Lucene search
K
UbuntuRecent

10905 matches found

Ubuntu
Ubuntu
added 2022/08/01 5:54 a.m.393 views

USN-5237-1: MediaInfoLib vulnerabilities

It was discovered that MediaInfoLib incorrectly handled certain specially crafted files. An attacker could possibly use this issue to cause a denial of service. CVE-2020-26797 It was discovered that MediaInfoLib incorrectly handled certain specially crafted MpegPs files. An attacker could possibl...

7.8CVSS6.7AI score0.04238EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/07/29 12:2 a.m.129 views

USN-5540-1: Linux kernel vulnerabilities

Liu Jian discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20141 It was discovered that...

7.8CVSS7.1AI score0.05451EPSS
Exploits11
Ubuntu
Ubuntu
added 2022/07/28 11:48 p.m.131 views

USN-5541-1: Linux kernel (Azure) vulnerabilities

Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. CVE-2021-4197 Jann Horn discovered that the FUSE file system i...

7.8CVSS6.7AI score0.0155EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/07/28 11:2 p.m.91 views

USN-5539-1: Linux kernel vulnerabilities

It was discovered that the implementation of the 6pack and mkiss protocols in the Linux kernel did not handle detach events properly in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2022-1195...

7.5CVSS6.9AI score0.0155EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/07/28 7:47 p.m.108 views

USN-5537-2: MySQL vulnerability

USN-5537-1 fixed a vulnerability in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.7.39 in...

4.9CVSS6.3AI score0.01418EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/28 2:40 p.m.138 views

USN-5538-1: libtirpc vulnerability

It was discovered that libtirpc incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.6AI score0.02088EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/28 1:45 p.m.214 views

USN-5537-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.30 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.39. In addition to security fixes, the updated...

6.5CVSS6.3AI score0.01439EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/28 1:29 p.m.73 views

USN-5536-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the mouse pointer position, bypass Subresource Integrity protections, obtain sensitive information,...

9.8CVSS7.7AI score0.00748EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/28 5:31 a.m.78 views

USN-5535-1: Intel Microcode vulnerabilities

Joseph Nuzman discovered that some Intel processors did not properly initialise shared resources. A local attacker could use this to obtain sensitive information. CVE-2021-0145 Mark Ermolov, Dmitry Sklyarov and Maxim Goryachy discovered that some Intel processors did not prevent test and debug...

6.8CVSS6.2AI score0.06451EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/27 10:8 a.m.30 views

USN-5251-1: GEGL vulnerability

It was discovered that GEGL incorrectly filtered and escaped file path input data when using the C system function for execution of the ImageMagick convert command. An attacker could possibly use this to execute arbitrary code...

7.8CVSS7.8AI score0.01439EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/26 4:28 p.m.91 views

USN-5531-1: protobuf-c vulnerability

Pietro Borrello discovered that protobuf-c contained an invalid arithmetic shift. This vulnerability allowed attackers to cause a denial of service system crash via unspecified vectors CVE-2022-33070. It was discovered that protobuf-c contained an unsigned integer overflow. This vulnerability...

5.5CVSS6.3AI score0.01058EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/07/26 3:22 p.m.67 views

USN-5533-1: Vim vulnerability

It was discovered that Vim incorrectly handled memory access. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause the corruption of sensitive information, a crash, or arbitrary code execution...

7.8CVSS7.8AI score0.01352EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/07/26 3:20 p.m.79 views

USN-5534-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain values. If a user were tricked into processing a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. CVE-2022-32545, CVE-2022-32546 It was discovered th...

7.8CVSS6.8AI score0.01339EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/26 2:7 p.m.55 views

USN-5532-2: Bottle vulnerability

USN-5532-1 fixed a vulnerability in Bottle. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM Original advisory details: It was discovered that Bottle incorrectly handled errors during early request binding. An attacker could possibly use this issue to disclo...

9.8CVSS7.8AI score0.01869EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/26 8:5 a.m.64 views

USN-5532-1: Bottle vulnerability

It was discovered that Bottle incorrectly handled errors during early request binding. An attacker could possibly use this issue to disclose sensitive information. CVE-2022-31799...

9.8CVSS7.8AI score0.01869EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/25 12:4 p.m.44 views

USN-5187-1: Glances vulnerability

It was discovered that Glances incorrectly parsed untrusted XML data due to usage of xmlrpclib. An attacker could possibly use this to perform an External Entity XXE Injection and cause the host system to crash...

9.8CVSS8.4AI score0.01639EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/07/25 11:22 a.m.97 views

USN-5530-1: PHP vulnerability

It was discovered that PHP incorrectly handled certain memory operations when obtaining file information. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.8AI score0.01659EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/07/21 6:56 a.m.541 views

USN-5273-1: RPM Package Manager vulnerabilities

Demi M. Obenour discovered that RPM Package Manager incorrectly handled certain files. An attacker could possibly use this issue to corrupt the database and cause a denial of service. CVE-2021-3421, CVE-2021-20271 Demi M. Obenour discovered that RPM Package Manager incorrectly handled memory when...

7CVSS6.6AI score0.01706EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/21 12:0 a.m.97 views

USN-5529-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-1679...

7.8CVSS7.5AI score0.06451EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/07/20 2:48 p.m.70 views

USN-5272-1: HDF5 vulnerabilities

It was discovered that HDF5 incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service...

6.5CVSS6.8AI score0.01972EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/07/20 1:13 p.m.230 views

USN-5528-1: FreeType vulnerabilities

It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, or possibly execute arbitrary code...

9.8CVSS7.5AI score0.03243EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/07/20 10:47 a.m.70 views

USN-5525-1: Apache XML Security for Java vulnerability

It was discovered that Apache XML Security for Java incorrectly passed a configuration property when creating specific key elements. This allows an attacker to abuse an XPath Transform to extract sensitive information...

7.5CVSS6.7AI score0.10448EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/20 10:26 a.m.51 views

USN-5527-2: Checkmk vulnerabilities

USN-5527-1 fixed vulnerabilities in Checkmk. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Checkmk incorrectly handled authentication. An attacker could possibly use this issue to cause a race condition leading to information...

6.1CVSS6.5AI score0.12134EPSS
Exploits8
Ubuntu
Ubuntu
added 2022/07/20 8:36 a.m.62 views

USN-5527-1: Checkmk vulnerabilities

It was discovered that Checkmk incorrectly handled authentication. An attacker could possibly use this issue to cause a race condition leading to information disclosure. CVE-2017-14955 It was discovered that Checkmk incorrectly handled certain inputs. An attacker could use these cross-site...

6.1CVSS6.4AI score0.12134EPSS
Exploits9
Ubuntu
Ubuntu
added 2022/07/20 1:9 a.m.337 views

USN-5526-1: PyJWT vulnerability

Aapo Oksman discovered that PyJWT incorrectly handled signatures constructed from SSH public keys. A remote attacker could use this to forge a JWT signature...

7.5CVSS7.4AI score0.012EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/19 5:11 p.m.58 views

USN-5455-1: xmltok library vulnerabilities

Tim Boddy, Gustavo Grieco and others discovered that Expat, that is integrated in xmltok library, incorrectly handled certain files. An attacker could possibly use these issues to cause a denial of service, or possibly execute arbitrary code. These issues were only addressed in Ubuntu 16.04 ESM...

9.8CVSS8.1AI score0.34174EPSS
Exploits6
Ubuntu
Ubuntu
added 2022/07/19 11:58 a.m.61 views

USN-5524-1: HarfBuzz vulnerability

It was discovered that HarfBuzz incorrectly handled certain glyph sizes. A remote attacker could use this issue to cause HarfBuzz to crash, resulting in a denial of service...

5.5CVSS6.3AI score0.01134EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/07/19 11:5 a.m.75 views

USN-5523-1: LibTIFF vulnerabilities

It was discovered that LibTIFF was not properly performing checks to guarantee that allocated memory space existed, which could lead to a NULL pointer dereference via a specially crafted file. An attacker could possibly use this issue to cause a denial of service. CVE-2022-0907, CVE-2022-0908 It...

7.7CVSS6.9AI score0.02433EPSS
Exploits6
Ubuntu
Ubuntu
added 2022/07/18 4:4 p.m.64 views

USN-5522-1: WebKitGTK vulnerabilities

Several security issues were discovered in WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS6.8AI score0.00844EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/18 11:55 a.m.52 views

USN-5256-2: uriparser vulnerabilities

USN-5256-1 fixed several vulnerabilities in uriparser. This update provides the corresponding update for Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 20.04 ESM. Original advisory details: It was discovered that uriparser incorrectly handled certain memory operations. An attacker could use this t...

5.5CVSS5.6AI score0.01131EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/07/18 11:36 a.m.60 views

USN-5520-2: HTTP-Daemon vulnerability

USN-5520-1 fixed a vulnerability in HTTP-Daemon. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that HTTP-Daemon incorrectly handled certain crafted requests. A remote attacker could possibly use this issue to...

7.3CVSS6.6AI score0.02108EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/07/18 10:9 a.m.59 views

USN-5231-1: 389 Directory Server vulnerabilities

It was discovered that 389 Directory Server presented to users, during authentication, an error message which could be used to discover if a certain LDAP DN existed or not. A remote unauthenticated attacker could possibly use this to check the existence of an entry in a LDAP database and expose...

6.5CVSS6.7AI score0.01538EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/15 1:48 p.m.86 views

USN-5521-1: containerd vulnerabilities

It was discovered that containerd insufficiently restricted permissions on container root and plugin directories. If a user or automated system were tricked into launching a specially crafted container image, a remote attacker could traverse directory contents and modify files and execute program...

7.8CVSS7AI score0.27392EPSS
Exploits6
Ubuntu
Ubuntu
added 2022/07/14 12:35 p.m.62 views

USN-5520-1: HTTP-Daemon vulnerability

It was discovered that HTTP-Daemon incorrectly handled certain crafted requests. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack...

7.3CVSS6.6AI score0.02108EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/07/14 12:2 p.m.186 views

USN-5519-1: Python vulnerability

It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code...

8CVSS7.9AI score0.07017EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/07/14 9:28 a.m.90 views

USN-5512-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, spoof the UI, bypass CSP restrictions, or execute...

9.8CVSS7.5AI score0.23941EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/07/14 1:5 a.m.117 views

USN-5518-1: Linux kernel vulnerabilities

It was discovered that the eBPF implementation in the Linux kernel did not properly prevent writes to kernel objects in BPFBTFLOAD commands. A privileged local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-0500 It was discovered tha...

7.8CVSS7.2AI score0.00545EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/07/13 11:52 p.m.140 views

USN-5517-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-1679...

7.8CVSS7.1AI score0.00804EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/07/13 8:16 p.m.73 views

USN-5516-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled memory access. An attacker could potentially use this issue to cause the corruption of sensitive information, a crash, or arbitrary code execution...

7.8CVSS7.8AI score0.01527EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/07/13 7:46 p.m.36 views

USN-5473-2: ca-certificates update

USN-5473-1 updated ca-certificates. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.50 version of the Mozilla...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
added 2022/07/13 7:9 p.m.151 views

USN-5515-1: Linux kernel vulnerabilities

Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. CVE-2021-4197 Jann Horn discovered that the FUSE file system i...

7.8CVSS6.7AI score0.0155EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/07/13 7:3 p.m.114 views

USN-5514-1: Linux kernel vulnerabilities

It was discovered that the implementation of the 6pack and mkiss protocols in the Linux kernel did not handle detach events properly in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2022-1195...

7.5CVSS6.9AI score0.0155EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/07/13 6:39 p.m.80 views

USN-5513-1: Linux kernel (AWS) vulnerabilities

Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. CVE-2021-3609 Likang Luo discovered that a race condition existed in the Bluetoo...

7.9CVSS6.9AI score0.06451EPSS
Exploits9
Ubuntu
Ubuntu
added 2022/07/13 6:30 p.m.75 views

USN-5511-1: Git vulnerabilities

Carlo Marcelo Arenas Belón discovered that an issue related to CVE-2022-24765 still affected Git. An attacker could possibly use this issue to run arbitrary commands as administrator. CVE-2022-29187...

7.8CVSS7.7AI score0.00445EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/13 7:11 a.m.65 views

USN-5256-1: uriparser vulnerabilities

It was discovered that uriparser incorrectly handled certain memory operations. An attacker could use this to cause a denial of service. CVE-2021-46141, CVE-2021-46142...

5.5CVSS5.5AI score0.01131EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/07/12 8:22 p.m.48 views

USN-5510-2: X.Org X Server vulnerabilities

USN-5510-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain inputs. An attacker could use this issue to cause the server to crash,...

7.8CVSS7.5AI score0.00573EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/12 1:38 p.m.63 views

USN-5510-1: X.Org X Server vulnerabilities

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain inputs. An attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code and escalate privileges...

7.8CVSS7.3AI score0.00573EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/12 12:27 p.m.54 views

USN-5503-2: GnuPG vulnerability

USN-5503-1 fixed a vulnerability in GnuPG. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Demi Marie Obenour discovered that GnuPG incorrectly handled injection in the status message. A remote attacker could possibly use this...

6.5CVSS7.4AI score0.02551EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/07/11 2:9 p.m.411 views

USN-5508-1: Python LDAP vulnerability

It was discovered that Python LDAP incorrectly handled certain regular expressions. An remote attacker could possibly use this issue to cause a denial of service...

6.5CVSS6.4AI score0.01713EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/07/11 1:13 p.m.753 views

USN-5509-1: Dovecot vulnerability

Julian Brook discovered that Dovecot incorrectly handled multiple passdb configuration entries. In certain configurations, a remote attacker could possibly use this issue to escalate privileges...

8.8CVSS7.3AI score0.01748EPSS
Exploits1
Total number of security vulnerabilities10905