exploit the possibilities
Showing 51 - 75 of 6,016 RSS Feed

Files from Ubuntu

Email addresssecurity at ubuntu.com
First Active2004-10-28
Last Active2022-01-24
Ubuntu Security Notice USN-5191-1
Posted Dec 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5191-1 - It was discovered that Flatpak incorrectly handled certain AF_UNIX sockets. An attacker could use this to specially craft a Flatpak application that could escape sandbox confinement.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2021-41133
MD5 | 9189fd5f91e380a1fe3bcc7bb69263e6
Ubuntu Security Notice USN-5174-2
Posted Dec 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5174-2 - USN-5174-1 fixed vulnerabilities in Samba. Some of the changes introduced a regression in Kerberos authentication in certain environments. This update fixes the problem.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-2124, CVE-2020-25717, CVE-2020-25722, CVE-2021-3671
MD5 | 8fd6bf594330b49b72b92d37ea3a6bf6
Ubuntu Security Notice USN-5142-3
Posted Dec 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5142-3 - USN-5142-1 fixed vulnerabilities in Samba. Some of the upstream changes introduced a regression in Kerberos authentication in certain environments. Please see the following upstream bug for more information: https://bugzilla.samba.org/show_bug.cgi?id=14922 This update fixes the problem. Various other issues were also addressed.

tags | advisory, web, cgi, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-2124, CVE-2020-25717, CVE-2020-25718, CVE-2020-25719, CVE-2020-25721, CVE-2020-25722, CVE-2021-23192, CVE-2021-3671, CVE-2021-3738
MD5 | 70a9bf4d44c782fa68bcad24ec3bae80
Ubuntu Security Notice USN-5189-1
Posted Dec 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5189-1 - It was discovered that GLib incorrectly handled certain environment variables. An attacker could possibly use this issue to escalate privileges.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2021-3800
MD5 | 4768012c3e53b6b53be62501e9bb9c26
Ubuntu Security Notice USN-5186-1
Posted Dec 10, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5186-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct spoofing attacks, bypass CSP restrictions, or execute arbitrary code. A security issue was discovered with the handling of WebExtension permissions. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to create and install a service worker that wouldn't be uninstalled with the extension. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2021-43536, CVE-2021-43539, CVE-2021-43540, CVE-2021-43541, CVE-2021-43545, CVE-2021-43546
MD5 | af467d405b02c0deebc430a5e5265a84
Ubuntu Security Notice USN-5183-1
Posted Dec 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5183-1 - Julian Rauchberger discovered that BlueZ incorrectly handled memory when processing SDP attribute requests. A remote attacker could use this issue to cause BlueZ to crash, leading to a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-8922
MD5 | a234da3acdba27985d86e55366a94ecb
Ubuntu Security Notice USN-5180-1
Posted Dec 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5180-1 - It was discovered that Mailman incorrectly handled CSRF tokens. A remote list member or moderator could possibly use their own token to craft an admin request CSRF attack and set a new admin password or make other changes.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2021-44227
MD5 | 8d5a793c1d3a87ebce752576a0f804e1
Ubuntu Security Notice USN-5168-4
Posted Dec 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5168-4 - USN-5168-3 fixed a vulnerability in NSS. Unfortunately that update introduced a regression that could break SSL connections. This update fixes the problem. Tavis Ormandy discovered that NSS incorrectly handled verifying DSA/RSA-PSS signatures. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-43527
MD5 | 268760165ba1221a3f3d235bd7035bf9
Ubuntu Security Notice USN-5179-1
Posted Dec 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5179-1 - It was discovered that BusyBox incorrectly handled certain malformed gzip archives. If a user or automated system were tricked into processing a specially crafted gzip archive, a remote attacker could use this issue to cause BusyBox to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that BusyBox incorrectly handled certain malformed LZMA archives. If a user or automated system were tricked into processing a specially crafted LZMA archive, a remote attacker could use this issue to cause BusyBox to crash, resulting in a denial of service, or possibly leak sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-28831, CVE-2021-42374, CVE-2021-42380, CVE-2021-42382, CVE-2021-42384, CVE-2021-42385
MD5 | 01b6c0084a8d9d9b7eae9133958e19df
Ubuntu Security Notice USN-5178-1
Posted Dec 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5178-1 - Sjoerd Job Postmus and TengMA discovered that Django incorrectly handled URLs with trailing newlines. A remote attacker could possibly use this issue to bypass certain access controls.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2021-44420
MD5 | 3b4b2a16be4593d6a9eec188679fffa5
Ubuntu Security Notice USN-5170-1
Posted Dec 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5170-1 - A security issue was discovered in MariaDB and this update includes new upstream MariaDB versions to fix the issue. MariaDB has been updated to 10.3.32 in Ubuntu 20.04 LTS and to 10.5.13 in Ubuntu 21.04 and Ubuntu 21.10. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2021-35604
MD5 | 082e8df6e4b56be919ae2ed037b25656
Ubuntu Security Notice USN-5142-2
Posted Dec 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5142-2 - USN-5142-1 fixed vulnerabilities in Samba. Some of the upstream changes introduced regressions in name mapping and backups.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-2124, CVE-2020-25717, CVE-2020-25718, CVE-2020-25719, CVE-2020-25721, CVE-2020-25722, CVE-2021-23192, CVE-2021-3671, CVE-2021-3738
MD5 | 9c987669c01e589bdc22e8611a6021bb
Ubuntu Security Notice USN-5173-1
Posted Dec 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5173-1 - It was discovered that libmodbus incorrectly handled inputs. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-14462
MD5 | 601b2593d2653d53e96a9c8e2897bacd
Ubuntu Security Notice USN-5172-1
Posted Dec 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5172-1 - It was discovered that uriparser mishandled certain input. An attacker could use this vulnerability to cause uriparser to crash or possibly execute arbitrary code. It was discovered that uriparser incorrectly handled certain URIs. An attacker could use this vulnerability to cause a crash or possibly leak sensitive information.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-19198, CVE-2018-20721
MD5 | b665785c4aa95ee4e2437ad46c171d01
Ubuntu Security Notice USN-5171-1
Posted Dec 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5171-1 - It was discovered that Long Range ZIP incorrectly handled certain specially crafted lrz files. A remote attacker could possibly use this issue to cause a denial of service or other unspecified impact.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2017-8844, CVE-2018-10685, CVE-2018-5786
MD5 | 07e3fbd46037a8b0af7fb998bd30e0d3
Ubuntu Security Notice USN-5174-1
Posted Dec 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5174-1 - Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client connections. A remote attacker could possibly use this issue to downgrade connections to plaintext authentication. Andrew Bartlett discovered that Samba incorrectly mapping domain users to local users. An authenticated attacker could possibly use this issue to become root on domain members. Andrew Bartlett discovered that Samba did not properly check sensitive attributes. An authenticated attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

tags | advisory, remote, local, root
systems | linux, ubuntu
advisories | CVE-2016-2124, CVE-2020-25717, CVE-2020-25722, CVE-2021-3671
MD5 | 36154f364ec799ffdf2210a0c6ceff95
Ubuntu Security Notice USN-5168-3
Posted Dec 2, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5168-3 - USN-5168-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tavis Ormandy discovered that NSS incorrectly handled verifying DSA/RSA-PSS signatures. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-43527
MD5 | 106341b60664441783f0031ef8f6265a
Ubuntu Security Notice USN-5168-1
Posted Dec 2, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5168-1 - Tavis Ormandy discovered that NSS incorrectly handled verifying DSA/RSA-PSS signatures. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-43527
MD5 | 0e4142ce22ed9c20ba17227b9f26297f
Ubuntu Security Notice USN-5168-2
Posted Dec 2, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5168-2 - Tavis Ormandy discovered that NSS, included with Thunderbird, incorrectly handled verifying DSA/RSA-PSS signatures. A remote attacker could use this issue to cause Thunderbird to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-43527
MD5 | cceb150b416aa2150d692f26de8cb22b
Ubuntu Security Notice USN-5164-1
Posted Dec 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5164-1 - It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the AMD Cryptographic Coprocessor driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-37159
MD5 | 6ccccfa63f87b8046f886da63dc7344f
Ubuntu Security Notice USN-5165-1
Posted Dec 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5165-1 - It was discovered that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface implementation. A local attacker could possibly use this to cause a denial of service or execute arbitrary code. It was discovered that the SCTP protocol implementation in the Linux kernel did not properly verify VTAGs in some situations. A remote attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2021-3760, CVE-2021-3772, CVE-2021-42327, CVE-2021-42739, CVE-2021-43056, CVE-2021-43267, CVE-2021-43389
MD5 | 9b62ebc65593eec8e7ee5817b3b82e23
Ubuntu Security Notice USN-5163-1
Posted Dec 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5163-1 - Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information. It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2021-3655, CVE-2021-37159
MD5 | b435df38ae55595db8f1bcd795db1127
Ubuntu Security Notice USN-5162-1
Posted Dec 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5162-1 - Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information. It was discovered that the AMD Cryptographic Coprocessor driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3655, CVE-2021-42252, CVE-2021-43057
MD5 | 168949d5bd28d8a0c87dc3d7bb453348
Ubuntu Security Notice USN-5161-1
Posted Dec 1, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5161-1 - Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information. It was discovered that the AMD Cryptographic Coprocessor driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3655, CVE-2021-42252
MD5 | adcd67f9c4539f1d01ba2e73bf9972aa
Ubuntu Security Notice USN-5158-1
Posted Nov 30, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5158-1 - It was discovered that ImageMagick incorrectly handled certain values when processing visual effects based image files. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. It was discovered that ImageMagick incorrectly handled certain values when performing resampling operations. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2021-20244, CVE-2021-20246, CVE-2021-20309, CVE-2021-20312, CVE-2021-20313
MD5 | 2d8eb9010bc1bef7e8eafdda3ebf835a
Page 3 of 241
Back12345Next

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    29 Files
  • 21
    Jan 21st
    12 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    17 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close