Lucene search
K
UbuntuRecent

10888 matches found

Ubuntu
Ubuntu
added 2024/02/26 3:46 a.m.34 views

USN-6654-1: Roundcube Webmail vulnerability

It was discovered that Roundcube Webmail incorrectly sanitized characters in the linkrefs text messages. An attacker could possibly use this issue to execute a cross-site scripting XSS attack. CVE-2023-43770...

6.1CVSS6.9AI score0.58483EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/02/23 9:41 p.m.66 views

USN-6653-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the ATM Asynchronous Transfer Mode subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51780 It was...

7.8CVSS7AI score0.01999EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/23 8:20 p.m.100 views

USN-6652-1: Linux kernel (Azure) vulnerabilities

Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service paravirtualized device unavailability. CVE-2023-34324 Zheng Wang discovered...

7.8CVSS7.2AI score0.12836EPSS
Exploits9
Ubuntu
Ubuntu
added 2024/02/23 7:36 p.m.69 views

USN-6651-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the ATM Asynchronous Transfer Mode subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51780 It was...

7.8CVSS7.2AI score0.12836EPSS
Exploits9
Ubuntu
Ubuntu
added 2024/02/23 5:54 p.m.51 views

USN-6650-1: Linux kernel (OEM) vulnerability

Zhenghan Wang discovered that the generic ID allocator implementation in the Linux kernel did not properly check for null bitmap when releasing IDs. A local attacker could use this to cause a denial of service system crash...

6.2CVSS6.8AI score0.00258EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/22 3:11 a.m.59 views

USN-6649-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2024-1547, CVE-2024-1548,...

9.8CVSS7.8AI score0.00937EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/02/22 1:12 a.m.84 views

USN-6648-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51781 Zhenghan Wang discover...

7.8CVSS7.2AI score0.01999EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/21 1:28 p.m.56 views

USN-6647-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the ATM Asynchronous Transfer Mode subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51780 It was...

7CVSS7AI score0.00515EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/21 10:40 a.m.34 views

USN-6584-2: Libspf2 vulnerabilities

USN-6584-1 fixed several vulnerabilities in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update provides the corresponding updates for CVE-2021-33912 and CVE-2021-33913 in Ubuntu 16.04 LTS. We apologize for the inconvenience. Original advisory details: Philipp Jeitner and Haya Shulman discovered...

9.8CVSS8.4AI score0.09643EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/02/20 8:6 p.m.46 views

USN-6646-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the ATM Asynchronous Transfer Mode subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51780 It was...

7CVSS7AI score0.00515EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/20 7:34 p.m.53 views

USN-6645-1: Linux kernel vulnerability

It was discovered that the netfilter connection tracker for netlink in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could possibly use this to cause a denial of service memory exhaustion...

5.5CVSS6.8AI score0.00301EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/20 12:2 p.m.50 views

USN-6625-3: Linux kernel (Raspberry Pi) vulnerabilities

Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service paravirtualized device unavailability. CVE-2023-34324 Zheng Wang discovered...

7CVSS7.4AI score0.00888EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/19 8:7 p.m.387 views

USN-6644-1: LibTIFF vulnerabilities

It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause the application to crash, resulting in a denial of service. CVE-2023-52356 It was discovered that LibTIFF incorrectly...

7.5CVSS6.7AI score0.02187EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/02/19 5:14 p.m.281 views

USN-6643-1: NPM IP vulnerability

Emre Durmaz discovered that NPM IP package incorrectly distinguished between private and public IP addresses. A remote attacker could possibly use this issue to perform Server-Side Request Forgery SSRF attacks...

9.8CVSS7AI score0.01613EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/02/19 2:0 p.m.84 views

USN-6642-1: Bind vulnerabilities

Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. CVE-2023-4408 Elias Heftrig, Haya Schulmann,...

7.5CVSS6.9AI score0.99995EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/02/19 8:44 a.m.35 views

USN-6641-1: curl vulnerability

Harry Sintonen discovered that curl incorrectly handled mixed case cookie domains. A remote attacker could possibly use this issue to set cookies that get sent to different and unrelated sites and domains...

6.5CVSS6.6AI score0.01685EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/02/15 11:14 p.m.53 views

USN-6626-3: Linux kernel (Azure) vulnerabilities

Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-32250, CVE-2023-32252, CVE-2023-32257...

9CVSS7.2AI score0.0406EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/15 6:5 p.m.392 views

USN-6640-1: shadow vulnerability

It was discovered that shadow was not properly sanitizing memory when running the password utility. An attacker could possibly use this issue to retrieve a password from memory, exposing sensitive information...

5.5CVSS6.6AI score0.00257EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/15 3:33 a.m.58 views

USN-6639-1: Linux kernel (OEM) vulnerabilities

It was discovered that a race condition existed in the ATM Asynchronous Transfer Mode subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-51780 It was...

7.8CVSS7.2AI score0.01999EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/15 3:2 a.m.44 views

USN-6628-2: Linux kernel (Intel IoTG) vulnerabilities

Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-32250, CVE-2023-32252, CVE-2023-32257...

9CVSS7.2AI score0.0406EPSS
Exploits2References1
Ubuntu
Ubuntu
added 2024/02/15 1:36 a.m.57 views

USN-6638-1: EDK II vulnerabilities

Marc Beatove discovered buffer overflows exit in EDK2. An attacker on the local network could potentially use this to impact availability or possibly cause remote code execution. CVE-2022-36763, CVE-2022-36764, CVE-2022-36765 It was discovered that a buffer overflows exists in EDK2's Network...

8.8CVSS8.4AI score0.02084EPSS
Exploits1References1
Ubuntu
Ubuntu
added 2024/02/14 4:11 p.m.34 views

USN-6636-1: ClamAV vulnerabilities

It was discovered that ClamAV incorrectly handled parsing certain OLE2 files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. CVE-2024-20290 Amit Schendel discovered that the ClamAV ClamD service incorrectly handled the VirusEvent featur...

7.5CVSS7.1AI score0.84841EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/14 2:32 p.m.50 views

USN-6629-3: UltraJSON vulnerabilities

USN-6629-1 fixed vulnerabilities in UltraJSON. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash...

7.5CVSS6.7AI score0.02283EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/02/14 8:17 a.m.26 views

USN-6635-1: Linux kernel (GCP) vulnerabilities

It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-37453 Lucas...

8.8CVSS7.2AI score0.09141EPSS
Exploits6
Ubuntu
Ubuntu
added 2024/02/14 8:1 a.m.84 views

USN-6608-2: Linux kernel (NVIDIA) vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could...

7.8CVSS7.1AI score0.00836EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/02/14 5:23 a.m.73 views

USN-6626-2: Linux kernel vulnerabilities

Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-32250, CVE-2023-32252, CVE-2023-32257...

9CVSS7.2AI score0.0406EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/14 2:58 a.m.39 views

USN-6629-2: UltraJSON vulnerability

USN-6629-1 fixed vulnerabilities in UltraJSON. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash...

5.5CVSS6.7AI score0.0155EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/02/14 1:41 a.m.48 views

USN-6629-1: UltraJSON vulnerabilities

It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash the program, resulting in a denial of service. CVE-2021-45958 Jake Miller discovered that UltraJSON incorrectly decoded certain characters. An...

7.5CVSS6.7AI score0.02283EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/02/13 9:53 p.m.40 views

USN-6634-1: .NET vulnerabilities

Brennan Conroy discovered that .NET with SignalR did not properly handle malicious clients. An attacker could possibly use this issue to cause a denial of service. CVE-2024-21386 Bahaa Naamneh discovered that .NET with OpenSSL support did not properly parse X509 certificates. An attacker could...

7.5CVSS8AI score0.02707EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/13 3:30 p.m.424 views

USN-6633-1: Bind vulnerabilities

Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. CVE-2023-4408 Elias Heftrig, Haya Schulmann,...

7.5CVSS6.9AI score0.99995EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/02/13 10:29 a.m.65 views

USN-6632-1: OpenSSL vulnerabilities

David Benjamin discovered that OpenSSL incorrectly handled excessively long X9.42 DH keys. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, leading to a denial of service. CVE-2023-5678 Bahaa Naamneh discovered that OpenSSL incorrectly handled certain malform...

5.5CVSS6.6AI score0.04459EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/12 1:7 p.m.43 views

USN-6631-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS7.7AI score0.10593EPSS
Exploits6
Ubuntu
Ubuntu
added 2024/02/12 1:1 p.m.25 views

USN-6630-1: Glance_store vulnerability

It was discovered that Glancestore incorrectly handled logging when the DEBUG log level is enabled. A local attacker could use this issue to obtain accesskey values...

5.5CVSS5.7AI score0.00226EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/09 12:4 p.m.71 views

USN-6628-1: Linux kernel (Intel IoTG) vulnerabilities

Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-32250, CVE-2023-32252, CVE-2023-32257...

9CVSS7.2AI score0.0406EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/02/08 7:42 p.m.50 views

USN-6625-2: Linux kernel (GCP) vulnerabilities

Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service paravirtualized device unavailability. CVE-2023-34324 Zheng Wang discovered...

7CVSS7.4AI score0.00888EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/08 1:48 p.m.78 views

USN-6627-1: libde265 vulnerabilities

It was discovered that libde265 could be made to read out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. CVE-2021-35452, CVE-2021-36411, CVE-2022-43238, CVE-2022-43241,...

9.8CVSS7.1AI score0.0202EPSS
Exploits18
Ubuntu
Ubuntu
added 2024/02/08 12:9 a.m.82 views

USN-6626-1: Linux kernel vulnerabilities

Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-32250, CVE-2023-32252, CVE-2023-32257...

9CVSS7.2AI score0.0406EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/07 10:33 p.m.58 views

USN-6625-1: Linux kernel vulnerabilities

Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service paravirtualized device unavailability. CVE-2023-34324 Zheng Wang discovered...

7CVSS7.4AI score0.00888EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/07 8:16 p.m.90 views

USN-6624-1: Linux kernel vulnerabilities

Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service paravirtualized device unavailability. CVE-2023-34324 Zheng Wang discovered...

7.8CVSS7.2AI score0.00888EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/07 7:24 a.m.41 views

LSN-0100-1: Kernel Live Patch Security Notice

It was discovered that the SMB network file sharing protocol implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary...

7.8CVSS7.1AI score0.0047EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/07 4:31 a.m.46 views

USN-6610-2: Firefox regressions

USN-6610-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potential...

7.8AI score
Exploits0References1
Ubuntu
Ubuntu
added 2024/02/06 4:52 p.m.67 views

USN-6609-3: Linux kernel (Oracle) vulnerabilities

Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6040 It was discovered that the CIFS...

7.8CVSS7.2AI score0.00836EPSS
Exploits2
Ubuntu
Ubuntu
added 2024/02/06 3:32 p.m.39 views

USN-6623-1: Django vulnerability

It was discovered that Django incorrectly handled certain inputs that uses intcomma template filter. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7AI score0.01606EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/05 1:2 p.m.376 views

USN-6592-2: libssh vulnerabilities

USN-6592-1 fixed vulnerabilities in libssh. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that libssh incorrectly handled the ProxyCommand and the ProxyJump features. A remote attacker could possibly use this...

5.3CVSS7AI score0.01421EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/05 12:18 p.m.344 views

USN-6622-1: OpenSSL vulnerabilities

David Benjamin discovered that OpenSSL incorrectly handled excessively long X9.42 DH keys. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, leading to a denial of service. CVE-2023-5678 Sverker Eriksson discovered that OpenSSL incorrectly handled POLY1304 MAC...

6.5CVSS6.8AI score0.04459EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/01 5:45 p.m.366 views

USN-6621-1: ImageMagick vulnerability

It was discovered that ImageMagick incorrectly handled certain values when processing BMP files. An attacker could exploit this to cause a denial of service...

6.2CVSS6.6AI score0.00437EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/02/01 1:22 p.m.57 views

USN-6587-4: X.Org X Server regression

USN-6587-1 fixed vulnerabilities in X.Org X Server. The fix was incomplete resulting in a possible regression. This update fixes the problem. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and...

7.1AI score
Exploits0References1
Ubuntu
Ubuntu
added 2024/02/01 12:41 p.m.47 views

USN-6620-1: GNU C Library vulnerabilities

It was discovered that the GNU C Library incorrectly handled the syslog function call. A local attacker could use this issue to execute arbitrary code and possibly escalate privileges...

8.4CVSS7.1AI score0.04794EPSS
Exploits9
Ubuntu
Ubuntu
added 2024/01/31 8:17 p.m.301 views

USN-6619-1: runC vulnerability

Rory McNamara discovered that runC did not properly manage internal file descriptor while managing containers. An attacker could possibly use this issue to obtain sensitive information or bypass container restrictions...

8.6CVSS7.4AI score0.18087EPSS
Exploits18
Ubuntu
Ubuntu
added 2024/01/31 1:34 p.m.54 views

USN-6591-2: Postfix update

USN-6591-1 fixed vulnerabilities in Postfix. A fix with less risk of regression has been made available since the last update. This update updates the fix and aligns with the latest configuration guidelines regarding this vulnerability. We apologize for the inconvenience. Original advisory detail...

5.3CVSS5.7AI score0.02598EPSS
Exploits4References2
Total number of security vulnerabilities10888