exploit the possibilities
Showing 1 - 25 of 6,235 RSS Feed

Files from Ubuntu

Email addresssecurity at ubuntu.com
First Active2004-10-28
Last Active2022-05-27
Ubuntu Security Notice USN-5450-1
Posted May 27, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5450-1 - Evgeny Kotkov discovered that subversion servers did not properly follow path-based authorization rules in certain cases. An attacker could potentially use this issue to retrieve information about private paths. Thomas Weißschuh discovered that subversion servers did not properly handle memory in certain configurations. A remote attacker could potentially use this issue to cause a denial of service or other unspecified impact.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2021-28544, CVE-2022-24070
SHA-256 | 25005e80f5a215c5faaa235728da6fc23e511750389a944ba2030f34dec76098
Ubuntu Security Notice USN-5449-1
Posted May 27, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5449-1 - It was discovered that libXv incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-5407
SHA-256 | 8dfd824a0a555db5e12b3fa25f8978b13dd1582bf701580976cf915a4e122eac
Ubuntu Security Notice USN-5448-1
Posted May 27, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5448-1 - It was discovered that ncurses was not properly checking array bounds when executing the fmt_entry function, which could result in an out-of-bounds write. An attacker could possibly use this issue to execute arbitrary code. It was discovered that ncurses was not properly checking user input, which could result in it being treated as a format argument. An attacker could possibly use this issue to expose sensitive information or to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-10684, CVE-2017-10685, CVE-2017-11113, CVE-2017-13728, CVE-2017-13730, CVE-2017-13731, CVE-2017-13732, CVE-2017-13734
SHA-256 | 1fae3ff9d59b9002c720d7960b2278d50e61f34c7a0526b62ec3f8efe3754081
Ubuntu Security Notice USN-5402-2
Posted May 26, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5402-2 - USN-5402-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 16.04 ESM. Elison Niven discovered that OpenSSL incorrectly handled the c_rehash script. A local attacker could possibly use this issue to execute arbitrary commands when c_rehash is run. Aliaksei Levin discovered that OpenSSL incorrectly handled resources when decoding certificates and keys. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS.

tags | advisory, remote, denial of service, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-1292, CVE-2022-1473
SHA-256 | 38897d1c35ed3fd17bf48d11add588afe226f3e13ae49956791b9fd6a4337cd4
Ubuntu Security Notice USN-5447-1
Posted May 26, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5447-1 - It was discovered that logrotate incorrectly handled the state file. A local attacker could possibly use this issue to keep a lock on the state file and cause logrotate to stop working, leading to a denial of service.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2022-1348
SHA-256 | c8fa0bf04cc683831e5b871b990f973f32f66e7c6c7f8c7dfdad1c29f02b9ed1
Ubuntu Security Notice USN-5446-1
Posted May 26, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5446-1 - Max Justicz discovered that dpkg incorrectly handled unpacking certain source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service or potentially gaining access to the system.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-1664
SHA-256 | 8ba864d61f0193bbfb97226d88f416c5673aba3d68a202bdfbf7fac70e91909c
Ubuntu Security Notice USN-5445-1
Posted May 26, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5445-1 - Ace Olszowka discovered that Subversion incorrectly handled certain svnserve requests. A remote attacker could possibly use this issue to cause svnserver to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. Tomas Bortoli discovered that Subversion incorrectly handled certain svnserve requests. A remote attacker could possibly use this issue to cause svnserver to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-11782, CVE-2019-0203, CVE-2020-17525
SHA-256 | c99bfd8642d47931efcc9e47a22f2772a79bf4aba985bd65311c0c0f49f18485
Ubuntu Security Notice USN-5404-2
Posted May 25, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5404-2 - USN-5404-1 addressed a vulnerability in Rsyslog. This update provides the corresponding update for Ubuntu 16.04 ESM. Pieter Agten discovered that Rsyslog incorrectly handled certain requests. An attacker could possibly use this issue to cause a crash.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2022-24903
SHA-256 | 3394a7516dfe2104e5e67cea4be704545ae10ea23ca73c694dbe4fc856db4ae5
Ubuntu Security Notice USN-5439-1
Posted May 24, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5439-1 - Gunnar Hjalmarsson discovered that AccountsService incorrectly dropped privileges. A local user could possibly use this issue to cause AccountsService to crash or stop responding, resulting in a denial of service.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2022-1804
SHA-256 | 1ba0fe6423f2322fb60ea715427b119088fa6ff3ecaa64132a2f82d29d96f2c1
Ubuntu Security Notice USN-5440-1
Posted May 24, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5440-1 - Alexander Lakhin discovered that PostgreSQL incorrectly handled the security restricted operation sandbox when a privileged user is maintaining another user's objects. An attacker having permission to create non-temp objects can use this issue to execute arbitrary commands as the superuser.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-1552
SHA-256 | afb7ac8dfa18021533dd1fe40974a4cd36cb7516b0d83f7e79b332743aa4ed7d
Ubuntu Security Notice USN-5438-1
Posted May 24, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5438-1 - It was discovered that HTMLDOC did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted HTML file, a remote attacker could possibly use this issue to cause HTMLDOC to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-23165
SHA-256 | 542453ced915ebb7602fcd08f1d0bbe3e3d2bc6543e84431afac96174abfa1a1
Ubuntu Security Notice USN-5437-1
Posted May 24, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5437-1 - Tobias Stoeckmann discovered that libXfixes incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-7944
SHA-256 | 28b2613b268b5b81a61688ca5923bfc41d7ddbec6de35cfcc7df9010f9b66488
Ubuntu Security Notice USN-5436-1
Posted May 24, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5436-1 - Tobias Stoeckmann discovered that libXrender incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-7949
SHA-256 | a68c328472176a9f2ce8d1148dfe8b7097f7b70356d0bf7472a3922ab24f6102
Ubuntu Security Notice USN-5434-1
Posted May 24, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5434-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass permission prompts, obtain sensitive information, bypass security restrictions, cause user confusion, or execute arbitrary code. It was discovered that Thunderbird would show the wrong security status after viewing an attached message that is signed or encrypted. An attacker could potentially exploit this by tricking the user into trusting the authenticity of a message.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-1520, CVE-2022-29909, CVE-2022-29914, CVE-2022-29916
SHA-256 | 237c5eb4eb47add7437e7b310f6d5827e420d60072cbc15d8576433f3ae3affe
Ubuntu Security Notice USN-5435-1
Posted May 24, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5435-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass permission prompts, obtain sensitive information, bypass security restrictions, cause user confusion, or execute arbitrary code. It was discovered that Thunderbird would show the wrong security status after viewing an attached message that is signed or encrypted. An attacker could potentially exploit this by tricking the user into trusting the authenticity of a message.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-1520, CVE-2022-29909, CVE-2022-29914, CVE-2022-29916
SHA-256 | 237c5eb4eb47add7437e7b310f6d5827e420d60072cbc15d8576433f3ae3affe
Ubuntu Security Notice USN-5434-1
Posted May 24, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5434-1 - It was discovered that the methods of an Array object could be corrupted as a result of prototype pollution by sending a message to the parent process. If a user were tricked into opening a specially crafted website, an attacker could exploit this to execute JavaScript in a privileged context.

tags | advisory, javascript
systems | linux, ubuntu
advisories | CVE-2022-1529
SHA-256 | 5c1a6337e78a42d03169f0ba88e8c5ab3edef10a831fc2af55998839be62848f
Ubuntu Security Notice USN-5433-1
Posted May 24, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5433-1 - It was discovered that Vim incorrectly handled parsing of filenames in its search functionality. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service. It was discovered that Vim incorrectly handled memory when opening and searching the contents of certain files. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges.

tags | advisory, denial of service, code execution
systems | linux, ubuntu
advisories | CVE-2021-3973, CVE-2021-3974, CVE-2021-4019, CVE-2021-4069, CVE-2021-4192, CVE-2022-1154
SHA-256 | 8b8300d57f240b901a3f654950e0c539f204e144869f668c8135608a5cde9f4f
Ubuntu Security Notice USN-5432-1
Posted May 23, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5432-1 - It was discovered that libpng incorrectly handled memory when parsing certain PNG files. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possible execute arbitrary code. Zhengxiong Luo discovered that libpng incorrectly handled memory when parsing certain PNG files. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possible execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-12652, CVE-2018-14048
SHA-256 | 54ca6d5730b37e6ead16f7d5e371061160c7f46a81e138b8550d769c11bfd6ea
Ubuntu Security Notice USN-5424-2
Posted May 20, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5424-2 - USN-5424-1 fixed a vulnerability in OpenLDAP. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that OpenLDAP incorrectly handled certain SQL statements within LDAP queries in the experimental back-sql backend. A remote attacker could possibly use this issue to perform an SQL injection attack and alter the database.

tags | advisory, remote, sql injection
systems | linux, ubuntu
advisories | CVE-2022-29155
SHA-256 | 0e0e7d427185a4265212e9573a0d260655e14290d1cec821dc663cfb8913d341
Ubuntu Security Notice USN-5429-1
Posted May 19, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5429-1 - Thomas Amgarten discovered that Bind incorrectly handled certain TLS connections being destroyed. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-1183
SHA-256 | 55ce2e3ed595a0e54481d0b59f468b92eb5b3652c3537ba65ac53e265a0140ee
Ubuntu Security Notice USN-5430-1
Posted May 19, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5430-1 - It was discovered that GNOME Settings incorrectly handled the remote desktop sharing configuration. When turning off desktop sharing, it may be turned on again after rebooting, contrary to expectations.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2022-1736
SHA-256 | 0caae1f837e57963485b670c7a2e0b364633d4e5ddcf44795a2923c570f64b8a
Ubuntu Security Notice USN-5428-1
Posted May 18, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5428-1 - Tobias Stoeckmann discovered that libXrandr incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-7947
SHA-256 | deb631a860436031a460c67a9adb4c2f5174b4829345d20a02d76adfe82f1cf5
Ubuntu Security Notice USN-5423-2
Posted May 18, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5423-2 - USN-5423-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Michał Dardas discovered that ClamAV incorrectly handled parsing CHM files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-20770, CVE-2022-20771, CVE-2022-20785, CVE-2022-20792, CVE-2022-20796
SHA-256 | 8e4b8948d5e1b928c53f47538c39a5720eb5d9b54a8e9ed63566bd719e26428b
Ubuntu Security Notice USN-5427-1
Posted May 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5427-1 - Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. Gerrit Venema discovered that Apport incorrectly handled connections to Apport sockets inside containers. A local attacker could possibly use this issue to connect to arbitrary sockets as the root user.

tags | advisory, arbitrary, local, root
systems | linux, ubuntu
advisories | CVE-2021-3899, CVE-2022-1242, CVE-2022-28652, CVE-2022-28654, CVE-2022-28655, CVE-2022-28656, CVE-2022-28657, CVE-2022-28658
SHA-256 | 4a7a1a4b4a53f12a5e131a2b8e72000ea9e3e0b7606d2ddd406b23a06bd16806
Ubuntu Security Notice USN-5426-1
Posted May 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5426-1 - Jakub Wilk discovered that needrestart incorrectly used some regular expressions. A local attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2022-30688
SHA-256 | af676d991a6b34124aadcbf2af266afeb34a8c6ad65703f679cfe6e1368bd93e
Page 1 of 250
Back12345Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close