exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 8,429 RSS Feed

Files from Ubuntu

Email addresssecurity at ubuntu.com
First Active2004-10-28
Last Active2024-12-03
Ubuntu Security Notice USN-7121-1
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7121-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2022-48733, CVE-2022-48938, CVE-2022-48943, CVE-2023-52502, CVE-2023-52531, CVE-2023-52599, CVE-2023-52614, CVE-2023-52639, CVE-2024-26668, CVE-2024-26675, CVE-2024-36020, CVE-2024-36953, CVE-2024-38538, CVE-2024-38560
SHA-256 | a5d279642a2825e810ea4cd3f8cf90409d9d98c7800a435ae7b18ad49a98dac3
Ubuntu Security Notice USN-7120-1
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7120-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2024-43882
SHA-256 | 9a219c86f338ba1aa47688bce8d8ccd34d42158fb4334560d154470d24bf725b
Ubuntu Security Notice USN-7119-1
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7119-1 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-47188, CVE-2022-36402, CVE-2022-48863, CVE-2023-52531, CVE-2023-52614, CVE-2023-52918, CVE-2024-26607, CVE-2024-26640, CVE-2024-26641, CVE-2024-26668, CVE-2024-26669, CVE-2024-26677, CVE-2024-26885, CVE-2024-26960
SHA-256 | 0ac8232eca124498c64e1f39ff4a55d32797211ade5b92cbb09450e9c8fd78da
Ubuntu Security Notice USN-7089-7
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7089-7 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-52887, CVE-2023-52888, CVE-2024-25741, CVE-2024-39487, CVE-2024-41007, CVE-2024-41012, CVE-2024-41015, CVE-2024-41020, CVE-2024-41022, CVE-2024-41023, CVE-2024-41025, CVE-2024-41030, CVE-2024-41032, CVE-2024-41034
SHA-256 | 3bb4b0009eaad71618f34ff6c752f1f9e4ea79487c66b03cb45903424dfb4988
Ubuntu Security Notice USN-7117-1
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7117-1 - Qualys discovered that needrestart passed unsanitized data to a library which expects safe input. A local attacker could possibly use this issue to execute arbitrary code as root. Qualys discovered that the library libmodule-scandeps-perl incorrectly parsed perl code. This could allow a local attacker to execute arbitrary shell commands.

tags | advisory, arbitrary, shell, local, root, perl
systems | linux, ubuntu
advisories | CVE-2024-10224, CVE-2024-11003, CVE-2024-48990, CVE-2024-48991, CVE-2024-48992
SHA-256 | 243f9908492121d33be291aab7ae169001482e1d128c0417a2f83b5ed1d56c6e
Ubuntu Security Notice USN-7115-1
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7115-1 - It was discovered that Waitress could process follow up requests when receiving a specially crafted message. An attacker could use this issue to have the server process inconsistent client requests. Dylan Jay discovered that Waitress could be lead to write to an unexisting socket after closing the remote connection. An attacker could use this issue to increase resource utilization leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2024-49768, CVE-2024-49769
SHA-256 | 6ad6f923ea9cc45b7e046d6e571ff79657024a06937696cab8baf2ba282bbeb0
Ubuntu Security Notice USN-7116-1
Posted Nov 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7116-1 - It was discovered that Python incorrectly handled quoting path names when using the venv module. A local attacker able to control virtual environments could possibly use this issue to execute arbitrary code when the virtual environment is activated.

tags | advisory, arbitrary, local, python
systems | linux, ubuntu
advisories | CVE-2024-9287
SHA-256 | 446a88199d9186d03c7cdc7b5e4b83cd8d96c3cfc050d5bbded309e03b02cb0c
Ubuntu Security Notice USN-7015-5
Posted Nov 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7015-5 - USN-7015-1 fixed several vulnerabilities in Python. This update provides the corresponding update for CVE-2024-6232 and CVE-2024-6923 for python2.7 in Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could possibly use this issue to bypass certain protection mechanisms. It was discovered that Python allowed excessive backtracking while parsing certain tarfile headers. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. It was discovered that the Python email module incorrectly quoted newlines for email headers. A remote attacker could possibly use this issue to perform header injection. It was discovered that the Python http.cookies module incorrectly handled parsing cookies that contained backslashes for quoted characters. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. It was discovered that the Python zipfile module incorrectly handled certain malformed zip files. A remote attacker could possibly use this issue to cause Python to stop responding, resulting in a denial of service.

tags | advisory, remote, web, denial of service, vulnerability, python
systems | linux, ubuntu
advisories | CVE-2023-27043, CVE-2024-6232, CVE-2024-6923, CVE-2024-7592, CVE-2024-8088
SHA-256 | 08f60811c86141139bb27d0271c6dc8fb3d71d45f06454f487eabe3442ba3aa1
Ubuntu Security Notice USN-7114-1
Posted Nov 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7114-1 - It was discovered that Glib incorrectly handled certain trailing characters. An attacker could possibly use this issue to cause a crash or other undefined behavior.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2024-52533
SHA-256 | 4db03b1520199c6230c02cdc5e8f20493c1c1be2747f204c7c236a798edb64d9
Ubuntu Security Notice USN-7104-1
Posted Nov 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7104-1 - It was discovered that curl could overwrite the HSTS expiry of the parent domain with the subdomain's HSTS entry. This could lead to curl switching back to insecure HTTP earlier than otherwise intended, resulting in information exposure.

tags | advisory, web
systems | linux, ubuntu
advisories | CVE-2024-9681
SHA-256 | 0f628650750691a59648b4a0228da093ce429c68aa5c949edc1146e5a110c9b2
Ubuntu Security Notice USN-7113-1
Posted Nov 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7113-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2024-44244
SHA-256 | dd5f06682ca93a1fe2093e0af57570ec9766114fd67a9256775ecb3b152853a5
Ubuntu Security Notice USN-7108-1
Posted Nov 18, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7108-1 - Fabian Bäumer, Marcus Brinkmann, and Joerg Schwenk discovered that AsyncSSH did not properly handle the extension info message. An attacker able to intercept communications could possibly use this issue to downgrade the algorithm used for client authentication. Fabian Bäumer, Marcus Brinkmann, and Joerg Schwenk discovered that AsyncSSH did not properly handle the user authentication request message. An attacker could possibly use this issue to control the remote end of an SSH client session via packet injection/removal and shell emulation.

tags | advisory, remote, shell
systems | linux, ubuntu
advisories | CVE-2023-46445, CVE-2023-46446
SHA-256 | 879c1bba1c6e49f095f223b8a2b416c8ae15269b5259350aefb2b128068cebe4
Ubuntu Security Notice USN-7106-1
Posted Nov 18, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7106-1 - It was discovered that Tomcat did not include the secure attribute for session cookies when using the RemoteIpFilter with requests from a reverse proxy. An attacker could possibly use this issue to leak sensitive information. It was discovered that Tomcat had a vulnerability in its FORM authentication feature, leading to an open redirect attack. An attacker could possibly use this issue to perform phishing attacks.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2023-28708, CVE-2023-41080, CVE-2023-42795, CVE-2023-45648, CVE-2024-23672
SHA-256 | a7e1f25fa58014ab4990b4ca73018677dc891d2ab83b50bc02c672928853008f
Ubuntu Security Notice USN-7089-6
Posted Nov 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7089-6 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-52887, CVE-2024-25741, CVE-2024-39487, CVE-2024-41015, CVE-2024-41017, CVE-2024-41019, CVE-2024-41020, CVE-2024-41021, CVE-2024-41023, CVE-2024-41025, CVE-2024-41028, CVE-2024-41030, CVE-2024-41031, CVE-2024-41032
SHA-256 | 515b12c4124017f9c9b2a16d46a9bd62684fd3cd10bf1db6c2b42939bd7a194a
Ubuntu Security Notice USN-7112-1
Posted Nov 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7112-1 - It was discovered that the GD Graphics Library did not perform proper bounds checking while handling BMP and WebP files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2021-40812
SHA-256 | 79519e626cd3d16dd3eb3af83d09539a391326284b873a411f29ab8e922b9563
Ubuntu Security Notice USN-7111-1
Posted Nov 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7111-1 - Philippe Antoine discovered that Go incorrectly handled crafted HTTP/2 streams. An attacker could possibly use this issue to cause a denial of service. Marten Seemann discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. Ameya Darshan and Jakob Ackermann discovered that Go did not properly validate the amount of memory and disk files ReadForm can consume. An attacker could possibly use this issue to cause a panic resulting in a denial of service.

tags | advisory, web, denial of service
systems | linux, ubuntu
advisories | CVE-2022-41723, CVE-2022-41724, CVE-2022-41725, CVE-2023-24536, CVE-2023-39323, CVE-2023-45288, CVE-2023-45290, CVE-2024-24783, CVE-2024-24784, CVE-2024-24789, CVE-2024-24791, CVE-2024-34155, CVE-2024-34156, CVE-2024-34158
SHA-256 | 8309e2cc82bec72641de9766c00b5b04be56b3f96d79c53bdc77264e677a87a9
Ubuntu Security Notice USN-7088-5
Posted Nov 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7088-5 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-47212, CVE-2022-36402, CVE-2023-52614, CVE-2023-52918, CVE-2024-26668, CVE-2024-26669, CVE-2024-26885, CVE-2024-26891, CVE-2024-27051, CVE-2024-35848, CVE-2024-36484, CVE-2024-38602, CVE-2024-38611, CVE-2024-41012
SHA-256 | c4e7f1b5ea3bf3722a4cbe7f2f32f3a71766382741673a08f931c00204a0c5a6
Ubuntu Security Notice USN-7089-5
Posted Nov 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7089-5 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-52887, CVE-2023-52888, CVE-2024-25741, CVE-2024-39486, CVE-2024-39487, CVE-2024-41007, CVE-2024-41010, CVE-2024-41015, CVE-2024-41018, CVE-2024-41019, CVE-2024-41020, CVE-2024-41021, CVE-2024-41025, CVE-2024-41028
SHA-256 | 38c2b5bbf914d159a695ab1789496137c8c27f28f851de9815a9296aa57c2bde
Ubuntu Security Notice USN-7071-2
Posted Nov 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7071-2 - A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2024-45016
SHA-256 | 4600b05a59b404330cebcee8721bbdf4b80ce45ff3349218774f16c47979b7b7
Ubuntu Security Notice USN-7049-2
Posted Nov 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7049-2 - USN-7049-1 fixed vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that PHP incorrectly handled parsing multipart form data. A remote attacker could possibly use this issue to inject payloads and cause PHP to ignore legitimate data.

tags | advisory, remote, php, vulnerability
systems | linux, ubuntu
advisories | CVE-2024-8925, CVE-2024-8927
SHA-256 | 1ef836801b877272adfe67ac7b50491e2b11f94aae8175ec4b8655236596a7ed
Ubuntu Security Notice USN-7110-1
Posted Nov 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7110-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2023-52528, CVE-2024-26810, CVE-2024-38602, CVE-2024-38630, CVE-2024-39487, CVE-2024-41097, CVE-2024-42089, CVE-2024-42223, CVE-2024-42284, CVE-2024-43858
SHA-256 | bf1a03d0be2b727fc9dee77e804300ce9b9409eafee43a69c1d54846bcfab354
Ubuntu Security Notice USN-7109-1
Posted Nov 14, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7109-1 - Philippe Antoine discovered that Go incorrectly handled crafted HTTP/2 streams. An attacker could possibly use this issue to cause a denial of service. Marten Seemann discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. Ameya Darshan and Jakob Ackermann discovered that Go did not properly validate the amount of memory and disk files ReadForm can consume. An attacker could possibly use this issue to cause a panic resulting in a denial of service.

tags | advisory, web, denial of service
systems | linux, ubuntu
advisories | CVE-2022-41723, CVE-2022-41724, CVE-2022-41725, CVE-2023-24531, CVE-2023-24536, CVE-2023-29402, CVE-2023-29403, CVE-2023-29404, CVE-2023-29405, CVE-2023-29406, CVE-2023-39323, CVE-2023-39325, CVE-2023-45288, CVE-2023-45290
SHA-256 | 58c0bd17f1c8113660d80deb0928ae6b2fe30fb7373a788126eaeb55879ba80a
Ubuntu Security Notice USN-7107-1
Posted Nov 14, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7107-1 - It was discovered that Minizip in zlib incorrectly handled certain zip header fields. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-45853
SHA-256 | b29823bfaf7715177aa099252dea5c17d60d20ee2a13e95c6592b075179da5bc
Ubuntu Security Notice USN-7100-2
Posted Nov 13, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7100-2 - Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, arbitrary, x86, kernel
systems | linux, ubuntu
advisories | CVE-2022-48666, CVE-2024-25744, CVE-2024-26607, CVE-2024-26669, CVE-2024-26893, CVE-2024-36484, CVE-2024-38577, CVE-2024-38602, CVE-2024-38611, CVE-2024-39472, CVE-2024-40915, CVE-2024-41011, CVE-2024-41012, CVE-2024-41017
SHA-256 | 163422edaa457d7b18dd68f3c52d86764e74e2b0d95f740cb2caa422b41f81a3
Ubuntu Security Notice USN-7102-1
Posted Nov 12, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7102-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.40 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2024-21193, CVE-2024-21198, CVE-2024-21213, CVE-2024-21236
SHA-256 | e524f0f3159df2b33c1a1301dba5fa9cec3efb554922a66708a6e2595daaf4cc
Page 2 of 338
Back12345Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close