Lucene search
K
UbuntuRecent

10888 matches found

Ubuntu
Ubuntu
added 2024/03/12 10:38 a.m.39 views

USN-6656-2: PostgreSQL vulnerability

USN-6656-1 fixed several vulnerabilities in PostgreSQL. This update provides the corresponding updates for Ubuntu 16.04 LTS Original advisory details: It was discovered that PostgreSQL incorrectly handled dropping privileges when handling REFRESH MATERIALIZED VIEW CONCURRENTLY commands. If a user...

8CVSS7.8AI score0.01465EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/12 10:22 a.m.71 views

USN-6689-1: Rack vulnerabilities

It was discovered that Rack incorrectly parse some headers. An attacker could possibly use this issue to cause a denial of service. CVE-2023-27539, CVE-2024-26141, CVE-2024-26146...

7.5CVSS6.5AI score0.01996EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/03/11 8:25 p.m.57 views

USN-6681-2: Linux kernel vulnerabilities

Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service system...

7.8CVSS7.1AI score0.01657EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/03/11 8:17 p.m.85 views

USN-6688-1: Linux kernel (OEM) vulnerabilities

Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash...

7.8CVSS7.5AI score0.78388EPSS
Exploits19
Ubuntu
Ubuntu
added 2024/03/11 6:25 p.m.58 views

USN-6658-2: libxml2 vulnerability

USN-6658-1 fixed a vulnerability in libxml2. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Original advisory details: It was discovered that libxml2 incorrectly handled certain XML documents. A remote attacker could possibly use this...

7.5CVSS7.2AI score0.01375EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/03/11 12:34 p.m.262 views

USN-6687-1: AccountsService vulnerability

It was discovered that AccountsService called a helper incorrectly when performing password change operations. A local attacker could possibly use this issue to obtain encrypted passwords...

3.3CVSS4.8AI score0.00448EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/03/08 1:1 a.m.73 views

USN-6680-2: Linux kernel vulnerabilities

黄思聪 discovered that the NFC Controller Interface NCI implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash...

8.8CVSS7.1AI score0.01657EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/03/08 12:30 a.m.61 views

USN-6686-1: Linux kernel vulnerabilities

It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-22995 It was discovered that a race...

7.8CVSS7.1AI score0.01657EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/07 9:18 p.m.59 views

USN-6685-1: mqtt-client vulnerability

It was discovered that mqtt-client incorrectly handled memory while parsing malformed MQTT frames. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.3AI score0.12357EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/07 8:52 p.m.35 views

USN-6684-1: ncurses vulnerability

It was discovered that ncurses incorrectly handled certain function return values, possibly leading to segmentation fault. A local attacker could possibly use this to cause a denial of service system crash...

6.5CVSS6.9AI score0.00962EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/07 2:46 p.m.21 views

USN-6683-1: HtmlCleaner vulnerability

It was discovered that HtmlCleaner incorrectly handled certain html documents. An attacker could possibly use this issue to cause a denial of service via application crash...

7.5CVSS7.5AI score0.01048EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/03/07 2:0 p.m.61 views

USN-6682-1: Puma vulnerabilities

ZeddYu Lu discovered that Puma incorrectly handled parsing certain headers. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue only affected Ubuntu 20.04 LTS. CVE-2020-11076 It was discovered that Puma incorrectly handled parsing certain header...

9.8CVSS7.1AI score0.03977EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/06 10:37 p.m.67 views

USN-6681-1: Linux kernel vulnerabilities

Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service system...

7.8CVSS7.1AI score0.01657EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/03/06 10:23 p.m.62 views

USN-6680-1: Linux kernel vulnerabilities

黄思聪 discovered that the NFC Controller Interface NCI implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash...

8.8CVSS7.1AI score0.01657EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/03/06 12:51 p.m.29 views

USN-6679-1: FRR vulnerability

It was discovered that FRR incorrectly handled certain malformed OSPF LSA packets. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service...

6.5CVSS6.9AI score0.0032EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/06 9:38 a.m.390 views

USN-6676-1: c-ares vulnerability

Vojtěch Vobr discovered that c-ares incorrectly handled user input from local configuration files. An attacker could possibly use this issue to cause a denial of service via application crash...

5.5CVSS6.6AI score0.00349EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/06 3:13 a.m.46 views

USN-6649-2: Firefox regressions

USN-6649-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potential...

7.8AI score0.00937EPSS
Exploits2References1
Ubuntu
Ubuntu
added 2024/03/05 6:46 p.m.45 views

USN-6678-1: libgit2 vulnerabilities

It was discovered that libgit2 mishandled equivalent filenames on NTFS partitions. If a user or automated system were tricked into cloning a specially crafted repository, an attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.0...

9.8CVSS7.5AI score0.0511EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/05 6:39 p.m.61 views

USN-6677-1: libde265 vulnerabilities

It was discovered that libde265 could be made to dereference invalid memory. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS...

8.8CVSS6.9AI score0.00979EPSS
Exploits6
Ubuntu
Ubuntu
added 2024/03/05 3:57 p.m.44 views

USN-6675-1: ImageProcessing vulnerability

It was discovered that ImageProcessing incorrectly handled series of operations that are coming from unsanitised inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code...

10CVSS8.7AI score0.02595EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/03/04 10:16 p.m.44 views

USN-6653-4: Linux kernel (GKE) vulnerabilities

It was discovered that a race condition existed in the ATM Asynchronous Transfer Mode subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51780 It was...

7.8CVSS7AI score0.01999EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/04 4:14 p.m.34 views

USN-6674-2: Django vulnerability

USN-6674-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Seokchan Yoon discovered that the Django Truncator function incorrectly handled very long HTML input. A remote attacker could possibly use this issue to cause...

5.3CVSS6.8AI score0.01854EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/04 3:4 p.m.45 views

USN-6674-1: Django vulnerability

Seokchan Yoon discovered that the Django Truncator function incorrectly handled very long HTML input. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service...

5.3CVSS6.8AI score0.01854EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/04 2:23 p.m.446 views

USN-6673-1: python-cryptography vulnerabilities

Hubert Kario discovered that python-cryptography incorrectly handled errors returned by the OpenSSL API when processing incorrect padding in RSA PKCS1 v1.5. A remote attacker could possibly use this issue to expose confidential or sensitive information. CVE-2023-50782 It was discovered that...

7.5CVSS6.5AI score0.01118EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/03/04 11:9 a.m.84 views

USN-6672-1: Node.js vulnerabilities

Morgan Jones discovered that Node.js incorrectly handled certain inputs that leads to false positive errors during some cryptographic operations. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a...

7.5CVSS6.8AI score0.73461EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/03/04 3:2 a.m.60 views

USN-6669-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

8.8CVSS7.8AI score0.02155EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/02/29 4:2 p.m.41 views

USN-6671-1: php-nyholm-psr7 vulnerability

It was discovered that php-nyholm-psr7 incorrectly parsed HTTP headers. A remote attacker could possibly use this issue to perform an HTTP header injection attack...

7.5CVSS7.3AI score0.01216EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/29 3:52 p.m.69 views

USN-6670-1: php-guzzlehttp-psr7 vulnerabilities

It was discovered that php-guzzlehttp-psr7 incorrectly parsed HTTP headers. A remote attacker could possibly use these issues to perform an HTTP header injection attack...

7.5CVSS7.3AI score0.02384EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/29 2:24 p.m.106 views

USN-6653-3: Linux kernel (Low Latency) vulnerabilities

It was discovered that a race condition existed in the ATM Asynchronous Transfer Mode subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51780 It was...

7.8CVSS7AI score0.01999EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/29 2:24 p.m.48 views

USN-6651-3: Linux kernel (StarFive) vulnerabilities

It was discovered that a race condition existed in the ATM Asynchronous Transfer Mode subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51780 It was...

7.8CVSS7.2AI score0.12836EPSS
Exploits9
Ubuntu
Ubuntu
added 2024/02/29 2:23 p.m.54 views

USN-6647-2: Linux kernel (Azure) vulnerabilities

It was discovered that a race condition existed in the ATM Asynchronous Transfer Mode subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51780 It was...

7CVSS7AI score0.00515EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/28 6:18 p.m.62 views

USN-6648-2: Linux kernel (Azure) vulnerabilities

It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51781 Zhenghan Wang discover...

7.8CVSS7.2AI score0.01999EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/28 5:52 p.m.64 views

USN-6653-2: Linux kernel (AWS) vulnerabilities

It was discovered that a race condition existed in the ATM Asynchronous Transfer Mode subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51780 It was...

7.8CVSS7AI score0.01999EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/28 5:12 p.m.55 views

USN-6651-2: Linux kernel vulnerabilities

It was discovered that a race condition existed in the ATM Asynchronous Transfer Mode subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51780 It was...

7.8CVSS7.2AI score0.12836EPSS
Exploits9
Ubuntu
Ubuntu
added 2024/02/28 1:35 p.m.29 views

USN-6668-1: python-openstackclient vulnerability

It was discovered that when python-openstackclient attempted to delete a non-existing access rule, it would delete another existing access rule instead, contrary to expectations...

5.5CVSS5.7AI score0.00493EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/28 1:27 p.m.40 views

USN-6667-1: Cpanel-JSON-XS vulnerability

It was discovered that Cpanel-JSON-XS incorrectly decoded certain data. A remote attacker could use this issue to cause Cpanel-JSON-XS to crash, resulting in a denial of service, or possibly obtain sensitive information...

9.1CVSS5.4AI score0.00788EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/28 1:20 p.m.297 views

USN-6666-1: libuv vulnerability

It was discovered that libuv incorrectly truncated certain hostnames. A remote attacker could possibly use this issue with specially crafted hostnames to bypass certain checks...

7.3CVSS7AI score0.02003EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/02/28 1:10 p.m.63 views

USN-6665-1: Unbound vulnerabilities

Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Unbound incorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Unbound to consume resources, leading to a denial of service. CVE-2023-50387 It was discovered that...

7.5CVSS6.9AI score0.99995EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/02/27 6:31 p.m.385 views

USN-6644-2: LibTIFF vulnerabilities

USN-6644-1 fixed vulnerabilities in LibTIFF. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly u...

7.5CVSS6.7AI score0.02187EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/02/27 4:47 p.m.61 views

USN-6664-1: less vulnerability

It was discovered that less incorrectly handled certain file names. An attacker could possibly use this issue to cause a crash or execute arbitrary commands...

7.8CVSS6.5AI score0.01059EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/27 11:18 a.m.21 views

USN-6663-1: OpenSSL update

As a security improvement, OpenSSL will now return deterministic random bytes instead of an error when detecting wrong padding in PKCS1 v1.5 RSA to prevent its use in possible Bleichenbacher timing attacks...

5.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2024/02/27 10:17 a.m.70 views

USN-6305-2: PHP vulnerabilities

USN-6305-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled certain XML files. An attacker could possibly use this issue to...

9.8CVSS7.9AI score0.08003EPSS
Exploits4References1
Ubuntu
Ubuntu
added 2024/02/27 2:36 a.m.363 views

USN-6660-1: OpenJDK 11 vulnerabilities

Yi Yang discovered that the Hotspot component of OpenJDK 11 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. CVE-2024-20918 It was discovered that the Hotspot...

7.4CVSS7.2AI score0.01026EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/27 2:12 a.m.56 views

USN-6662-1: OpenJDK 21 vulnerabilities

Yi Yang discovered that the Hotspot component of OpenJDK 21 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. CVE-2024-20918 It was discovered that the Hotspot...

7.4CVSS7.2AI score0.00911EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/27 2:4 a.m.61 views

USN-6661-1: OpenJDK 17 vulnerabilities

Yi Yang discovered that the Hotspot component of OpenJDK 17 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. CVE-2024-20918 It was discovered that the Hotspot...

7.5CVSS7.2AI score0.00911EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/26 6:50 p.m.34 views

USN-6659-1: libde265 vulnerabilities

It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2022-43244, CVE-2022-43249, CVE-2022-43250,...

7.8CVSS7AI score0.00844EPSS
Exploits13
Ubuntu
Ubuntu
added 2024/02/26 1:57 p.m.275 views

USN-6658-1: libxml2 vulnerability

It was discovered that libxml2 incorrectly handled certain XML documents. A remote attacker could possibly use this issue to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.1AI score0.01375EPSS
Exploits3
Ubuntu
Ubuntu
added 2024/02/26 1:52 p.m.424 views

USN-6657-1: Dnsmasq vulnerabilities

Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Dnsmasq icorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. CVE-2023-50387 It was discovered that...

7.5CVSS6.9AI score0.99995EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/02/26 1:40 p.m.33 views

USN-6656-1: PostgreSQL vulnerability

It was discovered that PostgreSQL incorrectly handled dropping privileges when handling REFRESH MATERIALIZED VIEW CONCURRENTLY commands. If a user or automatic system were tricked into running a specially crafted command, a remote attacker could possibly use this issue to execute arbitrary SQL...

8CVSS7.7AI score0.01465EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/26 10:13 a.m.397 views

USN-6655-1: GNU binutils vulnerabilities

It was discovered that GNU binutils was not properly handling the logic behind certain memory management related operations, which could lead to an invalid memory access. An attacker could possibly use this issue to cause a denial of service. CVE-2022-47695 It was discovered that GNU binutils was...

7.8CVSS5.9AI score0.00654EPSS
Exploits3
Total number of security vulnerabilities10888