Lucene search
K
UbuntuRecent

10889 matches found

Ubuntu
Ubuntu
•added 2023/07/03 12:7 p.m.•55 views

USN-6197-1: OpenLDAP vulnerability

It was discovered that OpenLDAP was not properly performing bounds checks when executing functions related to LDAP URLs. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7AI score0.01947EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/07/03 10:41 a.m.•47 views

USN-6196-1: ReportLab vulnerability

It was discovered that ReportLab incorrectly handled certain PDF files. An attacker could possibly use this issue to execute arbitrary code...

7.8CVSS7.2AI score0.02098EPSS
Exploits6
Ubuntu
Ubuntu
•added 2023/07/03 12:47 a.m.•94 views

USN-6195-1: Vim vulnerabilities

It was discovered that Vim contained an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2022-0128 It was discovered that Vim did not properly manage memory when freeing allocated memory. An attacker could...

8.4CVSS7.1AI score0.01739EPSS
Exploits6
Ubuntu
Ubuntu
•added 2023/06/29 7:13 p.m.•72 views

USN-6194-1: Linux kernel (OEM) vulnerabilities

Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-35788, LP: 2023577 Xingyuan Mo and Gengjia Chen...

7.8CVSS7AI score0.00532EPSS
Exploits1References2
Ubuntu
Ubuntu
•added 2023/06/29 2:55 p.m.•73 views

USN-6193-1: Linux kernel vulnerabilities

Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-35788, LP: 2023577 It was discovered that for some...

7.8CVSS7.2AI score0.00532EPSS
Exploits1References2
Ubuntu
Ubuntu
•added 2023/06/29 12:38 p.m.•74 views

USN-6192-1: Linux kernel vulnerabilities

Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-35788, LP: 2023577 Xingyuan Mo and Gengjia Chen...

7.8CVSS7.3AI score0.00532EPSS
Exploits1References2
Ubuntu
Ubuntu
•added 2023/06/29 12:49 a.m.•40 views

USN-6191-1: Linux kernel regression

USN-6081-1, USN-6084-1, USN-6092-1 and USN-6095-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a spurious warning in the IPv6 subsystem. This update removes the undesired warning message...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/06/28 8:1 p.m.•420 views

USN-6189-1: etcd vulnerability

It was discovered that etcd leaked credentials when debugging was enabled. This allowed remote attackers to discover etcd authentication credentials and possibly escalate privileges on systems using etcd...

9.8CVSS7AI score0.01605EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/06/28 12:11 p.m.•54 views

USN-6190-1: AccountsService vulnerability

Kevin Backhouse discovered that AccountsService incorrectly handled certain D-Bus messages. A local attacker could use this issue to cause AccountsService to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.1CVSS7.6AI score0.0033EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/23 11:39 a.m.•66 views

USN-6161-2: .NET regression

USN-6161-1 fixed vulnerabilities in .NET. The update introduced a regression with regards to how the runtime imported X.509 certificates. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that .NET did not properly enforce certain...

8AI score0.02627EPSS
Exploits0References2
Ubuntu
Ubuntu
•added 2023/06/22 2:53 p.m.•81 views

USN-6188-1: OpenSSL vulnerability

Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1 object identifiers. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service...

6.5CVSS7.1AI score0.73461EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/06/22 2:31 p.m.•49 views

USN-6184-1: CUPS vulnerability

It was discovered that CUPS incorrectly handled certain memory operations. An attacker could possibly use this issue to cause CUPS to crash, resulting in a denial of service, or possibly obtain sensitive information...

7.1CVSS6.7AI score0.01395EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/22 1:3 p.m.•62 views

USN-6187-1: Linux kernel (IBM) vulnerabilities

William Zhao discovered that the Traffic Control TC subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service kernel deadlock. CVE-2022-4269 It was discovered that the TUN/TAP driver in t...

7.8CVSS6.4AI score0.01377EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/06/22 12:54 p.m.•78 views

USN-6186-1: Linux kernel vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS7.1AI score0.16642EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/06/22 12:41 p.m.•66 views

USN-6185-1: Linux kernel vulnerabilities

It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service system crash. CVE-2023-1076 It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type...

7.8CVSS6.4AI score0.01377EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/06/21 5:11 p.m.•68 views

USN-6183-1: Bind vulnerabilities

Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled the cache size limit. A remote attacker could possibly use this issue to consume memory, leading to a denial of service. CVE-2023-2828 It was discovered that Bind incorrectly handled the...

7.5CVSS7.4AI score0.03776EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/06/21 9:25 a.m.•54 views

LSN-0095-1: Kernel Live Patch Security Notice

It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.CVE-2023-0386 It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel...

7.8CVSS7.5AI score0.16642EPSS
Exploits20
Ubuntu
Ubuntu
•added 2023/06/21 8:57 a.m.•51 views

USN-6182-1: pngcheck vulnerabilities

It was discovered that pngcheck incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service...

7.8CVSS6AI score0.01198EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/06/21 8:42 a.m.•86 views

USN-6181-1: Ruby vulnerabilities

Hiroshi Tokumaru discovered that Ruby did not properly handle certain user input for applications the generate HTTP responses using cgi gem. An attacker could possibly use this issue to maliciously modify the response a user would receive from a vulnerable application. This issue only affected...

8.8CVSS7.7AI score0.02637EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/21 3:27 a.m.•50 views

USN-6143-3: Firefox regressions

USN-6143-1 fixed vulnerabilities and USN-6143-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were...

7.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/06/20 10:6 p.m.•49 views

USN-5948-2: Werkzeug vulnerabilities

USN-5948-1 fixed vulnerabilities in Werkzeug. This update provides the corresponding updates for Ubuntu 23.04. Original advisory details: It was discovered that Werkzeug did not properly handle the parsing of nameless cookies. A remote attacker could possibly use this issue to shadow other cookie...

7.5CVSS6.6AI score0.0142EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/06/20 7:47 p.m.•85 views

USN-6180-1: VLC media player vulnerabilities

It was discovered that VLC could be made to read out of bounds when decoding image files. If a user were tricked into opening a crafted image file, a remote attacker could possibly use this issue to cause VLC to crash, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and...

7.8CVSS8.2AI score0.02391EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/06/20 10:12 a.m.•78 views

USN-6168-2: libx11 vulnerability

USN-6168-1 fixed a vulnerability in libx11. This update provides the corresponding update for Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 ESM. Original advisory details: Gregory James Duck discovered that libx11 incorrectly handled certain Request, Event, or Error IDs. If a user were...

7.5CVSS7AI score0.01656EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/06/20 10:11 a.m.•70 views

USN-6179-1: Jettison vulnerability

It was discovered that Jettison incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service...

7.5CVSS6.5AI score0.01009EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/19 6:38 p.m.•37 views

USN-6178-1: SVG++ library vulnerabilities

It was discovered that in SVG++ library that the demo application incorrectly managed memory resulting in a memory access violation under certain circumstances. An attacker could possibly use this issue to leak memory information or run a denial of service attack. This issue only affected Ubuntu...

9.8CVSS7.7AI score0.01843EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/06/19 1:33 p.m.•42 views

USN-6083-2: cups-filters vulnerability

USN-6083-1 fixed a vulnerability in cups-filters. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: It was discovered that cups-filters incorrectly handled the beh CUPS backend. A remote attacker could possibly use this issue to cause the backend to st...

8.8CVSS8AI score0.03697EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/19 11:49 a.m.•63 views

USN-6166-2: libcap2 vulnerability

USN-6166-1 fixed a vulnerability in libcap2. This update provides the corresponding update for Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. Original advisory details: Richard Weinberger discovered that libcap2 incorrectly handled certain long input strings. An attacker could use this...

7.8CVSS7.2AI score0.00574EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/19 11:39 a.m.•64 views

USN-6177-1: Jettison vulnerabilities

It was discovered that Jettison incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service...

7.5CVSS7AI score0.01395EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/06/19 5:54 a.m.•35 views

USN-6176-1: PyPDF2 vulnerability

It was discovered that PyPDF2 incorrectly handled certain PDF files. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to consume system resources, resulting in a denial of service...

6.2CVSS6.1AI score0.01279EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/19 2:52 a.m.•77 views

USN-6167-1: QEMU vulnerabilities

It was discovered that QEMU did not properly manage the guest drivers when shared buffers are not allocated. A malicious guest driver could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubunt...

8.8CVSS6.8AI score0.00382EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/16 8:27 p.m.•72 views

USN-6175-1: Linux kernel vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS7.1AI score0.16642EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/06/16 7:59 p.m.•60 views

USN-6174-1: Linux kernel (OEM) vulnerabilities

Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information kernel memory. CVE-2023-0459 It was discovered that the Huma...

7.8CVSS6.8AI score0.00635EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/16 7:55 p.m.•89 views

USN-6173-1: Linux kernel (OEM) vulnerabilities

Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-31436 It was discovered that the...

9.8CVSS7.1AI score0.16642EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/06/16 7:47 p.m.•124 views

USN-6172-1: Linux kernel vulnerabilities

It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service system crash. CVE-2023-1076 It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type...

7.8CVSS6.4AI score0.01377EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/06/16 4:19 p.m.•64 views

USN-6171-1: Linux kernel vulnerabilities

William Zhao discovered that the Traffic Control TC subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service kernel deadlock. CVE-2022-4269 It was discovered that the TUN/TAP driver in t...

7.8CVSS6.4AI score0.01377EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/06/16 12:15 p.m.•36 views

USN-6170-1: Podman vulnerabilities

It was discovered that Podman incorrectly handled certain images. An attacker could possibly use this issue to pull an untrusted image...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/06/16 11:39 a.m.•29 views

USN-6156-2: SSSD regression

USN-6156-1 fixed a vulnerability in SSSD. In certain environments, not all packages ended up being upgraded at the same time, resulting in authentication failures when the PAM module was being used. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It w...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/06/15 7:38 p.m.•240 views

USN-6169-1: GNU SASL vulnerability

It was discovered that GNU SASL's GSSAPI server could make an out-of-bounds reads if given specially crafted GSS-API authentication data. A remote attacker could possibly use this issue to cause a denial of service or to expose sensitive information...

8.1CVSS7.3AI score0.01091EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/06/15 4:51 p.m.•47 views

USN-6168-1: libx11 vulnerability

Gregory James Duck discovered that libx11 incorrectly handled certain Request, Event, or Error IDs. If a user were tricked into connecting to a malicious X Server, a remote attacker could possibly use this issue to cause libx11 to crash, resulting in a denial of service...

7.5CVSS7AI score0.01656EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/06/15 9:48 a.m.•380 views

USN-6155-2: Requests vulnerability

USN-6155-1 fixed a vulnerability in Requests. This update provides the corresponding update for Ubuntu 16.04 ESM and 18.04 ESM. Original advisory details: Dennis Brinkrolf and Tobias Funke discovered that Requests incorrectly leaked Proxy-Authorization headers. A remote attacker could possibly us...

6.1CVSS7.4AI score0.02782EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/14 1:40 p.m.•412 views

USN-6166-1: libcap2 vulnerabilities

David Gstir discovered that libcap2 incorrectly handled certain return codes. An attacker could possibly use this issue to cause libcap2 to consume memory, leading to a denial of service. CVE-2023-2602 Richard Weinberger discovered that libcap2 incorrectly handled certain long input strings. An...

7.8CVSS6.9AI score0.00574EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/06/14 1:26 p.m.•69 views

USN-6165-1: GLib vulnerabilities

It was discovered that GLib incorrectly handled non-normal GVariants. An attacker could use this issue to cause GLib to crash, resulting in a denial of service, or perform other unknown attacks...

7.8CVSS6.7AI score0.00774EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/06/14 1:17 p.m.•65 views

USN-6164-1: c-ares vulnerabilities

Hannes Moesl discovered that c-ares incorrectly handled certain ipv6 addresses. An attacker could use this issue to cause c-ares to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2023-31130 Xiang Li discovered that c-ares incorrectly handled certain UDP packets. ...

7.5CVSS7AI score0.01577EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/06/14 1:12 p.m.•51 views

USN-6163-1: pano13 vulnerabilities

It was discovered that pano13 did not properly validate the prefix provided for PTcrop's output. An attacker could use this issue to cause pano13 to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18....

9.8CVSS8.3AI score0.02067EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/14 12:2 p.m.•72 views

USN-6162-1: Linux kernel (Intel IoTG) vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS7.4AI score0.16642EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/06/13 8:33 p.m.•63 views

USN-6161-1: .NET vulnerabilities

It was discovered that .NET did not properly enforce certain restrictions when deserializing a DataSet or DataTable from XML. An attacker could possibly use this issue to elevate their privileges. CVE-2023-24936 Kevin Jones discovered that .NET did not properly handle the AIA fetching process for...

7.5CVSS7.9AI score0.02627EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/06/13 6:8 p.m.•48 views

USN-6160-1: GNU binutils vulnerability

It was discovered that GNU binutils incorrectly performed bounds checking operations when parsing stabs debugging information. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

7.8CVSS6.5AI score0.01312EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/13 2:58 p.m.•140 views

USN-6159-1: Tornado vulnerability

It was discovered that Tornado incorrectly handled certain redirect. An remote attacker could possibly use this issue to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL...

6.1CVSS6.3AI score0.01132EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/06/13 2:7 p.m.•80 views

USN-6158-1: Node Fetch vulnerability

It was discovered that Node Fetch incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information...

8.8CVSS7.3AI score0.01646EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/13 3:9 a.m.•61 views

USN-6143-2: Firefox regressions

USN-6143-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...

7.7AI score0.0093EPSS
Exploits0References1
Total number of security vulnerabilities10889