Lucene search
K
UbuntuRecent

10888 matches found

Ubuntu
Ubuntu
•added 2023/09/14 3:30 a.m.•83 views

USN-6368-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

8.8CVSS8AI score0.99739EPSS
Exploits9
Ubuntu
Ubuntu
•added 2023/09/14 2:44 a.m.•81 views

USN-6367-1: Firefox vulnerability

It was discovered that Firefox did not properly manage memory when handling WebP images. If a user were tricked into opening a webpage containing malicious WebP image file, an attacker could potentially exploit these to cause a denial of service or execute arbitrary code. CVE-2023-4863...

8.8CVSS8.1AI score0.99739EPSS
Exploits9
Ubuntu
Ubuntu
•added 2023/09/13 6:31 p.m.•50 views

USN-6366-1: PostgreSQL vulnerability

It was discovered that PostgreSQL incorrectly handled certain extension script substitutions. An attacker having database-level CREATE privileges can use this issue to execute arbitrary code as the bootstrap superuser...

8.8CVSS7.9AI score0.01572EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/13 2:54 p.m.•83 views

USN-6365-1: Open VM Tools vulnerability

It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker could possibly use this issue to bypass SAML token signature verification and perform VMware Tools Guest Operations...

7.5CVSS7AI score0.01193EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/13 12:47 p.m.•387 views

USN-6364-1: Ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. CVE-2020-21710 It was discovered that Ghostscript incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of...

7.8CVSS6.8AI score0.00707EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/09/13 11:48 a.m.•53 views

USN-6363-1: curl vulnerability

It was discovered that curl incorrectly handled certain large headers. A remote attacker could possibly use this issue to cause curl to consume resources, resulting in a denial of service...

7.5CVSS6.5AI score0.62246EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/12 6:12 p.m.•54 views

USN-6362-1: .NET vulnerability

Kevin Jones discovered that .NET did not properly process certain X.509 certificates. An attacker could possibly use this issue to cause a denial of service...

6.5CVSS7.6AI score0.04661EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/12 4:43 p.m.•50 views

USN-6361-1: CUPS vulnerability

It was discovered that CUPS incorrectly authenticated certain remote requests. A remote attacker could possibly use this issue to obtain recently printed documents...

5.5CVSS6.4AI score0.00347EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/12 4:36 p.m.•53 views

USN-6360-1: FLAC vulnerability

It was discovered that FLAC incorrectly handled encoding certain files. A remote attacker could use this issue to cause FLAC to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS7.8AI score0.00749EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/12 4:23 p.m.•62 views

USN-6359-1: file vulnerability

It was discovered that file incorrectly handled certain malformed files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code...

5.5CVSS6.9AI score0.00656EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/12 6:54 a.m.•39 views

USN-6358-1: RedCloth vulnerability

It was discovered that RedCloth incorrectly handled certain inputs during html sanitisation. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.2AI score0.01513EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/11 6:34 p.m.•59 views

USN-6339-3: Linux kernel vulnerabilities

It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service system crash. CVE-2022-48425...

9.8CVSS6.7AI score0.02975EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/11 6:0 p.m.•67 views

USN-6237-3: curl vulnerabilities

USN-6237-1 fixed several vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Original advisory details: Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote...

5.9CVSS6.6AI score0.02211EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/09/11 3:51 p.m.•379 views

USN-6164-2: c-ares vulnerabilities

USN-6164-1 fixed several vulnerabilities in c-ares. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Hannes Moesl discovered that c-ares incorrectly handled certain ipv6 addresses. An attacker could use this issue to cause c-ares ...

7.5CVSS7.1AI score0.01577EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/11 2:24 p.m.•66 views

USN-6357-1: Linux kernel (IBM) vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Ruihan Li discovered that the bluetooth subsystem ...

10CVSS7.9AI score0.05794EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/09/11 12:47 p.m.•57 views

USN-6356-1: OpenDMARC vulnerabilities

Jianjun Chen, Vern Paxson and Jian Jiang discovered that OpenDMARC incorrectly handled certain inputs. If a user or an automated system were tricked into receiving crafted inputs, an attacker could possibly use this to falsify the domain of an e-mails origin. CVE-2020-12272 Patrik Lantz discovere...

9.8CVSS7.3AI score0.03684EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/09/08 10:26 p.m.•69 views

USN-6338-2: Linux kernel vulnerabilities

Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-21255 It was discovered that a race condition existed in th...

9.8CVSS7.1AI score0.0406EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/08 9:44 p.m.•72 views

USN-6339-2: Linux kernel vulnerabilities

It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service system crash. CVE-2022-48425...

9.8CVSS6.7AI score0.02975EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/08 9:36 p.m.•95 views

USN-6340-2: Linux kernel vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 Zi Fan Tan discovered that the binder IPC...

10CVSS7.7AI score0.03546EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/09/08 8:18 p.m.•66 views

USN-6342-2: Linux kernel (Azure)

Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. CVE-2023-20593 Zheng Zhang discovered that the device-mapper implementation in the Linux kernel...

7.8CVSS7.7AI score0.05794EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/08 12:0 a.m.•105 views

USN-6355-1: GRUB2 vulnerabilities

Daniel Axtens discovered that specially crafted images could cause a heap-based out-of-bonds write. A local attacker could possibly use this to circumvent secure boot protections. CVE-2021-3695 Daniel Axtens discovered that specially crafted images could cause out-of-bonds read and write. A local...

8.1CVSS6.8AI score0.01284EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2023/09/07 4:0 p.m.•392 views

USN-6354-1: Python vulnerability

It was discovered that Python did not properly handle XML entity declarations in plist files. An attacker could possibly use this vulnerability to perform an XML External Entity XXE injection, resulting in a denial of service or information disclosure...

9.8CVSS7.5AI score0.04268EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/09/07 1:24 p.m.•45 views

USN-6353-1: PLIB vulnerability

Wooseok Kang discovered that PLIB did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted TGA file, an attacker could possibly use this issue to cause applications using PLIB to crash, resulting in a denial of service, or possibly execut...

9.3CVSS8.2AI score0.02921EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/07 1:36 a.m.•62 views

USN-6352-1: Apache Shiro vulnerabilities

It was discovered that Apache Shiro incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to bypass security restrictions. CVE-2020-13933, CVE-2020-17510...

9.8CVSS8AI score0.48019EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/09/06 9:41 p.m.•68 views

USN-6351-1: Linux kernel (GKE) vulnerabilities

It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service system crash. CVE-2022-48425...

9.8CVSS6.7AI score0.02975EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/06 5:57 p.m.•103 views

USN-6350-1: Linux kernel vulnerabilities

It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service system crash. CVE-2022-48425...

9.8CVSS6.7AI score0.02975EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/06 4:59 p.m.•71 views

USN-6349-1: Linux kernel (Azure) vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 Zi Fan Tan discovered that the binder IPC...

10CVSS7.7AI score0.03546EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/09/06 4:15 p.m.•75 views

USN-6348-1: Linux kernel vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

7.8CVSS7.9AI score0.05794EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/09/06 3:43 p.m.•71 views

USN-6347-1: Linux kernel (Azure CVM) vulnerabilities

William Zhao discovered that the Traffic Control TC subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service kernel deadlock. CVE-2022-4269 It was discovered that the NTFS file system...

10CVSS7.4AI score0.0406EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/09/06 2:12 p.m.•58 views

USN-6345-1: SoX vulnerability

It was discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, an attacker could possibly use this issue to cause a denial of service...

6.2CVSS7.2AI score0.0028EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/06 2:11 p.m.•73 views

USN-6346-1: Linux kernel (Raspberry Pi) vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

7.8CVSS7.9AI score0.05794EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/09/06 12:57 p.m.•77 views

USN-6344-1: Linux kernel (Azure) vulnerabilities

Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-21255 It was discovered that a race condition existed in th...

9.8CVSS7.1AI score0.0406EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/06 12:32 p.m.•66 views

USN-6343-1: Linux kernel (OEM) vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Ross Lagerwall discovered that the Xen netback backend...

7.8CVSS7.6AI score0.00664EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/06 12:31 a.m.•77 views

USN-6342-1: Linux kernel vulnerabilities

Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. CVE-2023-20593 Zheng Zhang discovered that the device-mapper implementation in the Linux kernel...

7.8CVSS7.7AI score0.05794EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/06 12:11 a.m.•131 views

USN-6341-1: Linux kernel vulnerabilities

Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the doprlimit function in the Linux kernel did not properly handle speculative execution barriers. A local attacker could use this to expose sensitive information kernel memory. CVE-2023-0458 It was discovered that a...

7.8CVSS7.4AI score0.0072EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/05 11:35 p.m.•82 views

USN-6340-1: Linux kernel vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 Zi Fan Tan discovered that the binder IPC...

10CVSS7.7AI score0.03546EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/09/05 11:19 p.m.•79 views

USN-6339-1: Linux kernel vulnerabilities

It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service system crash. CVE-2022-48425...

9.8CVSS6.7AI score0.02975EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/05 9:49 p.m.•74 views

USN-6338-1: Linux kernel vulnerabilities

Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-21255 It was discovered that a race condition existed in th...

9.8CVSS7.1AI score0.0406EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/05 1:6 p.m.•62 views

LSN-0097-1: Kernel Live Patch Security Notice

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code.CVE-2023-3090...

7.8CVSS7.6AI score0.08894EPSS
Exploits16
Ubuntu
Ubuntu
•added 2023/09/04 6:36 p.m.•86 views

USN-6337-1: Linux kernel (Azure) vulnerabilities

It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service infinite recursion. CVE-2020-36691 Billy Jheng Bing Jhong discovered that the CIFS network...

7.8CVSS7AI score0.00495EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/09/04 12:5 p.m.•78 views

USN-6336-1: Docker Registry vulnerabilities

It was discovered that Docker Registry incorrectly handled certain crafted input, which allowed remote attackers to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2017-11468 It was discovered that Docker Registry incorrectly handled certain crafted input. An attacker...

7.5CVSS6.5AI score0.03192EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/04 11:50 a.m.•445 views

USN-6335-1: BusyBox vulnerabilities

It was discovered that BusyBox incorrectly handled certain malformed gzip archives. If a user or automated system were tricked into processing a specially crafted gzip archive, a remote attacker could use this issue to cause BusyBox to crash, resulting in a denial of service, or execute arbitrary...

9.8CVSS7.3AI score0.02979EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/09/04 10:25 a.m.•60 views

USN-6334-1: atftp vulnerabilities

Peter Wang discovered that atftp did not properly manage certain inputs. A remote attacker could send a specially crafted tftp request to the server to cause a crash. CVE-2020-6097 Andreas B. Mundt discovered that atftp did not properly manage certain inputs. A remote attacker could send a...

7.5CVSS6.7AI score0.02401EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/09/04 4:7 a.m.•57 views

USN-6333-1: Thunderbird vulnerabilities

Junsung Lee discovered that Thunderbird did not properly validate the text direction override unicode character in filenames. An attacker could potentially exploits this issue by spoofing file extension while attaching a file in emails. CVE-2023-3417 Max Vlasov discovered that Thunderbird Offscre...

9.8CVSS8AI score0.13694EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/08/31 10:45 p.m.•63 views

USN-6332-1: Linux kernel (Azure) vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 William Zhao discovered that the Traffic Control T...

10CVSS7.5AI score0.05794EPSS
Exploits9
Ubuntu
Ubuntu
•added 2023/08/31 10:31 p.m.•54 views

USN-6331-1: Linux kernel (Azure) vulnerabilities

It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service infinite recursion. CVE-2020-36691 Billy Jheng Bing Jhong discovered that the CIFS network...

7.8CVSS7.6AI score0.05794EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/08/31 10:19 p.m.•79 views

USN-6330-1: Linux kernel (GCP) vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

7.8CVSS7.9AI score0.05794EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/08/31 10:7 p.m.•118 views

USN-6329-1: Linux kernel vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

7.8CVSS7.9AI score0.05794EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/08/31 10:3 p.m.•68 views

USN-6328-1: Linux kernel (Oracle) vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

7.8CVSS7.9AI score0.05794EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/08/31 9:51 p.m.•58 views

USN-6327-1: Linux kernel (KVM) vulnerabilities

Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during tableclear operations. A local attacker could use this to cause a denial of service kernel deadlock. CVE-2023-2269 It was discovered that a use-after-free vulnerability existed ...

7.8CVSS7.2AI score0.00521EPSS
Exploits0
Total number of security vulnerabilities10888