Lucene search
K
UbuntuRecent

10905 matches found

Ubuntu
Ubuntu
•added 2022/08/24 3:0 a.m.•71 views

USN-5576-1: Twisted vulnerability

It was discovered that Twisted incorrectly parsed some types of HTTP requests in its web server implementation. In certain proxy or multi-server configurations, a remote attacker could craft malicious HTTP requests in order to obtain sensitive information...

8.1CVSS7.7AI score0.028EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/08/23 7:0 p.m.•43 views

USN-5474-2: Varnish Cache regression

USN-5474-1 fixed vulnerabilities in Varnish Cache. Unfortunately the fix for CVE-2020-11653 was incomplete. This update fixes the problem. Original advisory details: It was discovered that Varnish Cache could have an assertion failure when a TLS termination proxy uses PROXY version 2. A remote...

7.5CVSS7.3AI score0.02106EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/08/22 5:59 p.m.•67 views

USN-5575-2: Libxslt vulnerabilities

USN-5575-1 fixed vulnerabilities in Libxslt. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Nicolas Grégoire discovered that Libxslt incorrectly handled certain XML. An attacker could possibly use this issue to expose sensitive...

8.8CVSS7.8AI score0.21623EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/08/22 12:37 p.m.•86 views

USN-5575-1: Libxslt vulnerabilities

Nicolas Grégoire discovered that Libxslt incorrectly handled certain XML. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. CVE-2019-5815 Alexey Neyman incorrectly handled certain HTML pages. An attacker...

8.8CVSS7.7AI score0.21623EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/08/22 9:43 a.m.•63 views

USN-5574-1: Exim vulnerability

It was discovered that Exim incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

9.8CVSS8.4AI score0.0292EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/08/18 9:49 p.m.•102 views

USN-5573-1: rsync vulnerability

Evgeny Legerov discovered that zlib incorrectly handled memory when performing certain inflate operations. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.2AI score0.1593EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/08/18 5:40 p.m.•66 views

USN-5572-1: Linux kernel (AWS) vulnerabilities

Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information guest kernel memory. CVE-2022-26365 Roger Pau Monné...

7.1CVSS6.4AI score0.00322EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/08/18 4:19 p.m.•105 views

USN-5571-1: PostgreSQL vulnerability

Sven Klemm discovered that PostgreSQL incorrectly handled extensions. An attacker could possibly use this issue to execute arbitrary code when extensions are created or updated...

8CVSS7.6AI score0.0152EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/08/18 10:31 a.m.•130 views

USN-5245-1: Apache Maven vulnerability

It was discovered that Apache Maven followed repositories that are defined in a dependency's Project Object Model pom even if the repositories weren't encrypted http protocol. An attacker could use this vulnerability to take over a repository, execute arbitrary code or cause a denial of service...

9.1CVSS7.8AI score0.08691EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/08/17 10:44 p.m.•83 views

USN-5570-1: zlib vulnerability

Evgeny Legerov discovered that zlib incorrectly handled memory when performing certain inflate operations. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.2AI score0.1593EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/08/17 1:58 a.m.•36 views

USN-5526-2: PyJWT regression

USN-5526-1 fixed vulnerabilities in PyJWT. Unfortunately this caused a regression by incrementing the internal package version number on Ubuntu 22.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Aapo Oksman discovered that PyJWT incorrectly...

5.6AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2022/08/16 11:24 a.m.•65 views

USN-5569-1: Unbound vulnerabilities

Xiang Li discovered that Unbound incorrectly handled delegation caching. A remote attacker could use this issue to keep rogue domain names resolvable long after they have been revoked...

6.5CVSS6.9AI score0.00868EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/08/15 12:23 p.m.•95 views

USN-5568-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS7.7AI score0.70461EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/08/10 6:31 p.m.•37 views

USN-5367-1: fish vulnerability

Justin Steven discovered that fish was not properly filtering local git configuration directives when running background git commands. A remote unauthenticated attacker could possibly use this issue to execute arbitrary code...

7.8CVSS7.4AI score0.01417EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/08/10 6:26 p.m.•96 views

USN-5567-1: Linux kernel (OEM) vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.2AI score0.12746EPSS
Exploits12
Ubuntu
Ubuntu
•added 2022/08/10 6:12 p.m.•296 views

USN-5566-1: Linux kernel vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.6AI score0.12746EPSS
Exploits24
Ubuntu
Ubuntu
•added 2022/08/10 5:37 p.m.•96 views

USN-5565-1: Linux kernel vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.3AI score0.12746EPSS
Exploits12
Ubuntu
Ubuntu
•added 2022/08/10 4:59 p.m.•116 views

USN-5564-1: Linux kernel (Intel IoTG) vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.7AI score0.12746EPSS
Exploits26
Ubuntu
Ubuntu
•added 2022/08/10 4:32 p.m.•97 views

USN-5563-1: http-parser vulnerability

It was discovered that http-parser incorrectly handled certain requests. An attacker could possibly use this issue to bypass security controls or gain unauthorized access to sensitive data...

6.5CVSS7.5AI score0.16296EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/08/10 2:30 p.m.•172 views

USN-5562-1: Linux kernel vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.6AI score0.12746EPSS
Exploits25
Ubuntu
Ubuntu
•added 2022/08/10 12:36 p.m.•89 views

USN-5560-2: Linux kernel vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.3AI score0.12746EPSS
Exploits26
Ubuntu
Ubuntu
•added 2022/08/10 12:21 p.m.•56 views

USN-5561-1: GNOME Web vulnerabilities

It was discovered that GNOME Web incorrectly filtered certain strings. A remote attacker could use this issue to perform cross-site scripting XSS attacks. This issue only affected Ubuntu 20.04 LTS. CVE-2021-45085, CVE-2021-45086, CVE-2021-45087 It was discovered that GNOME Web incorrectly handled...

7.5CVSS6.8AI score0.01952EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/08/10 11:17 a.m.•196 views

USN-5560-1: Linux kernel vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.3AI score0.12746EPSS
Exploits26
Ubuntu
Ubuntu
•added 2022/08/10 11:13 a.m.•2025 views

USN-5559-1: Moment.js vulnerabilities

It was discovered that Moment.js incorrectly handled certain input paths. An attacker could possibly use this issue to cause a loss of integrity by changing the correct path to one of their choice. CVE-2022-24785 It was discovered that Moment.js incorrectly handled certain input. An attacker coul...

7.5CVSS6.8AI score0.05664EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/08/10 9:50 a.m.•86 views

USN-5558-1: libcdio vulnerabilities

Zhao Liang discovered that libcdio was not properly performing memory management operations when processing ISO files, which could result in a heap buffer overflow or in a NULL pointer dereference. If a user or automated system were tricked into opening a specially crafted file, an attacker could...

8.8CVSS6.9AI score0.03427EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/08/10 7:7 a.m.•39 views

USN-5185-1: MATIO vulnerability

It was discovered that MATIO incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service or obtain sensitive information...

8.2CVSS7.7AI score0.01879EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/08/10 3:0 a.m.•52 views

USN-5556-1: Booth vulnerability

It was discovered that Booth incorrectly handled user authentication. An attacker could use this vulnerability to cause a denial of service...

6.5CVSS6.3AI score0.00924EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/08/09 11:44 p.m.•95 views

USN-5557-1: Linux kernel vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.2AI score0.12746EPSS
Exploits12
Ubuntu
Ubuntu
•added 2022/08/09 11:44 a.m.•526 views

USN-5160-1: Midnight Commander vulnerability

It was discovered that Midnight Commander would not check server fingerprints when establishing an SFTP connection. If a remote attacker were able to intercept communications this flaw could be exploited to impersonate the SFTP server...

7.5CVSS7.3AI score0.02216EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/08/09 11:29 a.m.•100 views

USN-5169-1: oddjob vulnerability

Matthias Gerstner discovered that there was a race condition in the mkhomedir tool shipped with the oddjob package. An authenticated attacker could use this to setup a symlink attack and change permissions on files on the host filesystem...

6.3CVSS6.4AI score0.00293EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/08/08 3:38 p.m.•48 views

USN-5177-1: Inetutils vulnerability

It was discovered that Inetutils did not properly check the response of ftp requests. A remote attacker could use this vulnerability to cause a crash or run programs in the user machine...

6.5CVSS6.9AI score0.01002EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/08/08 3:28 p.m.•57 views

USN-5555-1: GStreamer Good Plugins vulnerabilities

It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. CVE-2022-1920, CVE-2022-1921 It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this...

7.8CVSS7.8AI score0.00465EPSS
Exploits7
Ubuntu
Ubuntu
•added 2022/08/08 1:29 p.m.•56 views

USN-5239-1: HttpClient vulnerability

It was discovered that HttpClient mishandled certain input. An attacker could use this vulnerability to cause a crash or possibly execute arbitrary code...

5.3CVSS7.2AI score0.08665EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/08/08 12:6 p.m.•90 views

USN-5553-1: libjpeg-turbo vulnerabilities

It was discovered that libjpeg-turbo was not properly handling EOF characters, which could lead to excessive memory consumption through the execution of a large loop. An attacker could possibly use this issue to cause a denial of service. CVE-2018-11813 It was discovered that libjpeg-turbo was no...

8.8CVSS7.1AI score0.03162EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/08/08 11:44 a.m.•64 views

USN-5554-1: GDK-PixBuf vulnerability

Pedro Ribeiro discovered that the GDK-PixBuf library did not properly handle certain GIF images. If an user or automated system were tricked into opening a specially crafted GIF file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly...

7.8CVSS7.4AI score0.00748EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/08/08 9:51 a.m.•55 views

USN-5552-1: phpLiteAdmin vulnerability

It was discovered that phpLiteAdmin incorrectly handled certain GET requests. An attacker could possibly use this issue to perform cross-site scripting XSS attacks...

6.1CVSS6.2AI score0.0064EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/08/08 6:30 a.m.•603 views

USN-5182-1: Roundcube Webmail vulnerabilities

It was discovered that Roundcube Webmail allowed JavaScript code to be present in the CDATA of an HTML message. A remote attacker could possibly use this issue to execute a cross-site scripting XSS attack. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM...

9.8CVSS7.9AI score0.84456EPSS
Exploits7
Ubuntu
Ubuntu
•added 2022/08/04 5:40 p.m.•86 views

USN-5548-1: libxml2 vulnerability

It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to execute arbitrary code...

6.1CVSS7.7AI score0.00764EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/08/04 5:6 p.m.•97 views

USN-5546-2: OpenJDK 8 vulnerabilities

USN-5546-1 fixed vulnerabilities in OpenJDK. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain...

7.5CVSS7.4AI score0.17673EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/08/04 4:17 p.m.•173 views

USN-5551-1: mod-wsgi vulnerability

It was discovered that mod-wsgi did not correctly remove the X-Client-IP header when processing requests from untrusted proxies. A remote attacker could use this issue to pass the header to WSGI applications, contrary to expectations...

7.5CVSS7.2AI score0.0069EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/08/04 4:7 p.m.•120 views

USN-5550-1: GnuTLS vulnerabilities

It was discovered that GnuTLS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. CVE-2021-4209 It was discovered that GnuTLS...

7.5CVSS7AI score0.01492EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/08/04 3:56 p.m.•82 views

USN-5549-1: Django vulnerability

It was discovered that Django incorrectly handled certain FileResponse. An attacker could possibly use this issue to expose sensitive information or gain access over user machine...

8.8CVSS8AI score0.00654EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/08/04 3:24 p.m.•83 views

USN-5546-1: OpenJDK vulnerabilities

Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17 and OpenJDK 18. CVE-2022-21449 It was discovered that OpenJDK incorrectly limited memo...

7.5CVSS7.2AI score0.48235EPSS
Exploits8
Ubuntu
Ubuntu
•added 2022/08/03 9:37 p.m.•77 views

USN-5547-1: NVIDIA graphics drivers vulnerabilities

Le Wu discovered that the NVIDIA graphics drivers did not properly perform input validation in some situations. A local user could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-31607 Tal Lossos discovered that the NVIDIA graphics drivers incorrectly handled...

7.8CVSS7AI score0.00245EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/08/03 10:10 a.m.•249 views

USN-5221-1: Redis vulnerabilities

It was discovered that Redis incorrectly handled certain specially crafted Lua scripts. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2021-32626 It was discovered that Redis incorrectly handled some malformed requests when using Redis...

8.8CVSS7AI score0.31049EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/08/02 5:39 p.m.•150 views

USN-5545-1: Linux kernel (OEM) vulnerability

Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations...

7.8CVSS6.6AI score0.05451EPSS
Exploits10
Ubuntu
Ubuntu
•added 2022/08/02 2:28 p.m.•68 views

USN-5463-2: NTFS-3G vulnerabilities

USN-5463-1 fixed vulnerabilities in NTFS-3G. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Roman Fiedler discovered that NTFS-3G incorrectly handled certain return codes. A local attacker could possibly use this issue to...

7.8CVSS7.5AI score0.00431EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/08/02 4:11 a.m.•187 views

USN-5544-1: Linux kernel vulnerabilities

It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-1679...

7.8CVSS7.2AI score0.05451EPSS
Exploits12
Ubuntu
Ubuntu
•added 2022/08/01 2:24 p.m.•433 views

USN-5543-1: Net-SNMP vulnerabilities

Yu Zhang and Nanyu Zhong discovered that Net-SNMP incorrectly handled memory operations when processing certain requests. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.8CVSS7.2AI score0.01299EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/08/01 11:50 a.m.•127 views

USN-5542-1: Samba vulnerabilities

It was discovered that Samba did not handle MaxQueryDuration when being used in AD DC configurations, contrary to expectations. This issue only affected Ubuntu 20.04 LTS. CVE-2021-3670 Luke Howard discovered that Samba incorrectly handled certain restrictions associated with changing passwords. A...

8.8CVSS6.8AI score0.01731EPSS
Exploits0
Total number of security vulnerabilities10905