Lucene search
K
UbuntuRecent

10905 matches found

Ubuntu
Ubuntu
added 2022/06/08 11:54 a.m.83 views

USN-5472-1: FFmpeg vulnerabilities

It was discovered that FFmpeg would attempt to divide by zero when using Linear Predictive Coding LPC or AAC codecs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. CVE-2020-20445, CVE-2020-20446...

9.8CVSS7.4AI score0.0269EPSS
Exploits30
Ubuntu
Ubuntu
added 2022/06/08 11:50 a.m.45 views

USN-5473-1: ca-certificates update

The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.50 version of the Mozilla certificate authority bundle...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
added 2022/06/08 7:16 a.m.61 views

USN-5281-1: OpenSC vulnerabilities

It was discovered that some OpenSC smart card drivers mishandled memory when performing certain decoding operations. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. CVE-2019-15945,...

6.4CVSS6.7AI score0.00438EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/06/08 5:3 a.m.100 views

USN-5471-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

8.2CVSS6.9AI score0.02972EPSS
Exploits9
Ubuntu
Ubuntu
added 2022/06/08 5:1 a.m.104 views

USN-5470-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

6.7CVSS6.9AI score0.00612EPSS
Exploits6
Ubuntu
Ubuntu
added 2022/06/08 4:55 a.m.114 views

USN-5469-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

7.8CVSS7AI score0.0155EPSS
Exploits12
Ubuntu
Ubuntu
added 2022/06/08 4:29 a.m.95 views

USN-5468-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

7.8CVSS7.1AI score0.00612EPSS
Exploits7
Ubuntu
Ubuntu
added 2022/06/08 4:15 a.m.113 views

USN-5467-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

7.8CVSS7AI score0.0124EPSS
Exploits8
Ubuntu
Ubuntu
added 2022/06/08 3:2 a.m.79 views

USN-5466-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

7.8CVSS7.1AI score0.0124EPSS
Exploits18
Ubuntu
Ubuntu
added 2022/06/08 1:25 a.m.109 views

USN-5465-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

7.8CVSS7AI score0.00798EPSS
Exploits6
Ubuntu
Ubuntu
added 2022/06/07 6:36 p.m.109 views

USN-5464-1: e2fsprogs vulnerability

Nils Bars discovered that e2fsprogs incorrectly handled certain file systems. A local attacker could use this issue with a crafted file system image to possibly execute arbitrary code...

7.8CVSS7.1AI score0.01382EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/06/07 2:43 p.m.131 views

USN-5315-1: Ansible vulnerabilities

It was discovered that Ansible did not properly manage directory permissions when running playbooks with an unprivileged become user. A local attacker could possibly use this issue to cause a race condition, escalate privileges and execute arbitrary code. This issue only affected Ubuntu 16.04 ESM...

7.1CVSS7.5AI score0.00854EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/06/07 2:15 p.m.115 views

USN-5463-1: NTFS-3G vulnerabilities

It was discovered that NTFS-3G incorrectly handled the ntfsck tool. If a user or automated system were tricked into using ntfsck on a specially crafted disk image, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2021-46790 Roman Fiedler discovered that NTFS-3G...

7.8CVSS7.5AI score0.00504EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/06/06 10:21 p.m.79 views

USN-5462-2: Ruby vulnerability

USN-5462-1 fixed several vulnerabilities in Ruby. This update provides the corresponding CVE-2022-28739 update for ruby2.3 on Ubuntu 16.04 ESM. Original advisory details: It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive...

7.5CVSS7.3AI score0.04127EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/06/06 5:23 p.m.80 views

USN-5462-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. 2022-28738 It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use th...

9.8CVSS7.7AI score0.04127EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/06/06 4:33 p.m.95 views

USN-5461-1: FreeRDP vulnerabilities

It was discovered that FreeRDP incorrectly handled empty password values. A remote attacker could use this issue to bypass server authentication. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10. CVE-2022-24882 It was discovered that FreeRDP incorrectly handled server...

9.8CVSS8.1AI score0.02674EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/06/06 3:50 p.m.387 views

USN-5460-1: Vim vulnerabilities

It was discovered that Vim was incorrectly processing Vim buffers. An attacker could possibly use this issue to perform illegal memory access and expose sensitive information. CVE-2022-0554 It was discovered that Vim was not properly performing bounds checks for column numbers when replacing tabs...

8.8CVSS7.7AI score0.26583EPSS
Exploits10
Ubuntu
Ubuntu
added 2022/06/03 1:18 p.m.99 views

USN-5271-1: Adminer vulnerabilities

It was discovered that Adminer did not escape data in the history parameter of the default URI. A remote attacker could possibly use this issue to perform cross-site scripting XSS attacks. This issue only affected Ubuntu 20.04 ESM. CVE-2020-35572 Adam Crosser and Brian Sizemore discovered that...

7.5CVSS7.1AI score0.90461EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/06/03 7:54 a.m.33 views

USN-5282-1: PDFResurrect vulnerabilities

It was discovered that PDFResurrect was incorrectly handling corrupted PDF files. An attacker could possibly use this issue to cause a buffer overflow, resulting in a denial of service, or arbitrary code execution. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. CVE-2019-14267 It...

7.8CVSS7.3AI score0.07078EPSS
Exploits8
Ubuntu
Ubuntu
added 2022/06/02 4:41 p.m.77 views

USN-5459-1: cifs-utils vulnerabilities

Aurélien Aptel discovered that cifs-utils invoked a shell when requesting a password. In certain environments, a local attacker could possibly use this issue to escalate privileges. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2020-14342 It was discovered that cifs-utils...

7.8CVSS6.5AI score0.01804EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/06/02 12:21 p.m.89 views

USN-5458-1: Vim vulnerabilities

It was discovered that Vim was incorrectly handling virtual column position operations, which could result in an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information. CVE-2021-4193 It was discovered that Vim was not properly performing bounds checks when...

8.4CVSS7.7AI score0.01762EPSS
Exploits9
Ubuntu
Ubuntu
added 2022/06/02 9:44 a.m.93 views

LSN-0086-1: Kernel Live Patch Security Notice

It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code.CVE-2021-39713 Yiqi Sun and Kevin Wang...

8.6CVSS7.4AI score0.05528EPSS
Exploits17
Ubuntu
Ubuntu
added 2022/06/01 3:2 p.m.70 views

USN-5456-1: ImageMagick vulnerability

It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into opening a specially crafted image, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact...

7.8CVSS7AI score0.01542EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/06/01 11:24 a.m.71 views

USN-5457-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS7.9AI score0.01424EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/06/01 4:30 a.m.173 views

USN-5443-2: Linux kernel vulnerabilities

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS6.6AI score0.01027EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/06/01 4:18 a.m.100 views

USN-5442-2: Linux kernel vulnerabilities

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.2AI score0.01027EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/05/31 7:35 p.m.78 views

USN-5454-2: CUPS vulnerabilities

USN-5454-1 fixed several vulnerabilities in CUPS. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Joshua Mason discovered that CUPS incorrectly handled the secret key used to access the administrative web interface. A remote attacker could possibly u...

7.2CVSS6.6AI score0.02006EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/05/31 5:43 p.m.79 views

USN-5451-1: InfluxDB vulnerability

Ilya Averyanov discovered that an InfluxDB vulnerability allowed attackers to bypass authentication and gain access to any known database user...

9.8CVSS8AI score0.30921EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/05/31 11:29 a.m.87 views

USN-5454-1: CUPS vulnerabilities

Joshua Mason discovered that CUPS incorrectly handled the secret key used to access the administrative web interface. A remote attacker could possibly use this issue to open a session as an administrator and execute arbitrary code. CVE-2022-26691 It was discovered that CUPS incorrectly handled...

7.2CVSS6.4AI score0.02006EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/05/30 3:29 p.m.84 views

USN-5446-2: dpkg vulnerability

USN-5446-1 fixed a vulnerability in dpkg. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Max Justicz discovered that dpkg incorrectly handled unpacking certain source packages. If a user or an automated system were tricked into unpacking a specially...

9.8CVSS8.3AI score0.02871EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/05/30 1:55 p.m.72 views

USN-5453-1: FreeType vulnerability

It was discovered that FreeType incorrectly handled certain font files. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.3AI score0.03243EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/05/30 11:17 a.m.72 views

USN-5452-1: NTFS-3G vulnerability

It was discovered that NTFS-3G was incorrectly validating NTFS metadata in its ntfsck tool by not performing boundary checks. A local attacker could possibly use this issue to cause a denial of service or to execute arbitrary code...

7.8CVSS7.6AI score0.00504EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/05/30 8:24 a.m.149 views

USN-5431-1: GnuPG vulnerability

It was discovered that GnuPG was not properly processing keys with large amounts of signatures. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS6.9AI score0.02663EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/05/27 1:0 a.m.65 views

USN-5450-1: Subversion vulnerabilities

Evgeny Kotkov discovered that subversion servers did not properly follow path-based authorization rules in certain cases. An attacker could potentially use this issue to retrieve information about private paths. CVE-2021-28544 Thomas Weißschuh discovered that subversion servers did not properly...

7.5CVSS6.4AI score0.09254EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/05/26 5:17 p.m.68 views

USN-5448-1: ncurses vulnerabilities

It was discovered that ncurses was not properly checking array bounds when executing the fmtentry function, which could result in an out-of-bounds write. An attacker could possibly use this issue to execute arbitrary code. CVE-2017-10684 It was discovered that ncurses was not properly checking us...

9.8CVSS7.4AI score0.04876EPSS
Exploits8
Ubuntu
Ubuntu
added 2022/05/26 3:21 p.m.57 views

USN-5449-1: libXv vulnerability

It was discovered that libXv incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code...

9.8CVSS8.6AI score0.04526EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/05/26 1:34 p.m.144 views

USN-5402-2: OpenSSL vulnerabilities

USN-5402-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Elison Niven discovered that OpenSSL incorrectly handled the crehash script. A local attacker could possibly use this issue to execute arbitrary...

10CVSS7AI score0.83223EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/05/26 11:51 a.m.70 views

USN-5447-1: logrotate vulnerability

It was discovered that logrotate incorrectly handled the state file. A local attacker could possibly use this issue to keep a lock on the state file and cause logrotate to stop working, leading to a denial of service...

6.5CVSS6.4AI score0.0149EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/05/26 11:16 a.m.86 views

USN-5446-1: dpkg vulnerability

Max Justicz discovered that dpkg incorrectly handled unpacking certain source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service or...

9.8CVSS8.3AI score0.02871EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/05/26 4:46 a.m.71 views

USN-5445-1: Subversion vulnerabilities

Ace Olszowka discovered that Subversion incorrectly handled certain svnserve requests. A remote attacker could possibly use this issue to cause svnserver to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2018-11782 Tomas Bortoli discovered that Subversion...

7.5CVSS7AI score0.40075EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/05/25 10:41 a.m.128 views

USN-4781-1: Slurm vulnerabilities

It was discovered that Slurm incorrectly handled certain messages between the daemon and the user. An attacker could possibly use this issue to assume control of an arbitrary file on the system. This issue only affected Ubuntu 16.04 ESM. CVE-2016-10030 It was discovered that Slurm mishandled SPAN...

9.8CVSS7.7AI score0.02902EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/05/25 7:47 a.m.99 views

USN-5435-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass permission prompts, obtain sensitive information, bypass security...

9.8CVSS8AI score0.26709EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/05/24 8:31 p.m.98 views

USN-5444-1: Linux kernel vulnerability

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS6.6AI score0.01027EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/05/24 8:2 p.m.39 views

USN-5438-2: HTMLDOC vulnerability

USN-5438-1 fixed a vulnerability in HTMLDOC. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that HTMLDOC did not properly manage memory under certain circumstances. If a user were tricked into opening a special...

10CVSS8AI score0.03291EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/05/24 7:40 p.m.276 views

USN-5442-1: Linux kernel vulnerabilities

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.2AI score0.01027EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/05/24 7:31 p.m.119 views

USN-5443-1: Linux kernel vulnerabilities

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS6.6AI score0.01027EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/05/24 4:37 p.m.46 views

USN-5441-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
added 2022/05/24 4:21 p.m.70 views

USN-5404-2: Rsyslog vulnerability

USN-5404-1 addressed a vulnerability in Rsyslog. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Pieter Agten discovered that Rsyslog incorrectly handled certain requests. An attacker could possibly use this issue to cause a crash...

8.1CVSS6.8AI score0.03821EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/05/24 2:21 p.m.72 views

USN-5432-2: libpng vulnerabilities

USN-5432-1 fixed vulnerabilities in libpng. This update provides the corresponding updates for libpng1.6. Original advisory details: It was discovered that libpng incorrectly handled memory when parsing certain PNG files. If a user or automated system were tricked into opening a specially crafted...

9.8CVSS6.8AI score0.04113EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/05/24 11:46 a.m.105 views

USN-5440-1: PostgreSQL vulnerability

Alexander Lakhin discovered that PostgreSQL incorrectly handled the security restricted operation sandbox when a privileged user is maintaining another user's objects. An attacker having permission to create non-temp objects can use this issue to execute arbitrary commands as the superuser...

8.8CVSS7.7AI score0.12403EPSS
Exploits0
Total number of security vulnerabilities10905