exploit the possibilities
Showing 1 - 25 of 6,016 RSS Feed

Files from Ubuntu

Email addresssecurity at ubuntu.com
First Active2004-10-28
Last Active2022-01-24
Ubuntu Security Notice USN-5243-2
Posted Jan 24, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5243-2 - USN-5243-1 fixed a vulnerability in aide. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. David Bouman discovered that AIDE incorrectly handled base64 operations. A local attacker could use this issue to cause AIDE to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2021-45417
MD5 | 6575860d3eea4bd9a6f3f9f321aa9551
Ubuntu Security Notice USN-5244-1
Posted Jan 24, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5244-1 - Daniel Onaca discovered that DBus contained a use-after-free vulnerability, caused by the incorrect handling of usernames sharing the same UID. An attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2020-35512
MD5 | 1e4cadffb5e13b7024c0063417db6f68
Ubuntu Security Notice USN-5248-1
Posted Jan 24, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5248-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, trick a user into accepting unwanted permissions, conduct header splitting attacks, conduct spoofing attacks, bypass security restrictions, confuse the user, or execute arbitrary code.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2021-29981, CVE-2021-29987, CVE-2021-29991, CVE-2021-38495, CVE-2021-38497, CVE-2021-38498, CVE-2021-38500, CVE-2021-38502, CVE-2021-38503, CVE-2021-38504, CVE-2021-38508, CVE-2021-38509, CVE-2021-4126, CVE-2021-43528, CVE-2021-43536, CVE-2021-43537, CVE-2021-43541, CVE-2021-43542, CVE-2021-43656, CVE-2021-44538, CVE-2022-22737, CVE-2022-22740, CVE-2022-22741, CVE-2022-22745, CVE-2022-22747
MD5 | 641674d1be412cfdbe6cab06bb9fd660
Ubuntu Security Notice USN-5249-1
Posted Jan 21, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5249-1 - It was discovered that USBView allowed unprivileged users to run usbview as root. A local attacker could use this vulnerability to gain administrative privileges or cause a denial of service.

tags | advisory, denial of service, local, root
systems | linux, ubuntu
advisories | CVE-2022-23220
MD5 | 1258033997e4e9148b54d1dcf8e787f9
Ubuntu Security Notice USN-5246-1
Posted Jan 21, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5246-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct spoofing attacks, bypass security restrictions, or execute arbitrary code.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2021-4126, CVE-2021-43528, CVE-2021-43536, CVE-2021-43537, CVE-2021-43541, CVE-2021-43542, CVE-2021-43546, CVE-2021-43656, CVE-2021-44538, CVE-2022-22737, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22751
MD5 | fa7d785b794ea45859e9d565800a5037
Ubuntu Security Notice USN-5243-1
Posted Jan 20, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5243-1 - David Bouman discovered that AIDE incorrectly handled base64 operations. A local attacker could use this issue to cause AIDE to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2021-45417
MD5 | 117feff16eb2b51d386d616ea166234d
Ubuntu Security Notice USN-5242-1
Posted Jan 20, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5242-1 - It was discovered that Open vSwitch incorrectly handled certain fragmented packets. A remote attacker could possibly use this issue to cause Open vSwitch to consume resources, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2021-3905
MD5 | 0e7c9660da726d2a887ee1c3b4bc8737
Ubuntu Security Notice USN-5021-2
Posted Jan 20, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5021-2 - USN-5021-1 fixed vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 16.04 ESM. Harry Sintonen and Tomas Hoger discovered that curl incorrectly handled TELNET connections when the -t option was used on the command line. Uninitialized data possibly containing sensitive information could be sent to the remote server, contrary to expectations.

tags | advisory, remote, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-22898, CVE-2021-22925
MD5 | a7ae191b99d25c327ddbb608d3fc2059
Ubuntu Security Notice USN-5241-1
Posted Jan 20, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5241-1 - It was discovered that QtSvg incorrectly handled certain malformed SVG images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause QtSvg to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-19869
MD5 | 43b058a26738d3b6497e455c57a0de19
Ubuntu Security Notice USN-5240-1
Posted Jan 20, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5240-1 - William Liu and Jamie Hill-Daniel discovered that the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-0185
MD5 | 6091dd663f500cf9a14590659a45e997
Ubuntu Security Notice USN-5233-2
Posted Jan 19, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5233-2 - USN-5233-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that ClamAV incorrectly handled memory when the CL_SCAN_GENERAL_COLLECT_METADATA scan option was enabled. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-20698
MD5 | f0f407e03474205e9889824bb5c1056b
Ubuntu Security Notice USN-5234-1
Posted Jan 19, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5234-1 - Sander Bos discovered that Byobu incorrectly handled certain Apport data. An attacker could possibly use this issue to expose sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-7306
MD5 | 4c2093774eb23e84544eada6659c3eaa
Ubuntu Security Notice USN-5235-1
Posted Jan 19, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5235-1 - It was discovered that Ruby incorrectly handled certain HTML files. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a regular expression denial of service.

tags | advisory, denial of service, ruby
systems | linux, ubuntu
advisories | CVE-2021-41816, CVE-2021-41817, CVE-2021-41819
MD5 | aff64bbef2e012395282891e40280155
Ubuntu Security Notice USN-5233-1
Posted Jan 18, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5233-1 - It was discovered that ClamAV incorrectly handled memory when the CL_SCAN_GENERAL_COLLECT_METADATA scan option was enabled. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-20698
MD5 | eba3ef761583dc2280451780d08de197
Ubuntu Security Notice USN-5227-2
Posted Jan 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5227-2 - USN-5227-1 fixed several vulnerabilities in Pillow. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to hang, resulting in a denial of service.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-23437, CVE-2021-34552, CVE-2022-22815, CVE-2022-22816, CVE-2022-22817
MD5 | dc832755c6c583382315537acaeb23d6
Ubuntu Security Notice USN-5229-1
Posted Jan 14, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5229-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, obtain sensitive information across domains, or execute arbitrary code.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2021-4140, CVE-2022-22740, CVE-2022-22745, CVE-2022-22752
MD5 | 5605d6c4983f3d9824c2e81f3b8f1f26
Ubuntu Security Notice USN-5227-1
Posted Jan 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5227-1 - It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to hang, resulting in a denial of service. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service. This issue ony affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2021-23437, CVE-2021-34552, CVE-2022-22815, CVE-2022-22816, CVE-2022-22817
MD5 | db56529bad2281e65e46da129c3b52ef
Ubuntu Security Notice USN-5224-2
Posted Jan 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5224-2 - USN-5224-1 fixed several vulnerabilities in Ghostscript. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-45944
MD5 | 0dc3a1c8c2777da026a8c095e99aab60
Ubuntu Security Notice USN-5223-1
Posted Jan 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5223-1 - It was discovered that Apache Log4j 1.2 was vulnerable to deserialization of untrusted data if the configuration file was editable. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-4104
MD5 | f72345711bcc937d960495cdee7154e8
Ubuntu Security Notice USN-5226-1
Posted Jan 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5226-1 - It was discovered that systemd-tmpfiles employed uncontrolled recursion when removing deeply nested directory hierarchies. A local attacker could exploit this to cause systemd-tmpfiles to crash or have other unspecified impacts.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2021-3997
MD5 | ea6939afbac7e4ee917b957e567b1097
Ubuntu Security Notice USN-5210-2
Posted Jan 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5210-2 - USN-5210-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused failures to boot in environments with AMD Secure Encrypted Virtualization enabled. This update fixes the problem.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-26541, CVE-2021-20321, CVE-2021-3760, CVE-2021-4002, CVE-2021-41864, CVE-2021-43056, CVE-2021-43389
MD5 | 79ba8ed9a2423fc5386cc1761e7e087f
Ubuntu Security Notice USN-5225-1
Posted Jan 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5225-1 - It was discovered that lxml incorrectly handled certain XML and HTML files. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-43818
MD5 | cc399b01818148019672f114714e7af7
Ubuntu Security Notice USN-5224-1
Posted Jan 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5224-1 - It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-45944
MD5 | 114946c01e68bde275bbd6f2a334ad6f
Ubuntu Security Notice USN-5222-1
Posted Jan 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5222-1 - It was discovered that Apache Log4j 2 was vulnerable to remote code execution attack when configured to use a JDBC Appender with a JNDI LDAP data source URI. A remote attacker could possibly use this issue to cause a crash, leading to a denial of service. Hideki Okamoto and Guy Lederfein discovered that Apache Log4j 2 did not protect against infinite recursion in lookup evaluation. A remote attacker could possibly use this issue to cause Apache Log4j 2 to crash, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS.

tags | advisory, remote, denial of service, code execution
systems | linux, ubuntu
advisories | CVE-2021-44832, CVE-2021-45105
MD5 | a4642f2677eb74683680d512a89d8e13
Ubuntu Security Notice USN-5043-2
Posted Jan 11, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5043-2 - USN-5043-1 fixed vulnerabilities in Exiv2. The update introduced a new regression that could cause a crash in applications using libexiv2. This update fixes the problem. It was discovered that Exiv2 incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-37620
MD5 | bc1c21225177d8351549a2b01c6b387b
Page 1 of 241
Back12345Next

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    29 Files
  • 21
    Jan 21st
    12 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    17 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close