Lucene search
K
UbuntuRecent

10918 matches found

Ubuntu
Ubuntu
•added 2021/05/25 2:27 p.m.•119 views

USN-4964-1: Exiv2 vulnerabilities

It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04. CVE-2021-29463 It was discovered that Exiv2 incorrectly handled certain files. An...

7.8CVSS6.8AI score0.01677EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/19 2:0 p.m.•178 views

USN-4962-1: Babel vulnerability

It was discovered that Babel incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code...

8AI score
Exploits0
Ubuntu
Ubuntu
•added 2021/05/19 1:54 p.m.•129 views

USN-4963-1: Pillow vulnerabilities

It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash or hand, resulting in a denial of service...

9.1CVSS6.8AI score0.02876EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/19 10:47 a.m.•85 views

USN-4961-1: pip vulnerability

It was discovered that pip incorrectly handled unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository...

5.5AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2021/05/19 10:41 a.m.•120 views

USN-4960-1: runC vulnerability

Etienne Champetier discovered that runC incorrectly checked mount targets. An attacker with a malicious container image could possibly mount the host filesystem into the container and escalate privileges...

8.5CVSS7.5AI score0.06604EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/19 5:48 a.m.•161 views

USN-4945-2: Linux kernel (Raspberry Pi) vulnerabilities

USN-4945-1 fixed vulnerabilities in the Linux kernel for Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. This update provides the corresponding Linux kernel updates targeted specifically for Raspberry Pi devices in those same Ubuntu Releases. Original advisory details: It was discovered that the Nouveau G...

8.8CVSS6.5AI score0.01316EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/05/18 3:22 p.m.•102 views

USN-4959-1: GStreamer Base Plugins vulnerability

It was discovered that GStreamer Base Plugins incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information...

5.5CVSS7AI score0.05372EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/18 2:39 p.m.•123 views

USN-4957-2: DjVuLibre vulnerabilities

USN-4957-1 fixed several vulnerabilities in DjVuLibre. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that DjVuLibre incorrectly handled certain memory operations. If a user or automated system were tricked into processing a...

7.8CVSS7.5AI score0.01001EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/17 10:50 p.m.•93 views

USN-4958-1: Caribou vulnerability

It was discovered that the Caribou onscreen keyboard could be made to crash when given certain input values. An attacker could use this to bypass screen-locking applications that support using Caribou as an input mechanism...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2021/05/17 5:11 p.m.•133 views

USN-4957-1: DjVuLibre vulnerabilities

It was discovered that DjVuLibre incorrectly handled certain memory operations. If a user or automated system were tricked into processing a specially crafted DjVu file, a remote attacker could cause applications to hang or crash, resulting in a denial of service, or possibly execute arbitrary co...

7.8CVSS7.3AI score0.01001EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/17 1:32 p.m.•119 views

USN-4956-1: Eventlet vulnerability

It was discovered that Eventlet incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service...

5.3CVSS6.7AI score0.01807EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/17 11:57 a.m.•114 views

USN-4955-1: Please vulnerabilities

Matthias Gerstner discovered that Please contained multiple security issues. A local attacker could use these issues to cause Please to crash, resulting in a denial of service, or possibly escalate privileges...

7.8CVSS6.4AI score0.00468EPSS
Exploits3
Ubuntu
Ubuntu
•added 2021/05/17 9:50 a.m.•230 views

USN-4628-3: Intel Microcode vulnerabilities

USN-4628-1 provided updated Intel Processor Microcode for various processor types. This update provides the corresponding updates for some additional processor types. Original advisory details: Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Dani...

5.5CVSS7AI score0.0051EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/17 9:4 a.m.•97 views

LSN-0077-1: Kernel Live Patch Security Notice

Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copyfromuser when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service memory exhaustion or execute arbitrary...

8.8CVSS7.3AI score0.01547EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/05/14 12:19 a.m.•180 views

USN-4954-1: GNU C Library vulnerabilities

Jason Royes and Samuel Dytrych discovered that the memcpy implementation for 32 bit ARM processors in the GNU C Library contained an integer underflow vulnerability. An attacker could possibly use this to cause a denial of service application crash or execute arbitrary code. CVE-2020-6096 It was...

8.1CVSS6.5AI score0.05223EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/05/13 5:12 p.m.•167 views

USN-4953-1: AWStats vulnerabilities

Sean Boran discovered that AWStats incorrectly filtered certain parameters. A remote attacker could possibly use this issue to execute arbitrary code. CVE-2020-29600 It was discovered that AWStats incorrectly filtered certain parameters. A remote attacker could possibly use this issue to access...

9.8CVSS7.8AI score0.04352EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/05/13 12:31 p.m.•121 views

USN-4932-2: Django vulnerability

USN-4932-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that Django incorrectly handled certain filenames. A remote attacker could possibly use this issue to create or overwri...

7.5CVSS7.5AI score0.05291EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/12 4:53 p.m.•177 views

USN-4952-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.25 in Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. Ubuntu 18.04 LTS has been updated to MySQL 5.7.34. In addition to security fixes, the...

6.5CVSS7.3AI score0.04643EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/12 2:31 a.m.•159 views

USN-4951-1: Flatpak vulnerability

Anton Lydike discovered that Flatpak did not properly handle special tokens in desktop files. An attacker could use this to specially craft a Flatpak application that could escape sandbox confinement...

8.2CVSS7.4AI score0.01546EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/11 10:42 p.m.•159 views

USN-4950-1: Linux kernel vulnerabilities

Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2021-3489...

8.8CVSS7.2AI score0.27477EPSS
Exploits8References1
Ubuntu
Ubuntu
•added 2021/05/11 10:37 p.m.•226 views

USN-4949-1: Linux kernel vulnerabilities

Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2021-3489...

8.8CVSS7.4AI score0.27477EPSS
Exploits9
Ubuntu
Ubuntu
•added 2021/05/11 10:31 p.m.•187 views

USN-4948-1: Linux kernel (OEM) vulnerabilities

Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2021-3489...

8.8CVSS7.6AI score0.27477EPSS
Exploits11
Ubuntu
Ubuntu
•added 2021/05/11 9:53 p.m.•183 views

USN-4946-1: Linux kernel vulnerabilities

It was discovered that the DRM subsystem in the Linux kernel contained double-free vulnerabilities. A privileged attacker could possibly use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-20292 Olivier Benjamin, Norbert Manthey, Martin Mazein, and Jan ...

7.8CVSS6.6AI score0.00872EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/11 9:41 p.m.•139 views

USN-4947-1: Linux kernel (OEM) vulnerabilities

Kiyin 尹亮 discovered that the x25 implementation in the Linux kernel contained overflows when handling addresses from user space. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-35519 It was discovered that the fastrpc driver i...

7.8CVSS6.8AI score0.00413EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/11 8:52 p.m.•167 views

USN-4945-1: Linux kernel vulnerabilities

It was discovered that the Nouveau GPU driver in the Linux kernel did not properly handle error conditions in some situations. A local attacker could use this to cause a denial of service system crash. CVE-2020-25639 Jan Beulich discovered that the Xen netback backend in the Linux kernel did not...

8.8CVSS6.5AI score0.01316EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/05/11 6:30 p.m.•93 views

USN-4944-1: MariaDB vulnerabilities

This update fixed multiple vulnerabilities in MariaDB. Ubuntu 18.04 LTS has been updated to MariaDB 10.1.48. Ubuntu 20.04 LTS has been updated to MariaDB 10.3.29. Ubuntu 20.10 has been updated to MariaDB 10.3.29. Ubuntu 21.04 has been updated to MariaDB 10.5.10...

5.3AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2021/05/11 9:41 a.m.•164 views

USN-4943-1: XStream vulnerabilities

Zhihong Tian and Hui Lu found that XStream was vulnerable to remote code execution. A remote attacker could run arbitrary shell commands by manipulating the processed input stream. This issue affected only affected Ubuntu 20.10. CVE-2020-26217 It was discovered that XStream was vulnerable to...

9.9CVSS7AI score0.85001EPSS
Exploits21
Ubuntu
Ubuntu
•added 2021/05/10 9:10 p.m.•119 views

USN-4942-1: Firefox vulnerability

A race condition was discovered in Web Render Components. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit this to execute arbitrary code...

7.5CVSS8.5AI score0.0073EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/10 6:7 p.m.•123 views

USN-4941-1: Exiv2 vulnerabilities

It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code or cause a crash. CVE-2021-29457 It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of...

7.8CVSS7.2AI score0.02295EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/05/10 2:19 p.m.•408 views

USN-4940-1: PyYAML vulnerability

It was discovered that PyYAML incorrectly handled untrusted YAML files with the FullLoader loader. A remote attacker could possibly use this issue to execute arbitrary code...

10CVSS7.7AI score0.05984EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/10 11:40 a.m.•176 views

USN-4939-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

9.8CVSS7.5AI score0.0712EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/06 1:13 p.m.•138 views

USN-4936-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. CVE-2021-23968,...

8.8CVSS7.7AI score0.0153EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/05/06 12:58 p.m.•139 views

USN-4938-1: Unbound vulnerabilities

It was discovered that Unbound contained multiple security issues. A remote attacker could possibly use these issues to cause a denial of service, inject arbitrary commands, execute arbitrary code, and overwrite local files...

9.8CVSS7.7AI score0.02179EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/06 11:23 a.m.•152 views

USN-4934-2: Exim vulnerabilities

USN-4934-1 fixed several vulnerabilities in Exim. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. CVE-2020-28026 only affected Ubuntu 16.04 ESM. Original advisory details: It was discovered that Exim contained multiple security issues. An attacker could us...

9.8CVSS7.9AI score0.36071EPSS
Exploits6
Ubuntu
Ubuntu
•added 2021/05/06 11:15 a.m.•121 views

USN-4937-1: GNOME Autoar vulnerability

Ondrej Holy discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution...

5.5CVSS7.1AI score0.00528EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/04 5:25 p.m.•128 views

USN-4935-1: NVIDIA graphics drivers vulnerabilities

It was discovered that the NVIDIA GPU display driver for the Linux kernel incorrectly performed access control. A local attacker could use this issue to cause a denial of service, expose sensitive information, or escalate privileges. CVE-2021-1076 It was discovered that the NVIDIA GPU display...

7.8CVSS6.3AI score0.00347EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/04 2:0 p.m.•169 views

USN-4934-1: Exim vulnerabilities

It was discovered that Exim contained multiple security issues. An attacker could use these issues to cause a denial of service, execute arbitrary code remotely, obtain sensitive information, or escalate local privileges...

9.8CVSS7.8AI score0.61061EPSS
Exploits6
Ubuntu
Ubuntu
•added 2021/05/04 12:1 p.m.•127 views

USN-4932-1: Django vulnerability

It was discovered that Django incorrectly handled certain filenames. A remote attacker could possibly use this issue to create or overwrite files in unexpected directories...

7.5CVSS7.5AI score0.05291EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/04 11:59 a.m.•141 views

USN-4933-1: OpenVPN vulnerabilities

It was discovered that OpenVPN incorrectly handled certain data channel v2 packets. A remote attacker could possibly use this issue to inject packets using a victim's peer-id. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2020-11810 It was discovered that OpenVPN incorrectly...

7.5CVSS6.8AI score0.05107EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/05/03 10:20 p.m.•114 views

USN-4918-3: ClamAV regression

USN-4918-1 fixed vulnerabilities in ClamAV. The updated package could fail to properly scan in some situations. This update fixes the problem. Original advisory details: It was discovered that ClamAV incorrectly handled parsing Excel documents. A remote attacker could possibly use this issue to...

7.4AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2021/05/03 8:44 p.m.•150 views

USN-4931-1: Samba vulnerabilities

Steven French discovered that Samba incorrectly handled ChangeNotify permissions. A remote attacker could possibly use this issue to obtain file name information. CVE-2020-14318 Bas Alberts discovered that Samba incorrectly handled certain winbind requests. A remote attacker could possibly use th...

6.8CVSS7AI score0.0218EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/05/03 9:36 a.m.•135 views

LSN-0076-1: Kernel Live Patch Security Notice

It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges.CVE-2021-3493 Piotr Krysiuk discovered that the BPF JIT compil...

8.8CVSS7.4AI score0.43988EPSS
Exploits27
Ubuntu
Ubuntu
•added 2021/04/29 4:48 p.m.•117 views

USN-4930-1: Samba vulnerability

Peter Eriksson discovered that Samba incorrectly handled certain negative idmap cache entries. This issue could result in certain users gaining unauthorized access to files, contrary to expected behaviour...

6.8CVSS7AI score0.01616EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/04/29 11:11 a.m.•160 views

USN-4929-1: Bind vulnerabilities

Greg Kuechle discovered that Bind incorrectly handled certain incremental zone updates. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. CVE-2021-25214 Siva Kakarla discovered that Bind incorrectly handled certain DNAME records. A remote...

9.8CVSS7.8AI score0.83406EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/04/28 5:15 p.m.•122 views

USN-4928-1: GStreamer Good Plugins vulnerabilities

It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to cause access sensitive information or cause a crash. CVE-2021-3497 It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could...

7.8CVSS8AI score0.0177EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/04/28 12:10 p.m.•150 views

USN-4913-2: Underscore vulnerability

USN-4913-1 fixed vulnerabilities in Underscore. This update provides the corresponding updates for Ubuntu 21.04. Original advisory details: It was discovered that Underscore incorrectly handled certain inputs. An attacker could possibly use this issue to inject arbitrary code...

7.2CVSS6.7AI score0.04087EPSS
Exploits2
Ubuntu
Ubuntu
•added 2021/04/27 4:49 p.m.•133 views

USN-4892-1: OpenJDK vulnerability

It was discovered that OpenJDK incorrectly verified Jar signatures. An attacker could possibly use this issue to bypass intended security restrictions when using Jar files signed with a disabled algorithm...

5.3CVSS6.4AI score0.03566EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/04/26 4:47 p.m.•125 views

USN-4922-2: Ruby vulnerability

USN-4922-1 fixed a vulnerability in Ruby. This update provides the corresponding update for Ubuntu 21.04. Original advisory details: Juho Nurminen discovered that the REXML gem bundled with Ruby incorrectly parsed and serialized XML documents. A remote attacker could possibly use this issue to...

7.5CVSS7.4AI score0.05061EPSS
Exploits0
Ubuntu
Ubuntu
•added 2021/04/26 1:9 p.m.•118 views

USN-4927-1: File Roller vulnerability

It was discovered that File Roller incorrectly handled symlinks. An attacker could possibly use this issue to expose sensitive information...

3.9CVSS5AI score0.00611EPSS
Exploits1
Ubuntu
Ubuntu
•added 2021/04/26 10:44 a.m.•137 views

USN-4926-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, trick the user into disclosing confidential...

8.8CVSS7.7AI score0.01764EPSS
Exploits1
Total number of security vulnerabilities10918