Lucene search
K
UbuntuRecent

10869 matches found

Ubuntu
Ubuntu
added 2026/04/17 10:28 a.m.18 views

USN-8188-1: Linux kernel (HWE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - Drivers core; - Bluetooth drivers; - DMA engine...

8.8CVSS5.8AI score0.0071EPSS
Exploits6
Ubuntu
Ubuntu
added 2026/04/17 10:20 a.m.12 views

USN-8187-1: Linux kernel (NVIDIA) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...

8.8CVSS5.8AI score0.0071EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/17 10:11 a.m.12 views

USN-8186-1: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...

8.8CVSS5.8AI score0.0071EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/17 10:3 a.m.9 views

USN-8180-2: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...

8.8CVSS5.8AI score0.0071EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/17 9:55 a.m.5 views

USN-8185-1: Linux kernel (NVIDIA) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS5.9AI score0.00378EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/17 9:36 a.m.8 views

USN-8179-2: Linux kernel (FIPS) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS5.9AI score0.00378EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/17 9:26 a.m.8 views

USN-8184-1: Linux kernel (Real-time) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS5.9AI score0.00378EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/17 9:6 a.m.13 views

USN-8183-1: Linux kernel (GCP) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

7.8CVSS5.8AI score0.00191EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/17 8:33 a.m.6 views

USN-8177-1: Linux kernel vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

7.8CVSS5.8AI score0.00191EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/17 8:30 a.m.7 views

USN-8177-2: Linux kernel (Real-time) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

7.8CVSS5.8AI score0.00191EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/17 12:23 a.m.8 views

USN-8182-1: Rack vulnerabilities

Andrew Lacambra discovered that Rack did not properly parse certain regular expressions. An attacker could possibly use this issue to bypass network security filters. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 25.10. CVE-2026-26961 William T. Nelson...

7.5CVSS5.9AI score0.00475EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/04/16 5:56 p.m.11 views

USN-8181-1: ESAPI vulnerabilities

Jaroslav Lobačevski discovered that ESAPI incorrectly validated directory paths during path verification. An attacker could possibly use this issue to bypass directory validation checks, leading to control-flow bypass. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS,...

9.8CVSS5.8AI score0.02674EPSS
Exploits4
Ubuntu
Ubuntu
added 2026/04/16 5:36 p.m.5 views

USN-8148-7: Linux kernel (NVIDIA) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...

7.8CVSS5.8AI score0.00344EPSS
Exploits6
Ubuntu
Ubuntu
added 2026/04/16 3:55 p.m.6 views

USN-8178-1: oFono vulnerabilities

It was discovered that oFono incorrectly handled crafted responses from AT commands. An attacker could possibly use this issue to crash the program, resulting in a denial of service or arbitrary code execution. CVE-2024-7538, CVE-2024-7539, CVE-2024-7540, CVE-2024-7541, CVE-2024-7542 Lucas Leong...

7.8CVSS6AI score0.00297EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/16 2:56 p.m.8 views

USN-8180-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...

8.8CVSS5.8AI score0.0071EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/16 2:13 p.m.8 views

USN-8179-1: Linux kernel vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS5.9AI score0.00378EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/15 8:25 p.m.19 views

USN-8145-5: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - UDF file system; - NFC subsystem; - Network traffic control;...

7.8CVSS6.7AI score0.0024EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/15 7:22 p.m.7 views

USN-8176-1: .NET vulnerabilities

Ludvig Pedersen discovered that the System.Security.Cryptography.Xml library in .NET incorrectly handled certain XML inputs. An attacker could possibly use this issue to consume excessive resources, resulting in a denial of service. CVE-2026-33116, CVE-2026-26171 Ludvig Pedersen and Kevin Jones...

7.5CVSS6.2AI score0.02279EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/15 3:6 a.m.8 views

USN-8175-1: FRR vulnerability

It was discovered that FRR did not correctly handle certain network requests. A remote attacker could possibly use this issue to gain unauthorized access to resources...

4.2CVSS5.8AI score0.00279EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/14 8:1 p.m.9 views

USN-8138-2: tar-rs vulnerability

USN-8138-1 fixed a vulnerability in tar-rs. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: It was discovered that tar-rs incorrectly handled symlinks when unpacking a tar archive. If a user or automated system were tricked into processing a speciall...

6.5CVSS6AI score0.00379EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/04/14 6:1 p.m.6 views

USN-8168-2: Rust vulnerability

USN-8168-1 fixed a vulnerability in Rust. This update provides the corresponding update to Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that tar-rs embedded in rustc incorrectly handled symlinks when unpacking a tar archiv...

6.5CVSS6AI score0.00379EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/04/14 8:13 a.m.6 views

USN-8174-1: XML::Parser vulnerabilities

It was discovered that XML::Parser incorrectly handled certain multi-byte UTF-8 characters. If a user or automated system were tricked into processing specially crafted XML data, a remote attacker could use this issue to cause XML::Parser to crash, resulting in a denial of service or to possibly...

9.8CVSS6.1AI score0.00604EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/14 8:2 a.m.5 views

USN-8173-1: polkit vulnerabilities

It was discovered that polkit incorrectly handled nested elements in XML policy files. If an administrator were tricked into installing a malicious policy file, a remote attacker could possibly use this issue to cause polkit to crash, resulting in a denial of service. CVE-2025-7519 Pavel Kohout...

6.7CVSS5.8AI score0.00184EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/14 12:7 a.m.11 views

USN-8148-6: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...

7.8CVSS5.9AI score0.00344EPSS
Exploits6
Ubuntu
Ubuntu
added 2026/04/14 12:6 a.m.11 views

USN-8149-3: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...

7.8CVSS5.9AI score0.00344EPSS
Exploits6
Ubuntu
Ubuntu
added 2026/04/13 11:59 p.m.9 views

USN-8163-2: Linux kernel (Azure) vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

9.8CVSS7.3AI score0.00544EPSS
Exploits13References1
Ubuntu
Ubuntu
added 2026/04/13 6:27 p.m.7 views

USN-8172-1: kvmtool vulnerabilities

It was discovered that kvmtool did not properly manage memory under certain circumstances. A malicious guest attacker could use this issue to cause kvmtool to crash, leading to a denial of service, or possibly execute arbitrary code on the host system. CVE-2021-45464 It was discovered that kvmtoo...

8.8CVSS6.2AI score0.00382EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/04/13 4:56 p.m.9 views

USN-8171-1: Vim vulnerabilities

Nathan Mills discovered that Vim could crash when parsing certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 24.04 LTS and Ubuntu 25.10 CVE-2026-32249 It was discovered that Vim did not properly sanitize user input...

8.2CVSS6.5AI score0.00834EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/13 1:19 p.m.7 views

USN-8170-1: Corosync vulnerabilities

It was discovered that Corosync incorrectly handled the membership commit token validity check. A remote attacker could use this issue to cause Corosync to crash, resulting in a denial of service, or to possibly obtain a small quantity of sensitive information. CVE-2026-35091 It was discovered th...

8.2CVSS5.8AI score0.00994EPSS
Exploits2
Ubuntu
Ubuntu
added 2026/04/13 1:18 p.m.8 views

USN-8169-1: Redis, Lua vulnerabilities

It was discovered that Redis incorrectly handled certain specially crafted Lua scripts. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue was only addressed in lua5.1 on Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2025-49844 It was...

9.9CVSS7.1AI score0.86767EPSS
Exploits16
Ubuntu
Ubuntu
added 2026/04/13 12:35 p.m.6 views

USN-8168-1: Rust vulnerability

It was discovered that tar-rs embedded in rustc incorrectly handled symlinks when unpacking a tar archive. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could use this issue to modify permissions of arbitrary directories outside the...

6.5CVSS6AI score0.00379EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/04/13 12:7 p.m.7 views

USN-8167-1: xdg-dbus-proxy vulnerability

It was discovered that xdg-dbus-proxy incorrectly handled eavesdropping in policy rules. A local attacker could possibly use this issue to intercept certain D-Bus messages...

6.8CVSS5.8AI score0.00175EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/13 10:8 a.m.8 views

LSN-0119-1: Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: btrfs: ref-verify: fix use-after-free after invalid ref action At btrfsreftreemod after we successfully inserted the new ref entry local variable 'ref' into the respective block entry's rbtree local variable 'be', if we find an...

7.8CVSS6.8AI score0.00344EPSS
Exploits7
Ubuntu
Ubuntu
added 2026/04/12 11:19 p.m.5 views

USN-8166-1: RetroArch vulnerability

It was discovered that RetroArch did not correctly handle certain memory operations, which could lead to a buffer overflow. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary...

9.8CVSS6.1AI score0.00395EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/09 11:38 p.m.10 views

USN-8165-1: Linux kernel (Azure FIPS) vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

7.8CVSS6.8AI score0.00544EPSS
Exploits13References1
Ubuntu
Ubuntu
added 2026/04/09 11:34 p.m.26 views

USN-8164-1: Linux kernel (Intel IoTG Real-time) vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

7.8CVSS6.8AI score0.00344EPSS
Exploits6References1
Ubuntu
Ubuntu
added 2026/04/09 11:26 p.m.12 views

USN-8163-1: Linux kernel (Azure FIPS) vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

9.8CVSS7.2AI score0.00544EPSS
Exploits13References1
Ubuntu
Ubuntu
added 2026/04/09 11:14 p.m.9 views

USN-8145-4: Linux kernel (HWE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - UDF file system; - NFC subsystem; - Network traffic control;...

7.8CVSS6.7AI score0.0024EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/09 8:46 p.m.14 views

USN-8162-1: Linux kernel (NVIDIA Tegra) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - Drivers core; - Bluetooth drivers; - DMA engine...

8.8CVSS6.6AI score0.0071EPSS
Exploits6
Ubuntu
Ubuntu
added 2026/04/09 5:35 p.m.13 views

USN-8155-2: OpenSSL vulnerabilities

USN-8155-1 fixed vulnerabilities in OpenSSL. This update provides the corresponding updates for CVE-2026-28387 for openssl in Ubuntu 20.04 LTS. CVE-2026-28388 for openssl and openssl1.0 in Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS, and CVE-2026-28389 and...

8.1CVSS6AI score0.00981EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/09 5:30 p.m.11 views

USN-8154-2: Django vulnerabilities

USN-8154-1 fixed vulnerabilities in Django. This update provides the corresponding updates for Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Original advisory details: Seokchan Yoon discovered that Django incorrectly handled copying memory when parsing multipart uploads with excessive whitespace. A remo...

9.8CVSS6AI score0.00689EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/04/09 2:22 p.m.8 views

USN-8161-1: QEMU vulnerabilities

It was discovered that the LSI53C895A SCSI Host Bus Adapter implementation of QEMU incorrectly handled memory. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2024-6519 It was discovered...

8.2CVSS7.5AI score0.0025EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/04/09 1:11 p.m.4 views

USN-8160-1: MongoDB vulnerability

It was discovered that MongoDB incorrectly handled length parameters in zlib-compressed network messages prior to authentication. An unauthenticated remote attacker could possibly use this issue to cause MongoDB to allocate an oversized memory buffer, resulting in the exposure of sensitive...

8.7CVSS7.1AI score0.83007EPSS
Exploits39
Ubuntu
Ubuntu
added 2026/04/09 12:5 a.m.7 views

USN-8149-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...

7.8CVSS5.9AI score0.00344EPSS
Exploits6
Ubuntu
Ubuntu
added 2026/04/09 12:1 a.m.12 views

USN-8148-5: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...

7.8CVSS5.9AI score0.00344EPSS
Exploits6
Ubuntu
Ubuntu
added 2026/04/08 11:42 p.m.6 views

USN-8159-3: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - Netfilter; - Network traffic control; CVE-2025-37849, CVE-2026-23060,...

7.8CVSS5.9AI score0.00344EPSS
Exploits6
Ubuntu
Ubuntu
added 2026/04/08 11:34 p.m.7 views

USN-8159-2: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - Netfilter; - Network traffic control; CVE-2025-37849, CVE-2026-23060,...

7.8CVSS5.9AI score0.00344EPSS
Exploits6
Ubuntu
Ubuntu
added 2026/04/08 11:22 p.m.9 views

USN-8159-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - Netfilter; - Network traffic control; CVE-2025-37849, CVE-2026-23060,...

7.8CVSS6.7AI score0.00344EPSS
Exploits6
Ubuntu
Ubuntu
added 2026/04/08 7:25 p.m.4 views

USN-8158-1: Dogtag PKI vulnerability

Fraser Tweedale and Geetika Kapoor discovered that Dogtag PKI could renew a certificate without proper authentication. An attacker could possibly use this to repeatedly renew a compromised certificate and maintain unauthorized access to a system or resource...

8.1CVSS5.9AI score0.01187EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/08 12:37 p.m.8 views

USN-8157-1: Squid vulnerabilities

It was discovered that Squid incorrectly handled certain ICP traffic. In environments where ICP support is enabled, a remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or obtain small amounts of sensitive information...

9.2CVSS6AI score0.08942EPSS
Exploits0
Total number of security vulnerabilities10869