Lucene search
K
UbuntuRecent

10868 matches found

Ubuntu
Ubuntu
•added 2026/05/19 8:36 a.m.•10 views

USN-8273-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - NVME drivers; - IPv4 networking; CVE-2024-50304, CVE-2026-23112, CVE-2026-23209...

9.8CVSS6.8AI score0.00399EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/19 7:40 a.m.•13 views

USN-8272-1: Smarty vulnerability

Takuya Aramaki discovered that Smarty did not properly escape JavaScript code. An attacker could possibly use this issue to conduct a cross-site scripting attack...

7.1CVSS6.9AI score0.01016EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/14 12:3 p.m.•19 views

USN-8271-1: nginx vulnerability

It was discovered that the nginx ngxhttprewritemodule component incorrectly handled certain rewrite directives. A remote attacker could use this issue to cause nginx to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.2CVSS6.2AI score0.61469EPSS
Exploits39
Ubuntu
Ubuntu
•added 2026/05/12 3:21 p.m.•15 views

USN-8269-1: Avahi vulnerabilities

It is discovered that Avahi incorrectly handled crafted input. A remote attacker could possibly use this issue to crash the program, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 24.04...

6.5CVSS5.8AI score0.00252EPSS
Exploits1
Ubuntu
Ubuntu
•added 2026/05/12 2:53 p.m.•15 views

USN-8270-1: Exim vulnerability

It was discovered that Exim incorrectly handled BDAT body parsing. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code...

6AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2026/05/12 9:23 a.m.•13 views

USN-8268-1: Dnsmasq vulnerabilities

Andrew S. Fasano, Royce M, and Hugo Martinez Ray discovered that Dnsmasq did not allocate the necessary space to store domain names in some contexts. An attacker could possibly use this issue to write out-of-bounds, and could cause a denial of service or execute arbitrary code. CVE-2026-2291 Royc...

8.8CVSS6.2AI score0.06662EPSS
Exploits4
Ubuntu
Ubuntu
•added 2026/05/11 4:26 p.m.•11 views

USN-8267-1: Linux kernel vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

7.8CVSS7.4AI score0.00293EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2026/05/11 3:8 p.m.•12 views

USN-8266-1: Linux kernel vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

7.8CVSS6AI score0.00293EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2026/05/11 2:2 p.m.•19 views

USN-8255-2: Linux kernel (Azure) vulnerabilities

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 Shir Tamari and Sagi Tzadik...

9.8CVSS6.1AI score0.15783EPSS
Exploits14
Ubuntu
Ubuntu
•added 2026/05/11 1:53 p.m.•13 views

USN-8254-2: Linux kernel (NVIDIA) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - NVME drivers; - Netfilter; CVE-2026-23112, CVE-2026-23231, CVE-2026-23273...

9.8CVSS5.9AI score0.00812EPSS
Exploits1
Ubuntu
Ubuntu
•added 2026/05/11 1:31 p.m.•14 views

USN-8180-6: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...

8.8CVSS5.9AI score0.0071EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/11 12:47 p.m.•16 views

USN-8265-1: Linux kernel (NVIDIA Tegra) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS6AI score0.00378EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/11 12:12 p.m.•20 views

USN-8200-3: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - GPU drivers; - I2C subsystem; - Network traffic control; CVE-2022-49046,...

7.8CVSS5.9AI score0.00255EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/11 11:0 a.m.•13 views

USN-8263-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain malformed image files in certain instances. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could possibly use these issues to cause a denial of service or possibly...

9.8CVSS5.9AI score0.00671EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/08 2:22 p.m.•13 views

USN-8248-2: NASM regression

USN-8248-1 fixed vulnerabilities in NASM. Unfortunately the update introduced a regression which could cause NASM to crash. This update fixes the problem by reverting the fix for CVE-2021-33450 and CVE-2021-33452 in Ubuntu 24.04 LTS. We apologize for the inconvenience. Original advisory details:...

5.5CVSS6.4AI score0.00315EPSS
Exploits2References1
Ubuntu
Ubuntu
•added 2026/05/08 9:9 a.m.•16 views

USN-8262-1: Lua vulnerability

It was discovered that the Lua parser incorrectly handled garbage collection when processing specially crafted Lua scripts. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

9.9CVSS6.3AI score0.86767EPSS
Exploits14
Ubuntu
Ubuntu
•added 2026/05/07 3:54 p.m.•25 views

USN-8261-1: Linux kernel (Xilinx) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS6.8AI score0.00812EPSS
Exploits14References1
Ubuntu
Ubuntu
•added 2026/05/07 3:37 p.m.•11 views

USN-8260-1: Linux kernel (Azure FIPS) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS6.9AI score0.00812EPSS
Exploits1
Ubuntu
Ubuntu
•added 2026/05/07 3:37 p.m.•15 views

USN-8259-1: OpenEXR vulnerabilities

Quang Luong discovered that OpenEXR incorrectly handled sample count accumulation when processing deep scan line image files. An attacker could possibly use this issue to cause OpenEXR to crash, resulting in a denial of service, or execute arbitrary code. CVE-2026-27622 It was discovered that...

8.8CVSS6.2AI score0.00482EPSS
Exploits4
Ubuntu
Ubuntu
•added 2026/05/07 3:27 p.m.•18 views

USN-8258-1: Linux kernel (Azure) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS6.9AI score0.00812EPSS
Exploits1
Ubuntu
Ubuntu
•added 2026/05/07 3:21 p.m.•13 views

USN-8256-1: opam vulnerability

Andrew Nesbitt discovered that opam did not properly validate file destination paths in package install files. An attacker could use this issue to bypass sandbox protections and write files to arbitrary locations, possibly leading to arbitrary code execution...

7.3CVSS6.5AI score0.0018EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/07 3:16 p.m.•23 views

USN-8257-1: Linux kernel (Raspberry Pi) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS6.6AI score0.00812EPSS
Exploits1
Ubuntu
Ubuntu
•added 2026/05/07 3:1 p.m.•17 views

USN-8255-1: Linux kernel vulnerabilities

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 Shir Tamari and Sagi Tzadik...

9.8CVSS6.9AI score0.15783EPSS
Exploits14
Ubuntu
Ubuntu
•added 2026/05/07 2:58 p.m.•21 views

USN-8246-1: Vim vulnerabilities

Michał Majchrowicz discovered that Vim’s zip plugin could overwrite arbitrary files. An attacker could possibly use this issue to delete sensitive data or execute arbitrary code. This issue only affected Ubuntu 26.04 LTS. CVE-2026-35177 It was discovered that Vim’s netbeans interface did not...

7.8CVSS6.1AI score0.0062EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/07 2:39 p.m.•13 views

USN-8254-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - NVME drivers; - Netfilter; CVE-2026-23112, CVE-2026-23231, CVE-2026-23273...

9.8CVSS5.9AI score0.00812EPSS
Exploits1
Ubuntu
Ubuntu
•added 2026/05/07 2:31 p.m.•12 views

USN-8253-1: Postfix vulnerability

Kamil Frankowicz discovered that Postfix incorrectly handled certain enhanced status codes. A remote attacker could possibly use this issue to cause Postfix to crash, resulting in a denial of service...

7.5CVSS5.8AI score0.00415EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/07 1:59 p.m.•15 views

USN-8252-1: OpenJPEG vulnerability

It was discovered that OpenJPEG did not properly handle memory when encoding image files. An attacker could use this issue to cause OpenJPEG to crash, resulting in a denial of service, or possibly execute arbitrary code...

4.8CVSS5.9AI score0.00112EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/07 1:37 p.m.•19 views

USN-8251-1: libpng vulnerabilities

It was discovered that libpng incorrectly handled memory when processing certain PNG files. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possibly execute...

7.6CVSS6.5AI score0.01052EPSS
Exploits2
Ubuntu
Ubuntu
•added 2026/05/07 1:27 p.m.•15 views

USN-8250-1: Little CMS vulnerability

It was discovered that Little CMS incorrectly handled certain malformed ICC profiles. An attacker could possibly use this issue to cause Little CMS to crash, resulting in a denial of service...

4CVSS5.8AI score0.00128EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/07 1:16 p.m.•19 views

USN-8249-1: dpkg vulnerability

Yashashree Gund discovered that the dpkg dpkg-deb tool incorrectly handled certain zstd-compressed .deb archives. If a user or automated system were tricked into manipulating a specially crafted .deb archive, a remote attacker could possibly use this issue to cause dpkg-deb to stop responding,...

7.5CVSS5.8AI score0.00418EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/07 1:0 p.m.•14 views

USN-8248-1: NASM vulnerabilities

Daisy Chen discovered that NASM was vulnerable to a heap buffer overflow when handling certain input. An attacker could possibly use this issue to cause NASM to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2023-31722 It was discovered that NASM incorrectly...

7.8CVSS6.2AI score0.00347EPSS
Exploits3
Ubuntu
Ubuntu
•added 2026/05/07 11:44 a.m.•11 views

USN-8247-1: OWSLib vulnerability

It was discovered that OWSLib did not properly disable entity resolution within its XML parser. An attacker could possibly use this issue to read arbitrary files via a crafted XML payload...

8.2CVSS5.8AI score0.00977EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/07 9:47 a.m.•19 views

USN-8245-1: Linux kernel vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS7.1AI score0.00812EPSS
Exploits1
Ubuntu
Ubuntu
•added 2026/05/07 9:18 a.m.•11 views

USN-8244-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - NVME drivers; - Netfilter; CVE-2026-23112, CVE-2026-23231, CVE-2026-23273...

9.8CVSS5.9AI score0.00812EPSS
Exploits1
Ubuntu
Ubuntu
•added 2026/05/07 8:44 a.m.•27 views

USN-8243-1: Linux kernel (Azure) vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

9.8CVSS7.3AI score0.0071EPSS
Exploits13References1
Ubuntu
Ubuntu
•added 2026/05/07 8:0 a.m.•14 views

USN-8242-2: PostfixAdmin vulnerability

USN-8242-1 fixed a vulnerability in CiviCRM. This update provides the corresponding fix for PostfixAdmin. Original advisory details: Takuya Aramaki discovered that Smarty, vendored in CiviCRM, did not properly escape JavaScript code. An attacker could possibly use this issue to conduct a cross-si...

7.1CVSS6.8AI score0.01016EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/07 7:47 a.m.•13 views

USN-8242-1: CiviCRM vulnerability

Takuya Aramaki discovered that Smarty, vendored in CiviCRM, did not properly escape JavaScript code. An attacker could possibly use this issue to conduct a cross-site scripting attack...

7.1CVSS6.8AI score0.01016EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/07 7:34 a.m.•11 views

USN-8179-4: Linux kernel (GCP) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS7.1AI score0.00378EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/07 3:27 a.m.•12 views

USN-8235-1: ITK vulnerabilities

It was discovered that Expat, vendored in ITK incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. CVE-2022-25235, CVE-2022-25236...

9.8CVSS7.1AI score0.33936EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/07 3:2 a.m.•10 views

USN-8241-1: Coin3D vulnerabilities

It was discovered that Expat, vendored in Coin3D incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

9.8CVSS7.2AI score0.33936EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/07 2:57 a.m.•8 views

USN-8240-1: Swish-e vulnerabilities

It was discovered that Expat, vendored in Swish-e incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. CVE-2022-25235, CVE-2022-25236...

9.8CVSS7.2AI score0.33936EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/06 7:55 p.m.•16 views

USN-8239-1: Apache HTTP Server vulnerabilities

Bartlomiej Dmitruk and Stanislaw Strzalkowski discovered that Apache HTTP Server incorrectly handled certain memory operations when using the HTTP/2 protocol. A remote attacker could use this issue to cause Apache HTTP Server to crash, resulting in a denial of service, or possibly execute arbitra...

9.8CVSS6.3AI score0.4581EPSS
Exploits18
Ubuntu
Ubuntu
•added 2026/05/06 7:25 p.m.•14 views

USN-8233-2: nghttp2 vulnerability

USN-8233-1 fixed a vulnerability in nghttp2. This update provides the corresponding update for Ubuntu 26.04 LTS. Original advisory details: Andrew MacPherson discovered that nghttp2 did not properly validate internal state when the session termination API was called. A remote attacker could...

7.5CVSS6.8AI score0.00775EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/06 5:30 p.m.•9 views

USN-8238-1: EditorConfig vulnerability

It was discovered that EditorConfig incorrectly handled specially crafted configuration files. A local attacker could possibly use this issue to cause EditorConfig to crash, resulting in a denial of service...

8.6CVSS5.8AI score0.00151EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/06 1:29 p.m.•15 views

USN-8237-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS7.1AI score0.00961EPSS
Exploits2
Ubuntu
Ubuntu
•added 2026/05/06 9:6 a.m.•9 views

USN-8231-1: Dynaconf vulnerability

It was discovered that Dynaconf was incorrectly handling template evaluation in its string resolvers. A remote attacker could possibly use this issue to execute arbitrary code...

8.1CVSS6.1AI score0.00526EPSS
Exploits1
Ubuntu
Ubuntu
•added 2026/05/06 5:43 a.m.•10 views

USN-8236-1: Slurm vulnerabilities

It was discovered that Slurm did not correctly handle certain file system operations. An attacker could possibly use this issue to modify files or leak sensitive information. This issue only affected Ubuntu 22.04 LTS. CVE-2023-41914 Ryan Hall discovered that Slurm did not correctly enforce certai...

9.8CVSS6AI score0.01375EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/06 3:28 a.m.•11 views

USN-8230-1: Docker vulnerabilities

It was discovered that BuildKit, contained within Docker, incorrectly handled file path validation when processing frontend API messages. An attacker could possibly use this issue to write files outside of the intended state directory. CVE-2026-33747 It was discovered that BuildKit, contained...

9.8CVSS5.8AI score0.00498EPSS
Exploits0
Ubuntu
Ubuntu
•added 2026/05/05 9:5 p.m.•17 views

USN-8220-1: HtmlUnit vulnerability

It was discovered that HtmlUnit was vulnerable to remote code execution via XSLT when browsing an attacker-controlled webpage. An attacker could possibly use this issue to execute arbitrary code in the context of the application using HtmlUnit...

9.8CVSS7.8AI score0.02358EPSS
Exploits1
Ubuntu
Ubuntu
•added 2026/05/05 6:27 p.m.•9 views

USN-8234-1: Mako vulnerability

It was discovered that Mako incorrectly handled URIs with double-slash prefixes in TemplateLookup. A remote attacker could possibly use this issue to obtain sensitive information...

8.7CVSS5.8AI score0.00361EPSS
Exploits0
Total number of security vulnerabilities10868