Lucene search
K
UbuntuRecent

10889 matches found

Ubuntu
Ubuntu
•added 2023/06/12 2:16 p.m.•46 views

USN-6148-1: SNI Proxy vulnerability

It was discovered that SNI Proxy did not properly handle wildcard backend hosts. An attacker could possibly use this issue to cause a buffer overflow, resulting in a denial of service, or arbitrary code execution...

9.8CVSS8.8AI score0.65515EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/12 2:2 p.m.•55 views

USN-6157-1: GlusterFS vulnerability

Tao Lyu discovered that GlusterFS did not properly handle certain event notifications. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.2AI score0.00914EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/12 12:0 p.m.•44 views

USN-6156-1: SSSD vulnerability

It was discovered that SSSD incorrrectly sanitized certificate data used in LDAP filters. When using this issue in combination with FreeIPA, a remote attacker could possibly use this issue to escalate privileges...

8.8CVSS6.8AI score0.0095EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/12 11:54 a.m.•65 views

USN-6155-1: Requests vulnerability

Dennis Brinkrolf and Tobias Funke discovered that Requests incorrectly leaked Proxy-Authorization headers. A remote attacker could possibly use this issue to obtain sensitive information...

6.1CVSS7.4AI score0.02782EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/12 11:33 a.m.•66 views

USN-6154-1: Vim vulnerabilities

It was discovered that Vim was using uninitialized memory when fuzzy matching, which could lead to invalid memory access. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10 and Ubuntu 23.04...

7.8CVSS7.2AI score0.00485EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/06/12 12:23 a.m.•60 views

USN-6153-1: Jupyter Core vulnerability

It was discovered that Jupyter Core executed untrusted files in the current working directory. An attacker could possibly use this issue to execute arbitrary code...

8.8CVSS7.7AI score0.01056EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/06/08 10:48 p.m.•48 views

USN-6152-1: Linux kernel (GKE) regression

It was discovered that NFS client's access cache implementation in the Linux kernel caused a severe NFS performance degradation in certain conditions. This updated makes the NFS file-access stale cache behavior to be optional...

5.3AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/06/08 10:16 p.m.•68 views

USN-6151-1: Linux kernel (Xilinx ZynqMP) vulnerabilities

It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2021-3669 It was discovered that the KVM VMX implementation in the Linux kernel did no...

8.8CVSS7.2AI score0.0048EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/08 9:55 p.m.•76 views

USN-6150-1: Linux kernel vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS7.4AI score0.16642EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/06/08 2:43 p.m.•69 views

USN-6149-1: Linux kernel vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS7.3AI score0.16642EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/06/08 1:32 p.m.•47 views

USN-6147-1: SpiderMonkey vulnerability

Several security issues were discovered in the SpiderMonkey JavaScript library. If a user were tricked into opening malicious JavaScript applications or processing malformed data, a remote attacker could exploit a variety of issues related to JavaScript security, including denial of service...

9.8CVSS8.5AI score0.0093EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/06/08 9:57 a.m.•63 views

USN-6146-1: Netatalk vulnerabilities

It was discovered that Netatalk did not properly validate the length of user-supplied data in the DSI structures. A remote attacker could possibly use this issue to execute arbitrary code with the privileges of the user invoking the programs. This issue only affected Ubuntu 20.04 LTS and Ubuntu...

9.8CVSS8.3AI score0.18903EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/07 1:37 p.m.•68 views

USN-6145-1: Sysstat vulnerabilities

It was discovered that Sysstat incorrectly handled certain arithmetic multiplications. An attacker could use this issue to cause Sysstat to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue was only fixed for Ubuntu 16.04 LTS. CVE-2022-39377 It was discovered...

7.8CVSS7.3AI score0.01096EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/07 10:7 a.m.•82 views

USN-6028-2: libxml2 vulnerabilities

USN-6028-1 fixed vulnerabilities in libxml2. This update provides the corresponding updates for Ubuntu 23.04. Original advisory details: It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash. CVE-2022-2309 It was discovere...

7.5CVSS6.6AI score0.02462EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/06/07 5:13 a.m.•68 views

USN-6144-1: LibreOffice vulnerabilities

It was discovered that LibreOffice did not properly validate the number of parameters passed to the formula interpreter, leading to an array index underflow attack. If a user were tricked into opening a specially crafted spreadsheet file, an attacker could possibly use this issue to execute...

7.8CVSS7.1AI score0.02244EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/06/07 5:6 a.m.•88 views

USN-6143-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-34414, CVE-2023-34416,...

9.8CVSS7.7AI score0.0093EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/06/06 8:20 a.m.•421 views

USN-6142-1: nghttp2 vulnerability

Gal Goldshtein discovered that nghttp2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.1AI score0.05316EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/06/06 8:2 a.m.•42 views

USN-6141-1: xfce4-settings vulnerability

Robin Peraglie and Johannes Moritz discovered that xfce4-settings incorrectly parsed quoted input when processed through xdg-open. A remote attacker could possibly use this issue to inject arbitrary arguments into the default browser or file manager...

9.8CVSS8.3AI score0.01406EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/06/06 6:44 a.m.•95 views

USN-6140-1: Go vulnerabilities

It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10. CVE-2022-41724, CVE-2023-24534, CVE-2023-24537 It was discovered...

9.8CVSS7AI score0.02281EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/06/05 4:55 p.m.•68 views

USN-6139-1: Python vulnerability

Yebo Cao discovered that Python incorrectly handled certain URLs. An attacker could use this issue to bypass blockinglisting methods. This issue was first addressed in USN-5960-1, but was incomplete. Here we address an additional fix to that issue. CVE-2023-24329...

7.5CVSS7.4AI score0.20459EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/06/05 2:8 p.m.•75 views

USN-6138-1: libssh vulnerabilities

Philip Turnbull discovered that libssh incorrectly handled rekeying with algorithm guessing. A remote attacker could use this issue to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2023-1667 Kevin Backhouse discovered that libssh incorrectly...

6.5CVSS6.6AI score0.01314EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/06/05 1:59 p.m.•59 views

USN-6137-1: LibRaw vulnerabilities

It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS6.2AI score0.01289EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/06/05 1:53 p.m.•60 views

USN-6136-1: FRR vulnerabilities

It was discovered that FRR incorrectly handled parsing certain BGP messages. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. This issue only affected Ubuntu 23.04. CVE-2023-31489 It was discovered that FRR incorrectly handled parsing certai...

7.5CVSS6.8AI score0.02152EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/06/05 10:31 a.m.•59 views

USN-6112-2: Perl vulnerability

USN-6112-1 fixed vulnerabilities in Perl. This update provides the corresponding updates for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. Original advisory details: It was discovered that Perl was not properly verifying TLS certificates when using CPAN together with...

8.1CVSS8AI score0.01561EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/02 3:52 p.m.•79 views

USN-6135-1: Linux kernel (Azure CVM) vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS7.4AI score0.16642EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/06/01 9:41 p.m.•73 views

USN-6134-1: Linux kernel (Intel IoTG) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

8.1CVSS7.5AI score0.0788EPSS
Exploits18
Ubuntu
Ubuntu
•added 2023/06/01 9:39 p.m.•81 views

USN-6133-1: Linux kernel (Intel IoTG) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

8.1CVSS7.1AI score0.01029EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/06/01 6:54 p.m.•80 views

USN-6132-1: Linux kernel vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS7.3AI score0.16642EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/06/01 6:48 p.m.•78 views

USN-6131-1: Linux kernel vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS7.4AI score0.16642EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/06/01 5:28 p.m.•78 views

USN-6130-1: Linux kernel vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS7.4AI score0.16642EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/06/01 3:14 p.m.•47 views

USN-6128-2: CUPS vulnerability

USN-6128-1 fixed a vulnerability in CUPS. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that CUPS incorrectly handled logging. A remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or...

7.5CVSS7.2AI score0.01473EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/01 2:51 p.m.•45 views

USN-6129-1: Avahi vulnerability

It was discovered that Avahi incorrectly handled certain DBus messages. A local attacker could possibly use this issue to cause Avahi to crash, resulting in a denial of service...

5.5CVSS6.4AI score0.00392EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/06/01 12:56 p.m.•53 views

USN-6128-1: CUPS vulnerability

It was discovered that CUPS incorrectly handled logging. A remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.2AI score0.01473EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/31 10:15 p.m.•108 views

USN-6127-1: Linux kernel vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS7.4AI score0.16642EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/05/31 11:38 a.m.•83 views

USN-6126-1: libvirt vulnerabilities

It was discovered that libvirt incorrectly handled the nwfilter driver. A local attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS. CVE-2022-0897 It was discovered that libvirt incorrectly handled queries f...

5.5CVSS6.5AI score0.01024EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/31 2:5 a.m.•202 views

USN-6125-1: snapd vulnerability

It was discovered that the snap sandbox did not restrict the use of the ioctl system call with a TIOCLINUX request. This could be exploited by a malicious snap to inject commands into the controlling terminal which would then be executed outside of the snap sandbox once the snap had exited. This...

10CVSS8.7AI score0.01447EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/30 5:40 p.m.•83 views

USN-6124-1: Linux kernel (OEM) vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS7.2AI score0.12966EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/05/30 5:37 p.m.•103 views

USN-6123-1: Linux kernel (OEM) vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS6.8AI score0.12966EPSS
Exploits8
Ubuntu
Ubuntu
•added 2023/05/30 5:32 p.m.•87 views

USN-6122-1: Linux kernel (OEM) vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

7.8CVSS6.7AI score0.12966EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/05/30 4:9 p.m.•44 views

USN-6121-1: Nanopb vulnerabilities

It was discovered that Nanopb incorrectly handled certain decode messages. An attacker could possibly use this cause a denial of service or expose sensitive information. CVE-2020-26243 It was discovered that Nanopb incorrectly handled certain decode messages. An attacker could possibly use this...

7.5CVSS7.4AI score0.0261EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/05/30 2:32 p.m.•83 views

USN-6120-1: SpiderMonkey vulnerabilities

Several security issues were discovered in the SpiderMonkey JavaScript library. If a user were tricked into opening malicious JavaScript applications or processing malformed data, a remote attacker could exploit a variety of issues related to JavaScript security, including denial of service...

8.8CVSS7.7AI score0.00753EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/30 2:31 p.m.•68 views

USN-6117-1: Apache Batik vulnerabilities

It was discovered that Apache Batik incorrectly handled certain inputs. An attacker could possibly use this to perform a cross site request forgery attack. CVE-2019-17566, CVE-2020-11987, CVE-2022-38398, CVE-2022-38648 It was discovered that Apache Batik incorrectly handled Jar URLs in some...

8.2CVSS7AI score0.13635EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/30 2:16 p.m.•132 views

USN-6119-1: OpenSSL vulnerabilities

Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1 object identifiers. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. CVE-2023-2650 Anton Romanov discovered that OpenSSL incorrectly handled AES-XTS ciphe...

6.5CVSS7.1AI score0.73461EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/30 1:55 p.m.•79 views

USN-6118-1: Linux kernel (Oracle) vulnerabilities

Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service system crash. CVE-2022-3707 Jordy Zomer and Alexandra Sandulescu discover...

7.8CVSS7.1AI score0.00635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/30 9:11 a.m.•55 views

USN-6115-1: TeX Live vulnerability

Max Chernoff discovered that LuaTeX TeX Live did not properly disable shell escape. An attacker could possibly use this issue to execute arbitrary shell commands...

8.8CVSS7.5AI score0.00804EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/30 9:9 a.m.•50 views

USN-6116-1: hawk vulnerability

It was discovered that hawk incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.5AI score0.01028EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/30 8:40 a.m.•200 views

USN-6114-1: nth-check vulnerability

Yeting Li discovered that nth-check incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.4AI score0.02014EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/30 7:32 a.m.•60 views

USN-6113-1: Jhead vulnerability

It was discovered that Jhead did not properly handle certain crafted images while processing the Exif markers. An attacker could possibly use this issue to crash Jhead, resulting in a denial of service...

5.5CVSS6.3AI score0.01138EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/29 6:16 p.m.•67 views

USN-6112-1: Perl vulnerability

It was discovered that Perl was not properly verifying TLS certificates when using CPAN together with HTTP::Tiny to download modules over HTTPS. If a remote attacker were able to intercept communications, this flaw could potentially be used to install altered modules...

8.1CVSS8AI score0.01561EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/29 12:12 p.m.•72 views

USN-6111-1: Flask vulnerability

It was discovered that Flask incorrectly handled certain data responses. An attacker could possibly use this issue to expose sensitive information...

7.5CVSS7.6AI score0.01261EPSS
Exploits1
Total number of security vulnerabilities10889