Lucene search
K
UbuntuRecent

10905 matches found

Ubuntu
Ubuntu
•added 2022/05/24 11:36 a.m.•45 views

USN-5439-1: AccountsService vulnerability

Gunnar Hjalmarsson discovered that AccountsService incorrectly dropped privileges. A local user could possibly use this issue to cause AccountsService to crash or stop responding, resulting in a denial of service. CVE-2022-1804...

5.5CVSS5.7AI score0.00137EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/23 10:20 p.m.•70 views

USN-5438-1: HTMLDOC vulnerability

It was discovered that HTMLDOC did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted HTML file, a remote attacker could possibly use this issue to cause HTMLDOC to crash, resulting in a denial of service, or possibly execute arbitrary...

10CVSS8AI score0.03291EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/23 9:47 p.m.•60 views

USN-5437-1: libXfixes vulnerability

Tobias Stoeckmann discovered that libXfixes incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code...

9.8CVSS8.4AI score0.03395EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/23 6:4 p.m.•60 views

USN-5436-1: libXrender vulnerabilities

Tobias Stoeckmann discovered that libXrender incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. CVE-2016-7949, CVE-2016-7950...

9.8CVSS8.6AI score0.03721EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/23 1:49 p.m.•86 views

USN-5434-1: Firefox vulnerabilities

It was discovered that the methods of an Array object could be corrupted as a result of prototype pollution by sending a message to the parent process. If a user were tricked into opening a specially crafted website, an attacker could exploit this to execute JavaScript in a privileged context...

8.8CVSS8.7AI score0.26709EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/23 11:39 a.m.•90 views

USN-5433-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled parsing of filenames in its search functionality. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service. CVE-2021-3973 It was discovered that Vim incorrectly handled memo...

9.8CVSS7.7AI score0.02086EPSS
Exploits9
Ubuntu
Ubuntu
•added 2022/05/23 10:45 a.m.•144 views

USN-5432-1: libpng vulnerabilities

It was discovered that libpng incorrectly handled memory when parsing certain PNG files. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possible execute arbitrary...

9.8CVSS6.5AI score0.04113EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/23 8:53 a.m.•75 views

USN-5342-3: Python vulnerability

USN-5342-1 fixed several vulnerabilities in Python. This update provides the corresponding fix for CVE-2021-3426 for Ubuntu 18.04 ESM. Original advisory details: David Schwörer discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive...

5.7CVSS7.8AI score0.01863EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/19 2:39 p.m.•53 views

USN-5424-2: OpenLDAP vulnerability

USN-5424-1 fixed a vulnerability in OpenLDAP. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that OpenLDAP incorrectly handled certain SQL statements within LDAP queries in the experimental back-sql backend. A...

9.8CVSS8.3AI score0.69899EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/19 2:7 p.m.•72 views

USN-4961-2: pip vulnerability

USN-4961-1 fixed a vulnerability in pip. This update provides the corresponding updates for Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. Original advisory details: It was discovered that pip incorrectly handled unicode separators in git references. A remote attacker could possibly use...

5.7CVSS7.4AI score0.01687EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/05/18 3:27 p.m.•380 views

USN-5430-1: GNOME Settings vulnerability

It was discovered that GNOME Settings incorrectly handled the remote desktop sharing configuration. When turning off desktop sharing, it may be turned on again after rebooting, contrary to expectations...

9.8CVSS8.3AI score0.00725EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/18 2:53 p.m.•57 views

USN-5429-1: Bind vulnerability

Thomas Amgarten discovered that Bind incorrectly handled certain TLS connections being destroyed. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service...

7.5CVSS7.3AI score0.04531EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/18 1:6 p.m.•73 views

USN-5428-1: libXrandr vulnerabilities

Tobias Stoeckmann discovered that libXrandr incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. CVE-2016-7947, CVE-2016-7948...

9.8CVSS8.6AI score0.03629EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/17 4:38 p.m.•421 views

USN-5427-1: Apport vulnerabilities

Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. CVE-2021-3899 Gerrit Venema discovered that Apport incorrectly handled connections to...

7.8CVSS7AI score0.00384EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/17 4:24 p.m.•51 views

USN-5426-1: needrestart vulnerability

Jakub Wilk discovered that needrestart incorrectly used some regular expressions. A local attacker could possibly use this issue to execute arbitrary code...

7.8CVSS7.3AI score0.00405EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/05/17 3:36 p.m.•80 views

USN-5423-2: ClamAV vulnerabilities

USN-5423-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Original advisory details: Michał Dardas discovered that ClamAV incorrectly handled parsing CHM files. A remote attacker could possibly use this issue to cause...

8.6CVSS7.2AI score0.0663EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/17 3:31 p.m.•152 views

USN-5425-1: PCRE vulnerabilities

Yunho Kim discovered that PCRE incorrectly handled memory when handling certain regular expressions. An attacker could possibly use this issue to cause applications using PCRE to expose sensitive information. This issue only affects Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 21.10 and Ubuntu 22.0...

7.5CVSS6.8AI score0.04182EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/17 11:47 a.m.•89 views

USN-5424-1: OpenLDAP vulnerability

It was discovered that OpenLDAP incorrectly handled certain SQL statements within LDAP queries in the experimental back-sql backend. A remote attacker could possibly use this issue to perform an SQL injection attack and alter the database...

9.8CVSS8.3AI score0.69899EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/17 11:35 a.m.•75 views

USN-5423-1: ClamAV vulnerabilities

Michał Dardas discovered that ClamAV incorrectly handled parsing CHM files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. CVE-2022-20770 Michał Dardas discovered that ClamAV incorrectly handled parsing TIFF files. A remote...

8.6CVSS7.2AI score0.0663EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/16 8:48 p.m.•55 views

USN-5311-2: containerd regression

USN-5311-1 released updates for contained. Unfortunately, a subsequent update reverted the fix for this CVE by mistake. This update corrects the problem. We apologize for the inconvenience. Original advisory details: It was discovered that containerd allows attackers to gain access to read- only...

7.5CVSS7.5AI score0.27392EPSS
Exploits4
Ubuntu
Ubuntu
•added 2022/05/16 4:8 p.m.•103 views

USN-5422-1: libxml2 vulnerabilities

Shinji Sato discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, and Ubuntu 16.04 ESM. CVE-2022-23308 It was...

7.5CVSS7.7AI score0.0601EPSS
Exploits5
Ubuntu
Ubuntu
•added 2022/05/16 9:10 a.m.•77 views

USN-5421-1: LibTIFF vulnerabilities

It was discovered that LibTIFF incorrectly handled certain images. An attacker could possibly use this issue to cause a crash, resulting in a denial of service. This issue only affects Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2020-35522 Chintan Shah discovere...

7.1CVSS6.8AI score0.01574EPSS
Exploits4
Ubuntu
Ubuntu
•added 2022/05/12 3:44 p.m.•85 views

USN-5420-1: Vorbis vulnerabilities

It was discovered that Vorbis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. CVE-2017-14160, CVE-2018-10392, CVE-2018-10393...

8.8CVSS6.8AI score0.04575EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/12 8:43 a.m.•91 views

USN-5419-1: Rsyslog vulnerabilities

It was discovered that Rsyslog improperly handled certain invalid input. An attacker could use this issue to cause Rsyslog to crash...

9.8CVSS6.2AI score0.04568EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/12 1:48 a.m.•101 views

USN-5418-1: Linux kernel vulnerabilities

Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive...

8.8CVSS7.2AI score0.021EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/12 1:17 a.m.•101 views

USN-5417-1: Linux kernel vulnerabilities

Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive...

8.8CVSS7.1AI score0.021EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/12 1:12 a.m.•107 views

USN-5416-1: Linux kernel (OEM) vulnerabilities

Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. CVE-2022-1158 It was discovered that the implementation ...

7.8CVSS6.7AI score0.00395EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/12 12:49 a.m.•108 views

USN-5415-1: Linux kernel vulnerabilities

Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service system crash. CVE-2020-27820 Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor...

8.8CVSS7.2AI score0.021EPSS
Exploits12
Ubuntu
Ubuntu
•added 2022/05/12 12:3 a.m.•106 views

USN-5413-1: Linux kernel vulnerabilities

Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service system crash. CVE-2020-27820 It was discovered that a race condition existed in the network...

8.8CVSS6.8AI score0.021EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/11 1:45 p.m.•66 views

USN-5411-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass permission prompts, obtain sensitive information, bypass security...

9.8CVSS7.6AI score0.01005EPSS
Exploits4
Ubuntu
Ubuntu
•added 2022/05/11 1:14 p.m.•101 views

USN-5412-1: curl vulnerabilities

Axel Chong discovered that curl incorrectly handled percent-encoded URL separators. A remote attacker could possibly use this issue to trick curl into using the wrong URL and bypass certain checks or filters. This issue only affected Ubuntu 22.04 LTS. CVE-2022-27780 Florian Kohnhuser discovered...

7.5CVSS6.7AI score0.02596EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/05/11 8:22 a.m.•66 views

USN-5410-1: NSS vulnerability

Lenny Wang discovered that NSS incorrectly handled certain messages. A remote attacker could possibly use this issue to cause servers compiled with NSS to stop responding, resulting in a denial of service...

7.5CVSS8AI score0.03854EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/11 12:25 a.m.•57 views

USN-5259-3: Cron regression

USN-5259-1 and USN-5259-2 fixed vulnerabilities in Cron. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the postinst maintainer script in Cron unsafely...

6.9CVSS6.1AI score0.00551EPSS
Exploits0References2
Ubuntu
Ubuntu
•added 2022/05/10 6:49 p.m.•63 views

USN-5409-1: libsndfile vulnerability

It was discovered that libsndfile was incorrectly performing memory management operations and incorrectly using buffers when executing its FLAC codec. If a user or automated system were tricked into processing a specially crafted sound file, an attacker could possibly use this issue to cause a...

7.1CVSS7AI score0.01754EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/10 5:44 p.m.•116 views

USN-5408-1: Dnsmasq vulnerability

Petr Menšík and Richard Johnson discovered that Dnsmasq incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or expose sensitive information...

7.5CVSS7.8AI score0.01487EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/10 2:15 p.m.•227 views

USN-5407-1: Cairo vulnerabilities

Gustavo Grieco, Alberto Garcia, Francisco Oca, Suleman Ali, and others discovered that Cairo incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. CVE-2016-9082, CVE-2017-9814, CVE-2019-6462 Stephan Bergmann discovered that Cairo incorrectly...

7.8CVSS6.4AI score0.03463EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/10 11:45 a.m.•139 views

USN-5179-2: BusyBox vulnerability

USN-5179-1 fixed vulnerabilities in BusyBox. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: It was discovered that BusyBox incorrectly handled certain malformed gzip archives. If a user or automated system were tricked into processing a specially...

7.5CVSS7.3AI score0.02719EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/09 5:55 a.m.•70 views

USN-5244-2: DBus vulnerability

USN-5244-1 fixed a vulnerability in DBus. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: Daniel Onaca discovered that DBus contained a use-after-free vulnerability, caused by the incorrect handling of usernames sharing the same...

7.8CVSS7.4AI score0.00331EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/06 8:42 a.m.•132 views

USN-5259-2: Cron vulnerabilities

USN-5259-1 fixed several vulnerabilities in Cron. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: It was discovered that the postinst maintainer script in Cron unsafely handled file permissions during package install or update operations. An attacker...

6.9CVSS6.1AI score0.00551EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/05 9:11 p.m.•96 views

USN-5405-1: jbig2dec vulnerabilities

It was discovered that jbig2dec incorrectly handled memory when parsing invalid files. An attacker could use this issue to cause jbig2dec to crash, leading to a denial of service. CVE-2017-9216 It was discovered that jbig2dec incorrectly handled memory when processing untrusted input. An attacker...

9.8CVSS6.9AI score0.03452EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/05/05 6:27 p.m.•115 views

USN-5404-1: Rsyslog vulnerability

Pieter Agten discovered that Rsyslog incorrectly handled certain requests. An attacker could possibly use this issue to cause a crash...

8.1CVSS6.7AI score0.03821EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/05 10:21 a.m.•86 views

USN-5403-1: SQLite vulnerability

It was discovered that SQLite command-line component incorrectly handled certain queries. An attacker could possibly use this issue to cause a crash or possibly execute arbitrary code...

7.5CVSS6.9AI score0.03898EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/05 10:11 a.m.•93 views

USN-5400-3: MySQL regression

USN-5400-1 fixed vulnerabilities in MySQL. The fix breaks existing charm configurations. This updated fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix the...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2022/05/05 8:14 a.m.•104 views

USN-5354-2: Twisted vulnerability

USN-5354-1 fixed vulnerabilities in Twisted. This update provides the corresponding updates for Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 22.04 LTS. Original advisory details: It was discovered that Twisted incorrectly processed SSH handshake data on connection establishments. A remote attack...

7.5CVSS7.4AI score0.03608EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/05/04 5:28 p.m.•225 views

USN-5395-2: networkd-dispatcher regression

USN-5395-1 fixed vulnerabilities in networkd-dispatcher. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that networkd-dispatcher incorrectly handled internal...

6.1AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2022/05/04 1:21 p.m.•177 views

USN-5402-1: OpenSSL vulnerabilities

Elison Niven discovered that OpenSSL incorrectly handled the crehash script. A local attacker could possibly use this issue to execute arbitrary commands when crehash is run. CVE-2022-1292 Raul Metsma discovered that OpenSSL incorrectly verified certain response signing certificates. A remote...

10CVSS6.9AI score0.83223EPSS
Exploits5
Ubuntu
Ubuntu
•added 2022/05/04 12:45 p.m.•115 views

USN-5400-2: MySQL vulnerabilities

USN-5400-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated in...

6.5CVSS6.4AI score0.02052EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/04 12:17 p.m.•82 views

USN-5401-1: DPDK vulnerabilities

Wenxiang Qian discovered that DPDK incorrectly checked certain payloads. An attacker could use this issue to cause DPDK to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2021-3839 It was discovered that DPDK incorrectly handled inflight type messages. An attacker...

7.5CVSS7.2AI score0.01259EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/04 10:38 a.m.•36 views

USN-4797-1: LibASS vulnerabilities

It was discovered that LibASS incorrectly handled certain ASS files. A remote attacker could possibly use this issue to cause a denial of service. One of the issues, CVE-2016-7970, only affected Ubuntu 16.04 ESM. CVE-2016-7969, CVE-2016-7970, CVE-2016-7972 It was discovered that LibASS incorrectl...

8.8CVSS7.4AI score0.05186EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/05/03 9:4 p.m.•113 views

USN-5390-2: Linux kernel (Raspberry Pi) vulnerabilities

David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-1015 David Bouman discovered that the netfilter subsystem in t...

7.8CVSS7.1AI score0.01467EPSS
Exploits11
Total number of security vulnerabilities10905