Lucene search
K
UbuntuRecent

10890 matches found

Ubuntu
Ubuntu
•added 2023/05/16 4:18 a.m.•58 views

USN-6074-2: Firefox regressions

USN-6074-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...

7.8AI score0.0078EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2023/05/15 1:22 p.m.•52 views

USN-6060-3: MySQL regression

USN-6060-1 fixed vulnerabilities in MySQL. The new upstream 8.0.33 version introduced a regression on the armhf architecture. This update fixes the problem. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix the...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/05/15 10:46 a.m.•63 views

USN-6075-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

8.8CVSS7.7AI score0.00753EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/15 4:6 a.m.•63 views

USN-6074-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-32205, CVE-2023-32207,...

9.8CVSS7.7AI score0.0078EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/14 4:59 p.m.•40 views

USN-6073-5: Nova regression

USN-6073-3 fixed a vulnerability in Nova. The update introduced a regression causing Nova to be unable to detach volumes from instances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that Nova incorrectly...

5.6AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/05/11 6:34 p.m.•34 views

USN-6073-4: os-brick vulnerability

Jan Wasilewski and Gorka Eguileor discovered that os-brick incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see...

6.5CVSS7AI score0.01198EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/11 6:28 p.m.•49 views

USN-6073-3: Nova vulnerability

Jan Wasilewski and Gorka Eguileor discovered that Nova incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the...

6.5CVSS7AI score0.01198EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/11 6:16 p.m.•43 views

USN-6073-2: Glance_store vulnerability

Jan Wasilewski and Gorka Eguileor discovered that Glancestore incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please s...

6.5CVSS7AI score0.01198EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/11 6:9 p.m.•46 views

USN-6073-1: Cinder vulnerability

Jan Wasilewski and Gorka Eguileor discovered that Cinder incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see th...

6.5CVSS7AI score0.01198EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/10 5:2 p.m.•96 views

USN-6072-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS7.3AI score0.0788EPSS
Exploits16
Ubuntu
Ubuntu
•added 2023/05/10 3:11 p.m.•86 views

USN-6071-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS7.2AI score0.0788EPSS
Exploits18
Ubuntu
Ubuntu
•added 2023/05/10 2:56 p.m.•54 views

USN-6070-1: Linux kernel vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS6.8AI score0.01029EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/10 2:41 p.m.•74 views

USN-6069-1: Linux kernel (Raspberry Pi) vulnerability

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS6.6AI score0.01029EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/10 11:37 a.m.•58 views

USN-6068-1: Open vSwitch vulnerability

David Marchand discovered that Open vSwitch incorrectly handled IP packets with the protocol set to 0. A remote attacker could possibly use this issue to cause a denial of service...

8.2CVSS6.9AI score0.01216EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/10 11:30 a.m.•69 views

USN-6067-1: OpenStack Neutron vulnerabilities

David Sinquin discovered that OpenStack Neutron incorrectly handled the default Open vSwitch firewall rules. An attacker could possibly use this issue to impersonate the IPv6 addresses of other systems on the network. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. CVE-2021-20267...

9.1CVSS6.4AI score0.0189EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/05/10 11:18 a.m.•44 views

USN-6066-1: OpenStack Heat vulnerability

It was discovered that OpenStack Heat incorrectly handled certain hidden parameter values. A remote authenticated user could possibly use this issue to obtain sensitive data...

7.4CVSS6.4AI score0.00709EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/10 11:13 a.m.•57 views

USN-6065-1: css-what vulnerabilities

It was discovered that css-what incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. CVE-2021-33587, CVE-2022-21222...

7.5CVSS7.4AI score0.02267EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/10 11:9 a.m.•58 views

USN-6064-1: SQL parse vulnerability

It was discovered that SQL parse incorrectly handled certain regular expression. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS6.7AI score0.0098EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/09 9:51 p.m.•88 views

USN-6063-1: Ceph vulnerabilities

Mark Kirkwood discovered that Ceph incorrectly handled certain key lengths. An attacker could possibly use this issue to create non-random encryption keys. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2021-3979 It was discovered that Ceph incorrectly handled the volumes...

9.1CVSS6.8AI score0.00935EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/09 9:30 a.m.•59 views

USN-6062-1: FreeType vulnerability

It was discovered that FreeType incorrectly handled certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, or possibly execute arbitrary code...

6.6AI score
Exploits0
Ubuntu
Ubuntu
•added 2023/05/08 2:14 p.m.•75 views

USN-6060-2: MySQL vulnerabilities

USN-6060-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to...

7.5CVSS7.3AI score0.01156EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/08 11:55 a.m.•78 views

USN-6061-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS7.5AI score0.27076EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/08 11:47 a.m.•92 views

USN-6060-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.33 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. Ubuntu 18.04 LTS has been updated to MySQL 5.7.42. In addition to...

7.5CVSS6.7AI score0.01501EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/08 8:40 a.m.•390 views

USN-6059-1: Erlang vulnerability

It was discovered that Erlang did not properly implement TLS client certificate validation during the TLS handshake. A remote attacker could use this issue to bypass client authentication...

9.8CVSS8.3AI score0.01167EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/05 12:46 p.m.•63 views

USN-6055-2: Ruby regression

USN-6055-1 fixed a vulnerability in Ruby. Unfortunately it introduced a regression. This update reverts the patches applied to CVE-2023-28755 in order to fix the regression pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovered that Ruby...

5.3CVSS7.6AI score0.02637EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2023/05/05 10:32 a.m.•74 views

USN-6058-1: Linux kernel vulnerability

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS6.6AI score0.01029EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/05 10:14 a.m.•79 views

USN-6057-1: Linux kernel (Intel IoTG) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 It was discovered that the OverlayFS...

7.8CVSS7.6AI score0.0788EPSS
Exploits15
Ubuntu
Ubuntu
•added 2023/05/05 9:52 a.m.•55 views

USN-6056-1: Linux kernel (OEM) vulnerability

It was discovered that a race condition existed in the Xen transport layer implementation for the 9P file system protocol in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service guest crash or expose sensitive information guest...

4.7CVSS6.4AI score0.00177EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/04 8:10 a.m.•76 views

USN-6055-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. CVE-2023-28755 It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a...

5.3CVSS7.6AI score0.02637EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/03 1:55 p.m.•55 views

USN-6054-1: Django vulnerability

Moataz Al-Sharida and nawaik discovered that Django incorrectly handled uploading multiple files using one form field. A remote attacker could possibly use this issue to bypass certain validations...

9.8CVSS7AI score0.0138EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/05/02 10:7 a.m.•66 views

USN-6053-1: PHP vulnerability

It was discovered that PHP incorrectly handled certain invalid Blowfish password hashes. An invalid password hash could possibly allow applications to accept any password as valid, contrary to expectations...

8.1CVSS7.2AI score0.00944EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/01 12:19 p.m.•161 views

USN-6052-1: Linux kernel vulnerability

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS6.6AI score0.01029EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/01 12:7 p.m.•73 views

USN-6051-1: Linux kernel vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS6.8AI score0.01029EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/05/01 9:37 a.m.•68 views

USN-6050-1: Git vulnerabilities

It was discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to overwriting some paths. CVE-2023-25652 Maxime Escourbiac and Yassine BENGANA discovered that Git incorrectly handled some gettext machinery. An attacker could possibly use this issue to...

7.8CVSS7.3AI score0.52164EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/04/28 4:2 p.m.•72 views

USN-6049-1: Netty vulnerabilities

It was discovered that Netty's Zlib decoders did not limit memory allocations. A remote attacker could possibly use this issue to cause Netty to exhaust memory via malicious input, leading to a denial of service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 20.04 ESM. CVE-2020-11612 It wa...

7.5CVSS6.5AI score0.18891EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/04/28 10:19 a.m.•64 views

USN-6037-1: Apache Commons Net vulnerability

ZeddYu Lu discovered that the FTP client from Apache Commons Net trusted the host from PASV responses by default. A remote attacker with a malicious FTP server could redirect the client to another server, which could possibly result in leaked information about services running on the private...

6.5CVSS6.6AI score0.01858EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/04/28 10:1 a.m.•46 views

USN-6048-1: ZenLib vulnerability

It was discovered that ZenLib doesn't check the return value of a specific operation before using it. An attacker could use a specially crafted input to crash programs using the library...

7.5CVSS5.6AI score0.01177EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/04/27 10:32 p.m.•93 views

USN-6047-1: Linux kernel vulnerability

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS6.6AI score0.01029EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/04/27 2:46 p.m.•31 views

USN-6046-1: OpenSSL-ibmca vulnerabilities

It was discovered that OpenSSL-ibmca incorrectly handled certain RSA decryption. An attacker could possibly use this issue to expose sensitive information...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/04/26 5:59 p.m.•88 views

USN-6042-1: Cloud-init vulnerability

James Golovich discovered that sensitive data could be exposed in logs. An attacker could use this information to find hashed passwords and possibly escalate their privilege...

5.5CVSS6.1AI score0.00263EPSS
Exploits0References1
Ubuntu
Ubuntu
•added 2023/04/26 5:33 p.m.•76 views

USN-6017-2: Ghostscript vulnerability

USN-6017-1 fixed vulnerabilities in Ghostscript. This update provides the corresponding updates for Ubuntu 23.04. Original advisory details: Hadrien Perrineau discovered that Ghostscript incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or...

9.8CVSS8.4AI score0.06341EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/04/26 4:32 p.m.•79 views

USN-6045-1: Linux kernel vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS7.2AI score0.05095EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/04/26 3:48 p.m.•127 views

USN-6044-1: Linux kernel vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS6.8AI score0.01029EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/04/26 1:39 p.m.•164 views

USN-6043-1: Linux kernel vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS7AI score0.0788EPSS
Exploits15
Ubuntu
Ubuntu
•added 2023/04/26 4:15 a.m.•76 views

USN-6010-3: Firefox regressions

USN-6010-1 fixed vulnerabilities and USN-6010-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were...

7.8AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2023/04/25 3:53 p.m.•103 views

USN-6039-1: OpenSSL vulnerabilities

It was discovered that OpenSSL was not properly managing file locks when processing policy constraints. If a user or automated system were tricked into processing a certificate chain with specially crafted policy constraints, a remote attacker could possibly use this issue to cause a denial of...

7.5CVSS6.9AI score0.03658EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/04/25 1:25 p.m.•84 views

USN-6040-1: Linux kernel (HWE) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 It was discovered that the OverlayFS...

7.8CVSS7.6AI score0.0788EPSS
Exploits15
Ubuntu
Ubuntu
•added 2023/04/25 10:23 a.m.•84 views

USN-6038-1: Go vulnerabilities

It was discovered that the Go net/http module incorrectly handled Transfer-Encoding headers in the HTTP/1 client. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. CVE-2022-1705 It was discovered that Go did not properly manage memory under certain...

9.8CVSS7.5AI score0.05623EPSS
Exploits7
Ubuntu
Ubuntu
•added 2023/04/20 9:15 p.m.•40 views

USN-6036-1: PatchELF vulnerability

It was discovered that PatchELF was not properly performing bounds checks, which could lead to an out-of-bounds read via a specially crafted file. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. CVE-2022-44940...

9.1CVSS8.2AI score0.01042EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/04/20 3:42 p.m.•63 views

USN-6035-1: KAuth vulnerability

It was discovered that KAuth incorrectly handled some configuration parameters with specially crafted arbitrary types. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code...

9.3CVSS8AI score0.0235EPSS
Exploits0
Total number of security vulnerabilities10890