what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 7,926 RSS Feed

Operating System: Ubuntu

Ubuntu Security Notice USN-5555-1
Posted Aug 9, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5555-1 - It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-1920, CVE-2022-1924, CVE-2022-1925, CVE-2022-2122
SHA-256 | fc54f4db51630f5b7a50b387d8d318be04319507a5f050b741cc537a5d495467
Ubuntu Security Notice USN-5553-1
Posted Aug 8, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5553-1 - It was discovered that libjpeg-turbo was not properly handling EOF characters, which could lead to excessive memory consumption through the execution of a large loop. An attacker could possibly use this issue to cause a denial of service. It was discovered that libjpeg-turbo was not properly performing bounds check operations, which could lead to a heap-based buffer overread. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-11813, CVE-2018-14498, CVE-2020-14152, CVE-2020-17541
SHA-256 | 4e135a6155a1d14aa6894601823a2eb064d3b15e7f83a90a56f73977ea7ed49c
Ubuntu Security Notice USN-5554-1
Posted Aug 8, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5554-1 - Pedro Ribeiro discovered that the GDK-PixBuf library did not properly handle certain GIF images. If an user or automated system were tricked into opening a specially crafted GIF file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-46829
SHA-256 | e3627154196feab669778608b18845cbd453c874886a6d8b9162c1db15124694
Ubuntu Security Notice USN-5552-1
Posted Aug 8, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5552-1 - It was discovered that phpLiteAdmin incorrectly handled certain GET requests. An attacker could possibly use this issue to perform cross-site scripting attacks.

tags | advisory, xss
systems | linux, ubuntu
advisories | CVE-2021-46709
SHA-256 | d11c28be54d29888fbcb81900ade5f92a7f9ce5670ae0c80a2bd652530514a01
Ubuntu Security Notice USN-5548-1
Posted Aug 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5548-1 - It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-3709
SHA-256 | 642abdd532bf60dbf00614089fd0bb3cf3496d49c4c8fc1e8e127732f40e9bdc
Ubuntu Security Notice USN-5551-1
Posted Aug 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5551-1 - It was discovered that mod-wsgi did not correctly remove the X-Client-IP header when processing requests from untrusted proxies. A remote attacker could use this issue to pass the header to WSGI applications, contrary to expectations.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2022-2255
SHA-256 | c0d8b0811cff1c4ea3ce6d3631247e214ed04798446bc13c1afab5378aab94e1
Ubuntu Security Notice USN-5550-1
Posted Aug 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5550-1 - It was discovered that GnuTLS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. It was discovered that GnuTLS incorrectly handled the verification of certain pkcs7 signatures. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-4209, CVE-2022-2509
SHA-256 | e6be1b0f70c52298ac52eaf627c11fe4e6dbb1bfd6bbff03ccc185fa6c027cc5
Ubuntu Security Notice USN-5549-1
Posted Aug 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5549-1 - It was discovered that Django incorrectly handled certain FileResponse. An attacker could possibly use this issue to expose sensitive information or gain access over user machine.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2022-36359
SHA-256 | d6802db37f187944cfcae70e62625c7f67a075d00e01f75cb25bab74570cc154
Ubuntu Security Notice USN-5546-1
Posted Aug 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5546-1 - Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17 and OpenJDK 18. It was discovered that OpenJDK incorrectly limited memory when compiling a specially crafted XPath expression. An attacker could possibly use this issue to cause a denial of service. This issue was fixed in OpenJDK 8 and OpenJDK 18. USN-5388-1 and USN-5388-2 addressed this issue in OpenJDK 11 and OpenJDK 17.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21449, CVE-2022-21476, CVE-2022-21496, CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-34169
SHA-256 | 84c887787fbc010de3680aa29d38e80563065655d3f3e4aab5622447751585c1
Ubuntu Security Notice USN-5546-2
Posted Aug 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5546-2 - USN-5546-1 fixed vulnerabilities in OpenJDK. This update provides the corresponding updates for Ubuntu 16.04 ESM. Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17 and OpenJDK 18.

tags | advisory, remote, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21449, CVE-2022-21476, CVE-2022-21496, CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-34169
SHA-256 | 87c3a989ef7c811d1439e85194a5e4c23b3972fb68b3f204b750638318cec97c
Ubuntu Security Notice USN-5547-1
Posted Aug 4, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5547-1 - Le Wu discovered that the NVIDIA graphics drivers did not properly perform input validation in some situations. A local user could use this to cause a denial of service or possibly execute arbitrary code. Tal Lossos discovered that the NVIDIA graphics drivers incorrectly handled certain memory operations, leading to a null-pointer dereference. A local attacker could use this to cause a denial of service. Artem S. Tashkinov discovered that the NVIDIA graphics drivers Dynamic Boost D-Bus component did not properly restrict access to its endpoint. When enabled in non-default configurations, a local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2022-31607, CVE-2022-31608, CVE-2022-31615
SHA-256 | fed8c6912db5c18b18ce002d7aa30fbc1ae00429aec9790f658542e2c6c65b13
Ubuntu Security Notice USN-5545-1
Posted Aug 3, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5545-1 - Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-34918
SHA-256 | df1ade419034de9ac52eb21a326406be8cabba33c20738622b11bea7eb141d29
Ubuntu Security Notice USN-5463-2
Posted Aug 3, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5463-2 - USN-5463-1 fixed vulnerabilities in NTFS-3G. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Roman Fiedler discovered that NTFS-3G incorrectly handled certain return codes. A local attacker could possibly use this issue to intercept protocol traffic between FUSE and the kernel.

tags | advisory, kernel, local, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2022-30783, CVE-2022-30787
SHA-256 | 129ca2bac42b3a2a63a3ac46591acf02478ace900a70c46b3768b8b76eb57862
Ubuntu Security Notice USN-5544-1
Posted Aug 2, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5544-1 - It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Felix Fu discovered that the Sun RPC implementation in the Linux kernel did not properly handle socket states, leading to a use-after-free vulnerability. A remote attacker could possibly use this to cause a denial of service or execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-1652, CVE-2022-1679, CVE-2022-28893, CVE-2022-34918
SHA-256 | 6ff10c40293ee5b0cacf9d5cdadbf326e0de7006c17b46a23ab455145589f987
Ubuntu Security Notice USN-5543-1
Posted Aug 2, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5543-1 - Yu Zhang and Nanyu Zhong discovered that Net-SNMP incorrectly handled memory operations when processing certain requests. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-24805, CVE-2022-24809
SHA-256 | 153417a2fbd138ed01adf8e6296b0b3124a2f4d608835e96715157fb56c53600
Ubuntu Security Notice USN-5542-1
Posted Aug 1, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5542-1 - It was discovered that Samba did not handle MaxQueryDuration when being used in AD DC configurations, contrary to expectations. This issue only affected Ubuntu 20.04 LTS. Luke Howard discovered that Samba incorrectly handled certain restrictions associated with changing passwords. A remote attacker being requested to change passwords could possibly use this issue to escalate privileges.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2021-3670, CVE-2022-2031, CVE-2022-32742, CVE-2022-32744, CVE-2022-32745, CVE-2022-32746
SHA-256 | 64dcd0b4e57993d8ecdb31b0a283748a7fe8d11403650392271d1261d52dc7be
Ubuntu Security Notice USN-5541-1
Posted Jul 29, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5541-1 - Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. Jann Horn discovered that the FUSE file system in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-4197, CVE-2022-1011, CVE-2022-1198, CVE-2022-1199, CVE-2022-1204, CVE-2022-1205, CVE-2022-1353, CVE-2022-1516, CVE-2022-2380, CVE-2022-28388, CVE-2022-28389
SHA-256 | e964411e2a44ec6b1d66fca5a48f54b1a1e945a816cc42a923278a78bcde118e
Ubuntu Security Notice USN-5540-1
Posted Jul 29, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5540-1 - Liu Jian discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the USB gadget subsystem in the Linux kernel did not properly validate interface descriptor requests. An attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-20141, CVE-2022-25258, CVE-2022-25375, CVE-2022-34918
SHA-256 | f428af4961f037f9aea520b0b4732e409e7b944994e66c7fc5dc8237a6730340
Ubuntu Security Notice USN-5539-1
Posted Jul 29, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5539-1 - It was discovered that the implementation of the 6pack and mkiss protocols in the Linux kernel did not handle detach events properly in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service. Duoming Zhou discovered that the AX.25 amateur radio protocol implementation in the Linux kernel did not handle detach events properly in some situations. A local attacker could possibly use this to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-1195, CVE-2022-1199, CVE-2022-1204, CVE-2022-1205, CVE-2022-1789, CVE-2022-28388, CVE-2022-33981
SHA-256 | e0f1dc9c61a271fdd2e51e74092004e7786f7464ac5a1e07c3a459de607c3aff
Ubuntu Security Notice USN-5536-1
Posted Jul 29, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5536-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the mouse pointer position, bypass Subresource Integrity protections, obtain sensitive information, or execute arbitrary code.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2022-2505, CVE-2022-36319
SHA-256 | a3f6eb274e9d4bb1910c15874d1f521d440de1c77c380a3de951175d7068aea7
Ubuntu Security Notice USN-5537-2
Posted Jul 29, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5537-2 - USN-5537-1 fixed a vulnerability in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.7.39 in Ubuntu 16.04 ESM.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2022-21515
SHA-256 | 91ad3492d567b8359bd5f30f89f31f5809fa70a509cd42e4271733886d69ece0
Ubuntu Security Notice USN-5538-1
Posted Jul 29, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5538-1 - It was discovered that libtirpc incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2021-46828
SHA-256 | 92956c09842ba4745140cc0741ff13b31c793230ff51a01187672043280bfa9d
Ubuntu Security Notice USN-5537-1
Posted Jul 29, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5537-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.30 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.39. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2022-21509, CVE-2022-21525, CVE-2022-21529, CVE-2022-21537, CVE-2022-21553
SHA-256 | cdeec5366a2b7a76fe29f05a0289b9a37f2b6e645a369069aada53fbbd5ad0b1
Ubuntu Security Notice USN-5535-1
Posted Jul 28, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5535-1 - Joseph Nuzman discovered that some Intel processors did not properly initialise shared resources. A local attacker could use this to obtain sensitive information. Mark Ermolov, Dmitry Sklyarov and Maxim Goryachy discovered that some Intel processors did not prevent test and debug logic from being activated at runtime. A local attacker could use this to escalate privileges.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2021-0127, CVE-2021-0145, CVE-2021-0146, CVE-2021-33117, CVE-2021-33120, CVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21151, CVE-2022-21166
SHA-256 | 3b9019a8fb28be7eb6726c2f57a3295923eb2c3ecfca6b1bde16634486f1f849
Ubuntu Security Notice USN-5531-1
Posted Jul 27, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5531-1 - Pietro Borrello discovered that protobuf-c contained an invalid arithmetic shift. This vulnerability allowed attackers to cause a denial of service via unspecified vectors. It was discovered that protobuf-c contained an unsigned integer overflow. This vulnerability allowed attackers to cause a denial of service via unspecified vectors.

tags | advisory, denial of service, overflow
systems | linux, ubuntu
advisories | CVE-2022-33070
SHA-256 | 9c1853bf4125f3d2065d985d456461411609a6cce87fd52a52fb2f90beb1a732
Page 1 of 318
Back12345Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close