Lucene search
K
UbuntuRecent

10890 matches found

Ubuntu
Ubuntu
added 2023/02/10 2:8 p.m.70 views

USN-5865-1: Linux kernel (Azure) vulnerabilities

It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 V4L2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20369 Pawan Kumar Gupta, Alyssa Milburn, Ami...

7CVSS7.3AI score0.04947EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/02/09 11:17 p.m.68 views

USN-5863-1: Linux kernel (Azure) vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/02/09 11:0 p.m.95 views

USN-5862-1: Linux kernel (Qualcomm Snapdragon) vulnerabilities

It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 V4L2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20369 Pawan Kumar Gupta, Alyssa Milburn, Ami...

7CVSS7.3AI score0.04947EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/02/09 10:42 p.m.87 views

USN-5861-1: Linux kernel (Dell300x) vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.8AI score0.21314EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/02/09 10:31 p.m.72 views

USN-5860-1: Linux kernel (GKE) vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

8.8CVSS7.5AI score0.02014EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/02/09 9:46 p.m.73 views

USN-5859-1: Linux kernel (OEM) vulnerabilities

Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-0179 It was discovered that the Netronome...

7.8CVSS7.2AI score0.01944EPSS
Exploits5
Ubuntu
Ubuntu
added 2023/02/09 9:36 p.m.66 views

USN-5858-1: Linux kernel (OEM) vulnerabilities

Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-0179 It was discovered that the Netronome...

7.8CVSS7.1AI score0.01944EPSS
Exploits5
Ubuntu
Ubuntu
added 2023/02/09 9:29 p.m.86 views

USN-5857-1: Linux kernel (OEM) vulnerability

Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS6.8AI score0.01944EPSS
Exploits5
Ubuntu
Ubuntu
added 2023/02/09 9:23 p.m.71 views

USN-5856-1: Linux kernel (OEM) vulnerabilities

Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-0179 Hu Jiahui discovered that multiple race...

7.8CVSS7.2AI score0.01944EPSS
Exploits5
Ubuntu
Ubuntu
added 2023/02/09 8:50 p.m.85 views

USN-5855-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain PNG images. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause ImageMagick to stop responding, resulting in a denial of service, or possibly obtain the...

6.5CVSS7.7AI score0.89855EPSS
Exploits31
Ubuntu
Ubuntu
added 2023/02/09 6:28 p.m.87 views

USN-5854-1: Linux kernel vulnerabilities

It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 V4L2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20369 Pawan Kumar Gupta, Alyssa Milburn, Ami...

7CVSS7.3AI score0.04947EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/02/09 6:26 p.m.97 views

USN-5853-1: Linux kernel vulnerabilities

It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service system crash or possibly...

8.8CVSS6.9AI score0.01067EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/02/09 5:21 p.m.53 views

USN-5852-1: OpenStack Swift vulnerability

It was discovered that OpenStack Swift incorrectly handled certain XML files. A remote authenticated user could possibly use this issue to obtain arbitrary file contents containing sensitive information from the server...

6.5CVSS6.7AI score0.01001EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/02/09 3:20 p.m.175 views

USN-5851-1: Linux kernel vulnerabilities

It was discovered that a memory leak existed in the Unix domain socket implementation of the Linux kernel. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2022-3543 It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly...

8.8CVSS7AI score0.01393EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/02/09 2:44 p.m.54 views

USN-5835-5: Nova vulnerability

USN-5835-3 fixed vulnerabilities in Nova. This update provides the corresponding updates for Ubuntu 18.04 LTS. Original advisory details: Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Nova incorrectly handled VMDK image processing. An authenticated attacker cou...

5.7CVSS7.1AI score0.01025EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/02/09 2:24 p.m.117 views

USN-5850-1: Linux kernel vulnerabilities

It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly deallocate memory in some situations. An attacker could possibly use this cause a denial of service memory exhaustion. CVE-2022-3619 It was discovered that the Broadcom FullMAC USB WiFi driver in the Linu...

8.8CVSS6.9AI score0.01067EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/02/09 12:26 p.m.53 views

USN-5835-4: Cinder vulnerability

USN-5835-1 fixed vulnerabilities in Cinder. This update provides the corresponding updates for Ubuntu 18.04 LTS. In addition, a regression was fixed for Ubuntu 20.04 LTS. Original advisory details: Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Cinder incorrectl...

5.7CVSS7.1AI score0.01025EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/02/09 5:45 a.m.47 views

USN-5848-1: less vulnerability

David Leadbeater discovered that less was not properly handling escape sequences when displaying raw control characters. A maliciously formed OSC 8 hyperlink could possibly be used by an attacker to cause a denial of service...

7.5CVSS7.2AI score0.01412EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/02/08 1:11 p.m.63 views

USN-5849-1: Heimdal vulnerabilities

Helmut Grohne discovered that Heimdal GSSAPI incorrectly handled logical conditions that are related to memory management operations. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS6.7AI score0.00491EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/02/07 8:6 p.m.83 views

USN-5845-2: OpenSSL vulnerabilities

USN-5845-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this...

7.5CVSS8.1AI score0.59501EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/02/07 6:56 p.m.78 views

USN-5847-1: Grunt vulnerabilities

It was discovered that Grunt was not properly loading YAML files before parsing them. An attacker could possibly use this issue to execute arbitrary code. CVE-2020-7729 It was discovered that Grunt was not properly handling symbolic links when performing file copy operations. An attacker could...

7.8CVSS7.1AI score0.02285EPSS
Exploits3
Ubuntu
Ubuntu
added 2023/02/07 5:32 p.m.86 views

USN-5846-1: X.Org X Server vulnerability

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges...

7.8CVSS7.8AI score0.00899EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/02/07 5:24 p.m.117 views

USN-5845-1: OpenSSL vulnerabilities

David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this issue to read arbitrary memory contents or cause OpenSSL to crash, resulting in a denial of service. CVE-2023-0286 Octavio Galland and Marcel Böhme discovered that OpenSS...

7.5CVSS7.9AI score0.59501EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/02/07 5:20 p.m.112 views

USN-5844-1: OpenSSL vulnerabilities

David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this issue to read arbitrary memory contents or cause OpenSSL to crash, resulting in a denial of service. CVE-2023-0286 Corey Bonnell discovered that OpenSSL incorrectly handl...

7.5CVSS7.4AI score0.59501EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/02/07 4:7 p.m.64 views

USN-5810-3: Git vulnerabilities

USN-5810-1 fixed several vulnerabilities in Git. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain gitattributes. An attacker could possibly use this issue to cause a...

9.8CVSS8.7AI score0.56334EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/02/06 4:27 p.m.66 views

USN-5843-1: tmux vulnerability

It was discovered that tmux incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service...

5AI score
Exploits0
Ubuntu
Ubuntu
added 2023/02/06 10:20 a.m.72 views

USN-5842-1: EditorConfig Core C vulnerability

Mark Esler and David Fernandez Gonzalez discovered that EditorConfig Core C incorrectly handled memory when handling certain inputs. An attacker could possibly use this issue to cause applications using EditorConfig Core C to crash, resulting in a denial of service, or possibly execute arbitrary...

7.8CVSS7.7AI score0.00965EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/02/06 3:58 a.m.105 views

USN-5824-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

9.8CVSS8.2AI score0.01061EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/02/06 3:30 a.m.77 views

USN-5816-2: Firefox regressions

USN-5816-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Niklas Baumstark discovered that a compromised web child process of Firefox could disable web security openin...

8.2AI score
Exploits0References1
Ubuntu
Ubuntu
added 2023/02/06 3:6 a.m.54 views

USN-5825-2: PAM regressions

USN-5825-1 fixed vulnerabilities in PAM. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that PAM did not correctly restrict login from an IP address that is...

9.8CVSS8.4AI score0.01218EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2023/02/02 4:34 p.m.85 views

USN-5841-1: LibTIFF vulnerabilities

It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges...

8.8CVSS7.6AI score0.04204EPSS
Exploits2
Ubuntu
Ubuntu
added 2023/02/02 1:36 p.m.66 views

USN-5840-1: Long Range ZIP vulnerabilities

It was discovered that Long Range ZIP incorrectly handled pointers. If a user or an automated system were tricked into opening a certain specially crafted ZIP file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM,...

9.8CVSS7.3AI score0.01897EPSS
Exploits6
Ubuntu
Ubuntu
added 2023/02/02 1:34 p.m.98 views

USN-5839-2: Apache HTTP Server vulnerability

USN-5839-1 fixed a vulnerability in Apache. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Dimas Fariski Setyawan Putra discovered that the Apache HTTP Server modproxy module incorrectly truncated certain response headers. This may result in later...

5.3CVSS7.3AI score0.57941EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/02/01 3:22 p.m.65 views

USN-5837-2: Django vulnerability

USN-5837-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Nick Pope discovered that Django incorrectly handled certain Accept-Language headers. A remote attacker could possibly use this issue to cause Django to consu...

7.5CVSS7AI score0.47102EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/02/01 1:23 p.m.62 views

USN-5838-1: AdvanceCOMP vulnerabilities

It was discovered that AdvanceCOMP did not properly manage memory while performing read operations on MNG file. If a user were tricked into opening a specially crafted MNG file, a remote attacker could possibly use this issue to cause AdvanceCOMP to crash, resulting in a denial of service...

5.5CVSS5.6AI score0.00448EPSS
Exploits7
Ubuntu
Ubuntu
added 2023/02/01 1:9 p.m.171 views

USN-5839-1: Apache HTTP Server vulnerabilities

It was discovered that the Apache HTTP Server moddav module incorrectly handled certain If: request headers. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. CVE-2006-20001 ZeddYuLu discovered that the Apache HTTP Server modproxyajp...

9CVSS7.1AI score0.57941EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/02/01 12:59 p.m.61 views

USN-5837-1: Django vulnerability

Nick Pope discovered that Django incorrectly handled certain Accept-Language headers. A remote attacker could possibly use this issue to cause Django to consume memory, leading to a denial of service...

7.5CVSS7AI score0.47102EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/02/01 9:22 a.m.75 views

USN-4781-2: Slurm vulnerabilities

USN-4781-1 fixed several vulnerabilities in Slurm. This update provides the corresponding updates for Ubuntu 14.04 ESM CVE-2016-10030 and Ubuntu 16.04 ESM CVE-2018-10995. Original advisory details: It was discovered that Slurm incorrectly handled certain messages between the daemon and the user. ...

8.1CVSS7.7AI score0.02483EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/31 4:42 p.m.95 views

USN-5836-1: Vim vulnerabilities

It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2022-47024, CVE-2023-0049, CVE-2023-0054, CVE-2023-0288, CVE-2023-0433...

7.8CVSS7.8AI score0.00555EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/01/31 1:15 p.m.59 views

USN-5835-3: Nova vulnerability

Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Nova incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive information...

5.7CVSS7AI score0.01025EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/01/31 1:13 p.m.108 views

USN-5834-1: Apache HTTP Server vulnerabilities

It was discovered that the Apache HTTP Server moddav module did not properly handle specially crafted request headers. A remote attacker could possibly use this issue to cause the process to crash, leading to a denial of service. CVE-2006-20001 It was discovered that the Apache HTTP Server...

9CVSS7.1AI score0.03546EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/31 1:11 p.m.63 views

USN-5835-1: Cinder vulnerability

Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Cinder incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive information...

5.7CVSS7AI score0.01025EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/01/31 1:7 p.m.61 views

USN-5835-2: OpenStack Glance vulnerability

Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that OpenStack Glance incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive...

5.7CVSS7AI score0.01025EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/01/31 10:33 a.m.52 views

USN-5833-1: python-future vulnerability

Sebastian Chnelik discovered that python-future incorrectly handled certain HTTP header field. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS6.8AI score0.01804EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/01/30 10:12 p.m.81 views

USN-5832-1: Linux kernel (Raspberry Pi) vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

8.8CVSS7.7AI score0.02014EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/30 1:51 p.m.78 views

USN-5811-3: Sudo vulnerability

USN-5811-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly handled user-specified editors when using the sudoedit command. A local attacker that has...

7.8CVSS8.1AI score0.55367EPSS
Exploits20
Ubuntu
Ubuntu
added 2023/01/29 3:7 p.m.60 views

USN-5823-3: MySQL regression

USN-5823-1 fixed vulnerabilities in MySQL. Unfortunately, 8.0.32 introduced a regression in MySQL Router preventing connections from PyMySQL. This update reverts most of the changes in MySQL Router to 8.0.31 until a proper fix can be found. We apologize for the inconvenience. Original advisory...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2023/01/27 7:1 p.m.98 views

USN-5831-1: Linux kernel (Azure CVM) vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 Tamás Koczka discovered that the Bluetooth L2CAP handshake...

8.8CVSS7.7AI score0.02014EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/27 6:49 p.m.90 views

USN-5830-1: Linux kernel vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

8.8CVSS7.7AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/01/26 9:36 p.m.80 views

USN-5822-2: Samba regression

USN-5822-1 fixed vulnerabilities in Samba. The update for Ubuntu 20.04 LTS introduced regressions in certain environments. Pending investigation of these regressions, this update temporarily reverts the security fixes. We apologize for the inconvenience. Original advisory details: It was discover...

7.7AI score
Exploits0References2
Total number of security vulnerabilities10890