1854 matches found
expat: multiple issues
CVE-2012-6702 predictable random numbers It was found that when calling XMLParse ahead of rand, it causes the pseudo random generator to generate non-random predictable numbers. - CVE-2016-5300 denial of service It was found that original fix for CVE-2012-0876 used too little entropy for the hash...
firefox: multiple issues
CVE-2016-2815 arbitrary code execution Mozilla developers and community members reported several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with...
chromium: multiple issues
CVE-2016-1667: Same origin bypass in DOM. Credit to Mariusz Mlynski. - CVE-2016-1668: Same origin bypass in Blink V8 bindings. Credit to Mariusz Mlynski. - CVE-2016-1669: Buffer overflow in V8. Credit to Choongwoo Han. - CVE-2016-1670: Race condition in loader. Credit to anonymous...
gd: arbitrary code execution
A heap-based buffer overflow caused by an integer signedness error has been found in the libgd code handling compressed gd2 chunks...
wireshark-qt: denial of service
CVE-2016-2522: The dissectberconstrainedbitstring function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 2.0.x before 2.0.2 does not verify that a certain length is nonzero, which allows remote attackers to cause a denial of service out-of-bounds read and application...
exim: privilege escalation
All installations having Exim set-uid root and using 'perlstartup' are vulnerable to a local privilege escalation. Any user who can start an instance of Exim and this is normally any user can gain root privileges...
chromium: multiple issues
CVE-2015-6764: Out of bounds access in v8. Credit to Guang Gong of Qihoo 360 via pwn2own. - CVE-2015-6765, CVE-2015-6766, CVE-2015-6767: Use-after-free in AppCache. - CVE-2015-6768, CVE-2015-6770, CVE-2015-6772: Cross-origin bypass in DOM. Credit to Mariusz Mlynski. - CVE-2015-6769: Cross-origin...
wireshark-qt: denial of service
CVE-2015-3808 denial of service There is an infinite loop condition in dissectlbmrpser in epan/dissectors/packet-lbmr.c. It's possible for an attacker to set the the variable 'optionlen' to 0, causing the loop to never terminate. This issue is leading to excessive CPU resources consumption by...
tcpdump: multiple issues
CVE-2014-8767 denial of service Integer underflow in the olsrprint function when in verbose mode, allows remote attackers to cause a denial of service crash via a crafted length value in an OLSR frame. - CVE-2014-8768 denial of service Multiple Integer underflows in the geonetprint function, when...
cpio: heap buffer overflow
A heap-based buffer overflow flaw was reported in cpio's listfile function. Attempting to extract a malicious cpio archive could cause cpio to crash or, potentially, execute arbitrary code. As noted in the original report, this issue could be trigger via other utilities, such as when running "les...
python2: Information leakage through integer overflow
It was reported that Python 2.7.8 fixes a potential wraparound in buffer with possible CWE-200 implications. This could allow an attacker to access private information through information leakage. PoC: --- overflow.py --- import sys a = bytearray'here be dragons' b = buffera, sys.maxsize,...
[ASA-202210-4] linux-zen: multiple issues
Arch Linux Security Advisory ASA-202210-4 ========================================= Severity: Critical Date : 2022-10-14 CVE-ID : CVE-2022-41674 CVE-2022-42719 CVE-2022-42720 CVE-2022-42721 CVE-2022-42722 Package : linux-zen Type : multiple issues Remote : Yes Link :...
[ASA-202204-6] libtiff: multiple issues
Arch Linux Security Advisory ASA-202204-6 ========================================= Severity: High Date : 2022-04-05 CVE-ID : CVE-2022-0561 CVE-2022-0562 CVE-2022-0865 CVE-2022-0891 CVE-2022-0907 CVE-2022-0908 CVE-2022-0909 CVE-2022-0924 CVE-2022-22844 Package : libtiff Type : multiple issues...
[ASA-202112-2] opera: multiple issues
Arch Linux Security Advisory ASA-202112-2 ========================================= Severity: High Date : 2021-12-03 CVE-ID : CVE-2021-38005 CVE-2021-38006 CVE-2021-38007 CVE-2021-38008 CVE-2021-38009 CVE-2021-38010 CVE-2021-38011 CVE-2021-38012 CVE-2021-38013 CVE-2021-38014 CVE-2021-38015...
[ASA-202110-10] wpewebkit: multiple issues
Arch Linux Security Advisory ASA-202110-10 ========================================== Severity: Medium Date : 2021-10-29 CVE-ID : CVE-2021-30846 CVE-2021-30851 CVE-2021-42762 Package : wpewebkit Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2484 Summary ======= The...
[ASA-202010-10] freetype2: arbitrary code execution
Arch Linux Security Advisory ASA-202010-10 ========================================== Severity: High Date : 2020-10-20 CVE-ID : CVE-2020-15999 Package : freetype2 Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1254 Summary ======= The package freetype2 befo...
[ASA-202001-4] thunderbird: multiple issues
Arch Linux Security Advisory ASA-202001-4 ========================================= Severity: Critical Date : 2020-01-14 CVE-ID : CVE-2019-17016 CVE-2019-17017 CVE-2019-17022 CVE-2019-17024 CVE-2019-17026 Package : thunderbird Type : multiple issues Remote : Yes Link :...
[ASA-201911-12] linux-zen: arbitrary code execution
Arch Linux Security Advisory ASA-201911-12 ========================================== Severity: Critical Date : 2019-11-13 CVE-ID : CVE-2019-17666 Package : linux-zen Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1066 Summary ======= The package linux-zen...
[ASA-201906-18] firefox: arbitrary code execution
Arch Linux Security Advisory ASA-201906-18 ========================================== Severity: Critical Date : 2019-06-19 CVE-ID : CVE-2019-11707 Package : firefox Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-994 Summary ======= The package firefox befor...
[ASA-201906-19] firefox-developer-edition: arbitrary code execution
Arch Linux Security Advisory ASA-201906-19 ========================================== Severity: Critical Date : 2019-06-19 CVE-ID : CVE-2019-11707 Package : firefox-developer-edition Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-995 Summary ======= The...
[ASA-201906-12] linux-hardened: denial of service
Arch Linux Security Advisory ASA-201906-12 ========================================== Severity: High Date : 2019-06-17 CVE-ID : CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 Package : linux-hardened Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-986 Summary =======...
[ASA-201902-26] kibana: multiple issues
Arch Linux Security Advisory ASA-201902-26 ========================================== Severity: High Date : 2019-02-25 CVE-ID : CVE-2019-7608 CVE-2019-7609 CVE-2019-7610 Package : kibana Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-911 Summary ======= The package...
libssh: man-in-the-middle
libssh versions 0.1 and above have a bits/bytes confusion bug and generate the an anormaly short ephemeral secret for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. The resulting secret is 128 bits long, instead of the recommended sizes of 1024 and 2048 bits...
libxslt: denial of service
A type confusion vulnerability was discovered in the xsltStylePreCompute function of libxslt. A remote attacker could possibly exploit this flaw to cause an application using libxslt to crash by tricking the application into processing a specially crafted XSLT document...
nodejs: multiple issues
CVE-2015-6764 V8 out-of-bounds access vulnerability: A bug was discovered in V8's implementation of JSON.stringify that can result in out-of-bounds reads on arrays. The patch was included in this week's update of Chrome Stable. While this bug is high severity for browsers, it is considered lower...
jre7-openjdk: multiple issues
CVE-2015-2590 deserialization issue in ObjectInputStream.readSerialData: ObjectInputStream's readSerialData could, in certain cases, incorrectly perform deserialization of data from serialized input. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions...
nss: signature forgery
The definitelengthdecoder function in lib/util/quickder.c in Mozilla Network Security Services NSS does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long byte sequence for an encoding, as...
mantisbt: multiple issues
CVE-2014-9272 cross-side scripting The function "stringinserthrefs" doesn't validate the protocol, which is why one can make a link that executes arbitrary JavaScript code. - CVE-2014-9270 cross-side scripting The Projax library does not properly escape html strings. An attacker could take...
[ASA-202006-1] firefox: multiple issues
Arch Linux Security Advisory ASA-202006-1 ========================================= Severity: High Date : 2020-06-02 CVE-ID : CVE-2020-12399 CVE-2020-12405 CVE-2020-12406 CVE-2020-12407 CVE-2020-12408 CVE-2020-12409 CVE-2020-12410 CVE-2020-12411 Package : firefox Type : multiple issues Remote : Y...
[ASA-202002-9] thunderbird: multiple issues
Arch Linux Security Advisory ASA-202002-9 ========================================= Severity: Critical Date : 2020-02-13 CVE-ID : CVE-2020-6792 CVE-2020-6793 CVE-2020-6794 CVE-2020-6795 CVE-2020-6798 CVE-2020-6800 Package : thunderbird Type : multiple issues Remote : Yes Link :...
[ASA-201804-6] lib32-openssl: private key recovery
Arch Linux Security Advisory ASA-201804-6 ========================================= Severity: Medium Date : 2018-04-15 CVE-ID : CVE-2017-3738 Package : lib32-openssl Type : private key recovery Remote : Yes Link : https://security.archlinux.org/AVG-551 Summary ======= The package lib32-openssl...
[ASA-201801-21] rsync: multiple issues
Arch Linux Security Advisory ASA-201801-21 ========================================== Severity: High Date : 2018-01-29 CVE-ID : CVE-2017-16548 CVE-2017-17433 CVE-2017-17434 CVE-2018-5764 Package : rsync Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-542 Summary...
[ASA-201704-9] webkit2gtk: multiple issues
Arch Linux Security Advisory ASA-201704-9 ========================================= Severity: Critical Date : 2017-04-28 CVE-ID : CVE-2016-9642 CVE-2016-9643 CVE-2017-2367 CVE-2017-2376 CVE-2017-2377 CVE-2017-2386 CVE-2017-2392 CVE-2017-2394 CVE-2017-2395 CVE-2017-2396 CVE-2017-2405 CVE-2017-2415...
chromium: multiple issues
CVE-2016-5147 CVE-2016-5148 cross-site scripting Universal XSS in Blink. - CVE-2016-5149 script injection Script injection in extensions. - CVE-2016-5150 arbitrary code execution Use after free in Blink. - CVE-2016-5151 arbitrary code execution Use after free in PDFium. - CVE-2016-5152...
nginx-mainline: denial of service
A vulnerability was found in nginx code responsible for saving client request body to a temporary file. A specially crafted request might result in worker process crash due to a NULL pointer dereference while handling the client request body...
samba: multiple issues
CVE-2015-5370 arbitrary code execution Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server high CPU load or a crash or, possibly, execute arbitrary code with the...
lib32-curl: authentication bypass
A vulnerability was found in a way libcurl uses NTLM-authenticated proxy connections. Libcurl will reuse NTLM-authenticated proxy connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. Since NTLM-based authentication is...
wireshark-qt: denial of service
CVE-2015-8742 denial of service The dissectCPMSetBindings function in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.1 does not validate the column size, which allows remote attackers to cause a denial of service memory consumption or application crash via a...
wordpress: multiple issues
CVE-2015-5714 cross-side scripting A cross-site scripting vulnerability has been discovered when processing shortcode tags. - CVE-2015-5715 insufficient permission restriction A vulnerability has been discovered, allowing users without proper permissions to publish private posts and make them...
php: integer overflow
An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libzip, which is embedded in PHP, processed certain ZIP archives. If an attacker were able to supply a specially crafted ZIP archive to an application using libzip, it could cause the application to crash or,...
lib32-elfutils: directory traversal
Directory traversal vulnerability in the readlongnames function in libelf/elfbegin.c allows remote attackers to write to arbitrary files to the root directory via a / slash in a crafted archive, as demonstrated using the ar program...
linux: local denial of service, privilege escalation
CVE-2014-3610: The WRMSR processing functionality in the KVM subsystem in the Linux kernel does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause a denial of service host OS crash by leveraging guest OS privileges, relate...
libxml2: Denial of service
Daniel Berrange discovered that libxml2 incorrectly performs entity substitution in the doctype prolog, even if the application using libxml2 disabled any entity substitution. A remote attacker could provide a specially crafted XML file that, when processed, leads to the exhaustion of CPU and...
mediawiki: Cross-site Scripting (XSS)
It was discovered that MediaWiki, a wiki engine, did not sufficiently filter CSS in uploaded SVG files, allowing for cross site scripting...
[ASA-202112-3] nss: arbitrary code execution
Arch Linux Security Advisory ASA-202112-3 ========================================= Severity: High Date : 2021-12-03 CVE-ID : CVE-2021-43527 Package : nss Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-2596 Summary ======= The package nss before version...
[ASA-202112-4] lib32-nss: arbitrary code execution
Arch Linux Security Advisory ASA-202112-4 ========================================= Severity: High Date : 2021-12-03 CVE-ID : CVE-2021-43527 Package : lib32-nss Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-2597 Summary ======= The package lib32-nss before...
[ASA-202109-6] chromium: arbitrary code execution
Arch Linux Security Advisory ASA-202109-6 ========================================= Severity: High Date : 2021-09-14 CVE-ID : CVE-2021-30625 CVE-2021-30626 CVE-2021-30627 CVE-2021-30628 CVE-2021-30629 CVE-2021-30630 CVE-2021-30631 CVE-2021-30632 CVE-2021-30633 Package : chromium Type : arbitrary...
[ASA-202004-14] apache: multiple issues
Arch Linux Security Advisory ASA-202004-14 ========================================== Severity: Low Date : 2020-04-15 CVE-ID : CVE-2020-1927 CVE-2020-1934 Package : apache Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1126 Summary ======= The package apache before...
[ASA-201911-11] linux-lts: arbitrary code execution
Arch Linux Security Advisory ASA-201911-11 ========================================== Severity: Critical Date : 2019-11-13 CVE-ID : CVE-2019-17666 Package : linux-lts Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1065 Summary ======= The package linux-lts...
[ASA-201911-6] samba: multiple issues
Arch Linux Security Advisory ASA-201911-6 ========================================= Severity: Medium Date : 2019-11-03 CVE-ID : CVE-2019-10218 CVE-2019-14833 CVE-2019-14847 Package : samba Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1057 Summary ======= The packa...