exploit the possibilities
Showing 101 - 125 of 5,129 RSS Feed

Files from Ubuntu

Email addresssecurity at ubuntu.com
First Active2004-10-28
Last Active2020-06-02
Ubuntu Security Notice USN-4302-1
Posted Mar 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4302-1 - Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested guest access the resources of a parent guest in certain situations. An attacker could use this to expose sensitive information. Gregory Herrero discovered that the fix for CVE-2019-14615 to address the Linux kernel not properly clearing data structures on context switches for certain Intel graphics processors was incomplete. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-15217, CVE-2019-19046, CVE-2019-19051, CVE-2019-19056, CVE-2019-19058, CVE-2019-19066, CVE-2019-19068, CVE-2020-2732, CVE-2020-8832
MD5 | 399774618ce50a03b46b4f27b7f87a67
Ubuntu Security Notice USN-4301-1
Posted Mar 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4301-1 - It was discovered that the KVM implementation in the Linux kernel, when paravirtual TLB flushes are enabled in guests, the hypervisor in some situations could miss deferred TLB flushes or otherwise mishandle them. An attacker in a guest VM could use this to expose sensitive information. Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested guest access the resources of a parent guest in certain situations. An attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2019-19053, CVE-2019-19056, CVE-2019-19059, CVE-2019-19066, CVE-2019-19068, CVE-2019-3016, CVE-2020-2732
MD5 | 6b921a608ab319902047d0ad4c3538bd
Ubuntu Security Notice USN-4300-1
Posted Mar 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4300-1 - It was discovered that the KVM implementation in the Linux kernel, when paravirtual TLB flushes are enabled in guests, the hypervisor in some situations could miss deferred TLB flushes or otherwise mishandle them. An attacker in a guest VM could use this to expose sensitive information. Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested guest access the resources of a parent guest in certain situations. An attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2019-18809, CVE-2019-19043, CVE-2019-19053, CVE-2019-19056, CVE-2019-19058, CVE-2019-19059, CVE-2019-19064, CVE-2019-19066, CVE-2019-19068, CVE-2019-3016, CVE-2020-2732
MD5 | caa07f46355fbda12c3113a6958695d0
Ubuntu Security Notice USN-4299-1
Posted Mar 12, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4299-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the URL or other browser chrome, obtain sensitive information, bypass Content Security Policy protections, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2019-20503, CVE-2020-6808, CVE-2020-6809, CVE-2020-6810, CVE-2020-6811, CVE-2020-6812, CVE-2020-6815
MD5 | 67cbdfdad2dfc914c5dc998ef6ee9902
Ubuntu Security Notice USN-4298-1
Posted Mar 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4298-1 - It was discovered that SQLite incorrectly handled certain shadow tables. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that SQLite incorrectly handled certain corrupt records. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-13734, CVE-2019-13750, CVE-2019-13751, CVE-2019-13753, CVE-2019-19880, CVE-2019-19923, CVE-2019-19924, CVE-2019-19925, CVE-2019-19926, CVE-2019-19959, CVE-2019-20218, CVE-2020-9327
MD5 | 25d6fa8a4777be059f8c4d0a4282fa53
Ubuntu Security Notice USN-4297-1
Posted Mar 9, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4297-1 - It was discovered that runC incorrectly checked mount targets. An attacker with a malicious container image could possibly mount over the /proc directory and escalate privileges. This issue only affected Ubuntu 18.04 LTS. It was discovered that runC incorrectly performed access control. An attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-16884, CVE-2019-19921
MD5 | a3d8981993c427634845baf9e68183e0
Ubuntu Security Notice USN-4296-1
Posted Mar 4, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4296-1 - Norbert Szetei discovered that Django incorrectly handled the GIS functions and aggregates on Oracle. A remote attacker could possibly use this issue to perform an SQL injection attack.

tags | advisory, remote, sql injection
systems | linux, ubuntu
advisories | CVE-2020-9402
MD5 | 0e88fdf09d5ee84a51c897d800e2a9b4
Ubuntu Security Notice USN-4295-1
Posted Mar 4, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4295-1 - It was discovered that Rake incorrectly handled certain files. An attacker could use this issue to possibly execute arbitrary commands.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-8130
MD5 | ed5349a254769a0ec902a734db209901
Ubuntu Security Notice USN-4290-2
Posted Mar 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4290-2 - USN-4290-1 fixed a vulnerability in libpam-radius-auth. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that libpam-radius-auth incorrectly handled certain long passwords. A remote attacker could possibly use this issue to cause libpam-radius-auth to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2015-9542
MD5 | 7b63988a4de4fd048d42236a94760f24
Ubuntu Security Notice USN-4288-2
Posted Mar 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4288-2 - USN-4288-1 fixed a vulnerability in ppp. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that ppp incorrectly handled certain rhostname values. A remote attacker could use this issue to cause ppp to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-8597
MD5 | 6bcbc056e18596d35faa4a6244f984a9
Ubuntu Security Notice USN-4294-1
Posted Mar 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4294-1 - It was discovered that OpenSMTPD mishandled certain input. A remote, unauthenticated attacker could use this vulnerability to execute arbitrary shell commands as any non-root user. It was discovered that OpenSMTPD did not properly handle hardlinks under certain conditions. An unprivileged local attacker could read the first line of any file on the filesystem.

tags | advisory, remote, arbitrary, shell, local, root
systems | linux, ubuntu
advisories | CVE-2020-8793, CVE-2020-8794
MD5 | 4dae00ef525530e6ea55476c447cd9fd
Ubuntu Security Notice USN-4293-1
Posted Mar 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4293-1 - It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly use this issue to access sensitive information. It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly use this issue to cause a crash resulting in a denial of service or possibly unspecified other impact. This issue only affected Ubuntu 19.10. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-19221, CVE-2020-9308
MD5 | 09204296a171196350f0efa2e5812ade
Ubuntu Security Notice USN-4292-1
Posted Feb 25, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4292-1 - It was discovered that rsync incorrectly handled pointer arithmetic in zlib. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that rsync incorrectly handled vectors involving left shifts of negative integers in zlib. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843
MD5 | a3ff08576453bf2b0102d69a22f053e1
Ubuntu Security Notice USN-4291-1
Posted Feb 25, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4291-1 - It was discovered that mod_auth_mellon incorrectly handled certain requests. An attacker could possibly use this issue to redirect a user to a malicious URL.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-13038
MD5 | 3909383f126c9b7c7f452af184bafad6
Ubuntu Security Notice USN-4290-1
Posted Feb 25, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4290-1 - It was discovered that libpam-radius-auth incorrectly handled certain long passwords. A remote attacker could possibly use this issue to cause libpam-radius-auth to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2015-9542
MD5 | d308bb3c571237f1ab41b0a3a2cd354b
Ubuntu Security Notice USN-4289-1
Posted Feb 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4289-1 - Jeriko One discovered that Squid incorrectly handled memory when connected to an FTP server. A remote attacker could possibly use this issue to obtain sensitive information from Squid memory. Regis Leroy discovered that Squid incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to access server resources prohibited by earlier security filters. Guido Vranken discovered that Squid incorrectly handled certain buffer operations when acting as a reverse proxy. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, web, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-12528, CVE-2020-8449, CVE-2020-8450, CVE-2020-8517
MD5 | 2afaac636a95f7189af1cfe74a67b7b5
Ubuntu Security Notice USN-4288-1
Posted Feb 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4288-1 - It was discovered that ppp incorrectly handled certain rhostname values. A remote attacker could use this issue to cause ppp to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-8597
MD5 | 7c2aaf67119f823f5fc388c4c524b808
Ubuntu Security Notice USN-4279-2
Posted Feb 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4279-2 - USN-4279-1 fixed vulnerabilities in PHP. The updated packages caused a regression. This update fixes the problem. It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 19.10. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, php, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-9253, CVE-2020-7059, CVE-2020-7060
MD5 | 7832c919bd2f89e68f7d1e97d3e21a3c
Ubuntu Security Notice USN-4286-2
Posted Feb 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4286-2 - USN-4286-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-15217, CVE-2019-15220, CVE-2019-15221, CVE-2019-17351, CVE-2019-19051, CVE-2019-19056, CVE-2019-19066, CVE-2019-19068, CVE-2019-19965, CVE-2019-20096, CVE-2019-5108
MD5 | aff5d99660a6cf45c6cd9363ec293dc7
Ubuntu Security Notice USN-4287-2
Posted Feb 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4287-2 - USN-4287-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 ESM. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-15099, CVE-2019-15291, CVE-2019-16229, CVE-2019-16232, CVE-2019-18683, CVE-2019-18786, CVE-2019-18809, CVE-2019-18885, CVE-2019-19057, CVE-2019-19062, CVE-2019-19063, CVE-2019-19071, CVE-2019-19078, CVE-2019-19082, CVE-2019-19227, CVE-2019-19332, CVE-2019-19767, CVE-2019-19965, CVE-2019-20096, CVE-2019-5108, CVE-2020-7053
MD5 | e0a917b1318a227cbe7dcda44cca0d1a
Ubuntu Security Notice USN-4287-1
Posted Feb 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4287-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. It was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-15099, CVE-2019-15291, CVE-2019-16229, CVE-2019-16232, CVE-2019-18683, CVE-2019-18786, CVE-2019-18809, CVE-2019-18885, CVE-2019-19057, CVE-2019-19062, CVE-2019-19063, CVE-2019-19071, CVE-2019-19078, CVE-2019-19082, CVE-2019-19227, CVE-2019-19332, CVE-2019-19767, CVE-2019-19965, CVE-2019-20096, CVE-2019-5108, CVE-2020-7053
MD5 | 8ac6c9839149435e4e444efe50c60dbc
Ubuntu Security Notice USN-4286-1
Posted Feb 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4286-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. It was discovered that a race condition existed in the Softmac USB Prism54 device driver in the Linux kernel. A physically proximate attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-15217, CVE-2019-15220, CVE-2019-15221, CVE-2019-17351, CVE-2019-19051, CVE-2019-19056, CVE-2019-19066, CVE-2019-19068, CVE-2019-19965, CVE-2019-20096, CVE-2019-5108
MD5 | 8455aecab2d4723eb33c4d08058ff1de
Ubuntu Security Notice USN-4285-1
Posted Feb 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4285-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. It was discovered that the HSA Linux kernel driver for AMD GPU devices did not properly check for errors in certain situations, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-16229, CVE-2019-16232, CVE-2019-18786, CVE-2019-18809, CVE-2019-19057, CVE-2019-19063, CVE-2019-19947, CVE-2019-19965, CVE-2019-20096, CVE-2019-5108, CVE-2020-7053
MD5 | daf9f1592f5ba45b8c8932f8eca98761
Ubuntu Security Notice USN-4284-1
Posted Feb 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4284-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. It was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-15099, CVE-2019-15291, CVE-2019-16229, CVE-2019-16232, CVE-2019-18683, CVE-2019-18786, CVE-2019-18811, CVE-2019-19050, CVE-2019-19057, CVE-2019-19063, CVE-2019-19071, CVE-2019-19077, CVE-2019-19078, CVE-2019-19082, CVE-2019-19241, CVE-2019-19252, CVE-2019-19332, CVE-2019-19602, CVE-2019-19767, CVE-2019-19947, CVE-2019-19965
MD5 | e903243d36a1aa3e1ef54c023594f389
Ubuntu Security Notice USN-4283-1
Posted Feb 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4283-1 - Felipe Franciosi, Raphael Norwitz, and Peter Turschmid discovered that QEMU incorrectly handled iSCSI server responses. A remote attacker in control of the iSCSI server could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code. It was discovered that the QEMU libslirp component incorrectly handled memory. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-1711
MD5 | 97da348a4a81d4a5d512a4d4f00c31ba
Page 5 of 206
Back34567Next

File Archive:

June 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    10 Files
  • 2
    Jun 2nd
    9 Files
  • 3
    Jun 3rd
    0 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close