Lucene search
K
UbuntuRecent

10888 matches found

Ubuntu
Ubuntu
added 2023/08/10 6:31 p.m.55 views

USN-6277-2: Dompdf vulnerabilities

USN-6277-1 fixed vulnerabilities in Dompdf. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: It was discovered that Dompdf was not properly validating untrusted input when processing HTML content under certain circumstances. An attacker could possibl...

9.8CVSS7.6AI score0.0143EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/08/10 3:24 p.m.61 views

USN-6282-1: Velocity Tools vulnerability

Jackson Henry discovered that Velocity Tools incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code...

6.1CVSS6.9AI score0.06357EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/08/10 8:34 a.m.73 views

USN-6281-1: Velocity Engine vulnerability

Alvaro Munoz discovered that Velocity Engine incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code...

9CVSS7AI score0.22709EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/08/10 12:19 a.m.40 views

USN-6280-1: PyPDF2 vulnerability

It was discovered that PyPDF2 incorrectly handled PDF files with certain markers. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to consume system resources, resulting in a denial of service...

6.5CVSS6.9AI score0.00625EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/08/09 2:16 p.m.52 views

USN-6243-2: Graphite-Web regression

USN-6243-1 fixed vulnerabilities in Graphite-Web. It was discovered that the applied fix was incomplete. This update fixes the problem. Original advisory details: It was discovered that Graphite-Web incorrectly handled certain inputs. If a user or an automated system were tricked into opening a...

5.9AI score
Exploits0References1
Ubuntu
Ubuntu
added 2023/08/09 11:9 a.m.80 views

USN-4336-3: GNU binutils vulnerabilities

USN-4336-1 fixed several vulnerabilities in GNU. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: It was discovered that GNU binutils contained a large number of security issues. If a user or automated system were tricked into processing a...

7.8CVSS6.7AI score0.08111EPSS
Exploits10
Ubuntu
Ubuntu
added 2023/08/09 6:8 a.m.153 views

USN-6279-1: OpenSSH update

It was discovered that OpenSSH has an observable discrepancy leading to an information leak in the algorithm negotiation. This update mitigates the issue by tweaking the client hostkey preference ordering algorithm to prefer the default ordering if the user has a key that matches the...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
added 2023/08/08 7:31 p.m.65 views

USN-6278-1: .NET vulnerabilities

It was discovered that .NET did not properly handle the execution of certain commands. An attacker could possibly use this issue to achieve remote code execution. CVE-2023-35390 Benoit Foucher discovered that .NET did not properly implement the QUIC stream limit in HTTP/3. An attacker could...

7.8CVSS8.8AI score0.15519EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/08/08 2:10 p.m.42 views

USN-6277-1: Dompdf vulnerabilities

It was discovered that Dompdf was not properly validating untrusted input when processing HTML content under certain circumstances. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. CVE-2014-5011,...

9.8CVSS7.4AI score0.04556EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/08/08 3:1 a.m.70 views

USN-6267-2: Firefox regressions

USN-6267-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...

8AI score0.13694EPSS
Exploits1References1
Ubuntu
Ubuntu
added 2023/08/07 10:53 a.m.44 views

USN-6276-1: unixODBC vulnerability

It was discovered that unixODBC incorrectly handled certain unicode to ansi copies. An attacker could possibly use this issue to cause a denial of service...

9.8CVSS7.6AI score0.02676EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/08/03 2:45 p.m.50 views

USN-6274-1: XMLTooling vulnerability

Jurien de Jong discovered that XMLTooling did not properly handle certain KeyInfo element content within an XML signature. An attacker could possibly use this issue to achieve server-side request forgery...

7.5CVSS8.2AI score0.03055EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/08/03 2:30 p.m.53 views

USN-6275-1: Cargo vulnerability

Addison Crump discovered that Cargo incorrectly set file permissions on UNIX-like systems when extracting crate archives. If the crate would contain files writable by any user, a local attacker could possibly use this issue to execute code as another user...

7.9CVSS7.2AI score0.00763EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/08/03 1:39 p.m.60 views

USN-6273-1: poppler vulnerabilities

Jieyong Ma discovered that poppler incorrectly handled certain malformed PDF files. A remote attacker could possibly use this issue to cause poppler to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2022-27337 It was discovered that...

6.5CVSS7.3AI score0.01547EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/08/03 1:30 p.m.59 views

USN-5064-3: GNU cpio vulnerability

USN-5064-1 fixed a vulnerability in GNU. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: Maverick Chung and Qiaoyi Fang discovered that cpio incorrectly handled certain pattern files. A remote attacker could use this issue to cause cpio to crash,...

7.8CVSS7AI score0.0415EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/08/03 12:31 p.m.91 views

USN-6272-1: OpenJDK 20 vulnerabilities

Motoyasu Saburi discovered that OpenJDK 20 incorrectly handled special characters in file name parameters. An attacker could possibly use this issue to insert, edit or obtain sensitive information. CVE-2023-22006 Eirik Bjørsnøs discovered that OpenJDK 20 incorrectly handled certain ZIP archives. ...

7.5CVSS6.1AI score0.01812EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/08/03 11:28 a.m.40 views

USN-6271-1: MaraDNS vulnerabilities

Xiang Li discovered that MaraDNS incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. CVE-2022-30256 Huascar Tejeda discovered that MaraDNS...

7.5CVSS7.2AI score0.01143EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/08/03 8:6 a.m.62 views

USN-6270-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. CVE-2022-2182 It was discovered th...

8CVSS7.3AI score0.01473EPSS
Exploits11
Ubuntu
Ubuntu
added 2023/08/02 4:23 p.m.54 views

USN-6269-1: GStreamer Good Plugins vulnerability

It was discovered that GStreamer Good Plugins incorrectly handled certain FLAC image tags. A remote attacker could use this issue to cause GStreamer Good Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2023-37327...

8.8CVSS6.9AI score0.01537EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/08/02 4:15 p.m.59 views

USN-6268-1: GStreamer Base Plugins vulnerabilities

It was discovered that GStreamer Base Plugins incorrectly handled certain FLAC image tags. A remote attacker could use this issue to cause GStreamer Base Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2023-37327 It was discovered that GStreamer Base...

8.8CVSS7.2AI score0.01812EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/08/02 6:19 a.m.68 views

USN-6267-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-4047, CVE-2023-4048,...

9.8CVSS8AI score0.13694EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/08/01 11:43 a.m.50 views

USN-6266-1: librsvg vulnerability

Zac Sims discovered that librsvg incorrectly handled decoding URLs. A remote attacker could possibly use this issue to read arbitrary files by using an include element...

5.5CVSS6.5AI score0.02132EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/08/01 7:53 a.m.413 views

USN-6263-1: OpenJDK vulnerabilities

Motoyasu Saburi discovered that OpenJDK incorrectly handled special characters in file name parameters. An attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 11 and OpenJDK 17. CVE-2023-22006 Eirik Bjørsnøs discovered that...

7.5CVSS6.1AI score0.01812EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/07/31 5:40 p.m.1629 views

USN-6242-2: OpenSSH vulnerability

USN-6242-1 fixed a vulnerability in OpenSSH. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Original advisory details: It was discovered that OpenSSH incorrectly handled loading certain PKCS11 providers. If a user forwarded their...

9.8CVSS7.5AI score0.76768EPSS
Exploits10
Ubuntu
Ubuntu
added 2023/07/31 2:27 p.m.69 views

USN-6265-1: RabbitMQ vulnerability

It was discovered that RabbitMQ incorrectly handled certain signed-in user credentials. An attacker could possibly use this issue to expose sensitive information...

7.8CVSS5.8AI score0.00394EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/07/31 12:32 p.m.68 views

USN-6264-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS7.7AI score0.23788EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/07/31 8:24 a.m.50 views

USN-6262-1: Wireshark vulnerabilities

It was discovered that Wireshark did not properly handle certain NFS packages when certain configuration options were enabled. An attacker could possibly use this issue to cause Wireshark to crash, resulting in a denial of service. CVE-2020-13164 It was discovered that Wireshark did not properly...

7.5CVSS7AI score0.04918EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/07/28 1:46 p.m.82 views

USN-6261-1: Linux kernel (IoT) vulnerabilities

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-3090 Sh...

7.8CVSS7.7AI score0.08894EPSS
Exploits15
Ubuntu
Ubuntu
added 2023/07/27 12:26 p.m.73 views

USN-6256-1: Linux kernel (IoT) vulnerabilities

Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2022-3108...

7.8CVSS7.3AI score0.16642EPSS
Exploits13References2
Ubuntu
Ubuntu
added 2023/07/27 12:26 p.m.81 views

USN-6260-1: Linux kernel vulnerabilities

It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information kernel memory. CVE-2022-48502...

7.8CVSS7.5AI score0.15783EPSS
Exploits18
Ubuntu
Ubuntu
added 2023/07/27 11:0 a.m.53 views

USN-6259-1: Open-iSCSI vulnerabilities

Jos Wetzels, Stanislav Dashevskyi, and Amine Amri discovered that Open-iSCSI incorrectly handled certain checksums for IP packets. An attacker could possibly use this issue to expose sensitive information. CVE-2020-13987 Jos Wetzels, Stanislav Dashevskyi, Amine Amri discovered that Open-iSCSI...

8.2CVSS7AI score0.03912EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/07/27 9:41 a.m.68 views

USN-5193-3: X.Org X Server vulnerabilities

USN-5193-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain inputs. An attacker could use this issue to cause the server to crash,...

7.8CVSS7.5AI score0.00571EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/07/27 7:48 a.m.43 views

USN-6258-1: LLVM Toolchain vulnerabilities

It was discovered that LLVM Toolchain did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted MLIR file, an attacker could possibly use this issue to cause LLVM Toolchain to crash, resulting in a denial of service. CVE-2023-29932,...

5.5CVSS5.9AI score0.00221EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/07/27 3:34 a.m.64 views

USN-6257-1: Open VM Tools vulnerability

It was discovered that Open VM Tools incorrectly handled certain authentication requests. A fully compromised ESXi host can force Open VM Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. CVE-2023-20867...

3.9CVSS6AI score0.13638EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/07/26 6:41 p.m.67 views

USN-6255-1: Linux kernel (Intel IoTG) vulnerabilities

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-3090...

7.8CVSS7AI score0.02163EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/07/26 3:54 p.m.88 views

USN-6254-1: Linux kernel vulnerabilities

Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the doprlimit function in the Linux kernel did not properly handle speculative execution barriers. A local attacker could use this to expose sensitive information kernel memory. CVE-2023-0458 It was discovered that a race...

7.8CVSS7.3AI score0.02154EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/07/26 3:19 p.m.51 views

USN-6253-1: libvirt vulnerability

It wad discovered that libvirt incorrectly handled locking when processing certain requests. A local attacker could possibly use this issue to cause libvirt to stop responding or crash, resulting in a denial of service...

6.5CVSS6.6AI score0.00621EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/07/26 3:15 p.m.82 views

USN-6252-1: Linux kernel vulnerabilities

It was discovered that the ext4 file system implementation in the Linux kernel contained a use-after-free vulnerability. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service system crash. CVE-2022-1184 It was discovered tha...

7.8CVSS7.1AI score0.02154EPSS
Exploits5
Ubuntu
Ubuntu
added 2023/07/26 2:45 p.m.215 views

USN-6251-1: Linux kernel vulnerabilities

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-3090 Sh...

7.8CVSS7.7AI score0.08894EPSS
Exploits15
Ubuntu
Ubuntu
added 2023/07/26 10:33 a.m.53 views

USN-5807-3: libXpm vulnerability

USN-5807-1 fixed a vulnerability in libXpm. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Marco Ivaldi discovered that libXpm incorrectly handled certain XPM files. If a user or automated system were tricked into opening a specially crafted XPM fil...

7.5CVSS6.8AI score0.01284EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/07/25 11:36 p.m.84 views

USN-6250-1: Linux kernel vulnerabilities

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 It was discovered that the IP-VLAN...

7.8CVSS7.6AI score0.15783EPSS
Exploits18
Ubuntu
Ubuntu
added 2023/07/25 10:0 p.m.82 views

USN-6249-1: Linux kernel (OEM) vulnerabilities

Ruihan Li discovered that the memory management subsystem in the Linux kernel contained a race condition when accessing VMAs in certain conditions, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service system crash or execute arbitrary...

7.8CVSS7.4AI score0.01564EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/07/25 9:55 p.m.74 views

USN-6248-1: Linux kernel (OEM) vulnerabilities

It was discovered that the network queuing discipline implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service system crash. CVE-2022-47929 It was discovered that a race condition existed in Adreno GPU...

7.8CVSS7.4AI score0.15783EPSS
Exploits17
Ubuntu
Ubuntu
added 2023/07/25 9:49 p.m.68 views

USN-6247-1: Linux kernel (OEM) vulnerabilities

David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. CVE-2022-2663 It was...

7.8CVSS7.2AI score0.02163EPSS
Exploits5
Ubuntu
Ubuntu
added 2023/07/25 9:32 p.m.95 views

USN-6246-1: Linux kernel vulnerabilities

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-3090...

7.8CVSS7AI score0.02163EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/07/25 3:16 p.m.29 views

USN-6245-1: Trove vulnerabilities

Adam Bell discovered that Trove incorrectly handled arguments to the backup command. A remote attacker could possibly use this issue to execute arbitrary code...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2023/07/25 1:33 p.m.107 views

USN-6244-1: AMD Microcode vulnerability

Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information...

5.5CVSS7.3AI score0.05794EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/07/25 1:18 p.m.50 views

USN-6129-2: Avahi vulnerability

USN-6129-1 fixed a vulnerability in Avahi. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that Avahi incorrectly handled certain DBus messages. A local attacker could possibly use this issue t...

5.5CVSS6.4AI score0.00392EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/07/25 11:33 a.m.49 views

USN-6203-2: Django vulnerability

USN-6203-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 18.04 ESM. Original advisory details: Seokchan Yoon discovered that Django incorrectly handled certain regular expressions. A remote attacker could possibly use this issue to cause Django to consu...

7.5CVSS7.4AI score0.02669EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/07/25 10:28 a.m.65 views

LSN-0096-1: Kernel Live Patch Security Notice

It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service system crash ...

7.8CVSS7.3AI score0.16642EPSS
Exploits2
Total number of security vulnerabilities10888