6715-1: unixODBC vulnerability

It was discovered that unixODBC incorrectly handled certain bytes. An attacker could use this issue to execute arbitrary code or cause a crash...

7.8CVSS7.6AI score0.00284EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/27 3:23 p.m.388 views

USN-6719-1: util-linux vulnerability

Skyler Ferrante discovered that the util-linux wall command did not filter escape sequences from command line arguments. A local attacker could possibly use this issue to obtain sensitive information...

3.3CVSS6.8AI score0.02242EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/03/27 2:59 p.m.370 views

USN-6718-2: curl vulnerability

USN-6718-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that curl incorrectly handled memory when limiting the amount of headers when HTTP/2 server push is allowed. A remote...

8.6CVSS7AI score0.36081EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/03/27 11:43 a.m.386 views

USN-6718-1: curl vulnerabilities

Dan Fandrich discovered that curl would incorrectly use the default set of protocols when a parameter option disabled all protocols without adding any, contrary to expectations. This issue only affected Ubuntu 23.10. CVE-2024-2004 It was discovered that curl incorrectly handled memory when limiti...

8.6CVSS6.8AI score0.36081EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/03/26 8:51 a.m.54 views

USN-6717-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

8.8CVSS8.1AI score0.01285EPSS
Exploits4
Ubuntu
Ubuntu
added 2024/03/26 8:9 a.m.368 views

USN-6588-2: PAM vulnerability

USN-6588-1 fixed a vulnerability in PAM. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Original advisory details: Matthias Gerstner discovered that the PAM pamnamespace module incorrectly handled special files when performing director...

5.5CVSS6.3AI score0.00455EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/03/25 11:59 p.m.91 views

USN-6716-1: Linux kernel (Azure) vulnerabilities

Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service system...

7.8CVSS7.4AI score0.28058EPSS
Exploits17
Ubuntu
Ubuntu
added 2024/03/25 11:58 p.m.97 views

USN-6701-3: Linux kernel vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 It was discovered that the NVIDIA Tegra...

7.8CVSS7.4AI score0.28058EPSS
Exploits18
Ubuntu
Ubuntu
added 2024/03/25 11:24 p.m.75 views

USN-6704-3: Linux kernel (Oracle) vulnerabilities

It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service system crash. CVE-2023-23000 Quentin Minster discovered that the KSMBD...

7.8CVSS7.6AI score0.28058EPSS
Exploits16
Ubuntu
Ubuntu
added 2024/03/25 11:7 p.m.59 views

USN-6707-3: Linux kernel (AWS) vulnerabilities

Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.7AI score0.28058EPSS
Exploits16
Ubuntu
Ubuntu
added 2024/03/25 3:33 p.m.22 views

USN-6714-1: Debian Goodies vulnerability

It was discovered that debmany in Debian Goodies incorrectly handled certain deb files. An attacker could possibly use this issue to execute arbitrary shell commands...

7.8CVSS7.7AI score0.00446EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/25 12:1 p.m.39 views

USN-6713-1: QPDF vulnerability

It was discovered that QPDF incorrectly handled certain memory operations when decoding JSON files. If a user or automated system were tricked into processing a specially crafted JSON file, QPDF could be made to crash, resulting in a denial of service, or possibly execute arbitrary code...

5.5CVSS6.8AI score0.00436EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/03/25 11:56 a.m.40 views

USN-6712-1: Net::CIDR::Lite vulnerability

It was discovered that Net::CIDR::Lite incorrectly handled extra zero characters at the beginning of IP address strings. A remote attacker could possibly use this issue to bypass access controls...

6.3CVSS6.4AI score0.00493EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/25 10:51 a.m.33 views

USN-6711-1: CRM shell vulnerability

Vincent Berg discovered that CRM shell incorrectly handled certain commands. An local attacker could possibly use this issue to execute arbitrary code via shell code injection to the crm history commandline...

7.8CVSS7.8AI score0.00675EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/03/25 1:38 a.m.50 views

USN-6710-1: Firefox vulnerabilities

Manfred Paul discovered that Firefox did not properly perform bounds checking during range analysis, leading to an out-of-bounds write vulnerability. A attacker could use this to cause a denial of service, or execute arbitrary code. CVE-2024-29943 Manfred Paul discovered that Firefox incorrectly...

9.8CVSS8.8AI score0.22935EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/03/21 8:19 p.m.56 views

USN-6700-2: Linux kernel (AWS) vulnerabilities

It was discovered that the Layer 2 Tunneling Protocol L2TP implementation in the Linux kernel contained a race condition when releasing PPPoL2TP sockets in certain conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or...

7.8CVSS7.3AI score0.28058EPSS
Exploits16
Ubuntu
Ubuntu
added 2024/03/21 4:53 p.m.397 views

USN-6709-1: OpenSSL vulnerabilities

It was discovered that checking excessively long DH keys or parameters may be very slow. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. CVE-2023-3446 After the fix for CVE-2023-3446 Bernd Edlinger discovered that a large q...

5.5CVSS6.6AI score0.05533EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/21 1:12 p.m.67 views

USN-6707-2: Linux kernel (ARM laptop) vulnerabilities

Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.7AI score0.28058EPSS
Exploits16
Ubuntu
Ubuntu
added 2024/03/21 1:1 p.m.108 views

USN-6704-2: Linux kernel (Raspberry Pi) vulnerabilities

It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service system crash. CVE-2023-23000 Quentin Minster discovered that the KSMBD...

7.8CVSS7.6AI score0.28058EPSS
Exploits16
Ubuntu
Ubuntu
added 2024/03/21 12:20 p.m.77 views

USN-6708-1: Graphviz vulnerability

It was discovered that Graphviz incorrectly handled certain config6a files. An attacker could possibly use this issue to cause a denial of service...

7.8CVSS7.2AI score0.00712EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/03/20 10:30 p.m.69 views

USN-6702-2: Linux kernel vulnerabilities

It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service system crash. CVE-2023-23000 It was discovered that the ARM Mali Display Processor...

7.8CVSS7.5AI score0.28058EPSS
Exploits16
Ubuntu
Ubuntu
added 2024/03/20 10:11 p.m.59 views

USN-6701-2: Linux kernel (GCP) vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 It was discovered that the NVIDIA Tegra...

7.8CVSS7.4AI score0.28058EPSS
Exploits18
Ubuntu
Ubuntu
added 2024/03/20 6:30 p.m.67 views

USN-6707-1: Linux kernel vulnerabilities

Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.7AI score0.28058EPSS
Exploits16
Ubuntu
Ubuntu
added 2024/03/20 5:44 p.m.50 views

USN-6706-1: Linux kernel (OEM) vulnerability

It was discovered that the Microchip USB Ethernet driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service system crash...

5.5CVSS6.9AI score0.00258EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/20 2:30 p.m.56 views

USN-6705-1: Linux kernel (AWS) vulnerabilities

It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-22995 It was discovered that the NVIDIA...

7.8CVSS7.5AI score0.28058EPSS
Exploits16
Ubuntu
Ubuntu
added 2024/03/20 2:23 p.m.81 views

USN-6704-1: Linux kernel vulnerabilities

It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service system crash. CVE-2023-23000 Quentin Minster discovered that the KSMBD...

7.8CVSS7.6AI score0.28058EPSS
Exploits16
Ubuntu
Ubuntu
added 2024/03/20 1:9 p.m.46 views

USN-6686-4: Linux kernel (KVM) vulnerabilities

It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-22995 It was discovered that a race...

7.8CVSS7.1AI score0.01657EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/20 5:48 a.m.73 views

USN-6703-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2024-2609, CVE-2024-2611,...

9.8CVSS8.1AI score0.01107EPSS
Exploits6
Ubuntu
Ubuntu
added 2024/03/19 9:0 p.m.84 views

USN-6702-1: Linux kernel vulnerabilities

It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service system crash. CVE-2023-23000 It was discovered that the ARM Mali Display Processor...

7.8CVSS7.5AI score0.28058EPSS
Exploits16
Ubuntu
Ubuntu
added 2024/03/19 7:2 p.m.67 views

USN-6681-4: Linux kernel (AWS) vulnerabilities

Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service system...

7.8CVSS7.1AI score0.01657EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/03/19 3:27 p.m.55 views

USN-6686-3: Linux kernel (Oracle) vulnerabilities

It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-22995 It was discovered that a race...

7.8CVSS7.1AI score0.01657EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/19 2:49 p.m.55 views

USN-6680-3: Linux kernel (AWS) vulnerabilities

黄思聪 discovered that the NFC Controller Interface NCI implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash...

8.8CVSS7.1AI score0.01657EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/03/18 11:57 p.m.73 views

USN-6700-1: Linux kernel vulnerabilities

It was discovered that the Layer 2 Tunneling Protocol L2TP implementation in the Linux kernel contained a race condition when releasing PPPoL2TP sockets in certain conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or...

7.8CVSS7.3AI score0.28058EPSS
Exploits16
Ubuntu
Ubuntu
added 2024/03/18 11:43 p.m.62 views

USN-6701-1: Linux kernel vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 It was discovered that the NVIDIA Tegra...

7.8CVSS7.4AI score0.28058EPSS
Exploits18
Ubuntu
Ubuntu
added 2024/03/18 11:7 p.m.71 views

USN-6699-1: Linux kernel vulnerabilities

Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service guest crash. CVE-2023-30456 It was discovered that the...

7.8CVSS6.9AI score0.0047EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/03/18 4:48 p.m.391 views

USN-6698-1: Vim vulnerability

Zhen Zhou discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a denial of service...

7.8CVSS7.3AI score0.00563EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/03/18 1:0 p.m.271 views

USN-6697-1: Bash vulnerability

It was discovered that Bash incorrectly handled certain memory operations when processing commands. If a user or automated system were tricked into running a specially crafted bash file, a remote attacker could use this issue to cause Bash to crash, resulting in a denial of service, or possibly...

7.8CVSS7.7AI score0.00356EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/03/18 4:6 a.m.79 views

USN-6696-1: OpenJDK 8 vulnerabilities

Yi Yang discovered that the Hotspot component of OpenJDK 8 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. CVE-2024-20918 It was discovered that the Hotspot...

7.4CVSS7.2AI score0.01026EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/14 11:45 a.m.60 views

USN-6695-1: TeX Live vulnerabilities

It was discovered that TeX Live incorrectly handled certain memory operations in the embedded axodraw2 tool. An attacker could possibly use this issue to cause TeX Live to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. CVE-2019-18604 It was discovered that TeX...

9.8CVSS7.5AI score0.01928EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/03/14 10:19 a.m.412 views

USN-6694-1: Expat vulnerabilities

It was discovered that Expat could be made to consume large amounts of resources. If a user or automated system were tricked into processing specially crafted input, an attacker could possibly use this issue to cause a denial of service. CVE-2023-52425, CVE-2024-28757...

7.5CVSS6.7AI score0.02006EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/03/14 8:59 a.m.39 views

USN-6673-2: python-cryptography vulnerability

USN-6673-1 provided a security update for python-cryptography. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: Hubert Kario discovered that python-cryptography incorrectly handled errors returned by the OpenSSL API when processing incorrect padding i...

7.5CVSS6.6AI score0.01118EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/13 8:19 p.m.49 views

USN-6587-5: X.Org X Server vulnerabilities

USN-6587-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the RRChangeOutputProperty and RRChangeProviderProperty...

9.8CVSS7.1AI score0.02106EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/13 5:17 p.m.67 views

USN-6686-2: Linux kernel vulnerabilities

It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-22995 It was discovered that a race...

7.8CVSS7.1AI score0.01657EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/13 4:43 p.m.56 views

USN-6681-3: Linux kernel vulnerabilities

Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service system...

7.8CVSS7.1AI score0.01657EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/03/13 8:4 a.m.18 views

USN-6663-2: OpenSSL update

USN-6663-1 provided a security update for OpenSSL. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: As a security improvement, this update prevents OpenSSL from returning an error when detecting wrong padding in PKCS1 v1.5 RSA, to prevent its use in...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
added 2024/03/12 6:42 p.m.43 views

USN-6693-1: .NET vulnerability

It was discovered that .NET did not properly handle certain specially crafted requests. An attacker could potentially use this issue to cause a resource leak, leading to a denial of service...

7.5CVSS8AI score0.03065EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/12 3:54 p.m.48 views

USN-6692-1: Gson vulnerability

It was discovered that Gson incorrectly handled deserialization of untrusted input data. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service...

7.7CVSS8AI score0.1158EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/12 2:45 p.m.43 views

LSN-0101-1: Kernel Live Patch Security Notice

Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary...

7.8CVSS7.2AI score0.00836EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/12 2:18 p.m.26 views

USN-6691-1: OVN vulnerability

It was discovered that OVN incorrectly enabled OVS Bidirectional Forwarding Detection on logical ports. A remote attacker could possibly use this issue to disrupt traffic...

6.5CVSS6.7AI score0.00783EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/12 11:34 a.m.51 views

USN-6690-1: Open vSwitch vulnerabilities

Timothy Redaelli and Haresh Khandelwal discovered that Open vSwitch incorrectly handled certain crafted Geneve packets when hardware offloading via the netlink path is enabled. A remote attacker could possibly use this issue to cause Open vSwitch to crash, leading to a denial of service...

7.5CVSS6.9AI score0.01033EPSS
Exploits0
Total number of security vulnerabilities10888