Lucene search
K
UbuntuRecent

10888 matches found

Ubuntu
Ubuntu
added 2023/12/11 11:40 a.m.65 views

USN-6500-2: Squid vulnerabilities

USN-6500-1 fixed several vulnerabilities in Squid. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Joshua Rogers discovered that Squid incorrectly handled the Gopher protocol. A remote attacker could possibly use this issue to...

8.6CVSS7.3AI score0.85944EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/12/11 11:18 a.m.71 views

USN-6544-1: GNU binutils vulnerabilities

It was discovered that GNU binutils incorrectly handled certain COFF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. CVE-2022-38533 It was discovered that GNU binutils was not properly performing bounds checks...

8.8CVSS7AI score0.00698EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/12/11 12:26 a.m.39 views

USN-6543-1: GNU Tar vulnerability

It was discovered that tar incorrectly handled extended attributes in PAX archives. An attacker could use this issue to cause tar to crash, resulting in a denial of service...

6.2CVSS6.5AI score0.00283EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/12/07 5:50 p.m.46 views

USN-6542-1: TinyXML vulnerability

Wang Zhong discovered that TinyXML incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.2AI score0.03055EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/12/07 4:24 p.m.387 views

USN-6541-1: GNU C Library vulnerabilities

It was discovered that the GNU C Library was not properly handling certain memory operations. An attacker could possibly use this issue to cause a denial of service application crash. CVE-2023-4806, CVE-2023-4813 It was discovered that the GNU C library was not properly implementing a fix for...

7.5CVSS6.5AI score0.01669EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/12/07 11:0 a.m.68 views

USN-6522-2: FreeRDP vulnerabilities

USN-6522-1 fixed several vulnerabilities in FreeRDP. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: It was discovered that FreeRDP incorrectly handled drive redirection. If a user were tricked into connection to a malicious server, a remote attacker...

9.8CVSS7.5AI score0.01529EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/12/07 4:7 a.m.69 views

USN-6540-1: BlueZ vulnerability

It was discovered that BlueZ did not properly restrict non-bonded devices from injecting HID events into the input subsystem. This could allow a physically proximate attacker to inject keystrokes and execute arbitrary commands whilst the device is discoverable...

6.3CVSS6.9AI score0.07879EPSS
Exploits8
Ubuntu
Ubuntu
added 2023/12/06 3:22 p.m.72 views

USN-6539-1: python-cryptography vulnerabilities

It was discovered that the python-cryptography Cipher.updateinto function would incorrectly accept objects with immutable buffers. This would result in corrupted output, contrary to expectations. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. CVE-2023-23931 It was...

7.5CVSS6.6AI score0.01301EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/12/06 3:11 p.m.75 views

USN-6538-1: PostgreSQL vulnerabilities

Jingzhou Fu discovered that PostgreSQL incorrectly handled certain unknown arguments in aggregate function calls. A remote attacker could possibly use this issue to obtain sensitive information. CVE-2023-5868 Pedro Gallegos discovered that PostgreSQL incorrectly handled modifying certain SQL arra...

8.8CVSS7.2AI score0.04322EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/12/06 1:55 p.m.52 views

USN-6537-1: Linux kernel (GCP) vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Lucas Leong discovered that the netfilter subsystem in the...

8.8CVSS7.2AI score0.09141EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/12/06 1:34 p.m.89 views

USN-6536-1: Linux kernel vulnerabilities

Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service system crash or possibly expose sensitive information kernel memory. CVE-2023-39189 Kyle Zeng...

8.8CVSS7.4AI score0.09141EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/12/06 12:11 p.m.80 views

USN-6535-1: curl vulnerabilities

Harry Sintonen discovered that curl incorrectly handled mixed case cookie domains. A remote attacker could possibly use this issue to set cookies that get sent to different and unrelated sites and domains. CVE-2023-46218 Maksymilian Arciemowicz discovered that curl incorrectly handled long file...

6.5CVSS6.5AI score0.01685EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/12/06 9:43 a.m.60 views

USN-6463-2: Open VM Tools vulnerabilities

USN-6463-1 fixed vulnerabilities in Open VM Tools. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker with Guest Operations privileges could...

7.5CVSS6.7AI score0.00667EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/12/05 11:21 p.m.95 views

USN-6534-1: Linux kernel vulnerabilities

It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-37453 Lin Ma...

8.8CVSS7AI score0.09141EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/12/05 9:59 p.m.89 views

USN-6533-1: Linux kernel (OEM) vulnerabilities

Tom Dohrmann discovered that the Secure Encrypted Virtualization SEV implementation for AMD processors in the Linux kernel contained a race condition when accessing MMIO registers. A local attacker in a SEV guest VM could possibly use this to cause a denial of service system crash or possibly...

7CVSS7AI score0.00693EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/12/05 9:13 p.m.106 views

USN-6532-1: Linux kernel vulnerabilities

Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. CVE-2023-20593 Yu Hao discovered that the UBI driver in the Linux kernel did not properly check...

7.8CVSS7.9AI score0.05794EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/12/05 4:35 p.m.501 views

USN-6531-1: Redis vulnerabilities

Seiya Nakata and Yudai Fujiwara discovered that Redis incorrectly handled certain specially crafted Lua scripts. An attacker could possibly use this issue to cause heap corruption and execute arbitrary code. CVE-2022-24834 SeungHyun Lee discovered that Redis incorrectly handled specially crafted...

8.8CVSS7.5AI score0.59706EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/12/05 1:12 p.m.60 views

USN-6530-1: HAProxy vulnerability

It was discovered that HAProxy incorrectly handled URI components containing the hash character . A remote attacker could possibly use this issue to obtain sensitive information, or to bypass certain pathend rules...

8.2CVSS6.9AI score0.01526EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/12/04 6:7 p.m.854 views

USN-6529-1: Request Tracker vulnerabilities

It was discovered that Request Tracker incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. CVE-2021-38562, CVE-2022-25802, CVE-2023-41259,...

7.5CVSS6.9AI score0.01707EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/12/04 2:22 a.m.38 views

USN-6509-2: Firefox regressions

USN-6509-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...

8AI score0.01406EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2023/11/30 5:56 p.m.69 views

USN-6494-2: Linux kernel vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Lucas Leong discovered that the netfilter subsystem in the...

7.8CVSS7.3AI score0.00856EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/11/30 5:38 p.m.72 views

USN-6495-2: Linux kernel vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Manfred Rudigier discovered that the IntelR PCI-Express Gigab...

7.5CVSS7.5AI score0.00544EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/30 5:24 p.m.151 views

USN-6496-2: Linux kernel vulnerabilities

Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. CVE-2023-25775 Yu Hao discover...

9.8CVSS7.2AI score0.00986EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/30 4:56 p.m.64 views

USN-6502-4: Linux kernel vulnerabilities

Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. CVE-2023-25775 Yu Hao discover...

9.8CVSS7.5AI score0.00986EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/29 11:0 p.m.64 views

USN-6528-1: OpenJDK 8 vulnerabilities

It was discovered that the HotSpot VM implementation in OpenJDK did not properly validate bytecode blocks in certain situations. An attacker could possibly use this to cause a denial of service. CVE-2022-40433 Carter Kozak discovered that OpenJDK, when compiling with AVX-512 instruction support...

5.3CVSS6.4AI score0.014EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/29 9:56 p.m.60 views

USN-6527-1: OpenJDK vulnerabilities

Carter Kozak discovered that OpenJDK, when compiling with AVX-512 instruction support enabled, could produce code that resulted in memory corruption in certain situations. An attacker targeting applications built in this way could possibly use this to cause a denial of service or execute arbitrar...

5.3CVSS6.4AI score0.014EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/29 5:48 p.m.89 views

USN-6526-1: GStreamer Bad Plugins vulnerabilities

It was discovered that GStreamer Bad Plugins incorrectly handled certain media files. A remote attacker could use this issue to cause GStreamer Bad Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.8CVSS7.1AI score0.02189EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/29 5:39 p.m.17 views

USN-6519-2: EC2 hibagent update

USN-6519-1 added IMDSv2 support to EC2 hibagent. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: The EC2 hibagent package has been updated to add IMDSv2 support, as IMDSv1 uses an insecure protocol and is no longer recommended...

5.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2023/11/29 3:51 p.m.72 views

USN-6525-1: pysha3 vulnerability

Nicky Mouha discovered that pysha incorrectly handled certain SHA-3 operations. An attacker could possibly use this issue to cause pysha3 to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.4AI score0.05193EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/11/29 3:46 p.m.68 views

USN-6524-1: PyPy vulnerability

Nicky Mouha discovered that PyPy incorrectly handled certain SHA-3 operations. An attacker could possibly use this issue to cause PyPy to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.4AI score0.05193EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/11/29 1:41 p.m.48 views

USN-6523-1: u-boot-nezha vulnerability

It was discovered that U-Boot incorrectly handled certain USB DFU download setup packets. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2022-2347 Nicolas Bidron and Nicolas Guigo discovered that U-Boot...

7.8CVSS7.8AI score0.0058EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/11/29 1:34 p.m.57 views

USN-6522-1: FreeRDP vulnerabilities

It was discovered that FreeRDP incorrectly handled drive redirection. If a user were tricked into connection to a malicious server, a remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly obtain sensitive information. CVE-2022-41877 It was...

9.8CVSS7.5AI score0.01529EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/11/29 1:17 p.m.53 views

USN-6521-1: GIMP vulnerabilities

It was discovered that GIMP incorrectly handled certain image files. If a user were tricked into opening a specially crafted image, an attacker could use this issue to cause GIMP to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS6.9AI score0.93639EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/11/28 8:17 p.m.90 views

USN-6502-3: Linux kernel (NVIDIA) vulnerabilities

Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. CVE-2023-25775 Yu Hao discover...

9.8CVSS7.5AI score0.00986EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/28 8:1 p.m.68 views

USN-6520-1: Linux kernel (StarFive) vulnerabilities

Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. CVE-2023-25775 Yu Hao and...

9.8CVSS7.5AI score0.54577EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/11/28 6:11 p.m.32 views

USN-6519-1: EC2 hibagent update

The EC2 hibagent package has been updated to add IMDSv2 support, as IMDSv1 uses an insecure protocol and is no longer recommended...

5.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2023/11/28 4:24 p.m.38 views

USN-6518-1: AFFLIB vulnerability

Luis Rocha discovered that AFFLIB incorrectly handled certain input files. If a user or automated system were tricked into processing a specially crafted AFF image file, a remote attacker could possibly use this issue to cause a denial of service via application crash. CVE-2018-8050...

6.5CVSS6.5AI score0.01607EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/28 1:11 p.m.61 views

USN-6508-2: poppler regression

USN-6508-1 fixed vulnerabilities in poppler. The update introduced one minor regression in Ubuntu 18.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or a...

7AI score
Exploits0References1
Ubuntu
Ubuntu
added 2023/11/28 10:40 a.m.51 views

LSN-0099-1: Kernel Live Patch Security Notice

It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service host NIC availability.CVE-2022-3643 It was discovered that the virtual terminal driver in th...

7.8CVSS7.6AI score0.00958EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/11/27 6:11 p.m.78 views

USN-6513-2: Python vulnerability

USN-6513-1 fixed vulnerabilities in Python. This update provides the corresponding updates for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. Original advisory details: It was discovered that Python incorrectly handled certain plist files. If a user or an automated system were tricked into...

5.3CVSS7.1AI score0.01447EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/11/27 3:59 p.m.38 views

USN-6402-2: LibTomMath vulnerability

USN-6402-1 fixed vulnerabilities in LibTomMath. This update provides the corresponding updates for Ubuntu 23.10. Original advisory details: It was discovered that LibTomMath incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code and cause a denial ...

9.8CVSS8.6AI score0.01254EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/27 2:15 p.m.82 views

USN-6517-1: Perl vulnerabilities

It was discovered that Perl incorrectly handled printing certain warning messages. An attacker could possibly use this issue to cause Perl to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS. CVE-2022-48522 Nathan Mills discovered that Perl incorrectly...

9.8CVSS7AI score0.02046EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/11/27 2:8 p.m.68 views

USN-6502-2: Linux kernel (Oracle) vulnerabilities

Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. CVE-2023-25775 Yu Hao discover...

9.8CVSS7.5AI score0.00986EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/27 1:41 p.m.67 views

USN-6516-1: Linux kernel (Intel IoTG) vulnerabilities

Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. CVE-2023-25775 Yu Hao and...

9.8CVSS7.5AI score0.00986EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/27 5:45 a.m.53 views

USN-6515-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

8.8CVSS8AI score0.01406EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/26 11:54 p.m.51 views

USN-6514-1: Open vSwitch vulnerability

It was discovered that Open vSwitch did not correctly handle OpenFlow rules for ICMPv6 Neighbour Advertisement packets. A local attacker could possibly use this issue to redirect traffic to arbitrary IP addresses...

7.1CVSS6.7AI score0.00389EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/11/23 9:29 p.m.59 views

USN-6513-1: Python vulnerabilities

It was discovered that Python incorrectly handled certain plist files. If a user or an automated system were tricked into processing a specially crafted plist file, an attacker could possibly use this issue to consume resources, resulting in a denial of service. CVE-2022-48564 It was discovered...

6.5CVSS7.1AI score0.01447EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/11/23 9:6 p.m.55 views

USN-6512-1: LibTIFF vulnerabilities

It was discovered that LibTIFF could be made to run into an infinite loop. If a user or an automated system were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause a denial of service. CVE-2022-40090 It was discovered that LibTIFF could be made...

6.5CVSS6.7AI score0.00805EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/11/23 1:50 p.m.53 views

USN-6511-1: OpenZFS vulnerability

It was discovered that the OpenZFS sharenfs feature incorrectly handled IPv6 address data. This could result in IPv6 restrictions not being applied, contrary to expectations...

7.5CVSS7.2AI score0.02084EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/11/23 10:32 a.m.114 views

USN-6510-1: Apache HTTP Server vulnerability

David Shoon discovered that the Apache HTTP Server modmacro module incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service...

7.5CVSS7.5AI score0.02978EPSS
Exploits0
Total number of security vulnerabilities10888