Lucene search
K
UbuntuRecent

10889 matches found

Ubuntu
Ubuntu
•added 2023/05/29 11:2 a.m.•59 views

USN-6005-2: Sudo vulnerabilities

USN-6005-1 fixed vulnerabilities in Sudo. This update provides the corresponding updates for Ubuntu 16.04 LTS. Original advisory details: Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly escaped control characters in log messages and sudoreplay output. An attacker could...

5.3CVSS7.4AI score0.00961EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/29 9:11 a.m.•47 views

USN-6110-1: Jhead vulnerabilities

It was discovered that Jhead did not properly handle certain crafted Canon images when processing them. An attacker could possibly use this issue to crash Jhead, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS...

7.8CVSS6.3AI score0.01065EPSS
Exploits3References1
Ubuntu
Ubuntu
•added 2023/05/29 5:19 a.m.•87 views

USN-6097-1: Linux PTP vulnerability

It was discovered that Linux PTP did not properly perform a length check when forwarding a PTP message between ports. A remote attacker could possibly use this issue to access sensitive information, execute arbitrary code, or cause a denial of service...

8.8CVSS7.9AI score0.02955EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/25 3:13 p.m.•70 views

USN-6109-1: Linux kernel (Raspberry Pi) vulnerabilities

Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service system crash. CVE-2022-3707 Jordy Zomer and Alexandra Sandulescu discover...

7.8CVSS7.1AI score0.00635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/25 9:29 a.m.•51 views

USN-6054-2: Django vulnerability

USN-6054-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Moataz Al-Sharida and nawaik discovered that Django incorrectly handled uploading multiple files using one form field. A remote attacker...

9.8CVSS7.1AI score0.0138EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/25 7:48 a.m.•49 views

USN-6108-1: Jhead vulnerabilities

It was discovered that Jhead did not properly handle certain crafted images while rotating them. An attacker could possibly use this issue to crash Jhead, resulting in a denial of service. CVE-2021-34055 Kyle Brown discovered that Jhead did not properly handle certain crafted images while...

7.8CVSS7.7AI score0.00444EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/05/24 5:36 p.m.•31 views

USN-6105-2: ca-certificates update

USN-6105-1 updated ca-certificates. This provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.60 version o...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/05/24 2:33 p.m.•26 views

USN-6106-1: calamares-settings-ubuntu vulnerability

It was discovered that calamares-settings-ubuntu allowed creating the first user with a blank password, contrary to expectations...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/05/24 2:26 p.m.•45 views

USN-6105-1: ca-certificates update

The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.60 version of the Mozilla certificate authority bundle...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/05/24 2:16 p.m.•75 views

USN-6104-1: PostgreSQL vulnerabilities

Alexander Lakhin discovered that PostgreSQL incorrectly handled certain CREATE privileges. An authenticated user could possibly use this issue to execute arbitrary code as the bootstrap supervisor. CVE-2023-2454 Wolfgang Walther discovered that PostgreSQL incorrectly handled certain row security...

7.2CVSS6.9AI score0.0119EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/24 11:8 a.m.•63 views

USN-6103-1: JSON Schema vulnerability

It was discovered that JSON Schema incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to exploit JavaScript runtimes and cause a denial of service or execute arbitrary code...

9.8CVSS7.7AI score0.03563EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/24 9:57 a.m.•51 views

USN-6102-1: xmldom vulnerabilities

It was discovered that xmldom incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause unexpected syntactic changes during XML processing. This issue only affected Ubuntu...

9.8CVSS7.1AI score0.01535EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/24 9:48 a.m.•67 views

USN-6074-3: Firefox regressions

USN-6074-1 fixed vulnerabilities and USN-6074-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were...

7.8AI score0.0078EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2023/05/24 8:57 a.m.•85 views

USN-6101-1: GNU binutils vulnerabilities

It was discovered that GNU binutils incorrectly handled certain DWARF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 22.10. CVE-2023-1579 It was discovered that GNU binutils did not properly verify the version definitio...

7.8CVSS6.5AI score0.00895EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/05/23 8:58 p.m.•50 views

USN-6100-1: HTML::StripScripts vulnerability

It was discovered that HTML::StripScripts does not properly parse HTML content with certain style attributes. A remote attacker could use this issue to cause a regular expression denial of service ReDoS...

7.5CVSS7.2AI score0.01116EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/23 2:58 p.m.•50 views

USN-5996-2: Libloius vulnerabilities

USN-5996-1 fixed vulnerabilities in Liblouis. This update provides the corresponding updates for Ubuntu 23.04. Original advisory details: It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. CVE-2023-26767,...

7.5CVSS7.4AI score0.01498EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/05/23 2:23 p.m.•52 views

USN-6098-1: Jhead vulnerabilities

It was discovered that Jhead did not properly handle certain crafted images while processing the JFIF markers. An attacker could cause Jhead to crash. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. CVE-2019-19035 It was discovered that Jhead did not properly...

7.8CVSS6.3AI score0.01435EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/05/23 2:7 p.m.•85 views

USN-6088-2: runC vulnerabilities

USN-6088-1 fixed vulnerabilities in runC. This update provides the corresponding updates for Ubuntu 16.04 LTS. It was discovered that runC incorrectly performed access control when mounting /proc to non-directories. An attacker could possibly use this issue to escalate privileges. CVE-2019-19921...

7.8CVSS7.2AI score0.01663EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/05/23 1:40 p.m.•32 views

USN-6042-2: Cloud-init regression

USN-6042-1 fixed a vulnerability in Cloud-init. The update introduced a regression on Ubuntu 20.04 LTS resulting in a possible loss of networking. This update fixes the problem. We apologize for the inconvenience. Original advisory details: James Golovich discovered that sensitive data could be...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/05/23 1:10 p.m.•64 views

USN-5725-2: Go vulnerability

USN-5725-1 fixed a vulnerability in Go. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: Diederik Loerakker, Jonny Rhea, Raúl Kripalani, and Preston Van Loon discovered that Go incorrectly handled certain inputs. An attacker could possibly use this...

7.5CVSS6.9AI score0.0473EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/23 12:9 p.m.•32 views

USN-6073-9: os-brick regression

USN-6073-4 fixed a vulnerability in os-brick. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/05/23 12:1 p.m.•27 views

USN-6073-8: Nova regression

USN-6073-3 fixed a vulnerability in Nova. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that Nova...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/05/23 11:56 a.m.•63 views

USN-6099-1: ncurses vulnerabilities

It was discovered that ncurses was incorrectly performing bounds checks when processing invalid hashcodes. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. CVE-2019-17594 It was discovered that...

8.8CVSS7.2AI score0.03005EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/05/23 11:49 a.m.•29 views

USN-6073-7: Glance_store regression

USN-6073-2 fixed a vulnerability in Glancestore. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered th...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/05/23 11:37 a.m.•34 views

USN-6073-6: Cinder regression

USN-6073-1 fixed a vulnerability in Cinder. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/05/22 7:58 p.m.•73 views

USN-6096-1: Linux kernel vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Ziming Zhang discovered that the VMware Virtual GPU DR...

7.8CVSS7.4AI score0.71737EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/05/22 7:49 p.m.•85 views

USN-6095-1: Linux kernel vulnerabilities

Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information kernel memory. CVE-2023-0459 Xingyuan Mo discovered that the...

7.8CVSS7.1AI score0.00635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/22 7:40 p.m.•91 views

USN-6094-1: Linux kernel vulnerabilities

Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service system crash. CVE-2022-3707 Jordy Zomer and Alexandra Sandulescu discover...

7.8CVSS7.1AI score0.00635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/22 1:29 p.m.•67 views

USN-6093-1: Linux kernel (BlueField) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS7.2AI score0.01029EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/22 11:9 a.m.•58 views

USN-5900-2: tar vulnerability

USN-5900-1 fixed vulnerabilities in tar. This update fixes it to Ubuntu 23.04. Original advisory details: It was discovered that tar incorrectly handled certain files. An attacker could possibly use this issue to expose sensitive information or cause a crash...

5.5CVSS6.8AI score0.04524EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/18 8:45 p.m.•94 views

USN-6092-1: Linux kernel (Azure) vulnerabilities

Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information kernel memory. CVE-2023-0459 Xingyuan Mo discovered that the...

7.8CVSS7.1AI score0.00635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/18 8:42 p.m.•92 views

USN-6091-1: Linux kernel vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Ziming Zhang discovered that the VMware Virtual GPU DR...

7.8CVSS7.4AI score0.71737EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/05/18 8:40 p.m.•64 views

USN-6107-1: Linux kernel (GCP) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS6.8AI score0.01029EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/18 8:38 p.m.•81 views

USN-6090-1: Linux kernel vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Zheng Wang discovered that the Intel i915 graphics...

8.1CVSS7.1AI score0.00635EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/18 8:23 p.m.•66 views

USN-6089-1: Linux kernel (OEM) vulnerability

It was discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code...

7.8CVSS7AI score0.00252EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/18 10:3 a.m.•74 views

USN-6088-1: runC vulnerabilities

It was discovered that runC incorrectly made /sys/fs/cgroup writable when in rootless mode. An attacker could possibly use this issue to escalate privileges. CVE-2023-25809 It was discovered that runC incorrectly performed access control when mounting /proc to non-directories. An attacker could...

7.8CVSS7.1AI score0.00448EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/05/18 9:35 a.m.•69 views

USN-6087-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. CVE-2023-28755 It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possily use this issue to cause a deni...

5.3CVSS7.6AI score0.02637EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/18 8:22 a.m.•71 views

USN-6086-1: minimatch vulnerability

It was discovered that minimatch incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.6AI score0.01674EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/17 8:49 p.m.•72 views

USN-6085-1: Linux kernel (Raspberry Pi) vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Zheng Wang discovered that the Intel i915 graphics...

8.1CVSS7.1AI score0.00635EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/17 5:52 p.m.•66 views

USN-6084-1: Linux kernel vulnerabilities

Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information kernel memory. CVE-2023-0459 Xingyuan Mo discovered that the...

7.8CVSS7.1AI score0.00635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/17 2:31 p.m.•50 views

USN-6083-1: cups-filters vulnerability

It was discovered that cups-filters incorrectly handled the beh CUPS backend. A remote attacker could possibly use this issue to cause the backend to stop responding or to execute arbitrary code...

8.8CVSS8AI score0.03697EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/17 1:56 p.m.•61 views

USN-6050-2: Git vulnerabilities

USN-6050-1 fixed several vulnerabilities in Git. This update provides the corresponding updates for CVE-2023-25652 and CVE-2023-29007 on Ubuntu 16.04 LTS. Original advisory details: It was discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to...

7.8CVSS8AI score0.52164EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/05/17 9:6 a.m.•57 views

USN-6082-1: EventSource vulnerability

It was discovered that EventSource incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information...

9.3CVSS7.7AI score0.01686EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/16 2:21 p.m.•96 views

USN-6081-1: Linux kernel vulnerabilities

Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information kernel memory. CVE-2023-0459 Xingyuan Mo discovered that the...

7.8CVSS7.1AI score0.00635EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/16 2:11 p.m.•68 views

USN-6080-1: Linux kernel vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Zheng Wang discovered that the Intel i915 graphics...

8.1CVSS7.1AI score0.00635EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/16 1:55 p.m.•70 views

USN-6079-1: Linux kernel vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Ziming Zhang discovered that the VMware Virtual GPU DR...

7.8CVSS7.4AI score0.71737EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/05/16 1:26 p.m.•52 views

USN-6078-1: libwebp vulnerability

Irvan Kurniawan discovered that libwebp incorrectly handled certain memory operations. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause libwebp to crash, resulting in a denial of service, or possibly execute...

7.5CVSS7.5AI score0.00952EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/16 1:9 p.m.•97 views

USN-6077-1: OpenJDK vulnerabilities

Ben Smyth discovered that OpenJDK incorrectly handled half-duplex connections during TLS handshake. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. CVE-2023-21930 It was discovered that OpenJDK incorrectly handled certain inputs. An attacker could...

7.4CVSS6.5AI score0.02474EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/16 7:45 a.m.•42 views

USN-6076-1: Synapse vulnerabilities

It was discovered that Synapse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. CVE-2019-18835, CVE-2018-12291, CVE-2018-10657 It was...

9.8CVSS7.4AI score0.02418EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/16 4:18 a.m.•58 views

USN-6074-2: Firefox regressions

USN-6074-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...

7.8AI score0.0078EPSS
Exploits0References1
Total number of security vulnerabilities10889