Lucene search
K
UbuntuRecent

10888 matches found

Ubuntu
Ubuntu
•added 2023/10/19 5:31 p.m.•79 views

USN-6439-1: Linux kernel vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Yu Hao and Weiteng Chen discovered that the Bluetooth HCI...

7.8CVSS7.5AI score0.00553EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/10/19 4:51 p.m.•44 views

USN-6374-2: Mutt vulnerabilities

USN-6374-1 fixed vulnerabilities in Mutt. This update provides the corresponding updates for Ubuntu 23.10. Original advisory details: It was discovered that Mutt incorrectly handled certain email header contents. If a user were tricked into opening a specially crafted message, a remote attacker...

6.5CVSS5.7AI score0.00719EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/19 4:12 p.m.•70 views

USN-6438-1: .NET vulnerabilities

Kevin Jones discovered that .NET did not properly process certain X.509 certificates. An attacker could possibly use this issue to cause a denial of service. CVE-2023-36799 It was discovered that the .NET Kestrel web server did not properly handle HTTP/2 requests. A remote attacker could possibly...

7.5CVSS7.3AI score0.99999EPSS
Exploits19
Ubuntu
Ubuntu
•added 2023/10/19 3:57 p.m.•85 views

USN-6427-2: .NET vulnerability

USN-6427-1 fixed a vulnerability in .NET. This update provides the corresponding update for .NET 8. Original advisory details: It was discovered that the .NET Kestrel web server did not properly handle HTTP/2 requests. A remote attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.2AI score0.99999EPSS
Exploits19
Ubuntu
Ubuntu
•added 2023/10/19 2:55 p.m.•82 views

USN-6416-3: Linux kernel (Raspberry Pi) vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Daniel Trujillo, Johannes Wikner, and Kaveh Razavi...

9.1CVSS8AI score0.54577EPSS
Exploits6
Ubuntu
Ubuntu
•added 2023/10/19 11:46 a.m.•386 views

USN-6165-2: GLib vulnerabilities

USN-6165-1 fixed vulnerabilities in GLib. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that GLib incorrectly handled non-normal GVariants. An attacker could use this issue to cause GLib to...

7.8CVSS6.7AI score0.00774EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/18 7:51 p.m.•91 views

USN-6435-1: OpenSSL vulnerabilities

It was discovered that OpenSSL incorrectly handled excessively large Diffie-Hellman parameters. An attacker could possibly use this issue to cause a denial of service. CVE-2023-3446 Bernd Edlinger discovered that OpenSSL incorrectly handled excessively large Diffie-Hellman parameters. An attacker...

5.3CVSS6.5AI score0.05533EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/18 2:40 p.m.•65 views

USN-6437-1: VIPS vulnerabilities

Ziqiang Gu discovered that VIPS could be made to dereference a NULL pointer. If a user or automated system were tricked into processing a specially crafted input image file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubunt...

7.5CVSS6.6AI score0.02297EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/10/18 4:43 a.m.•56 views

USN-6436-1: FRR vulnerabilities

It was discovered that the FRR did not properly check the attribute length in NRLI. A remote attacker could possibly use this issue to cause a denial of service. CVE-2023-41358 It was discovered that the FRR did not properly manage memory when reading initial bytes of ORF header. A remote attacke...

9.1CVSS6.6AI score0.01058EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/17 3:54 p.m.•64 views

USN-6434-1: PMIx vulnerability

Francois Diakhate discovered that PMIx did not properly handle race conditions in the pmix library, which could lead to unwanted privilege escalation. An attacker could possibly use this issue to obtain ownership of an arbitrary file on the filesystem, under the default configuration of the...

8.1CVSS7.8AI score0.01121EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/17 2:6 p.m.•79 views

USN-6396-3: Linux kernel (Azure) vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Daniel Moghimi discovered that some IntelR Processors...

7.8CVSS7.7AI score0.03882EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/10/17 11:40 a.m.•64 views

USN-6433-1: Ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled certain PDF documents. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to execute arbitrary code...

8.8CVSS8AI score0.0468EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/17 11:34 a.m.•67 views

USN-6425-3: Samba vulnerabilities

USN-6425-1 fixed vulnerabilities in Samba. This update provides the corresponding updates for Ubuntu 23.10. Original advisory details: Sri Nagasubramanian discovered that the Samba aclxattr VFS module incorrectly handled read-only files. When Samba is configured to ignore system ACLs, a remote...

7.5CVSS7AI score0.01723EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/17 11:30 a.m.•55 views

USN-6423-2: CUE vulnerability

USN-6423-1 fixed a vulnerability in CUE. This update provides the corresponding updates for Ubuntu 23.10. Original advisory details: It was discovered that CUE incorrectly handled certain files. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code...

8.8CVSS8.4AI score0.1657EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/10/17 11:27 a.m.•72 views

USN-6394-2: Python vulnerability

USN-6394-1 fixed a vulnerability in Python. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute...

7.5CVSS7.9AI score0.0177EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/10/17 11:22 a.m.•76 views

USN-6429-3: curl vulnerabilities

USN-6429-1 fixed vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 23.10. Original advisory details: Jay Satiro discovered that curl incorrectly handled hostnames when using a SOCKS5 proxy. In environments where curl is configured to use a SOCKS5 proxy, a remote...

9.8CVSS7.8AI score0.78483EPSS
Exploits6
Ubuntu
Ubuntu
•added 2023/10/17 10:25 a.m.•70 views

USN-6432-1: Quagga vulnerabilities

It was discovered that the Quagga BGP daemon did not properly check the attribute length in NRLI. A remote attacker could possibly use this issue to cause a denial of service. CVE-2023-41358 It was discovered that the Quagga BGP daemon did not properly manage memory when reading initial bytes of...

9.1CVSS6.6AI score0.01058EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/16 3:52 p.m.•383 views

USN-6431-3: iperf3 vulnerability

USN-6431-1 fixed a vulnerability in iperf3. This update provides the corresponding update for Ubuntu 22.04 LTS. Original advisory details: Jorge Sancho Larraz discovered that iperf3 did not properly manage certain inputs, which could cause the server process to stop responding, waiting for input ...

5.6AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/10/16 2:15 p.m.•53 views

USN-6431-2: iperf3 vulnerability

USN-6431-1 fixed a vulnerability in iperf3. This update provides the corresponding update for Ubuntu 22.04 LTS and Ubuntu 23.04. Original advisory details: It was discovered that iperf3 did not properly manage certain inputs, which could lead to a crash. A remote attacker could possibly use this...

7.5CVSS7.4AI score0.01703EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/16 12:49 p.m.•64 views

USN-6431-1: iperf3 vulnerabilities

It was discovered that iperf3 did not properly manage certain inputs, which could lead to a crash. A remote attacker could possibly use this issue to cause a denial of service. CVE-2023-38403 Jorge Sancho Larraz discovered that iperf3 did not properly manage certain inputs, which could cause the...

7.5CVSS7.5AI score0.01703EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2023/10/12 3:14 p.m.•200 views

USN-6430-1: FFmpeg vulnerabilities

It was discovered that FFmpeg did not properly handle certain inputs in vflagfun.c, resulting in a buffer overflow vulnerability. An attacker could possibly use this issue to cause a denial of service via application crash. This issue only affected Ubuntu 20.04 LTS. CVE-2020-22024 It was discover...

6.5CVSS6.8AI score0.01041EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/10/11 8:11 p.m.•102 views

USN-6425-2: Samba regression

USN-6425-1 fixed vulnerabilities in Samba. Due to a build issue on Ubuntu 20.04 LTS, the update introduced regressions in macro handling and possibly other functionality. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Sri Nagasubramanian discovered...

7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/10/11 3:17 p.m.•62 views

USN-6429-2: curl vulnerability

USN-6429-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that curl incorrectly handled cookies when an application duplicated certain handles. A local attacker...

3.7CVSS7.6AI score0.06208EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/11 11:34 a.m.•90 views

USN-6429-1: curl vulnerabilities

Jay Satiro discovered that curl incorrectly handled hostnames when using a SOCKS5 proxy. In environments where curl is configured to use a SOCKS5 proxy, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04...

9.8CVSS7.8AI score0.78483EPSS
Exploits6
Ubuntu
Ubuntu
•added 2023/10/11 3:45 a.m.•52 views

USN-6428-1: LibTIFF vulnerability

It was discovered that LibTIFF could be made to read out of bounds when processing certain malformed image files with the tiffcrop utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in a deni...

6.1CVSS6.5AI score0.00388EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/10/11 3:15 a.m.•68 views

USN-6404-2: Firefox regressions

USN-6404-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...

8.6AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/10/10 6:18 p.m.•83 views

USN-6427-1: .NET vulnerability

It was discovered that the .NET Kestrel web server did not properly handle HTTP/2 requests. A remote attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.2AI score0.99999EPSS
Exploits19
Ubuntu
Ubuntu
•added 2023/10/10 3:9 p.m.•83 views

USN-6426-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS8.2AI score0.29179EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/10/10 3:1 p.m.•92 views

USN-6425-1: Samba vulnerabilities

Sri Nagasubramanian discovered that the Samba aclxattr VFS module incorrectly handled read-only files. When Samba is configured to ignore system ACLs, a remote attacker could possibly use this issue to truncate read-only files. CVE-2023-4091 Andrew Bartlett discovered that Samba incorrectly handl...

7.5CVSS6.9AI score0.01723EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/10 2:35 p.m.•391 views

USN-6407-2: libx11 vulnerabilities

USN-6407-1 fixed several vulnerabilities in libx11. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Gregory James Duck discovered that libx11 incorrectly handled certain keyboard symbols. If a user were tricked...

7.8CVSS7.2AI score0.00633EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/10/10 1:9 p.m.•52 views

LSN-0098-1: Kernel Live Patch Security Notice

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code.CVE-2023-3090 It...

7.8CVSS7.2AI score0.00958EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/10/10 4:39 a.m.•48 views

USN-6424-1: kramdown vulnerability

It was discovered that kramdown did not restrict Rouge formatters to the correct namespace. An attacker could use this issue to cause kramdown to execute arbitrary code...

9.8CVSS8.4AI score0.02805EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/10/09 5:24 p.m.•48 views

USN-6423-1: CUE vulnerability

It was discovered that CUE incorrectly handled certain files. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code...

8.8CVSS8.4AI score0.1657EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/10/09 3:9 p.m.•56 views

USN-6422-1: Ring vulnerabilities

It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2021-37706 It was discovered that Ring incorrectly handled...

9.8CVSS8.6AI score0.0462EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/10/09 11:15 a.m.•81 views

USN-6421-1: Bind vulnerability

It was discovered that Bind incorrectly handled certain control channel messages. A remote attacker with access to the control channel could possibly use this issue to cause Bind to crash, resulting in a denial of service...

7.5CVSS6.8AI score0.02626EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/09 4:10 a.m.•410 views

USN-6420-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. CVE-2022-3235, CVE-2022-3278,...

9.8CVSS7AI score0.01196EPSS
Exploits11
Ubuntu
Ubuntu
•added 2023/10/06 1:13 p.m.•89 views

USN-6416-2: Linux kernel vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Daniël Trujillo, Johannes Wikner, and Kaveh Razavi...

9.1CVSS8AI score0.54577EPSS
Exploits6
Ubuntu
Ubuntu
•added 2023/10/05 2:27 p.m.•87 views

USN-6412-1: Linux kernel vulnerabilities

Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

9.8CVSS8AI score0.0616EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/10/05 12:39 p.m.•63 views

USN-6396-2: Linux kernel (KVM) vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Daniel Moghimi discovered that some IntelR Processors...

7.8CVSS7.7AI score0.03882EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/10/05 12:36 p.m.•79 views

USN-6419-1: jQuery UI vulnerabilities

Hong Phat Ly discovered that jQuery UI did not properly manage parameters from untrusted sources, which could lead to arbitrary web script or HTML code injection. A remote attacker could possibly use this issue to perform a cross-site scripting XSS attack. This issue only affected Ubuntu 14.04 LT...

6.5CVSS7AI score0.42847EPSS
Exploits6
Ubuntu
Ubuntu
•added 2023/10/05 8:45 a.m.•62 views

USN-6418-1: Node.js vulnerabilities

It was discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue was only fixed in Ubuntu 20.04 LTS. CVE-2021-22883...

7.8CVSS7.5AI score0.77385EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/10/04 10:42 p.m.•80 views

USN-6417-1: Linux kernel vulnerabilities

It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps. CVE-2021-4001 It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash...

6.5CVSS7.1AI score0.08091EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/10/04 10:38 p.m.•80 views

USN-6416-1: Linux kernel vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Daniel Trujillo, Johannes Wikner, and Kaveh Razavi...

9.1CVSS8AI score0.54577EPSS
Exploits6
Ubuntu
Ubuntu
•added 2023/10/04 10:1 p.m.•81 views

USN-6414-2: Django vulnerabilities

USN-6414-1 and USN-6378-1 fixed CVE-2023-43665 and CVE-2023-41164 in Django, respectively. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Wenchao Li discovered that the Django Truncator function incorrectly handled very long HTML input. A remote...

7.5CVSS6.8AI score0.01284EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/04 8:59 p.m.•76 views

USN-6415-1: Linux kernel (OEM) vulnerabilities

Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel...

9.8CVSS7.8AI score0.0616EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/10/04 5:9 p.m.•94 views

USN-6413-1: GNU binutils vulnerabilities

It was discovered that GNU binutils was not properly performing checks when dealing with memory allocation operations, which could lead to excessive memory consumption. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2017-1712...

7.8CVSS7.1AI score0.02329EPSS
Exploits9
Ubuntu
Ubuntu
•added 2023/10/04 4:25 p.m.•53 views

USN-6414-1: Django vulnerability

Wenchao Li discovered that the Django Truncator function incorrectly handled very long HTML input. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service...

7.5CVSS6.8AI score0.01236EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/04 1:41 p.m.•49 views

USN-6411-1: Exim vulnerabilities

It was discovered that Exim incorrectly handled certain challenge requests. A remote attacker could possibly use this issue to perform out-of-bounds reads, resulting in information leakage. CVE-2023-42114 It was discovered that Exim incorrectly handled validation of user-supplied data. A remote...

9.8CVSS7.8AI score0.28084EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/10/04 11:0 a.m.•106 views

USN-6401-1: FreeRDP vulnerabilities

It was discovered that FreeRDP did not properly manage certain inputs. A malicious server could use this issue to cause FreeRDP clients to crash, resulting in a denial of service, or possibly obtain sensitive information. CVE-2023-39350, CVE-2023-39351, CVE-2023-39353, CVE-2023-39354,...

9.8CVSS6.9AI score0.01432EPSS
Exploits10
Ubuntu
Ubuntu
•added 2023/10/04 1:31 a.m.•52 views

USN-6410-1: GRUB2 vulnerabilities

It was discovered that a specially crafted file system image could cause a heap-based out-of-bounds write. A local attacker could potentially use this to perform arbitrary code execution bypass and bypass secure boot protections. CVE-2023-4692 It was discovered that a specially crafted file syste...

7.8CVSS7.1AI score0.00536EPSS
Exploits2
Total number of security vulnerabilities10888