Lucene search
K
UbuntuRecent

10905 matches found

Ubuntu
Ubuntu
•added 2022/10/03 5:35 p.m.•53 views

USN-5651-1: strongSwan vulnerability

Lahav Schlesinger discovered that strongSwan incorrectly handled certain OCSP URIs and and CRL distribution points CDP in certificates. A remote attacker could possibly use this issue to initiate IKESAs and send crafted certificates that contain URIs pointing to servers under their control, which...

7.5CVSS7.4AI score0.01634EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/10/03 5:26 p.m.•51 views

USN-5614-2: Wayland vulnerability

USN-5614-1 fixed a vulnerability in Wayland. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Wayland incorrectly handled reference counting certain objects. An attacker could use this issue to cause Wayland to crash, resulting ...

6.6CVSS7AI score0.00297EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/10/03 4:47 p.m.•64 views

USN-5652-1: Linux kernel (Azure) vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Domingo...

7.5CVSS7.1AI score0.05542EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/09/30 10:2 p.m.•65 views

USN-5649-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass Content Security Policy CSP or other security restrictions, conduct session fixation attacks, or...

8.8CVSS7.9AI score0.01342EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/30 9:51 p.m.•78 views

USN-5650-1: Linux kernel vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 It was...

7.8CVSS6.8AI score0.05542EPSS
Exploits8
Ubuntu
Ubuntu
•added 2022/09/30 7:34 p.m.•57 views

USN-5648-1: Linux kernel (GKE) vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Duoming...

7.8CVSS7.1AI score0.05542EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/09/28 9:2 p.m.•93 views

USN-5647-1: Linux kernel (GCP) vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Moshe Ko...

8.2CVSS6.8AI score0.05542EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/09/28 7:58 p.m.•49 views

USN-5646-1: libXi vulnerabilities

Tobias Stoeckmann discovered that libXi did not properly manage memory when handling X server responses. A remote attacker could use this issue to cause libXi to crash, resulting in a denial of service...

7.5CVSS7.4AI score0.03009EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/28 7:31 p.m.•43 views

USN-5615-2: SQLite vulnerability

USN-5615-1 fixed several vulnerabilities in SQLite. This update provides the corresponding fix for CVE-2020-35525 for Ubuntu 16.04 ESM. Original advisory details: It was discovered that SQLite incorrectly handled INTERSEC query processing. An attacker could use this issue to cause SQLite to crash...

7.5CVSS7.2AI score0.00928EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/28 2:52 p.m.•55 views

USN-4818-1: OpenCV vulnerabilities

It was discovered that OpenCV did not properly manage certain objects, leading to a divide-by-zero. If a user were tricked into loading a specially crafted file, a remote attacker could potentially use this issue to cause a denial of service or possibly execute arbitrary code. CVE-2019-15939 It w...

8.2CVSS7.3AI score0.0337EPSS
Exploits4
Ubuntu
Ubuntu
•added 2022/09/28 2:6 p.m.•68 views

USN-5645-1: PostgreSQL vulnerabilities

Jacob Champion discovered that PostgreSQL incorrectly handled SSL certificate verification and encryption. A remote attacker could possibly use this issue to inject arbitrary SQL queries when a connection is first established. CVE-2021-23214 Tom Lane discovered that PostgreSQL incorrect handled...

8.8CVSS7.5AI score0.0199EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/27 6:8 p.m.•73 views

USN-5644-1: Linux kernel (GCP) vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Duoming...

7.8CVSS7.1AI score0.05542EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/09/27 12:8 p.m.•56 views

USN-5643-1: Ghostscript vulnerabilities

It was discovered that GhostScript incorrectly handled certain PDF files. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to cause GhostScript to crash, resulting in a denial of service, or possibly execute arbitrary cod...

7.1CVSS6.7AI score0.014EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/09/26 4:28 p.m.•64 views

USN-5642-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS7.7AI score0.01413EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/26 4:23 p.m.•60 views

USN-5641-1: Squid vulnerabilities

Mikhail Evdokimov discovered that Squid incorrectly handled cache manager ACLs. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. CVE-2022-41317 It was discovered that Squid incorrectly handled SSPI an...

8.6CVSS7AI score0.0282EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/26 3:47 p.m.•91 views

USN-5640-1: Linux kernel (Oracle) vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Duoming...

7.8CVSS7.1AI score0.05542EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/09/26 3:32 p.m.•63 views

USN-5639-1: Linux kernel (Azure CVM) vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Moshe Ko...

8.2CVSS6.8AI score0.05542EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/09/26 2:19 p.m.•63 views

USN-5638-1: Expat vulnerability

Rhodri James discovered that Expat incorrectly handled memory when processing certain malformed XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

8.1CVSS7.9AI score0.01659EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/26 1:31 p.m.•70 views

USN-5637-1: libvpx vulnerability

It was discovered that libvpx incorrectly handled certain WebM media files. A remote attacker could use this issue to crash an application using libvpx under certain conditions, resulting in a denial of service...

7.8CVSS6.3AI score0.01897EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/26 10:23 a.m.•43 views

USN-5636-1: SoS vulnerability

It was discovered that SoS incorrectly handled certain data. An attacker could possibly use this issue to expose sensitive information...

5.5CVSS5.7AI score0.00233EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/23 3:3 p.m.•62 views

USN-5635-1: Linux kernel (GKE) vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Duoming...

7.8CVSS7.1AI score0.05542EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/09/22 6:52 p.m.•61 views

USN-5629-1: Python vulnerability

It was discovered that the Python http.server module incorrectly handled certain URIs. An attacker could potentially use this to redirect web traffic...

7.4CVSS7.5AI score0.0199EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/22 6:2 p.m.•89 views

USN-5634-1: Linux kernel (OEM) vulnerability

Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service system crash...

7.5CVSS6.6AI score0.05542EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/09/22 5:27 p.m.•80 views

USN-5633-1: Linux kernel vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Duoming...

7.8CVSS7.1AI score0.05542EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/09/22 4:54 p.m.•46 views

USN-5632-1: OAuthLib vulnerability

Sebastian Chnelik discovered that OAuthLib incorrectly handled certain redirect uris. A remote attacker could possibly use this issue to cause OAuthLib to crash, resulting in a denial of service...

6.5CVSS7.1AI score0.01258EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/09/22 4:49 p.m.•85 views

USN-5631-1: libjpeg-turbo vulnerabilities

It was discovered that libjpeg-turbo incorrectly handled certain EOF characters. An attacker could possibly use this issue to cause libjpeg-turbo to consume resource, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2018-11813 It was discovered that libjpeg-turbo...

8.8CVSS6.6AI score0.03162EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/09/22 4:29 p.m.•67 views

USN-5630-1: Linux kernel (Raspberry Pi) vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Moshe Ko...

8.2CVSS6.8AI score0.05542EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/09/22 3:16 p.m.•103 views

USN-5628-2: etcd vulnerabilities

USN-5628-1 fixed vulnerabilities in etcd. This update provides the corresponding updates for Ubuntu 18.04 ESM. Original advisory details: It was discovered that etcd incorrectly handled certain specially crafted WAL files. An attacker could possibly use this issue to cause a denial of service...

7.7CVSS7.2AI score0.01291EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/22 1:45 p.m.•63 views

USN-5627-2: PCRE vulnerabilities

USN-5627-1 fixed several vulnerabilities in PCRE. This update provides the corresponding fixes for Ubuntu 18.04 ESM. Original advisory details: It was discovered that PCRE incorrectly handled memory when handling certain regular expressions. An attacker could possibly use this issue to cause...

9.1CVSS7.3AI score0.02993EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/22 1:38 p.m.•73 views

USN-5628-1: etcd vulnerabilities

It was discovered that etcd incorrectly handled certain specially crafted WAL files. An attacker could possibly use this issue to cause a denial of service. CVE-2020-15106, CVE-2020-15112 It was discovered that etcd incorrectly handled directory permissions when trying to create a directory that...

7.7CVSS7.2AI score0.01291EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/22 8:11 a.m.•56 views

USN-5627-1: PCRE vulnerabilities

It was discovered that PCRE incorrectly handled memory when handling certain regular expressions. An attacker could possibly use this issue to cause applications using PCRE to expose sensitive information...

9.1CVSS7.3AI score0.02993EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/21 3:39 p.m.•72 views

USN-5626-2: Bind vulnerabilities

USN-5626-1 fixed several vulnerabilities in Bind. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Yehuda Afek, Anat Bremler-Barr, and Shani Stajnrod discovered that Bind incorrectly handled large delegations. A remote attacker...

7.5CVSS6.8AI score0.02299EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/21 11:39 a.m.•80 views

USN-5626-1: Bind vulnerabilities

Yehuda Afek, Anat Bremler-Barr, and Shani Stajnrod discovered that Bind incorrectly handled large delegations. A remote attacker could possibly use this issue to reduce performance, leading to a denial of service. CVE-2022-2795 It was discovered that Bind incorrectly handled statistics requests. ...

8.2CVSS6.8AI score0.02299EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/21 11:10 a.m.•62 views

USN-5623-1: Linux kernel (HWE) vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 It was discovered that the framebuffer driver on the Linux...

8.2CVSS6.8AI score0.05542EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/09/21 10:39 a.m.•56 views

USN-5625-1: Mako vulnerability

It was discovered that Mako incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.4AI score0.01656EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/09/21 9:46 a.m.•89 views

USN-5624-1: Linux kernel vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Duoming...

7.8CVSS7.1AI score0.05542EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/09/21 9:25 a.m.•78 views

USN-5622-1: Linux kernel vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Moshe Ko...

8.2CVSS6.8AI score0.05542EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/09/21 7:31 a.m.•359 views

USN-5621-1: Linux kernel vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Domingo...

7.5CVSS7.1AI score0.05542EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/09/20 5:26 p.m.•57 views

USN-5618-1: Ghostscript vulnerability

It was discovered the Ghostscript incorrectly handled memory when processing certain inputs. By tricking a user into opening a specially crafted PDF file, an attacker could cause the program to crash...

7.1CVSS7.1AI score0.00437EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/20 12:52 p.m.•281 views

USN-5620-1: OpenEXR vulnerabilities

It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. These issues only affected Ubuntu 20.04 ESM. CVE-2021-3598,...

6.5CVSS6.8AI score0.01747EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/09/20 8:29 a.m.•75 views

USN-5619-1: LibTIFF vulnerabilities

It was discovered that LibTIFF was not properly performing the calculation of data that would eventually be used as a reference for bound-checking operations. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu...

7.5CVSS6.7AI score0.02433EPSS
Exploits6
Ubuntu
Ubuntu
•added 2022/09/19 4:56 p.m.•82 views

USN-5617-1: Xen vulnerabilities

It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use th...

8.8CVSS7AI score0.0054EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/09/19 12:53 p.m.•76 views

USN-5613-2: Vim regression

USN-5613-1 fixed vulnerabilities in Vim. Unfortunately that update failed to include binary packages for some architectures. This update fixes that regression. We apologize for the inconvenience. Original advisory details: It was discovered that Vim was not properly performing bounds checks when...

8.4CVSS7.6AI score0.02645EPSS
Exploits7References1
Ubuntu
Ubuntu
•added 2022/09/16 2:19 p.m.•70 views

USN-5616-1: Linux kernel (Intel IoTG) vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 Moshe Kol, Amit Klein and Yossi Gilad discovered that the I...

8.2CVSS6.8AI score0.02972EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/09/15 4:53 p.m.•66 views

USN-5615-1: SQLite vulnerabilities

It was discovered that SQLite incorrectly handled INTERSEC query processing. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2020-35525 It was discovered that SQLite incorrectly handled ALTER TABLE for views that...

9.8CVSS7.8AI score0.01067EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/15 4:43 p.m.•55 views

USN-5614-1: Wayland vulnerability

It was discovered that Wayland incorrectly handled reference counting certain objects. An attacker could use this issue to cause Wayland to crash, resulting in a denial of service, or possibly execute arbitrary code...

6.6CVSS7AI score0.00297EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/09/15 11:4 a.m.•106 views

USN-5613-1: Vim vulnerabilities

It was discovered that Vim was not properly performing bounds checks when executing spell suggestion commands. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2022-0943 It was discovered that Vim was using freed memory when dealing with regula...

8.4CVSS7.4AI score0.02645EPSS
Exploits7
Ubuntu
Ubuntu
•added 2022/09/15 2:52 a.m.•71 views

USN-5612-1: Intel Microcode vulnerability

Pietro Borrello, Andreas Kogler, Martin Schwarzl, Daniel Gruss, Michael Schwarz and Moritz Lipp discovered that some Intel processors did not properly clear data between subsequent xAPIC MMIO reads. This could allow a local attacker to compromise SGX enclaves...

5.5CVSS6.7AI score0.00324EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/09/14 11:9 p.m.•31 views

USN-5606-2: poppler regression

USN-5606-1 fixed a vulnerability in poppler. Unfortunately it was missing a commit to fix it properly. This update provides the corresponding fix for Ubuntu 18.04 LTS and Ubuntu 16.04 ESM. We apologize for the inconvenience. Original advisory details: It was discovered that poppler incorrectly...

5.9AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2022/09/14 11:55 a.m.•54 views

USN-5611-1: WebKitGTK vulnerability

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS8AI score0.09785EPSS
Exploits0
Total number of security vulnerabilities10905