Lucene search
K
UbuntuRecent

10888 matches found

Ubuntu
Ubuntu
•added 2023/08/31 6:10 p.m.•54 views

USN-6326-1: GitPython vulnerability

It was discovered that GitPython did not block insecure options from user inputs in the clone command. An attacker could possibly use this issue to execute arbitrary commands on the host...

9.8CVSS8.2AI score0.00984EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/08/31 1:43 p.m.•63 views

USN-6325-1: Linux kernel vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

7.8CVSS7.9AI score0.05794EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/08/31 1:23 p.m.•65 views

USN-6324-1: Linux kernel (GKE) vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

7.8CVSS7.9AI score0.05794EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/08/31 1:10 a.m.•53 views

USN-6323-1: FRR vulnerability

Ben Cartwright-Cox discovered that FRR did not handle RFC 7606 attributes properly. A remote attacker could possibly use this to cause denial of service...

7.5CVSS7.5AI score0.02152EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/08/30 4:29 p.m.•397 views

USN-6322-1: elfutils vulnerabilities

It was discovered that elfutils incorrectly handled certain malformed files. If a user or automated system were tricked into processing a specially crafted file, elfutils could be made to crash or consume resources, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS...

6.5CVSS6.3AI score0.02791EPSS
Exploits8
Ubuntu
Ubuntu
•added 2023/08/30 2:17 p.m.•78 views

USN-6321-1: Linux kernel vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

7.8CVSS7.9AI score0.05794EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/08/30 10:45 a.m.•69 views

USN-6263-2: OpenJDK regression

USN-6263-1 fixed vulnerabilities in OpenJDK. Unfortunately, that update introduced a regression when opening APK, ZIP or JAR files in OpenJDK 11 and OpenJDK 17. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Motoyasu Saburi discovered that OpenJDK...

6.1AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/08/30 4:21 a.m.•77 views

USN-6320-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-4573, CVE-2023-4574,...

8.8CVSS7.7AI score0.00693EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/08/30 12:46 a.m.•68 views

USN-6319-1: AMD Microcode vulnerability

Daniël Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel...

4.7CVSS7.1AI score0.0616EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/08/29 9:35 p.m.•73 views

USN-6318-1: Linux kernel vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

7.8CVSS7.9AI score0.05794EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/08/29 9:12 p.m.•108 views

USN-6317-1: Linux kernel vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

7.8CVSS7.9AI score0.05794EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/08/29 8:50 p.m.•106 views

USN-6316-1: Linux kernel (OEM) vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

7.8CVSS7.6AI score0.05794EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/08/29 7:57 p.m.•199 views

USN-6315-1: Linux kernel vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Tavis Ormandy discovered that some AMD processors...

7.8CVSS7.9AI score0.05794EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/08/29 5:18 p.m.•72 views

USN-6314-1: Linux kernel vulnerabilities

It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service infinite recursion. CVE-2020-36691 Billy Jheng Bing Jhong discovered that the CIFS network...

7.8CVSS7AI score0.00495EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/08/29 9:42 a.m.•66 views

USN-6313-1: FAAD2 vulnerabilities

It was discovered that FAAD2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2021-32272, CVE-2021-32273, CVE-2021-32274, CVE-2021-32277,...

7.8CVSS7.2AI score0.01225EPSS
Exploits8
Ubuntu
Ubuntu
•added 2023/08/28 10:47 p.m.•75 views

USN-6312-1: Linux kernel vulnerabilities

It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service infinite recursion. CVE-2020-36691 Billy Jheng Bing Jhong discovered that the CIFS network...

7.8CVSS7AI score0.00495EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/08/28 10:17 p.m.•77 views

USN-6311-1: Linux kernel vulnerabilities

William Zhao discovered that the Traffic Control TC subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service kernel deadlock. CVE-2022-4269 It was discovered that the NTFS file system...

10CVSS7.4AI score0.0406EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/08/28 7:18 p.m.•58 views

USN-6310-1: json-c vulnerability

It was discovered that json-c incorrectly handled certain JSON files. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

9.8CVSS7.2AI score0.01071EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/08/28 5:19 p.m.•87 views

USN-6309-1: Linux kernel vulnerabilities

Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during tableclear operations. A local attacker could use this to cause a denial of service kernel deadlock. CVE-2023-2269 It was discovered that a use-after-free vulnerability existed ...

7.8CVSS7.2AI score0.00521EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/08/28 4:44 p.m.•58 views

USN-6308-1: Libqb vulnerability

It was discovered that Libqb incorrectly handled certain messages. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

9.8CVSS7.8AI score0.00984EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/08/24 10:2 p.m.•48 views

USN-6307-1: JOSE for C/C++ vulnerability

It was discovered that JOSE for C/C++ AES GCM decryption routine incorrectly uses the Tag length from the actual Authentication Tag provided in the JWE. An attacker could use this to cause a denial of service system crash or might expose sensitive information...

8.6CVSS7.3AI score0.006EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/08/24 5:34 p.m.•79 views

USN-6306-1: Fast DDS vulnerabilities

It was discovered that Fast DDS incorrectly handled certain inputs. A remote attacker could possibly use this issue to cause a denial of service and information exposure. This issue only affected Ubuntu 22.04 LTS. CVE-2021-38425 It was discovered that Fast DDS incorrectly handled certain inputs. ...

9.1CVSS7.4AI score0.05237EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/08/23 4:40 p.m.•91 views

USN-6305-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information. CVE-2023-3823 It was discovered that PHP incorrectly handled certain PHAR files. An attacker could possibly use this issue to cause a crash, expose sensitiv...

9.8CVSS7.8AI score0.08003EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/08/22 4:59 p.m.•71 views

USN-6304-1: Inetutils vulnerabilities

It was discovered that telnetd in GNU Inetutils incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS CVE-2022-39028 It was discovered that Inetutils incorrectly handled certain inputs. An...

7.8CVSS7.5AI score0.01657EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/08/21 4:38 p.m.•42 views

USN-6303-2: ClamAV vulnerability

USN-6303-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Original advisory details: It was discovered that ClamAV incorrectly handled parsing HFS+ files. A remote attacker could possibly use this issue ...

7.5CVSS6.4AI score0.00883EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/08/21 11:32 a.m.•55 views

USN-6303-1: ClamAV vulnerability

It was discovered that ClamAV incorrectly handled parsing HFS+ files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service...

7.5CVSS6.3AI score0.00883EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/08/21 5:45 a.m.•428 views

USN-6302-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. CVE-2022-2522, CVE-2022-2580,...

7.8CVSS7.3AI score0.00854EPSS
Exploits15
Ubuntu
Ubuntu
•added 2023/08/21 2:12 a.m.•75 views

USN-6267-3: Firefox regressions

USN-6267-1 fixed vulnerabilities and USN-6267-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were...

8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/08/17 8:11 p.m.•75 views

USN-6301-1: Linux kernel vulnerabilities

It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service infinite recursion. CVE-2020-36691 Billy Jheng Bing Jhong discovered that the CIFS network...

7.8CVSS7AI score0.00495EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/08/17 7:58 p.m.•596 views

USN-6300-1: Linux kernel vulnerabilities

William Zhao discovered that the Traffic Control TC subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service kernel deadlock. CVE-2022-4269 It was discovered that the NTFS file system...

10CVSS7.3AI score0.0406EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/08/17 7:33 p.m.•70 views

USN-6299-1: poppler vulnerabilities

It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked into opening a specially crafted PDF file, a remote attacker could possibly use this issue to cause a denial of service. CVE-2020-36023, CVE-2020-36024...

6.5CVSS7AI score0.00927EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/08/17 2:53 p.m.•57 views

USN-6294-2: HAProxy vulnerability

USN-6294-1 fixed vulnerabilities in HAProxy. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: Ben Kallus discovered that HAProxy incorrectly handled empty Content-Length headers. A remote attacker could possibly use this issue to manipulate the paylo...

7.2CVSS7.1AI score0.01815EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/08/17 2:42 p.m.•56 views

USN-6298-1: ZZIPlib vulnerabilities

Liu Zhu discovered that ZZIPlib incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. CVE-2018-7727 YiMing Liu discovered that ZZIPlib incorrectly...

6.5CVSS5.9AI score0.01398EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/08/17 1:53 p.m.•46 views

USN-6297-1: Ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled outputting certain PDF files. A local attacker could potentially use this issue to cause a crash, resulting in a denial of service...

5.5CVSS6.3AI score0.00447EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/08/17 11:56 a.m.•63 views

USN-6296-1: PostgreSQL vulnerabilities

It was discovered that PostgreSQL incorrectly handled certain extension script substitutions. An attacker having database-level CREATE privileges can use this issue to execute arbitrary code as the bootstrap superuser. CVE-2023-39417 It was discovered that PostgreSQL incorrectly handled the MERGE...

8.8CVSS7.1AI score0.01572EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/08/16 5:2 p.m.•46 views

USN-6295-1: Podman vulnerability

It was discovered that Podman incorrectly handled certain supplementary groups. An attacker could possibly use this issue to expose sensitive information or execute binary code...

7.1CVSS6.5AI score0.00307EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/08/16 2:11 p.m.•52 views

USN-6294-1: HAProxy vulnerability

Ben Kallus discovered that HAProxy incorrectly handled empty Content-Length headers. A remote attacker could possibly use this issue to manipulate the payload and bypass certain restrictions...

7.2CVSS7.1AI score0.01815EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/08/16 12:17 p.m.•55 views

USN-6293-1: OpenStack Heat vulnerability

It was discovered that OpenStack Heat incorrectly handled certain hidden parameter values. A remote authenticated user could possibly use this issue to obtain sensitive data...

7.4CVSS6.4AI score0.00709EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/08/16 12:9 p.m.•53 views

USN-6292-1: Ceph vulnerability

It was discovered that Ceph incorrectly handled crash dumps. A local attacker could possibly use this issue to escalate privileges to root...

7.8CVSS7.4AI score0.00327EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/08/16 9:14 a.m.•32 views

USN-6291-1: GStreamer vulnerability

Hanno Bock discovered that GStreamer incorrecly handled certain datetime strings. An attacker could possibly use this issue to cause a denial of service or expose sensitive information...

7.5CVSS6.7AI score0.04574EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/08/15 9:2 p.m.•72 views

USN-6290-1: LibTIFF vulnerabilities

It was discovered that LibTIFF could be made to write out of bounds when processing certain malformed image files with the tiffcrop utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in a...

6.5CVSS7AI score0.01124EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/08/15 3:17 p.m.•106 views

USN-6289-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS7.3AI score0.01346EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/08/15 12:44 p.m.•77 views

USN-6288-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.34 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. In addition to security fixes, the updated packages contain bug fixes, new features...

5.9CVSS6.9AI score0.01594EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/08/14 10:38 a.m.•64 views

USN-4897-2: Pygments vulnerabilities

USN-4897-1 fixed several vulnerabilities in Pygments. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: Ben Caller discovered that Pygments incorrectly handled parsing certain files. If a user or automated system were tricked into parsing a specially...

7.5CVSS7.6AI score0.03832EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/08/14 8:42 a.m.•52 views

USN-6287-1: Go yaml vulnerabilities

Simon Ferquel discovered that the Go yaml package incorrectly handled certain YAML documents. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause the system to crash, resulting in a denial of service...

7.5CVSS6.5AI score0.017EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/08/14 1:35 a.m.•66 views

USN-6286-1: Intel Microcode vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 It was discovered that some IntelR XeonR Processor...

7.2CVSS7.3AI score0.03882EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/08/11 5:51 p.m.•70 views

USN-6285-1: Linux kernel (OEM) vulnerabilities

It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2022-48502...

9.1CVSS7.6AI score0.15783EPSS
Exploits18
Ubuntu
Ubuntu
•added 2023/08/11 4:7 p.m.•77 views

USN-6284-1: Linux kernel vulnerabilities

It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service infinite recursion. CVE-2020-36691 Billy Jheng Bing Jhong discovered that the CIFS network...

7.8CVSS7AI score0.00495EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/08/11 2:36 p.m.•81 views

USN-6283-1: Linux kernel vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 Zheng Zhang discovered that the...

9.8CVSS7.4AI score0.0406EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/08/10 7:34 p.m.•57 views

USN-6278-2: .NET vulnerabilities

USN-6278-1 fixed several vulnerabilities in .NET. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: It was discovered that .NET did properly handle the execution of certain commands. An attacker could possibly use this issue to achieve remote code...

7.8CVSS9AI score0.15519EPSS
Exploits0
Total number of security vulnerabilities10888