what you don't know can hurt you
Showing 26 - 50 of 6,566 RSS Feed

Operating System: Ubuntu

Ubuntu Security Notice USN-4270-1
Posted Feb 6, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4270-1 - It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-20421
MD5 | f5ad43e42a0a66ee2696472fde1f2083
Ubuntu Security Notice USN-4267-1
Posted Feb 6, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4267-1 - It was discovered that mbedtls has a bounds-check bypass through an integer overflow that can be used by an attacked to execute arbitrary code or cause a denial of service. It was discovered that mbedtls has a vulnerability where an attacker could execute arbitrary code or cause a denial of service via a crafted certificate chain that is mishandled during RSASSA-PSS signature verification within a TLS or DTLS session. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-18187, CVE-2018-0487, CVE-2018-0488, CVE-2018-0497, CVE-2018-0498
MD5 | 5f33dbd0ff4480220611555ae9976280
Ubuntu Security Notice USN-4269-1
Posted Feb 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4269-1 - It was discovered that systemd incorrectly handled certain PIDFile files. A local attacker could possibly use this issue to trick systemd into killing privileged processes. This issue only affected Ubuntu 16.04 LTS. It was discovered that systemd incorrectly handled certain udevadm trigger commands. A local attacker could possibly use this issue to cause systemd to consume resources, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2018-16888, CVE-2019-20386, CVE-2020-1712
MD5 | 6951e3c05cd3a48038e6bb86c6a4a112
Ubuntu Security Notice USN-4268-1
Posted Feb 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4268-1 - It was discovered that OpenSMTPD incorrectly verified the sender's or receiver's e-mail addresses under certain conditions. An attacker could use this vulnerability to execute arbitrary commands as root.

tags | advisory, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2020-7247
MD5 | 790d961de63720b957664ca4b2256e8b
Ubuntu Security Notice USN-4263-2
Posted Feb 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4263-2 - USN-4263-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Joe Vennix discovered that Sudo incorrectly handled memory operations when the pwfeedback option is enabled. A local attacker could possibly use this issue to obtain unintended access to the administrator account. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-18634
MD5 | 1a287ad621861a484ed5d0c8a8e0b7a3
Ubuntu Security Notice USN-4266-1
Posted Feb 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4266-1 - It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2017-17912, CVE-2017-18229
MD5 | 16fd707590ff3b8739fdd5f760762c6b
Ubuntu Security Notice USN-4265-2
Posted Feb 5, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4265-2 - USN-4265-1 fixed several vulnerabilities in SpamAssassin. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. It was discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially-crafted CF file, a remote attacker could possibly run arbitrary code. Various other issues were also addressed.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-1930
MD5 | 40e160b528d5982576e5abf789a2519a
Ubuntu Security Notice USN-4265-1
Posted Feb 4, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4265-1 - It was discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially-crafted CF file, a remote attacker could possibly run arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-1930
MD5 | fd151e4e70f8a0243d08372334387252
Ubuntu Security Notice USN-4264-1
Posted Feb 4, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4264-1 - Simon Charette discovered that Django incorrectly handled input in the PostgreSQL module. A remote attacker could possibly use this to perform SQL injection attacks.

tags | advisory, remote, sql injection
systems | linux, ubuntu
advisories | CVE-2020-7471
MD5 | 354141f536e7d9a2fc6e49d90f564db9
Ubuntu Security Notice USN-4263-1
Posted Feb 3, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4263-1 - Joe Vennix discovered that Sudo incorrectly handled memory operations when the pwfeedback option is enabled. A local attacker could possibly use this issue to obtain unintended access to the administrator account.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-18634
MD5 | f36b6bc9a1c17eb19f2bb2a0b5d96da4
Ubuntu Security Notice USN-4262-1
Posted Jan 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4262-1 - Daniel Preussker discovered that OpenStack Keystone incorrectly handled the list credentials API. A user with a role on the project could use this issue to view any other user's credentials.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-19687
MD5 | e386ceb8a59dc29538edab28c5b792f9
Ubuntu Security Notice USN-4261-1
Posted Jan 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4261-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2019-8835
MD5 | 016f695463157c80fd637ddc1347439f
Ubuntu Security Notice USN-4259-1
Posted Jan 30, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4259-1 - Michael Stepankin and Olga Barinova discovered that Apache Solr was vulnerable to an XXE attack. An attacker could use this vulnerability to remotely execute code.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2017-12629
MD5 | ce4cecaab539d8db2ff82546473aa4a4
Ubuntu Security Notice USN-4258-1
Posted Jan 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4258-1 - It was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service. It was discovered that a race condition existed in the Virtual Video Test Driver in the Linux kernel. An attacker with write access to /dev/video0 on a system with the vivid module loaded could possibly use this to gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2019-15099, CVE-2019-15291, CVE-2019-18683, CVE-2019-18885, CVE-2019-19050, CVE-2019-19071, CVE-2019-19077, CVE-2019-19078, CVE-2019-19079, CVE-2019-19082, CVE-2019-19227, CVE-2019-19252, CVE-2019-19332, CVE-2019-19767
MD5 | b2460429c5f9a9e13c8c12be8bff0e7b
Ubuntu Security Notice USN-4254-2
Posted Jan 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4254-2 - USN-4254-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-15291, CVE-2019-18683, CVE-2019-18885, CVE-2019-19057, CVE-2019-19062, CVE-2019-19063, CVE-2019-19227, CVE-2019-19332
MD5 | ca9cbda325bd02d5a599580c428cfad6
Ubuntu Security Notice USN-4255-2
Posted Jan 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4255-2 - USN-4255-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2020-7053
MD5 | 0eccdea34c52d8ecc3bb2dac5b1c9330
Ubuntu Security Notice USN-4253-2
Posted Jan 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4253-2 - USN-4253-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 19.10 for Ubuntu 18.04 LTS. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-14615
MD5 | 0c72b2293c4c2b0d61b5955e9d5033bc
Ubuntu Security Notice USN-4257-1
Posted Jan 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4257-1 - It was discovered that OpenJDK incorrectly handled exceptions during deserialization in BeanContextSupport. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. It was discovered that OpenJDK incorrectly validated properties of SASL messages included in Kerberos GSSAPI. An unauthenticated remote attacker with network access via Kerberos could possibly use this issue to insert, modify or obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-2583, CVE-2020-2590, CVE-2020-2593, CVE-2020-2601, CVE-2020-2604, CVE-2020-2654, CVE-2020-2655, CVE-2020-2659
MD5 | e3e0f6612822b994852fa89d37c95de8
Ubuntu Security Notice USN-4236-3
Posted Jan 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4236-3 - USN-4236-1 fixed a vulnerability in Libgcrypt. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that Libgcrypt was susceptible to a ECDSA timing attack. An attacker could possibly use this attack to recover sensitive information. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-13627
MD5 | fb79ae85724fe7b85ee0f0b04bf2523b
Ubuntu Security Notice USN-4256-1
Posted Jan 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4256-1 - It was discovered that Cyrus SASL incorrectly handled certain LDAP packets. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-19906
MD5 | da2ac3b5c57fadeeb1b734bcfafb3e3c
Ubuntu Security Notice USN-4254-1
Posted Jan 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4254-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. It was discovered that a race condition existed in the Virtual Video Test Driver in the Linux kernel. An attacker with write access to /dev/video0 on a system with the vivid module loaded could possibly use this to gain administrative privileges. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-15291, CVE-2019-18683, CVE-2019-18885, CVE-2019-19057, CVE-2019-19062, CVE-2019-19063, CVE-2019-19227, CVE-2019-19332
MD5 | 897b5af454c7bd1c524507330aa6f2df
Ubuntu Security Notice USN-4255-1
Posted Jan 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4255-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. It was discovered that a race condition can lead to a use-after-free while destroying GEM contexts in the i915 driver for the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2020-7053
MD5 | 8355331a9fdcb46e17fbb4c2ba7a86a6
Ubuntu Security Notice USN-4253-1
Posted Jan 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4253-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615
MD5 | 7ecbce4e5ad782dcc2089c7132463cbe
Ubuntu Security Notice USN-4252-2
Posted Jan 27, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4252-2 - USN-4252-1 fixed several vulnerabilities in tcpdump. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Multiple security issues were discovered in tcpdump. A remote attacker could use these issues to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-16808, CVE-2018-14462, CVE-2018-14466, CVE-2018-14470, CVE-2018-14882, CVE-2018-16230, CVE-2018-19519
MD5 | d3212aa18e1bf406166c4bdd340b5096
Ubuntu Security Notice USN-4252-1
Posted Jan 27, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4252-1 - Multiple security issues were discovered in tcpdump. A remote attacker could use these issues to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-16808, CVE-2018-14462, CVE-2018-14466, CVE-2018-14470, CVE-2018-14882, CVE-2018-16230, CVE-2018-19519
MD5 | e3de9f6ac9cf4c263cae32925ace5430
Page 2 of 263
Back12345Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    2 Files
  • 23
    Feb 23rd
    2 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close