Lucene search
K
UbuntuRecent

10888 matches found

Ubuntu
Ubuntu
•added 2023/11/23 5:39 a.m.•68 views

USN-6509-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-6206, CVE-2023-6210,...

8.8CVSS8AI score0.01406EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/23 2:47 a.m.•405 views

USN-6508-1: poppler vulnerabilities

It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked into opening a specially crafted PDF file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu...

7.5CVSS7AI score0.00959EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/11/22 4:12 p.m.•39 views

USN-6507-1: GlusterFS vulnerability

It was discovered that GlusterFS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GlusterFS to crash, resulting in a denial of service...

7.5CVSS7.3AI score0.00871EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/11/22 2:55 p.m.•84 views

USN-6506-1: Apache HTTP Server vulnerabilities

David Shoon discovered that the Apache HTTP Server modmacro module incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. CVE-2023-31122 Prof. Sven Dietrich, Isa Jafarov, Prof. Heejo Lee, and...

7.5CVSS7.5AI score0.70595EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/11/22 2:45 p.m.•107 views

USN-6505-1: nghttp2 vulnerability

It was discovered that nghttp2 incorrectly handled request cancellation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service...

7.5CVSS7.2AI score0.99999EPSS
Exploits19
Ubuntu
Ubuntu
•added 2023/11/22 1:2 p.m.•49 views

USN-6504-1: tracker-miners vulnerability

It was discovered that tracker-miners incorrectly handled sandboxing. If a second security issue was discovered in tracker-miners, an attacker could possibly use this issue in combination with it to escape the sandbox...

7.7CVSS7.2AI score0.00867EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/11/21 7:58 p.m.•70 views

USN-6503-1: Linux kernel vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Bien Pham discovered that the netfiler subsystem in the Linux...

7.8CVSS7.2AI score0.0047EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/21 7:16 p.m.•169 views

USN-6502-1: Linux kernel vulnerabilities

Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. CVE-2023-25775 Yu Hao discover...

9.8CVSS7.5AI score0.00986EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/21 4:36 p.m.•289 views

USN-6501-1: RabbitMQ vulnerability

It was discovered that RabbitMQ incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denial of service...

4.9CVSS5.8AI score0.01077EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/21 3:42 p.m.•79 views

USN-6500-1: Squid vulnerabilities

Joshua Rogers discovered that Squid incorrectly handled validating certain SSL certificates. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. CVE-2023-46724 Joshua...

9.3CVSS6.9AI score0.85944EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/21 3:30 p.m.•140 views

USN-6495-1: Linux kernel vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Manfred Rudigier discovered that the IntelR PCI-Express Gigab...

7.5CVSS7.5AI score0.00544EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/21 3:29 p.m.•45 views

USN-6499-1: GnuTLS vulnerability

It was discovered that GnuTLS had a timing side-channel when handling certain RSA-PSK key exchanges. A remote attacker could possibly use this issue to recover sensitive information...

5.9CVSS6.8AI score0.01257EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/21 3:24 p.m.•49 views

USN-6498-1: FRR vulnerabilities

It was discovered that FRR incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service...

9.8CVSS7.4AI score0.00939EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/21 3:23 p.m.•58 views

USN-6492-1: Mosquitto vulnerabilities

Kathrin Kleinhammer discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. CVE-2021-34431...

7.5CVSS6.6AI score0.01367EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/11/21 3:17 p.m.•80 views

USN-6497-1: Linux kernel (OEM) vulnerabilities

Maxim Levitsky discovered that the KVM nested virtualization SVM implementation for AMD processors in the Linux kernel did not properly handle x2AVIC MSRs. An attacker in a guest VM could use this to cause a denial of service host kernel crash. CVE-2023-5090 Alon Zahavi discovered that the...

8.8CVSS7.4AI score0.09141EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/11/21 3:14 p.m.•424 views

USN-6496-1: Linux kernel vulnerabilities

Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. CVE-2023-25775 Yu Hao discover...

9.8CVSS7.2AI score0.00986EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/21 2:55 p.m.•107 views

USN-6494-1: Linux kernel vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Lucas Leong discovered that the netfilter subsystem in the...

7.8CVSS7.3AI score0.00856EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/11/21 2:34 p.m.•17 views

USN-6493-2: hibagent update

USN-6493-1 fixed a vulnerability in hibagent. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: On Ubuntu 18.04 LTS and Ubuntu 16.04 LTS, the hibagent package has been updated to add IMDSv2 support, as IMDSv1 uses an insecure...

5.3AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/11/21 12:59 p.m.•24 views

USN-6493-1: hibagent update

On Ubuntu 20.04 LTS and Ubuntu 22.04 LTS, the hibagent package has been updated to add IMDSv2 support, as IMDSv1 uses an insecure protocol and is no longer recommended. In addition, on all releases, hibagent has been updated to do nothing if ODH is configured...

5.3AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/11/21 9:15 a.m.•68 views

USN-6491-1: Node.js vulnerabilities

Axel Chong discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2022-32212 Zeyu Zhang discovered that Node.js incorrectl...

8.1CVSS7.5AI score0.77278EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/11/20 4:4 p.m.•33 views

USN-6489-1: Tang vulnerability

Brian McDermott discovered that Tang incorrectly handled permissions when creating/rotating keys. A local attacker could possibly use this issue to read the keys...

5.3CVSS5.6AI score0.00568EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/11/20 3:59 p.m.•52 views

USN-6490-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS7AI score0.01736EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/20 3:46 p.m.•55 views

USN-6488-1: strongSwan vulnerability

Florian Picca discovered that strongSwan incorrectly handled certain DH public values. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS8.3AI score0.0229EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/20 3:29 p.m.•390 views

USN-6487-1: Avahi vulnerabilities

Evgeny Vereshchagin discovered that Avahi contained several reachable assertions, which could lead to intentional assertion failures when specially crafted user input was given. An attacker could possibly use this issue to cause a denial of service. CVE-2023-38469, CVE-2023-38470, CVE-2023-38471,...

6.2CVSS6.6AI score0.00314EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/20 10:15 a.m.•29 views

USN-6486-1: iniParser vulnerability

It was discovered that iniParser incorrectly handled certain files. An attacker could possibly use this issue to cause a crash...

5.5CVSS5.6AI score0.0041EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/11/17 12:12 a.m.•81 views

USN-6485-1: Intel Microcode vulnerability

Benoit Morgan, Paul Grosen, Thais Moreira Hamasaki, Ke Sun, Alyssa Milburn, Hisham Shafi, Nir Shlomovich, Tavis Ormandy, Daniel Moghimi, Josh Eads, Salman Qazi, Alexandra Sandulescu, Andy Nguyen, Eduardo Vela, Doug Kwan, and Kostik Shtoyk discovered that some IntelR Processors did not properly...

8.8CVSS7.7AI score0.01728EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/16 1:9 p.m.•62 views

USN-6484-1: OpenVPN vulnerabilities

It was discovered that OpenVPN incorrectly handled the --fragment option in certain configurations. A remote attacker could possibly use this issue to cause OpenVPN to crash, resulting in a denial of service. CVE-2023-46849 It was discovered that OpenVPN incorrectly handled certain memory...

9.8CVSS8.4AI score0.01982EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/15 2:51 p.m.•394 views

USN-6480-1: .NET vulnerabilities

Barry Dorrans discovered that .NET did not properly implement certain security features for Blazor server forms. An attacker could possibly use this issue to bypass validation, which could trigger unintended actions. CVE-2023-36558 Piotr Bazydlo discovered that .NET did not properly handle...

9.8CVSS7.5AI score0.12512EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/15 2:31 p.m.•33 views

USN-6483-1: HTML Tidy vulnerability

Neeraj Pal discovered that HTML Tidy incorrectly handled parsing certain HTML data. If a user or automated system were tricked into parsing specially crafted HTML data, a remote attacker could cause HTML Tidy to consume resources, leading to a denial of service, or possibly execute arbitrary code...

9.8CVSS8.3AI score0.01128EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/11/15 2:24 p.m.•72 views

USN-6482-1: Quagga vulnerabilities

It was discovered that Quagga incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause Quagga to crash, resulting in a denial of service...

9.1CVSS7.3AI score0.01578EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/11/15 2:20 p.m.•56 views

USN-6481-1: FRR vulnerabilities

It was discovered that FRR incorrectly handled certain malformed NLRI data. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. CVE-2023-46752 It was discovered that FRR incorrectly handled certain BGP UPDATE messages. A remote attacker could...

5.9CVSS6.6AI score0.00849EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/15 11:27 a.m.•75 views

USN-6473-2: pip vulnerabilities

USN-6473-1 fixed vulnerabilities in urllib3. This update provides the corresponding updates for the urllib3 module bundled into pip. Original advisory details: It was discovered that urllib3 didn't strip HTTP Authorization header on cross-origin redirects. A remote attacker could possibly use thi...

8.1CVSS7.2AI score0.01207EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/15 9:38 a.m.•78 views

USN-6449-2: FFmpeg regression

USN-6449-1 fixed vulnerabilities in FFmpeg. Unfortunately that update could introduce a regression in tools using an FFmpeg library, like VLC. This updated fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that FFmpeg incorrectly managed memory...

7.1AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/11/14 10:15 p.m.•68 views

USN-6479-1: Linux kernel (OEM) vulnerabilities

Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service system crash. CVE-2023-42756 Alex Birnberg discovered that the netfilter subsystem in the Linux...

7.8CVSS6.8AI score0.00396EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/11/14 10:43 a.m.•149 views

USN-6478-1: Traceroute vulnerability

It was discovered that Traceroute did not properly parse command line arguments. An attacker could possibly use this issue to execute arbitrary commands...

5.5CVSS6.5AI score0.00367EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/11/14 9:44 a.m.•377 views

USN-6477-1: procps-ng vulnerability

It was discovered that the procps-ng ps tool incorrectly handled memory. An attacker could possibly use this issue to cause procps-ng to crash, resulting in a denial of service...

3.3CVSS6.5AI score0.00239EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/14 4:26 a.m.•55 views

USN-6456-2: Firefox regressions

USN-6456-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...

7.8AI score0.01585EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2023/11/13 3:26 p.m.•44 views

USN-6476-1: Memcached vulnerabilities

It was discovered that Memcached incorrectly handled certain multiget requests in proxy mode. A remote attacker could use this issue to cause Memcached to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2023-46852 It was discovered that Memcached incorrectly handl...

9.8CVSS7.5AI score0.00778EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/13 3:4 p.m.•47 views

USN-6475-1: Cobbler vulnerabilities

It was discovered that Cobbler did not properly handle user input, which could result in an absolute path traversal. An attacker could possibly use this issue to read arbitrary files. CVE-2014-3225 It was discovered that Cobbler did not properly handle user input, which could result in command...

10CVSS8.3AI score0.88482EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/11/10 10:25 a.m.•87 views

USN-6465-3: Linux kernel (GKE) vulnerabilities

Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2023-31083 Lin Ma discovered that the Netlink...

5.5CVSS6.7AI score0.00454EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/10 10:16 a.m.•70 views

USN-6462-2: Linux kernel (IoT) vulnerabilities

Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information kernel memory or in conjunction with another kernel vulnerability. CVE-2023-0597 Yu Hao and Weite...

5.5CVSS6.5AI score0.00454EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/08 1:47 p.m.•101 views

USN-6474-1: xrdp vulnerabilities

It was discovered that xrdp incorrectly handled validation of client-supplied data, which could lead to out-of-bounds reads. An attacker could possibly use this issue to crash the program or extract sensitive information. CVE-2022-23479, CVE-2022-23481, CVE-2022-23483, CVE-2023-42822 It was...

9.8CVSS7.1AI score0.00892EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/07 2:20 p.m.•396 views

USN-6473-1: urllib3 vulnerabilities

It was discovered that urllib3 didn't strip HTTP Authorization header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2018-25091 It was discovered that urllib3 didn't...

8.1CVSS7.2AI score0.01207EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/07 7:58 a.m.•43 views

USN-6472-1: GNU Scientific Library vulnerability

It was discovered that GNU Scientific Library incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

6.5CVSS6.8AI score0.00883EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/06 9:36 a.m.•58 views

USN-6467-2: Kerberos vulnerability

USN-6467-1 fixed a vulnerability in Kerberos. This update provides the corresponding update for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.04. Original advisory details: Robert Morris discovered that Kerberos did not properly handle memory access when processing RPC data through kadmind,...

6.5CVSS7.1AI score0.02107EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/02 8:36 p.m.•376 views

USN-6471-1: libsndfile vulnerability

It was discovered that libsndfile contained multiple arithmetic overflows. If a user or automated system were tricked into processing a specially crafted audio file, an attacker could possibly use this issue to cause a denial of service...

7.8CVSS7.4AI score0.00351EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/11/02 10:20 a.m.•53 views

USN-6469-1: xrdp vulnerability

Ashley Newson discovered that xrdp incorrectly handled memory when processing certain incoming connections. An attacker could possibly use this issue to cause a denial of service or arbitrary code execution...

7.8CVSS7.7AI score0.02404EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/02 9:23 a.m.•58 views

USN-6470-1: Axis vulnerability

It was discovered that Axis incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2023-40743...

9.8CVSS8.4AI score0.01931EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/02 3:30 a.m.•76 views

USN-6468-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

9.8CVSS7.7AI score0.01585EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/01 9:27 p.m.•67 views

USN-6454-4: Linux kernel (StarFive) vulnerabilities

Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service system crash. CVE-2023-42756 Alex Birnberg discovered that the netfilter subsystem in the Linux...

7.8CVSS6.8AI score0.00396EPSS
Exploits2
Total number of security vulnerabilities10888