Lucene search
K
UbuntuRecent

10869 matches found

Ubuntu
Ubuntu
added 2026/04/08 12:29 p.m.2 views

USN-8156-1: GDK-PixBuf vulnerability

It was discovered that GDK-PixBuf incorrectly handled certain JPEG files. An attacker could use this issue to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.4AI score0.01069EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/04/08 11:57 a.m.8 views

USN-8155-1: OpenSSL vulnerabilities

Viktor Dukhovni discovered that OpenSSL incorrectly negotiated the expected preferred key exchange group when used as a TLS 1.3 server. This could result in a less preferred key exchange being used, contrary to expectations. This issue only affected Ubuntu 25.10. CVE-2026-2673 Igor Morgenstern...

9.8CVSS6.2AI score0.00981EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/07 6:46 p.m.6 views

USN-8089-3: ADSys, Juju Core, LXD vulnerabilities

USN-8089-1 fixed vulnerabilities in Go Networking. This update provides the corresponding update to code vendored in LXD, ADSys, and Juju Core. Original advisory details: Bahruz Jabiyev, Tommaso Innocenti, Anthony Gavazzi, Steven Sprecher, and Kaan Onarlioglu discovered that servers using Go...

7.5CVSS7AI score0.07492EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/04/07 5:31 p.m.9 views

USN-8154-1: Django vulnerabilities

Seokchan Yoon discovered that Django incorrectly handled copying memory when parsing multipart uploads with excessive whitespace. A remote attacker could possibly use this issue to cause Django to use excessive resources, leading to a denial of service. CVE-2026-33033 It was discovered that Djang...

9.8CVSS6AI score0.00769EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/04/07 2:5 p.m.5 views

USN-8153-1: Salt vulnerabilities

Zach Malone discovered that Salt did not properly handle permissions to cache data. A local attacker could possibly use this issue to obtain sensitive information. CVE-2015-8034 Dylan Frese discovered that Salt incorrectly allowed users to specify PAM service. An attacker could possibly use this...

5.6CVSS5.9AI score0.00873EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/06 9:59 p.m.2 views

USN-8152-1: Linux kernel (OEM) vulnerabilities

It was discovered that some AMD Zen 5 processors supporting RDSEED instruction did not properly handle entropy, potentially resulting in the consumption of insufficiently random values. A local attacker could possibly use this issue to influence the values returned by the RDSEED instruction causi...

9.8CVSS6.9AI score0.00378EPSS
Exploits6References1
Ubuntu
Ubuntu
added 2026/04/06 9:57 p.m.3 views

USN-8148-4: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...

7.8CVSS6.2AI score0.00344EPSS
Exploits6
Ubuntu
Ubuntu
added 2026/04/06 9:40 p.m.7 views

USN-8145-3: Linux kernel (GCP) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - UDF file system; - NFC subsystem; - Network traffic control;...

7.8CVSS6.7AI score0.0024EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/06 4:3 p.m.5 views

USN-8151-1: lambdaisland/uri vulnerability

It was discovered that lambdaisland/uri did not properly sanitize the backslash character in URI strings. An attacker could possibly use this issue to bypass security checks or redirect users...

6.1CVSS6.4AI score0.00553EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/04/06 4:34 a.m.6 views

USN-8150-1: SPIP vulnerabilities

It was discovered that SPIP did not properly sanitize certain inputs. A remote attacker could possibly use this issue to perform cross site scripting. CVE-2022-28959 It was discovered that SPIP did not properly sanitize certain inputs. A remote attacker could possibly use this issue to perform PH...

8.8CVSS6.5AI score0.01821EPSS
Exploits3
Ubuntu
Ubuntu
added 2026/04/02 8:58 p.m.4 views

USN-8148-3: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...

7.8CVSS6.2AI score0.00344EPSS
Exploits6
Ubuntu
Ubuntu
added 2026/04/02 8:45 p.m.4 views

USN-8148-2: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...

7.8CVSS6.2AI score0.00344EPSS
Exploits6
Ubuntu
Ubuntu
added 2026/04/02 8:37 p.m.8 views

USN-8145-2: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - UDF file system; - NFC subsystem; - Network traffic control;...

7.8CVSS6.7AI score0.0024EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/02 8:30 p.m.5 views

USN-8143-2: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - GPU drivers; - BTRFS file system; - GFS2 file system; - UDF file system; - NFC subsystem; -...

7.8CVSS6.6AI score0.00271EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/02 7:9 p.m.4 views

USN-8146-1: libjxl vulnerability

Daniel Novomeský discovered that libjxl did not properly manage memory when decoding certain files. An attacker could use this issue to cause libjxl to crash, resulting in denial of service, or possibly execute arbitrary code...

8.8CVSS5.9AI score0.00199EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/04/02 6:31 p.m.3 views

USN-8149-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...

7.8CVSS6.2AI score0.00344EPSS
Exploits6
Ubuntu
Ubuntu
added 2026/04/02 6:23 p.m.9 views

USN-8147-1: libarchive vulnerabilities

It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly use this issue to access sensitive information. This issue only affected Ubuntu 14.04 LTS. CVE-2019-19221 It was discovered that libarchive incorrectly handled certain RAR archive files. If a...

7.8CVSS6.7AI score0.03154EPSS
Exploits5
Ubuntu
Ubuntu
added 2026/04/02 6:1 p.m.4 views

USN-8148-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...

7.8CVSS6.2AI score0.00344EPSS
Exploits6
Ubuntu
Ubuntu
added 2026/04/02 2:6 p.m.8 views

USN-8145-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - UDF file system; - NFC subsystem; - Network traffic control;...

7.8CVSS6.8AI score0.0024EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/02 8:22 a.m.11 views

USN-8144-1: Undertow vulnerability

It was discovered that Undertow incorrectly validated the Host header in incoming HTTP requests. A remote attacker could possibly use this issue to gain unintended access to user sessions...

9.6CVSS7.4AI score0.01179EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/02 7:27 a.m.6 views

USN-8140-1: Cairo vulnerabilities

Alberto Garcia, Francisco Oca and Suleman Ali discovered that Cairo did not properly manage memory. An attacker could possibly use this issue to cause Cairo to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2017-9814 ...

7.8CVSS6.7AI score0.03463EPSS
Exploits2
Ubuntu
Ubuntu
added 2026/04/01 9:15 p.m.6 views

USN-8143-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - GPU drivers; - BTRFS file system; - GFS2 file system; - UDF file system; - NFC subsystem; -...

7.8CVSS5.9AI score0.00271EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/01 8:34 p.m.5 views

USN-8142-1: Linux kernel vulnerability

A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystems: - Network traffic control;...

7.8CVSS6.1AI score0.00134EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/04/01 6:4 p.m.10 views

USN-8095-5: Linux kernel (Raspberry Pi) vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

7.8CVSS6.1AI score0.00544EPSS
Exploits7References1
Ubuntu
Ubuntu
added 2026/04/01 3:16 p.m.32 views

USN-8141-1: Linux kernel (Raspberry Pi) vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

9.8CVSS6.3AI score0.00544EPSS
Exploits7References1
Ubuntu
Ubuntu
added 2026/04/01 3:0 p.m.6 views

USN-8094-5: Linux kernel (Raspberry Pi) vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

9.8CVSS6AI score0.00378EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2026/04/01 1:44 p.m.7 views

USN-8139-1: cargo-c vulnerability

It was discovered that tar-rs embedded in cargo-c incorrectly handled symlinks when unpacking a tar archive. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could use this issue to modify permissions of arbitrary directories outside th...

6.5CVSS6AI score0.00379EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/04/01 1:35 p.m.6 views

USN-8138-1: tar-rs vulnerability

It was discovered that tar-rs incorrectly handled symlinks when unpacking a tar archive. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could use this issue to modify permissions of arbitrary directories outside the extraction root, a...

6.5CVSS6AI score0.00379EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/03/31 5:13 p.m.5 views

USN-8089-2: Go Networking vulnerabilities

USN-8089-1 fixed vulnerabilities in Go Networking. This update provides the corresponding update to code vendored in golang-golang-x-net-dev. Original advisory details: Bahruz Jabiyev, Tommaso Innocenti, Anthony Gavazzi, Steven Sprecher, and Kaan Onarlioglu discovered that servers using Go...

7.5CVSS6.9AI score0.07492EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/03/31 9:48 a.m.5 views

USN-8136-1: Dovecot vulnerabilities

It was discovered that Dovecot incorrectly handled invalid base64 SASL data. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 25.10. CVE-2025-59028 It was discovered that Dovecot script decode2text.sh incorrectly handled zip files. An attacke...

8.2CVSS6AI score0.0079EPSS
Exploits7
Ubuntu
Ubuntu
added 2026/03/31 8:49 a.m.3 views

USN-8137-1: Ruby vulnerability

It was discovered that the Ruby URI gem did not properly handle sensitive information when combining URIs. A remote attacker could possibly use this issue to leak authentication credentials...

7.5CVSS5.9AI score0.0051EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/31 12:19 a.m.8 views

USN-8135-1: Pillow vulnerabilities

It was discovered that Pillow did not correctly handle reading J2K files, which could lead to an out-of-bounds read vulnerability. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue...

9.1CVSS7.8AI score0.02876EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/30 9:8 p.m.11 views

USN-8132-1: Roundcube Webmail vulnerabilities

It was discovered that Roundcube Webmail did not properly sanitize certain HTML elements within the e-mail body. An attacker could possibly use this issue to cause a cross-site scripting attack. This issue was only addressed in Ubuntu 16.04 LTS. CVE-2016-4068, CVE-2016-4069 It was discovered that...

8.8CVSS5.9AI score0.60162EPSS
Exploits6
Ubuntu
Ubuntu
added 2026/03/30 7:57 p.m.5 views

USN-8134-1: pyasn1 vulnerabilities

It was discovered that pyasn1 could exhaust system resources when attempting to decode a malformed certificate. An attacker could possibly use this to cause a denial of service. CVE-2026-23490 Kevin Tu discovered that pyasn1 could exhaust system resources via uncontrolled recursion when attemptin...

7.5CVSS5.9AI score0.00679EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/03/30 3:2 p.m.11 views

USN-8133-1: PyJWT vulnerability

It was discovered that PyJWT did not validate the critical header parameter, contrary to the RFC specification expectations. A remote attacker could possibly use this issue to bypass certain authentication checks and restrictions...

7.5CVSS5.9AI score0.00269EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/03/30 12:8 p.m.13 views

USN-8131-1: GStreamer Good Plugins vulnerabilities

It was discovered that GStreamer Good Plugins incorrectly handled certain X-QDM RTP payloads. A remote attacker could use this issue to cause GStreamer Good Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.8CVSS6.1AI score0.00828EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/30 11:58 a.m.12 views

USN-8130-1: GStreamer Base Plugins vulnerability

It was discovered that GStreamer Base Plugins incorrectly handled certain AVI media files. A remote attacker could use this issue to cause GStreamer Base Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS6AI score0.00867EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/30 11:41 a.m.21 views

USN-8129-1: pyasn1 vulnerability

It was discovered that pyasn1 incorrectly handled recursion when decoding ASN.1 data. An attacker could use this issue to cause pyasn1 to consume resources, leading to a denial of service...

7.5CVSS5.9AI score0.0058EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/03/30 10:1 a.m.6 views

USN-8127-1: ImageMagick vulnerabilities

It was discovered that ImageMagick did not properly process certain tags prior to an image being loaded. An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service. CVE-2026-23952 It was discovered that ImageMagick did not properly handle temporary...

7.8CVSS5.9AI score0.00475EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/03/27 8:51 a.m.6 views

USN-8098-9: Linux kernel (IBM) vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

7.8CVSS6.8AI score0.00248EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2026/03/26 3:54 p.m.9 views

USN-8128-1: CryptX vulnerabilities

It was discovered that CryptX did not verify authentication tags while performing GCM and ChaCha20-Poly1305 decryption. An attacker could possibly use this issue to cause CryptX to accept modified ciphertext, leading to data integrity violations or authentication bypass. This issue only affected...

9.8CVSS5.9AI score0.00489EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/25 7:13 p.m.18 views

USN-8126-1: Linux kernel (Azure) vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

9.8CVSS6.4AI score0.23278EPSS
Exploits19References1
Ubuntu
Ubuntu
added 2026/03/25 7:11 p.m.9 views

USN-8125-1: Linux kernel (Azure) vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

7.8CVSS6.2AI score0.23278EPSS
Exploits9References1
Ubuntu
Ubuntu
added 2026/03/25 7:4 p.m.8 views

USN-8094-4: Linux kernel (Azure) vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

9.8CVSS6.7AI score0.00378EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2026/03/25 4:32 p.m.10 views

USN-8124-1: Bind vulnerabilities

Samy Medjahed discovered that Bind incorrectly handled insecure delegation validation. A remote attacker could possibly use this issue to cause excessive NSEC3 iterations, consuming CPU resources, and leading to a denial of service. CVE-2026-1519 Vitaly Simonovich discovered that Bind incorrectly...

7.5CVSS5.8AI score0.01545EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/03/25 4:22 p.m.13 views

USN-8123-1: Mbed TLS vulnerabilities

It was discovered that Mbed TLS incorrectly handled memory allocation failures. A remote attacker could possibly use this issue to crash the program. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2021-44732 Jonathan Winzig discovered that Mbed TLS incorrectly handled crafted...

9.8CVSS6.2AI score0.02569EPSS
Exploits4
Ubuntu
Ubuntu
added 2026/03/25 1:45 p.m.10 views

USN-8098-8: Linux kernel (Azure FIPS) vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

7.8CVSS6.7AI score0.00248EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2026/03/25 1:30 p.m.8 views

USN-8098-7: Linux kernel (Azure) vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

7.8CVSS6.7AI score0.00248EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2026/03/24 8:34 p.m.9 views

USN-8122-1: PJSIP vulnerabilities

Youngsung Kim discovered that PJSIP did not properly parse numeric header fields in SIP messages. A remote attacker could use this issue to cause PJSIP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. CVE-2017-16872 Peter...

9.8CVSS7.4AI score0.0462EPSS
Exploits4
Ubuntu
Ubuntu
added 2026/03/24 6:11 p.m.7 views

USN-8121-1: Linux kernel (AWS FIPS) vulnerability

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

5.9AI score
Exploits0References1
Total number of security vulnerabilities10869