Security
Headlines
HeadlinesLatestCVEs

Tag

#ubuntu

Ubuntu Security Notice USN-6370-1

Ubuntu Security Notice 6370-1 - It was discovered that ModSecurity incorrectly handled certain nested JSON objects. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that ModSecurity incorrectly handled certain HTTP multipart requests. A remote attacker could possibly use this issue to bypass ModSecurity restrictions.

Packet Storm
#vulnerability#web#ubuntu#dos#apache#js#buffer_overflow
Ubuntu Security Notice USN-6369-1

Ubuntu Security Notice 6369-1 - It was discovered that libwebp incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause libwebp to crash, resulting in a denial of service, or possibly execute arbitrary code.

Ubuntu Security Notice USN-6368-1

Ubuntu Security Notice 6368-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. It was discovered that Thunderbird did not properly manage memory when handling WebP images. If a user were tricked into opening a malicious WebP image file, an attacker could potentially exploit these to cause a denial of service or execute arbitrary code.

Ubuntu Security Notice USN-6367-1

Ubuntu Security Notice 6367-1 - It was discovered that Firefox did not properly manage memory when handling WebP images. If a user were tricked into opening a webpage containing malicious WebP image file, an attacker could potentially exploit these to cause a denial of service or execute arbitrary code.

Ubuntu Security Notice USN-6364-1

Ubuntu Security Notice 6364-1 - It was discovered that Ghostscript incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. It was discovered that Ghostscript incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.

Ubuntu Security Notice USN-6366-1

Ubuntu Security Notice 6366-1 - It was discovered that PostgreSQL incorrectly handled certain extension script substitutions. An attacker having database-level CREATE privileges can use this issue to execute arbitrary code as the bootstrap superuser.

Ubuntu Security Notice USN-6365-1

Ubuntu Security Notice 6365-1 - It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker could possibly use this issue to bypass SAML token signature verification and perform VMware Tools Guest Operations.

Ubuntu Security Notice USN-6363-1

Ubuntu Security Notice 6363-1 - It was discovered that curl incorrectly handled certain large headers. A remote attacker could possibly use this issue to cause curl to consume resources, resulting in a denial of service.

Ubuntu Security Notice USN-6358-1

Ubuntu Security Notice 6358-1 - It was discovered that RedCloth incorrectly handled certain inputs during html sanitisation. An attacker could possibly use this issue to cause a denial of service.