1854 matches found
[ASA-201902-6] runc: privilege escalation
Arch Linux Security Advisory ASA-201902-6 ========================================= Severity: High Date : 2019-02-11 CVE-ID : CVE-2019-5736 Package : runc Type : privilege escalation Remote : Yes Link : https://security.archlinux.org/AVG-878 Summary ======= The package runc before version...
[ASA-201706-10] lib32-libtasn1: arbitrary code execution
Arch Linux Security Advisory ASA-201706-10 ========================================== Severity: High Date : 2017-06-12 CVE-ID : CVE-2017-6891 Package : lib32-libtasn1 Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-286 Summary ======= The package lib32-libtas...
[ASA-201701-33] chromium: multiple issues
Arch Linux Security Advisory ASA-201701-33 ========================================== Severity: Critical Date : 2017-01-27 CVE-ID : CVE-2017-5006 CVE-2017-5007 CVE-2017-5008 CVE-2017-5009 CVE-2017-5010 CVE-2017-5011 CVE-2017-5012 CVE-2017-5013 CVE-2017-5014 CVE-2017-5015 CVE-2017-5016 CVE-2017-50...
[ASA-201701-26] python-crypto: arbitrary code execution
Arch Linux Security Advisory ASA-201701-26 ========================================== Severity: Critical Date : 2017-01-15 CVE-ID : CVE-2013-7459 Package : python-crypto Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-118 Summary ======= The package...
[ASA-201610-3] hostapd: multiple issues
Arch Linux Security Advisory ASA-201610-3 ========================================= Severity: High Date : 2016-10-04 CVE-ID : CVE-2016-4476 CVE-2016-4477 Package : hostapd Type : multiple issues Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package hostapd befor...
drupal: proxy injection
Drupal 8 uses the third-party PHP library Guzzle for making server-side HTTP requests. An attacker can provide a proxy server that Guzzle will use. This vulnerability is called 'httpoxy'. httpoxy is a set of vulnerabilities that affect application code running in CGI, or CGI-like environments. It...
libarchive: arbitrary code execution
A vulnerability was found in libarchive. A specially crafted zip file can provide an incorrect compressed size, which may allow an attacker to place arbitrary code on the heap and execute it in the context of the application...
p7zip: arbitrary code execution
CVE-2016-2334 arbitrary code execution An exploitable heap overflow vulnerability exists in the NArchive::NHfs::CHandler::ExtractZlibFile method functionality of 7zip that can lead to arbitrary code execution. Before decompression, ExtractZlibFile method read block size and its offset from file...
lib32-glibc: multiple issues
CVE-2016-1234 arbitrary code execution It was found that glob implementation in glibc does not correctly handle overlong names in struct dirent buffers when GLOBALTDIRFUNC is used, causing a large stack-based buffer overflow with controlled length and content. - CVE-2016-3706 denial of service A...
flashplugin: multiple issues
CVE-2016-1006 JIT spraying mitigation bypass These updates harden a mitigation against JIT spraying attacks that could be used to bypass memory layout randomization mitigations. - CVE-2016-1015 CVE-2016-1019 arbitrary code execution These updates resolve type confusion vulnerabilities that could...
chromium: multiple issues
CVE-2016-1646: Out-of-bounds read in V8. Credit to Wen Xu from Tencent KeenLab. - CVE-2016-1647: Use-after-free in Navigation. Credit to anonymous. - CVE-2016-1648: Use-after-free in Extensions. Credit to anonymous. - CVE-2016-1649: Buffer overflow in libANGLE. Credit to lokihardt working with...
libotr: arbitrary code execution
CVE-2016-2851 arbitrary code execution Versions 4.1.0 and earlier of libotr in 64-bit builds contain an integer overflow security flaw. This flaw could potentially be exploited by a remote attacker to cause a heap buffer overflow and subsequently for arbitrary code to be executed on the user's...
lib32-glibc: multiple issues
CVE-2015-7547 arbitrary code execution A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the...
nspr: arbitrary code execution
A logic bug in the handling of large allocations would allow exceptionally large allocations to be reported as successful, without actually allocating the requested memory. This may allow attackers to bypass security checks and obtain control of arbitrary memory...
mbedtls: arbitrary code execution
When the client creates its ClientHello message, due to insufficient bounds checking it can overflow the heap-based buffer containing the message while writing some extensions. Two extensions in particular could be used by a remote attacker to trigger the overflow: the session ticket extension an...
krb5: multiple issues
CVE-2014-5355 denial of service When a server process uses the krb5recvauth function, an unauthenticated remote attacker can cause a NULL dereference by sending a zero-byte version string, or a read beyond the end of allocated storage by sending a non-null-terminated version string. The example...
wireshark-cli: denial of service
CVE-2015-3808 denial of service There is an infinite loop condition in dissectlbmrpser in epan/dissectors/packet-lbmr.c. It's possible for an attacker to set the the variable 'optionlen' to 0, causing the loop to never terminate. This issue is leading to excessive CPU resources consumption by...
mariadb: denial of service
CVE-2014-8964 denial of service A heap-based buffer overflow was found in the way PCRE handled certain malformed regular expressions. This issue could cause a crash while parsing malicious regular expressions related to an assertion that allows zero repeats. - CVE-2015-0499 denial of service...
jre8-openjdk-headless: multiple issues
CVE-2005-1080 CVE-2015-0480 directory traversal A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. - CVE-2015-0460...
thunderbird: multiple issues
CVE-2015-0801 same-origin bypass: Mozilla developer Olli Pettay reported that while investigating Mozilla Foundation Security Advisory 2015-28, he and Mozilla developer Boris Zbarsky found an alternate way to trigger a similar vulnerability. The previously reported flaw used an issue with SVG...
chromium: multiple issues
CVE-2015-1212: Out-of-bounds write in media. - CVE-2015-1213, CVE-2015-1214, CVE-2015-1215: Out-of-bounds write in skia filters. - CVE-2015-1216: Use-after-free in v8 bindings. - CVE-2015-1217: Type confusion in v8 bindings. - CVE-2015-1218: Use-after-free in dom. - CVE-2015-1219: Integer...
putty: information disclosure
When PuTTY has sensitive data in memory and has no further need for it, it should wipe the data out of its memory, in case malware later gains access to the PuTTY process or the memory is swapped out to disk or written into a crash dump file. An obvious example of this is the password typed durin...
pcre: heap buffer overflow
A heap buffer overflow issue was found in PCRE when processing a specially crafted regular expression, causing a denial of service or other unspecified impact...
mingw-w64-binutils: multiple issues
CVE-2014-8484 invalid read Invalid read flaw leads to denial of service while parsing specially crafted files in programs using libbfd. - CVE-2014-8485 out-of-bounds write Lack of range checking leading to controlled write in bfdelfsetupsections which results in denial of service or possible code...
php: denial of service
An out-of-bounds read flaw was found in the way the file information fileinfo extension parsed executable and linkable format ELF files...
[ASA-202001-3] firefox: arbitrary code execution
Arch Linux Security Advisory ASA-202001-3 ========================================= Severity: Critical Date : 2020-01-10 CVE-ID : CVE-2019-17026 Package : firefox Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1085 Summary ======= The package firefox before...
[ASA-202001-1] firefox: multiple issues
Arch Linux Security Advisory ASA-202001-1 ========================================= Severity: Critical Date : 2020-01-08 CVE-ID : CVE-2019-17016 CVE-2019-17017 CVE-2019-17020 CVE-2019-17022 CVE-2019-17023 CVE-2019-17024 CVE-2019-17025 Package : firefox Type : multiple issues Remote : Yes Link :...
[ASA-201911-10] linux: arbitrary code execution
Arch Linux Security Advisory ASA-201911-10 ========================================== Severity: Critical Date : 2019-11-13 CVE-ID : CVE-2019-17666 Package : linux Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1064 Summary ======= The package linux before...
[ASA-201908-15] go: multiple issues
Arch Linux Security Advisory ASA-201908-15 ========================================== Severity: Medium Date : 2019-08-24 CVE-ID : CVE-2019-9512 CVE-2019-9514 CVE-2019-14809 Package : go Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1021 Summary ======= The package ...
[ASA-201908-8] postgresql: multiple issues
Arch Linux Security Advisory ASA-201908-8 ========================================= Severity: Medium Date : 2019-08-10 CVE-ID : CVE-2019-10208 CVE-2019-10209 Package : postgresql Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1019 Summary ======= The package...
[ASA-201907-3] python2-django: silent downgrade
Arch Linux Security Advisory ASA-201907-3 ========================================= Severity: High Date : 2019-07-06 CVE-ID : CVE-2019-12781 Package : python2-django Type : silent downgrade Remote : Yes Link : https://security.archlinux.org/AVG-1001 Summary ======= The package python2-django befo...
[ASA-201904-10] libpng: denial of service
Arch Linux Security Advisory ASA-201904-10 ========================================== Severity: Low Date : 2019-04-24 CVE-ID : CVE-2019-7317 Package : libpng Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-868 Summary ======= The package libpng before version 1.6.37...
[ASA-201811-12] powerdns: denial of service
Arch Linux Security Advisory ASA-201811-12 ========================================== Severity: Medium Date : 2018-11-12 CVE-ID : CVE-2018-10851 CVE-2018-14626 Package : powerdns Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-804 Summary ======= The package powerd...
[ASA-201803-21] lib32-libvorbis: multiple issues
Arch Linux Security Advisory ASA-201803-21 ========================================== Severity: Critical Date : 2018-03-19 CVE-ID : CVE-2017-14632 CVE-2017-14633 CVE-2018-5146 Package : lib32-libvorbis Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-658 Summary =====...
[ASA-201712-9] openssl-1.0: multiple issues
Arch Linux Security Advisory ASA-201712-9 ========================================= Severity: Medium Date : 2017-12-16 CVE-ID : CVE-2017-3735 CVE-2017-3736 Package : openssl-1.0 Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-479 Summary ======= The package openssl-1...
[ASA-201711-25] icu: arbitrary code execution
Arch Linux Security Advisory ASA-201711-25 ========================================== Severity: Critical Date : 2017-11-19 CVE-ID : CVE-2017-14952 Package : icu Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-504 Summary ======= The package icu before versio...
[ASA-201708-8] jdk7-openjdk: multiple issues
Arch Linux Security Advisory ASA-201708-8 ========================================= Severity: Critical Date : 2017-08-12 CVE-ID : CVE-2017-10053 CVE-2017-10067 CVE-2017-10074 CVE-2017-10081 CVE-2017-10087 CVE-2017-10089 CVE-2017-10090 CVE-2017-10096 CVE-2017-10101 CVE-2017-10102 CVE-2017-10107...
[ASA-201610-6] imagemagick: multiple issues
Arch Linux Security Advisory ASA-201610-6 ========================================= Severity: High Date : 2016-10-08 CVE-ID : CVE-2016-7799 CVE-2016-7906 Package : imagemagick Type : multiple issues Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package imagemagi...
powerdns: denial of service
Two issues have been found in PowerDNS Authoritative Server allowing a remote, unauthenticated attacker to cause an abnormal load on the PowerDNS backend by sending crafted DNS queries, which might result in a partial denial of service if the backend becomes overloaded. SQL backends for example a...
flashplugin: multiple issues
CVE-2016-4175 CVE-2016-4179 CVE-2016-4180 CVE-2016-4181 CVE-2016-4182 CVE-2016-4183 CVE-2016-4184 CVE-2016-4185 CVE-2016-4186 CVE-2016-4187 CVE-2016-4188 CVE-2016-4189 CVE-2016-4190 CVE-2016-4217 CVE-2016-4218 CVE-2016-4219 CVE-2016-4220 CVE-2016-4221 CVE-2016-4233 CVE-2016-4234 CVE-2016-4235...
gimp: arbitrary code execution
Multiple Use-After-Free when parsing XCF channel and layer properties...
qemu: multiple issues
CVE-2015-8558 denial of service An infinite-loop issue was found in the QEMU emulator built with USB EHCI emulation support. The flaw occurred during communication between the host controller interfaceEHCI and a respective device driver. These two communicate using an isochronous transfer...
jre8-openjdk: sandbox escape
It was discovered that the security fix for CVE-2013-5838 was incomplete and still allowed remote attackers to escape the Java security sandbox mechanism. The root problem is that the Reflection API does not properly guarantee type safety when Method Handle objects were invoked across two differe...
chromium: multiple issues
CVE-2015-8126: Buffer overflow vulnerabilities in functions pnggetPLTE/pngsetPLTE, allowing remote attackers to cause DoS to application or have unspecified other impact. These functions failed to check for an out-of-range palette when reading or writing PNG files with a bitdepth less than 8...
openssl: man-in-the-middle
CVE-2015-3197 man-in-the-middle A flaw was found in the way malicious SSL/TLS clients could negotiate SSLv2 ciphers that have been disabled on the server. This could result in weak SSLv2 ciphers being used for SSL/TLS connections, making them vulnerable to man-in-the-middle attacks. -...
ecryptfs-utils: privilege escalation
An unprivileged user can mount an ecryptfs over /proc/$pid because according to stat, it is a normal directory and owned by the user. However, the user is not actually permitted to create arbitrary directory entries in /proc/$pid, and ecryptfs' behavior might be enabling privilege escalation...
hub: information leakage
This issue can affect RSA computations in crypto/rsa, which is used by crypto/tls. TLS servers on 32-bit systems could plausibly leak their RSA private key due to this issue. Other protocol implementations that create many RSA signatures could also be impacted in the same way. Specifically,...
lib32-libpng: multiple issues
CVE-2015-7981 out-of-bounds read This is an array indexing error, which can lead to an out-of-bounds read of a static buffer. The result is now unsigned no longer negative, but now a huge positive number. - CVE-2015-8126 arbitrary code execution Buffer overflow vulnerabilities in functions...
curl: information leakage
libcurl provides applications a way to set custom HTTP headers to be sent to the server by using CURLOPTHTTPHEADER. A similar option is available for the curl command-line tool with the '--header' option. When the connection passes through an HTTP proxy the same set of headers is sent to the prox...
chromium: multiple issues
CVE-2015-1251 arbitrary code execution Use-after-free vulnerability in the SpeechRecognitionClient implementation in the Speech subsystem allows remote attackers to execute arbitrary code via a crafted document. - CVE-2015-1252 sandbox protection bypass It has been discovered that...