Lucene search
K
UbuntuRecent

10907 matches found

Ubuntu
Ubuntu
added 2022/05/04 10:38 a.m.36 views

USN-4797-1: LibASS vulnerabilities

It was discovered that LibASS incorrectly handled certain ASS files. A remote attacker could possibly use this issue to cause a denial of service. One of the issues, CVE-2016-7970, only affected Ubuntu 16.04 ESM. CVE-2016-7969, CVE-2016-7970, CVE-2016-7972 It was discovered that LibASS incorrectl...

8.8CVSS7.4AI score0.05186EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/05/03 9:4 p.m.113 views

USN-5390-2: Linux kernel (Raspberry Pi) vulnerabilities

David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-1015 David Bouman discovered that the netfilter subsystem in t...

7.8CVSS7.1AI score0.01467EPSS
Exploits11
Ubuntu
Ubuntu
added 2022/05/03 11:13 a.m.121 views

USN-5400-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.29 in Ubuntu 20.04 LTS, Ubuntu 21.10, and Ubuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.38. In addition to security fixes, t...

6.5CVSS6.4AI score0.02092EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/05/02 5:1 p.m.117 views

USN-5399-1: libvirt vulnerabilities

It was discovered that libvirt incorrectly handled certain locking operations. A local attacker could possibly use this issue to cause libvirt to stop accepting connections, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. CVE-2021-3667 It was discovered that libvirt...

7.2CVSS6.5AI score0.01366EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/05/02 6:27 a.m.75 views

USN-5382-2: libinput vulnerability

USN-5382-1 fixed a vulnerability in libinput. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: Albin Eldstål-Ahrens and Lukas Lamster discovered libinput did not properly handle input devices with specially crafted names. A local attacker with physic...

7.8CVSS7AI score0.00364EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/28 7:57 p.m.86 views

USN-5398-1: Simple DirectMedia Layer vulnerability

It was discovered that SDL Simple DirectMedia Layer incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code...

8.8CVSS7.4AI score0.01986EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/28 6:23 p.m.103 views

USN-5397-1: curl vulnerabilities

Patrick Monnerat discovered that curl incorrectly handled certain OAUTH2. An attacker could possibly use this issue to access sensitive information. CVE-2022-22576 Harry Sintonen discovered that curl incorrectly handled certain requests. An attacker could possibly use this issue to expose sensiti...

8.1CVSS6.7AI score0.03425EPSS
Exploits4
Ubuntu
Ubuntu
added 2022/04/28 5:4 p.m.86 views

USN-5396-1: Ghostscript vulnerability

It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service...

7.8CVSS7.6AI score0.01088EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/28 4:16 p.m.623 views

USN-5395-1: networkd-dispatcher vulnerabilities

It was discovered that networkd-dispatcher incorrectly handled internal scripts. A local attacker could possibly use this issue to cause a race condition, escalate privileges and execute arbitrary code. CVE-2022-29799, CVE-2022-29800...

5.5CVSS6AI score0.11667EPSS
Exploits4
Ubuntu
Ubuntu
added 2022/04/28 12:40 p.m.101 views

USN-5394-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS7.1AI score0.03668EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/28 9:54 a.m.89 views

USN-5392-1: Mutt vulnerabilities

It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 20.04 LTS. CVE-2021-32055 It was discovered that Mutt incorrectly handled certain input. An attacker could possibly use this...

9.1CVSS6.1AI score0.02551EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/04/28 8:34 a.m.334 views

USN-5371-2: nginx vulnerability

USN-5371-1 fixed several vulnerabilities in nginx. This update provides the fix for CVE-2021-3618 for Ubuntu 22.04 LTS. Original advisory details: It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to perform an HTTP Request Smuggling...

7.4CVSS6.9AI score0.02037EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/27 7:44 p.m.97 views

USN-5393-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, conduct spoofing attacks, or execute arbitrary code. CVE-2022-1097,...

8.8CVSS7.9AI score0.02556EPSS
Exploits6
Ubuntu
Ubuntu
added 2022/04/27 9:32 a.m.160 views

USN-5391-1: libsepol vulnerabilities

Nicolas Iooss discovered that libsepol incorrectly handled memory when handling policies. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2021-36084 It was discovered that libsepol incorrectly handled memory whe...

3.3CVSS6.6AI score0.00592EPSS
Exploits4
Ubuntu
Ubuntu
added 2022/04/27 6:40 a.m.91 views

USN-5366-2: FriBidi vulnerabilities

USN-5366-1 fixed several vulnerabilities in FriBidi. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: It was discovered that FriBidi incorrectly handled processing of input strings resulting in memory corruption. An attacker could use this issue to...

7.8CVSS7AI score0.00508EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/04/26 2:5 p.m.78 views

USN-5389-1: Libcroco vulnerabilities

It was discovered that Libcroco was incorrectly accessing data structures when reading bytes from memory, which could cause a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service. CVE-2017-7960 It was discovered that Libcroco was incorrectly handling invali...

7.1CVSS7AI score0.12996EPSS
Exploits7
Ubuntu
Ubuntu
added 2022/04/26 12:59 p.m.184 views

USN-5390-1: Linux kernel vulnerabilities

David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-1015 David Bouman discovered that the netfilter subsystem in t...

7.8CVSS7.1AI score0.01467EPSS
Exploits11
Ubuntu
Ubuntu
added 2022/04/26 11:57 a.m.132 views

USN-5388-2: OpenJDK vulnerabilities

It was discovered that OpenJDK incorrectly verified ECDSA signatures. An attacker could use this issue to bypass the signature verification process. CVE-2022-21449 It was discovered that OpenJDK incorrectly limited memory when compiling a specially crafted XPath expression. An attacker could...

7.5CVSS6.4AI score0.48235EPSS
Exploits6
Ubuntu
Ubuntu
added 2022/04/26 11:49 a.m.184 views

USN-5388-1: OpenJDK vulnerabilities

It was discovered that OpenJDK incorrectly limited memory when compiling a specially crafted XPath expression. An attacker could possibly use this issue to cause a denial of service. CVE-2022-21426 It was discovered that OpenJDK incorrectly handled converting certain object arguments into their...

7.5CVSS6.1AI score0.04046EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/26 10:39 a.m.62 views

USN-5376-3: Git regression

USN-5376-1 fixed vulnerabilities in Git, some patches were missing to properly fix the issue. This update fixes the problem. Original advisory details: 俞晨东 discovered that Git incorrectly handled certain repository paths in platforms with multiple users support. An attacker could possibly use thi...

5.7AI score
Exploits0References1
Ubuntu
Ubuntu
added 2022/04/25 4:19 p.m.67 views

USN-5387-1: Barbican vulnerabilities

Douglas Mendizábal discovered that Barbican incorrectly handled access restrictions. An authenticated attacker could possibly use this issue to consume protected resources and possibly cause a denial of service. CVE-2022-23451, CVE-2022-23452...

8.1CVSS6.4AI score0.01018EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/25 3:37 p.m.84 views

USN-5376-2: Git vulnerability

USN-5376-1 fixed vulnerabilities in Git. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: 俞晨东 discovered that Git incorrectly handled certain repository paths in platforms with multiple users support. An attacker could possibly use this issue to run...

7.8CVSS7.7AI score0.00782EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/21 1:20 p.m.72 views

USN-5386-1: AIOHTTP vulnerability

Jelmer Vernooij and Beast Glatisant discovered that AIOHTTP incorrectly handled certain URLs, leading to an open redirect attack. A remote attacker could possibly use this issue to perform phishing attacks...

6.1CVSS7.1AI score0.01905EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/21 6:25 a.m.116 views

USN-5385-1: Linux kernel vulnerabilities

Brendan Dolan-Gavitt discovered that the aQuantia AQtion Ethernet device driver in the Linux kernel did not properly validate meta-data coming from the device. A local attacker who can control an emulated device can use this to cause a denial of service system crash or possibly execute arbitrary...

6.7CVSS6.6AI score0.00513EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/04/20 11:51 p.m.420 views

USN-5384-1: Linux kernel vulnerabilities

It was discovered that the UDF file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious UDF image that, when mounted and operated on, could cause a denial of service system crash. CVE-2022-06...

5.5CVSS6.5AI score0.00497EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/04/20 11:48 p.m.136 views

USN-5383-1: Linux kernel vulnerabilities

David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-1015 Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex...

6.6CVSS6.8AI score0.01467EPSS
Exploits13
Ubuntu
Ubuntu
added 2022/04/20 9:36 p.m.68 views

USN-5382-1: libinput vulnerability

Albin Eldstål-Ahrens and Lukas Lamster discovered libinput did not properly handle input devices with specially crafted names. A local attacker with physical access could use this to cause libinput to crash or expose sensitive information...

7.8CVSS7.1AI score0.00364EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/20 7:9 p.m.148 views

USN-5381-1: Linux kernel (OEM) vulnerabilities

David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-1015 It was discovered that the block layer subsystem in the...

8.8CVSS7.2AI score0.021EPSS
Exploits13
Ubuntu
Ubuntu
added 2022/04/20 7:41 a.m.137 views

USN-5380-1: Bash vulnerability

It was discovered that Bash did not properly drop privileges when the binary had the setuid bit enabled. An attacker could possibly use this issue to escalate privileges...

7.8CVSS6.9AI score0.02608EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/04/18 11:37 a.m.100 views

USN-5379-1: klibc vulnerabilities

It was discovered that klibc did not properly perform some mathematical operations, leading to an integer overflow. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2021-31870 It was discovered that klibc did not...

9.8CVSS8.4AI score0.02147EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/13 4:3 p.m.114 views

USN-5378-4: Gzip vulnerability

USN-5378-1 fixed a vulnerability in Gzip. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Original advisory details: Cleemy Desu Wayo discovered that Gzip incorrectly handled certain filenames. If a user or automated system were tricked into performing zgrep...

8.8CVSS7.2AI score0.04271EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/13 2:47 p.m.153 views

USN-5378-3: XZ Utils vulnerability

USN-5378-2 fixed a vulnerability in XZ Utils. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Original advisory details: Cleemy Desu Wayo discovered that Gzip incorrectly handled certain filenames. If a user or automated system were tricked into performing zgrep...

8.8CVSS7.2AI score0.04271EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/13 12:45 p.m.279 views

USN-5378-2: XZ Utils vulnerability

Cleemy Desu Wayo discovered that XZ Utils incorrectly handled certain filenames. If a user or automated system were tricked into performing xzgrep operations with specially crafted filenames, a remote attacker could overwrite arbitrary files...

8.8CVSS7.2AI score0.04271EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/13 12:37 p.m.127 views

USN-5378-1: Gzip vulnerability

Cleemy Desu Wayo discovered that Gzip incorrectly handled certain filenames. If a user or automated system were tricked into performing zgrep operations with specially crafted filenames, a remote attacker could overwrite arbitrary files...

8.8CVSS7.2AI score0.04271EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/13 2:49 a.m.152 views

USN-5377-1: Linux kernel (BlueField) vulnerabilities

It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-1055 Yiqi Sun and Kevin Wang discovered that the...

9CVSS8AI score0.67994EPSS
Exploits20
Ubuntu
Ubuntu
added 2022/04/12 6:38 p.m.135 views

USN-5376-1: Git vulnerability

俞晨东 discovered that Git incorrectly handled certain repository paths in platforms with multiple users support. An attacker could possibly use this issue to run arbitrary commands...

7.8CVSS7.7AI score0.00782EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/12 5:8 p.m.124 views

USN-5372-1: Subversion vulnerabilities

Evgeny Kotkov discovered that Subversion servers did not properly follow path-based authorization rules in certain cases. An attacker could potentially use this issue to retrieve information about private paths. CVE-2021-28544 Thomas Weißschuh discovered that Subversion servers did not properly...

7.5CVSS6.4AI score0.09254EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/04/12 3:48 p.m.134 views

USN-5371-1: nginx vulnerabilities

It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue was fixed for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2020-11724 It was discovered that nginx Lua module mishandled certain input...

7.5CVSS6.8AI score0.02599EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/12 12:19 p.m.38 views

USN-5375-1: GNU cflow vulnerability

It was discovered that GNU cflow was incorrectly handling memory cleanup operations at the end of a compilation module. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

6.5CVSS6.8AI score0.01114EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/11 4:23 p.m.102 views

USN-5374-1: libarchive vulnerability

It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly use this issue to expose sensitive information...

6.5CVSS6.8AI score0.01877EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/04/11 12:29 p.m.104 views

USN-5373-2: Django vulnerabilities

USN-5373-1 fixed several vulnerabilities in Django. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that Django incorrectly handled certain certain column aliases in the QuerySet.annotate, aggregate, and extra...

9.8CVSS7.4AI score0.18516EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/04/11 11:36 a.m.105 views

USN-5373-1: Django vulnerabilities

It was discovered that Django incorrectly handled certain certain column aliases in the QuerySet.annotate, aggregate, and extra methods. A remote attacker could possibly use this issue to perform an SQL injection attack. CVE-2022-28346 It was discovered that Django incorrectly handled certain...

9.8CVSS7.3AI score0.18516EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/04/11 7:44 a.m.108 views

USN-5331-2: tcpdump vulnerabilities

USN-5331-1 fixed several vulnerabilities in tcpdump. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that tcpdump incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial o...

7.8CVSS7.2AI score0.03071EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/07 9:5 p.m.118 views

USN-5370-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, execute script unexpectedly, obtain sensitive information, conduct spoofing attacks, or execute arbitrary...

8.8CVSS7.9AI score0.1446EPSS
Exploits8
Ubuntu
Ubuntu
added 2022/04/07 1:30 p.m.80 views

USN-5369-1: oslo.utils vulnerability

It was discovered that oslo.utils incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information...

4.9CVSS5.8AI score0.01335EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/04/07 5:12 a.m.109 views

USN-5366-1: FriBidi vulnerabilities

It was discovered that FriBidi incorrectly handled processing of input strings resulting in memory corruption. An attacker could use this issue to cause FriBidi to crash, resulting in a denial of service, or potentially execute arbitrary code. CVE-2022-25308 It was discovered that FriBidi...

7.8CVSS6.9AI score0.00508EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/04/06 9:21 p.m.142 views

USN-5368-1: Linux kernel vulnerabilities

It was discovered that the BPF verifier in the Linux kernel did not properly restrict pointer types in certain situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-23222 It was discovered that the network traffic contro...

9.1CVSS7.8AI score0.67994EPSS
Exploits29
Ubuntu
Ubuntu
added 2022/04/05 3:14 p.m.132 views

USN-5365-1: H2 vulnerabilities

It was discovered that H2 was vulnerable to deserialization of untrusted data. An attacker could possibly use this issue to execute arbitrary code. CVE-2021-42392 It was discovered that H2 incorrectly handled some specially crafted connection URLs. An attacker could possibly use this issue to...

10CVSS8.8AI score0.64766EPSS
Exploits6
Ubuntu
Ubuntu
added 2022/04/05 9:28 a.m.86 views

USN-5364-1: Waitress vulnerability

It was discovered that Waitress incorrectly handled certain requests. An attacker could possibly use this issue to expose sensitive information...

7.5CVSS7.4AI score0.01738EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/04/01 8:31 p.m.54 views

USN-5344-1: DBD::mysql vulnerabilities

It was discovered that the DBD::mysql module, when configured with server-side prepared statement support, was susceptible to operations that would result in improper memory access. An attacker could possibly use this issue to cause DBD::mysql to crash, resulting in a denial of service...

9.8CVSS6.8AI score0.04629EPSS
Exploits0
Total number of security vulnerabilities10907