Lucene search
K
UbuntuRecent

10889 matches found

Ubuntu
Ubuntu
•added 2023/10/04 1:31 a.m.•53 views

USN-6410-1: GRUB2 vulnerabilities

It was discovered that a specially crafted file system image could cause a heap-based out-of-bounds write. A local attacker could potentially use this to perform arbitrary code execution bypass and bypass secure boot protections. CVE-2023-4692 It was discovered that a specially crafted file syste...

7.8CVSS7.1AI score0.00536EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/10/03 8:33 p.m.•88 views

USN-6386-3: Linux kernel vulnerabilities

Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. CVE-2023-20588 It was discovered...

7.8CVSS7.1AI score0.12405EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/03 6:4 p.m.•81 views

USN-6409-1: GNU C Library vulnerabilities

It was discovered that the GNU C Library incorrectly handled the GLIBCTUNABLES environment variable. An attacker could possibly use this issue to perform a privilege escalation attack. CVE-2023-4911 It was discovered that the GNU C Library incorrectly handled certain DNS responses when the system...

7.8CVSS7AI score0.81422EPSS
Exploits27
Ubuntu
Ubuntu
•added 2023/10/03 5:6 p.m.•93 views

USN-6408-1: libXpm vulnerabilities

Yair Mizrahi discovered that libXpm incorrectly handled certain malformed XPM image files. If a user were tricked into opening a specially crafted XPM image file, a remote attacker could possibly use this issue to consume memory, leading to a denial of service. CVE-2023-43786 Yair Mizrahi...

7.8CVSS6.8AI score0.00461EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/10/03 4:57 p.m.•93 views

USN-6407-1: libx11 vulnerabilities

Gregory James Duck discovered that libx11 incorrectly handled certain keyboard symbols. If a user were tricked into connecting to a malicious X server, a remote attacker could use this issue to cause libx11 to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS7.2AI score0.00633EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/10/03 2:4 p.m.•51 views

USN-6406-1: SpiderMonkey vulnerabilities

Several security issues were discovered in the SpiderMonkey JavaScript library. If a user were tricked into opening malicious JavaScript applications or processing malformed data, a remote attacker could exploit a variety of issues related to JavaScript security, including denial of service...

5.3CVSS7.9AI score0.01007EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/03 9:29 a.m.•55 views

USN-6405-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

9.8CVSS8.6AI score0.34401EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/10/03 6:27 a.m.•72 views

USN-6404-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-5169, CVE-2023-5170,...

9.8CVSS8.6AI score0.34401EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/10/02 4:47 p.m.•54 views

USN-6403-1: libvpx vulnerabilities

It was discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a specially crafted file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...

8.8CVSS8.1AI score0.34401EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/10/02 2:27 p.m.•56 views

USN-6402-1: LibTomMath vulnerability

It was discovered that LibTomMath incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code and cause a denial of service DoS...

9.8CVSS8.6AI score0.01254EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/29 12:36 p.m.•58 views

USN-6386-2: Linux kernel (Raspberry Pi) vulnerabilities

Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. CVE-2023-20588 It was discovered...

7.8CVSS7.1AI score0.12405EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/28 3:20 a.m.•389 views

USN-6369-2: libwebp vulnerability

USN-6369-1 fixed a vulnerability in libwebp. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: It was discovered that libwebp incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted imag...

8.8CVSS8.1AI score0.99739EPSS
Exploits9
Ubuntu
Ubuntu
•added 2023/09/27 12:49 p.m.•378 views

USN-6400-1: Python vulnerability

It was discovered that Python did not properly provide constant-time processing for a crypto operation. An attacker could possibly use this issue to perform a timing attack and recover sensitive information...

5.9CVSS7.1AI score0.01148EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/27 11:51 a.m.•64 views

USN-6399-1: Puma vulnerability

It was discovered that Puma incorrectly handled parsing certain headers. A remote attacker could possibly use this issue to perform an HTTP request Smuggling attack...

9.8CVSS6.5AI score0.00738EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/27 9:39 a.m.•67 views

USN-6398-1: ReadyMedia vulnerabilities

It was discovered that ReadyMedia was vulnerable to DNS rebinding attacks. A remote attacker could possibly use this issue to trick the local DLNA server to leak information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2022-26505 It was...

9.8CVSS7.8AI score0.02061EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/09/26 10:44 p.m.•72 views

USN-6387-2: Linux kernel vulnerabilities

Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. CVE-2023-20588 It was discovered...

7.8CVSS7AI score0.12405EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/26 6:39 p.m.•88 views

USN-6397-1: Linux kernel (BlueField) vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Ruihan Li discovered that the bluetooth subsystem ...

10CVSS7.9AI score0.05794EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/09/26 3:9 p.m.•71 views

USN-6396-1: Linux kernel vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Daniel Moghimi discovered that some IntelR Processors...

7.8CVSS7.7AI score0.03882EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/26 12:12 p.m.•61 views

USN-6361-2: CUPS vulnerability

USN-6361-1 fixed a vulnerability in CUPS. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that CUPS incorrectly authenticated certain remote requests. A remote attacker could possibly use this issue to obtain...

5.5CVSS6.4AI score0.00347EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/25 10:55 a.m.•99 views

USN-6365-2: Open VM Tools vulnerability

USN-6365-1 fixed a vulnerability in Open VM Tools. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker could possibly use this issue to bypass SA...

7.5CVSS7.1AI score0.01193EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/25 10:52 a.m.•378 views

USN-6190-2: AccountsService vulnerability

USN-6190-1 fixed a vulnerability in AccountsService. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Kevin Backhouse discovered that AccountsService incorrectly handled certain D-Bus messages. A local attacker...

8.1CVSS7.7AI score0.0033EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/22 12:31 a.m.•391 views

USN-6360-2: FLAC vulnerability

USN-6360-1 fixed a vulnerability in FLAC. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Original advisory details: It was discovered that FLAC incorrectly handled encoding certain files. A remote attacker could use this issue to cause...

7.8CVSS7.8AI score0.00749EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/21 4:37 p.m.•47 views

USN-6395-1: GNOME Shell vulnerability

Mickael Karatekin discovered that GNOME Shell incorrectly allowed the screenshot tool to view open windows when a session was locked. A local attacker could possibly use this issue to obtain sensitive information...

5.5CVSS5.6AI score0.00311EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/21 3:30 p.m.•71 views

USN-6394-1: Python vulnerability

It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code or cause a crash...

7.5CVSS7.9AI score0.0177EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/21 2:9 p.m.•58 views

USN-6391-2: CUPS vulnerability

USN-6391-1 fixed a vulnerability in CUPS. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that CUPS incorrectly parsed certain Postscript objects. If a user or automated system were tricked into printing a...

7CVSS7.1AI score0.00663EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/09/21 1:46 p.m.•98 views

USN-6393-1: ImageMagick vulnerability

It was discovered that ImageMagick did not properly handle memory when processing the -help option. An attacker could potentially use this issue to cause a crash...

7.1CVSS7AI score0.01188EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/20 2:22 p.m.•48 views

USN-6392-1: libppd vulnerability

It was discovered that libppd incorrectly parsed certain Postscript objects. If a user or automated system were tricked into printing a specially crafted document, a remote attacker could use this issue to cause libppd to crash, resulting in a denial of service, or possibly execute arbitrary code...

7CVSS7.1AI score0.00663EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/09/20 2:17 p.m.•74 views

USN-6391-1: CUPS vulnerability

It was discovered that CUPS incorrectly parsed certain Postscript objects. If a user or automated system were tricked into printing a specially crafted document, a remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code...

7CVSS7.1AI score0.00663EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/09/20 2:7 p.m.•65 views

USN-6390-1: Bind vulnerabilities

It was discovered that Bind incorrectly handled certain control channel messages. A remote attacker with access to the control channel could possibly use this issue to cause Bind to crash, resulting in a denial of service. CVE-2023-3341 Robert Story discovered that Bind incorrectly handled certai...

7.5CVSS6.8AI score0.02626EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/20 11:48 a.m.•43 views

USN-6389-1: Indent vulnerability

It was discovered that Indent incorrectly handled parsing certain source files. If a user or automated system were tricked into processing a specially crafted source file, a remote attacker could use this issue to cause Indent to crash, resulting in a denial of service, or possibly execute...

5.5CVSS5.8AI score0.00424EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/19 10:20 p.m.•72 views

USN-6388-1: Linux kernel vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Yang Lan discovered that the GFS2 file system...

7.8CVSS7.8AI score0.03882EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/19 10:9 p.m.•67 views

USN-6387-1: Linux kernel vulnerabilities

Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. CVE-2023-20588 It was discovered...

7.8CVSS7AI score0.12405EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/19 9:52 p.m.•137 views

USN-6386-1: Linux kernel vulnerabilities

Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. CVE-2023-20588 It was discovered...

7.8CVSS7.1AI score0.12405EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/19 5:44 p.m.•75 views

USN-6385-1: Linux kernel (OEM) vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 William Zhao discovered that the Traffic Control TC...

10CVSS7.6AI score0.16642EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/09/19 5:42 p.m.•77 views

USN-6384-1: Linux kernel (OEM) vulnerabilities

Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. CVE-2023-20588 Lonial Con discover...

5.5CVSS6.9AI score0.12405EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/19 4:45 p.m.•84 views

USN-6383-1: Linux kernel vulnerabilities

Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. CVE-2023-20588 It was discovered...

7.8CVSS7.3AI score0.12405EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/19 3:39 p.m.•39 views

USN-6382-1: Memcached vulnerability

It was discovered that Memcached incorrectly handled certain multi-packet uploads in UDP. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS6.6AI score0.00912EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/19 7:18 a.m.•73 views

USN-6380-1: Node.js vulnerabilities

Rogier Schouten discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu...

9.8CVSS7.6AI score0.57132EPSS
Exploits6
Ubuntu
Ubuntu
•added 2023/09/18 6:52 p.m.•72 views

USN-6381-1: GNU binutils vulnerabilities

It was discovered that a memory leak existed in certain GNU binutils modules. An attacker could possibly use this issue to cause a denial of service memory exhaustion. CVE-2020-19724, CVE-2020-21490 It was discovered that GNU binutils was not properly performing bounds checks in several functions...

8.8CVSS7.3AI score0.00698EPSS
Exploits8
Ubuntu
Ubuntu
•added 2023/09/18 4:47 p.m.•56 views

USN-6339-4: Linux kernel (Intel IoTG) vulnerabilities

It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service system crash. CVE-2022-48425...

9.8CVSS6.7AI score0.02975EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/18 1:38 p.m.•284 views

USN-6379-1: vsftpd vulnerability

It was discovered that vsftpd was vulnerable to the ALPACA TLS protocol content confusion attack. A remote attacker could possibly use this issue to redirect traffic from one subdomain to another...

7.4CVSS7.5AI score0.02037EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/18 1:32 p.m.•54 views

USN-6378-1: Django vulnerability

It was discovered that Django incorrectly handled certain URIs with a very large number of Unicode characters. A remote attacker could possibly use this issue to cause Django to consume resources or crash, leading to a denial of service...

7.5CVSS6.8AI score0.01284EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/18 1:15 p.m.•44 views

USN-6377-1: LibRaw vulnerability

It was discovered that LibRaw incorrectly handled certain photo files. If a user o automated system were tricked into processing a specially crafted photo file, a remote attacker could possibly cause applications linked against LibRaw to crash, resulting in a denial of service...

6.5CVSS6.3AI score0.00681EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/18 1:8 p.m.•44 views

USN-6376-1: c-ares vulnerability

It was discovered that c-ares incorrectly parsed certain SOA replies. A remote attacker could possibly use this issue to cause c-res to crash, resulting in a denial of service...

5.9CVSS7.4AI score0.00838EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/15 10:55 a.m.•33 views

USN-6375-1: atftp vulnerability

Florian Fainelli discovered that atftp did not properly manage requests made to a non-existent file, which could lead to a crash. A remote attacker could possibly use this issue to cause a denial of service...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/09/14 9:34 p.m.•40 views

USN-6374-1: Mutt vulnerabilities

It was discovered that Mutt incorrectly handled certain email header contents. If a user were tricked into opening a specially crafted message, a remote attacker could possibly use this issue to cause a denial of service. CVE-2023-4874, CVE-2023-4875...

6.5CVSS5.7AI score0.00719EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/14 6:55 p.m.•58 views

USN-6373-1: gawk vulnerability

It was discovered that gawk could be made to read out of bounds when processing certain inputs. If a user or an automated system were tricked into opening a specially crafted input, an attacker could possibly use this issue to cause a denial of service...

7.1CVSS6.4AI score0.00424EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/14 5:56 p.m.•49 views

USN-6372-1: DBus vulnerability

It was discovered that DBus incorrectly handled certain invalid messages. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service...

6.5CVSS6.7AI score0.01417EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/14 3:3 p.m.•46 views

USN-6371-1: libssh2 vulnerability

It was discovered that libssh2 incorrectly handled memory access. An attacker could possibly use this issue to cause a crash...

7.5CVSS7.1AI score0.00914EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/14 2:6 p.m.•108 views

USN-6370-1: ModSecurity vulnerabilities

It was discovered that ModSecurity incorrectly handled certain nested JSON objects. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2021-42717 It was discovered that ModSecurity incorrect...

7.5CVSS7AI score0.03206EPSS
Exploits2
Total number of security vulnerabilities10889