exploit the possibilities
Showing 1 - 25 of 7,225 RSS Feed

Operating System: Ubuntu

Ubuntu Security Notice USN-4938-1
Posted May 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4938-1 - It was discovered that Unbound contained multiple security issues. A remote attacker could possibly use these issues to cause a denial of service, inject arbitrary commands, execute arbitrary code, and overwrite local files.

tags | advisory, remote, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2019-25031, CVE-2019-25035, CVE-2019-25039, CVE-2020-28935
MD5 | 7cbc6ff7f46d7928484a4e834e459fb3
Ubuntu Security Notice USN-4936-1
Posted May 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4936-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. It was discovered that Thunderbird may keep key material in memory in some circumstances. A local attacker could potentially exploit this to obtain private keys. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2021-23968, CVE-2021-23969, CVE-2021-23973, CVE-2021-29950
MD5 | 6267c7c4cad00ab2f62f75f37a6613c0
Ubuntu Security Notice USN-4937-1
Posted May 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4937-1 - Ondrej Holy discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution.

tags | advisory, remote, arbitrary, code execution
systems | linux, ubuntu
advisories | CVE-2021-28650
MD5 | 1ce6ba4e9126d4f4a6fd550fa9b85f39
Ubuntu Security Notice USN-4934-2
Posted May 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4934-2 - USN-4934-1 fixed several vulnerabilities in Exim. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. CVE-2020-28026 only affected Ubuntu 16.04 ESM. It was discovered that Exim contained multiple security issues. An attacker could use these issues to cause a denial of service, execute arbitrary code remotely, obtain sensitive information, or escalate local privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-28007, CVE-2020-28012, CVE-2020-28016, CVE-2020-28024, CVE-2020-28026
MD5 | d1328f444212f331072a69abfd628772
Ubuntu Security Notice USN-4935-1
Posted May 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4935-1 - It was discovered that the NVIDIA GPU display driver for the Linux kernel incorrectly performed access control. A local attacker could use this issue to cause a denial of service, expose sensitive information, or escalate privileges. It was discovered that the NVIDIA GPU display driver for the Linux kernel incorrectly performed reference counting. A local attacker could use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-1076, CVE-2021-1077
MD5 | 0c0bac2410d9243af4b9f3f472dfdf2f
Ubuntu Security Notice USN-4934-1
Posted May 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4934-1 - It was discovered that Exim contained multiple security issues. An attacker could use these issues to cause a denial of service, execute arbitrary code remotely, obtain sensitive information, or escalate local privileges.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2020-28007, CVE-2020-28011, CVE-2020-28015, CVE-2020-28019, CVE-2020-28023, CVE-2021-27216
MD5 | 00c0c984699824e4a280630e72347901
Ubuntu Security Notice USN-4932-1
Posted May 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4932-1 - It was discovered that Django incorrectly handled certain filenames. A remote attacker could possibly use this issue to create or overwrite files in unexpected directories.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2021-31542
MD5 | e30dd2745c21882baa62f2cb57551cf5
Ubuntu Security Notice USN-4933-1
Posted May 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4933-1 - It was discovered that OpenVPN incorrectly handled certain data channel v2 packets. A remote attacker could possibly use this issue to inject packets using a victim's peer-id. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that OpenVPN incorrectly handled deferred authentication. When a server is configured to use deferred authentication, a remote attacker could possibly use this issue to bypass authentication and access control channel data. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2020-11810, CVE-2020-15078
MD5 | 278580c58157ac4cc5649f55cf55cd6c
Ubuntu Security Notice USN-4918-3
Posted May 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4918-3 - USN-4918-1 fixed vulnerabilities in ClamAV. The updated package could fail to properly scan in some situations. This update fixes the problem. It was discovered that ClamAV incorrectly handled parsing Excel documents. A remote attacker could possibly use this issue to cause ClamAV to hang, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-1252, CVE-2021-1404, CVE-2021-1405
MD5 | e435467cea207fd68953d4d4f876a6f5
Ubuntu Security Notice USN-4931-1
Posted May 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4931-1 - Steven French discovered that Samba incorrectly handled ChangeNotify permissions. A remote attacker could possibly use this issue to obtain file name information. Bas Alberts discovered that Samba incorrectly handled certain winbind requests. A remote attacker could possibly use this issue to cause winbind to crash, resulting in a denial of service. Francis Brosnan Blázquez discovered that Samba incorrectly handled certain invalid DNS records. A remote attacker could possibly use this issue to cause the DNS server to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-14318, CVE-2020-14323, CVE-2020-14383, CVE-2021-20254
MD5 | 286abb281e576ae65c0aec49bfe9eddc
Ubuntu Security Notice USN-4930-1
Posted Apr 30, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4930-1 - Peter Eriksson discovered that Samba incorrectly handled certain negative idmap cache entries. This issue could result in certain users gaining unauthorized access to files, contrary to expected behaviour.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2021-20254
MD5 | 0735d0936b33fb46da12f52749cf3d37
Ubuntu Security Notice USN-4929-1
Posted Apr 29, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4929-1 - Greg Kuechle discovered that Bind incorrectly handled certain incremental zone updates. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. Siva Kakarla discovered that Bind incorrectly handled certain DNAME records. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. It was discovered that Bind incorrectly handled GSSAPI security policy negotiation. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-25214, CVE-2021-25215, CVE-2021-25216
MD5 | 8717bb83ee18054ef92b8588dcefa170
Ubuntu Security Notice USN-4928-1
Posted Apr 29, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4928-1 - It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to cause access sensitive information or cause a crash. It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code or cause a crash. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-3497, CVE-2021-3498
MD5 | 4d4792aa2bffcfb70aaac8e21719ae86
Ubuntu Security Notice USN-4913-2
Posted Apr 28, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4913-2 - USN-4913-1 fixed vulnerabilities in Underscore. This update provides the corresponding updates for Ubuntu 21.04. It was discovered that Underscore incorrectly handled certain inputs. An attacker could possibly use this issue to inject arbitrary code.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-23358
MD5 | d198fc4c11a333962e288a84a28dca41
Ubuntu Security Notice USN-4892-1
Posted Apr 28, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4892-1 - It was discovered that OpenJDK incorrectly verified Jar signatures. An attacker could possibly use this issue to bypass intended security restrictions when using Jar files signed with a disabled algorithm.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2021-2163
MD5 | bd90f8535dda00ab8338d916ec32f0c1
Ubuntu Security Notice USN-4926-1
Posted Apr 27, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4926-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, trick the user into disclosing confidential information, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2021-23994, CVE-2021-23995, CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-24000, CVE-2021-24001, CVE-2021-24002, CVE-2021-29947
MD5 | a2f75e727b0492505c0b9c6bf7282daf
Ubuntu Security Notice USN-4922-2
Posted Apr 26, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4922-2 - USN-4922-1 fixed a vulnerability in Ruby. This update provides the corresponding update for Ubuntu 21.04. Juho Nurminen discovered that the REXML gem bundled with Ruby incorrectly parsed and serialized XML documents. A remote attacker could possibly use this issue to perform an XML round-trip attack. Various other issues were also addressed.

tags | advisory, remote, ruby
systems | linux, ubuntu
advisories | CVE-2021-28965
MD5 | 1b5b7b7ac26e069df4ca39541f536606
Ubuntu Security Notice USN-4927-1
Posted Apr 26, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4927-1 - It was discovered that File Roller incorrectly handled symlinks. An attacker could possibly use this issue to expose sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-36314
MD5 | dd5ccd5e46055fe6997838cc12552016
Ubuntu Security Notice USN-4925-1
Posted Apr 23, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4925-1 - Toni Huttunen and Fraktal Oy discovered that the Shibboleth Service provider allowed content injection due to allowing attacker-controlled parameters in error or other status pages. An attacker could use this to inject malicious content.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2021-28963
MD5 | 13a1ab40c56cb3dce53cf089a12cd778
Ubuntu Security Notice USN-4924-1
Posted Apr 23, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4924-1 - It was discovered that Dnsmasq incorrectly handled certain wildcard synthesized NSEC records. A remote attacker could possibly use this issue to prove the non-existence of hostnames that actually exist. It was discovered that Dnsmasq incorrectly handled certain large DNS packets. A remote attacker could possibly use this issue to cause Dnsmasq to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2017-15107, CVE-2019-14513
MD5 | db00955d289374c9798d90f9935b94d7
Ubuntu Security Notice USN-4916-2
Posted Apr 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4916-2 - USN-4916-1 fixed vulnerabilities in the Linux kernel. Unfortunately, the fix for CVE-2021-3493 introduced a memory leak in some situations. This update fixes the problem. It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability, memory leak
systems | linux, ubuntu
advisories | CVE-2021-29154, CVE-2021-3493
MD5 | 463f8608bb8c56e58878d9bf6dca9de5
Ubuntu Security Notice USN-4923-1
Posted Apr 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4923-1 - Laszlo Ersek discovered that EDK II incorrectly handled recursion. A remote attacker could possibly use this issue to cause EDK II to consume resources, leading to a denial of service. Satoshi Tanda discovered that EDK II incorrectly handled decompressing certain images. A remote attacker could use this issue to cause EDK II to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-28210, CVE-2021-28211
MD5 | 5b1e08d38f0dfa3b2d307d7650efc1ad
Ubuntu Security Notice USN-4922-1
Posted Apr 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4922-1 - Juho Nurminen discovered that the REXML gem bundled with Ruby incorrectly parsed and serialized XML documents. A remote attacker could possibly use this issue to perform an XML round-trip attack.

tags | advisory, remote, ruby
systems | linux, ubuntu
advisories | CVE-2021-28965
MD5 | b1cdfd7ce654f38195dd8a4b7ac1e028
Ubuntu Security Notice USN-4921-1
Posted Apr 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4921-1 - It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-3410
MD5 | e6c215d4c25161ac28a700abbf5b3728
Ubuntu Security Notice USN-4563-2
Posted Apr 20, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4563-2 - USN-4563-1 fixed a vulnerability in NTP. This update provides the corresponding update for Ubuntu 20.04 LTS and Ubuntu 20.10. It was discovered that the fix for CVE-2018-7182 introduced a NULL pointer dereference into NTP. An attacker could use this vulnerability to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-8936
MD5 | 28a575fb29d4294f72a77c91e221dd6f
Page 1 of 289
Back12345Next

File Archive:

May 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    1 Files
  • 2
    May 2nd
    4 Files
  • 3
    May 3rd
    27 Files
  • 4
    May 4th
    17 Files
  • 5
    May 5th
    3 Files
  • 6
    May 6th
    32 Files
  • 7
    May 7th
    11 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    0 Files
  • 10
    May 10th
    0 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    0 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close