Lucene search
K
ArchlinuxMost viewed

1854 matches found

ArchLinux
ArchLinux
•added 2014/10/24 12:0 a.m.•46 views

libvncserver: remote code execution, denial of service

CVE-2014-6051 Integer overflow in MallocFrameBuffer on client side. A malicious VNC server could advertise a very large screen size by RFB protocol, width and height are 16-bit integers, resulting in an integer overflow during malloc on client-side. Heap corruption, and possibly remote code...

7.5CVSS1.4AI score0.08272EPSS
Exploits1References7
ArchLinux
ArchLinux
•added 2014/10/20 12:0 a.m.•46 views

wpa_supplicant, hostapd: Arbitrary command execution

Jouni Malinen discovered an input sanitization issue in the wpacli and hostapdcli tools included in the wpasupplicant and hostapd packages. A remote wifi system within range could provide a crafted frame triggering arbitrary command execution under the privileges of the wpacli/hostapdcli process...

6.8CVSS3.8AI score0.04945EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2014/10/04 12:0 a.m.•46 views

mediawiki: Cross-site Scripting (XSS) and UI redressing

It was discovered that MediaWiki, a wiki engine, was separating the allowance of css and js modules resulting in Cross-site Scripting XSS and UI redressing issues...

3.5CVSS2.4AI score0.01568EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2021/12/03 12:0 a.m.•45 views

[ASA-202112-5] isync: arbitrary code execution

Arch Linux Security Advisory ASA-202112-5 ========================================= Severity: Medium Date : 2021-12-03 CVE-ID : CVE-2021-3657 CVE-2021-44143 Package : isync Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-2579 Summary ======= The package isyn...

9.8CVSS1.8AI score0.03662EPSS
Exploits0References13
ArchLinux
ArchLinux
•added 2021/11/05 12:0 a.m.•45 views

[ASA-202111-1] jenkins: multiple issues

Arch Linux Security Advisory ASA-202111-1 ========================================= Severity: Critical Date : 2021-11-05 CVE-ID : CVE-2021-21685 CVE-2021-21686 CVE-2021-21687 CVE-2021-21688 CVE-2021-21689 CVE-2021-21690 CVE-2021-21691 CVE-2021-21692 CVE-2021-21693 CVE-2021-21694 CVE-2021-21695...

9.8CVSS9.1AI score0.02451EPSS
Exploits0References17
ArchLinux
ArchLinux
•added 2020/04/17 12:0 a.m.•45 views

[ASA-202004-16] openvpn: denial of service

Arch Linux Security Advisory ASA-202004-16 ========================================== Severity: Medium Date : 2020-04-17 CVE-ID : CVE-2020-11810 Package : openvpn Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1135 Summary ======= The package openvpn before versio...

4.3CVSS2AI score0.01609EPSS
Exploits1References4
ArchLinux
ArchLinux
•added 2019/10/26 12:0 a.m.•45 views

[ASA-201910-16] firefox: multiple issues

Arch Linux Security Advisory ASA-201910-16 ========================================== Severity: Critical Date : 2019-10-26 CVE-ID : CVE-2018-6156 CVE-2019-11757 CVE-2019-11759 CVE-2019-11760 CVE-2019-11761 CVE-2019-11762 CVE-2019-11763 CVE-2019-11764 CVE-2019-11765 CVE-2019-15903 CVE-2019-17000...

8.8CVSS0.2AI score0.06707EPSS
Exploits3References50
ArchLinux
ArchLinux
•added 2019/05/28 12:0 a.m.•45 views

[ASA-201905-10] webkit2gtk: multiple issues

Arch Linux Security Advisory ASA-201905-10 ========================================== Severity: Critical Date : 2019-05-28 CVE-ID : CVE-2019-8595 CVE-2019-8607 CVE-2019-8615 Package : webkit2gtk Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-967 Summary ======= The...

8.8CVSS1AI score0.01884EPSS
Exploits0References8
ArchLinux
ArchLinux
•added 2019/03/22 12:0 a.m.•45 views

[ASA-201903-12] libssh2: multiple issues

Arch Linux Security Advisory ASA-201903-12 ========================================== Severity: Critical Date : 2019-03-22 CVE-ID : CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863 Package : libssh2 Type : multiple issue...

9.3CVSS0.9AI score0.09219EPSS
Exploits0References29
ArchLinux
ArchLinux
•added 2019/03/03 12:0 a.m.•45 views

[ASA-201903-5] file: multiple issues

Arch Linux Security Advisory ASA-201903-5 ========================================= Severity: High Date : 2019-03-03 CVE-ID : CVE-2019-8904 CVE-2019-8905 CVE-2019-8906 CVE-2019-8907 Package : file Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-907 Summary ======= Th...

8.8CVSS1.9AI score0.03465EPSS
Exploits4References10
ArchLinux
ArchLinux
•added 2019/02/25 12:0 a.m.•45 views

[ASA-201902-25] bind: multiple issues

Arch Linux Security Advisory ASA-201902-25 ========================================== Severity: High Date : 2019-02-25 CVE-ID : CVE-2018-5744 CVE-2018-5745 CVE-2019-6465 Package : bind Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-915 Summary ======= The package bi...

7.5CVSS0.8AI score0.037EPSS
Exploits0References7
ArchLinux
ArchLinux
•added 2019/02/06 12:0 a.m.•45 views

[ASA-201902-2] firefox: multiple issues

Arch Linux Security Advisory ASA-201902-2 ========================================= Severity: Critical Date : 2019-02-06 CVE-ID : CVE-2018-18500 CVE-2018-18501 CVE-2018-18502 CVE-2018-18503 CVE-2018-18504 CVE-2018-18505 CVE-2018-18506 Package : firefox Type : multiple issues Remote : Yes Link :...

10CVSS0.2AI score0.12658EPSS
Exploits1References23
ArchLinux
ArchLinux
•added 2018/06/16 12:0 a.m.•45 views

[ASA-201806-10] libgcrypt: private key recovery

Arch Linux Security Advisory ASA-201806-10 ========================================== Severity: High Date : 2018-06-16 CVE-ID : CVE-2018-0495 Package : libgcrypt Type : private key recovery Remote : No Link : https://security.archlinux.org/AVG-719 Summary ======= The package libgcrypt before...

4.7CVSS0.2AI score0.00887EPSS
Exploits1References5
ArchLinux
ArchLinux
•added 2018/01/08 12:0 a.m.•45 views

[ASA-201801-6] linux-lts: access restriction bypass

Arch Linux Security Advisory ASA-201801-6 ========================================= Severity: High Date : 2018-01-08 CVE-ID : CVE-2017-5754 Package : linux-lts Type : access restriction bypass Remote : No Link : https://security.archlinux.org/AVG-577 Summary ======= The package linux-lts before...

5.6CVSS1.2AI score0.84172EPSS
Exploits3References8
ArchLinux
ArchLinux
•added 2017/12/07 12:0 a.m.•45 views

[ASA-201712-5] chromium: multiple issues

Arch Linux Security Advisory ASA-201712-5 ========================================= Severity: Critical Date : 2017-12-07 CVE-ID : CVE-2017-15407 CVE-2017-15408 CVE-2017-15409 CVE-2017-15410 CVE-2017-15411 CVE-2017-15412 CVE-2017-15413 CVE-2017-15415 CVE-2017-15416 CVE-2017-15417 CVE-2017-15418...

8.8CVSS0.8AI score0.02963EPSS
Exploits1References41
ArchLinux
ArchLinux
•added 2017/07/18 12:0 a.m.•45 views

[ASA-201707-18] lib32-libtiff: arbitrary code execution

Arch Linux Security Advisory ASA-201707-18 ========================================== Severity: Critical Date : 2017-07-18 CVE-ID : CVE-2015-7554 CVE-2016-10095 Package : lib32-libtiff Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-87 Summary ======= The...

9.8CVSS8.9AI score0.04187EPSS
Exploits2References8
ArchLinux
ArchLinux
•added 2017/06/07 12:0 a.m.•45 views

[ASA-201706-8] chromium: multiple issues

Arch Linux Security Advisory ASA-201706-8 ========================================= Severity: Critical Date : 2017-06-07 CVE-ID : CVE-2017-5070 CVE-2017-5071 CVE-2017-5072 CVE-2017-5073 CVE-2017-5074 CVE-2017-5075 CVE-2017-5076 CVE-2017-5077 CVE-2017-5078 CVE-2017-5079 CVE-2017-5080 CVE-2017-5081...

8.8CVSS0.5AI score0.31212EPSS
Exploits1References34
ArchLinux
ArchLinux
•added 2017/06/06 12:0 a.m.•45 views

[ASA-201706-6] tomcat7: access restriction bypass

Arch Linux Security Advisory ASA-201706-6 ========================================= Severity: High Date : 2017-06-06 CVE-ID : CVE-2017-5664 Package : tomcat7 Type : access restriction bypass Remote : Yes Link : https://security.archlinux.org/AVG-290 Summary ======= The package tomcat7 before...

7.5CVSS0.16567EPSS
Exploits1References6
ArchLinux
ArchLinux
•added 2016/09/10 12:0 a.m.•45 views

[ASA-201609-7] tomcat8: proxy injection

Arch Linux Security Advisory ASA-201609-7 ========================================= Severity: Medium Date : 2016-09-10 CVE-ID : CVE-2016-5388 Package : tomcat8 Type : proxy injection Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package tomcat8 before version...

8.1CVSS0.2AI score0.50896EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2016/08/27 12:0 a.m.•45 views

wireshark-cli: denial of service

CVE-2016-6505 denial of service It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. - CVE-2016-6506 denial of service It may be possible to make Wireshark consume excessive CPU resources by...

4.3CVSS2.4AI score0.0771EPSS
Exploits2References32
ArchLinux
ArchLinux
•added 2016/08/08 12:0 a.m.•45 views

curl: multiple issues

CVE-2016-5419 authentication bypass libcurl would attempt to resume a TLS session even if the client certificate had changed. That is unacceptable since a server by specification is allowed to skip the client certificate check on resume, and may instead use the old identity which was established...

7.5CVSS0.4AI score0.15063EPSS
Exploits0References6
ArchLinux
ArchLinux
•added 2016/06/25 12:0 a.m.•45 views

chromium: arbitrary code execution

Various fixes from internal audits, fuzzing and other initiatives, including multiple issues in the processing of malformed web content...

6.8CVSS4AI score0.01094EPSS
Exploits0References2
ArchLinux
ArchLinux
•added 2016/06/19 12:0 a.m.•45 views

glibc: denial of service

clntudpcall allocates a buffer, using alloca, to store the payload of an incoming socket error. If a malicious server floods the client with crafted ICMP and UDP packets, this can cause the client to allocate sufficiently many such temporary buffers to cause a stack frame overflow denial of...

7.5CVSS2.9AI score0.03922EPSS
Exploits0References2
ArchLinux
ArchLinux
•added 2016/05/01 12:0 a.m.•45 views

imlib2: multiple issues

CVE-2011-5326 denial of service Kevin Ryde discovered that attempting to draw a 2x1 radi ellipse results in a floating point exception. - CVE-2016-3993 information leakage Yuriy M. Kaminskiy discovered that drawing using coordinates from an untrusted source could lead to an out-of-bound memory...

7.8CVSS8.1AI score0.05839EPSS
Exploits2References6
ArchLinux
ArchLinux
•added 2016/04/04 12:0 a.m.•45 views

optipng: arbitrary code execution

An invalid write may occur in optipng before version 0.7.6 while processing bitmap images due to crtrow' being inc|decremented without any boundary checking when encountering delta escapes. This issue can possibly be used to execute arbitrary code...

4.3CVSS3.4AI score0.03519EPSS
Exploits1References3
ArchLinux
ArchLinux
•added 2016/03/10 12:0 a.m.•45 views

perl: improper input validation

Stephane Chazelas discovered a bug in the environment handling in Perl. Perl provides a Perl-space hash variable, %ENV, in which environment variables can be looked up. If a variable appears twice in envp, only the last value would appear in %ENV, but getenv would return the first. Perl's taint...

5CVSS1.4AI score0.09007EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2016/02/10 12:0 a.m.•45 views

botan: multiple issues

CVE-2016-2194 denial of service The ressol function implements the Tonelli-Shanks algorithm for finding square roots could be sent into a nearly infinite loop due to a misplaced conditional check. This could occur if a composite modulus is provided, as this algorithm is only defined for primes...

10CVSS2.6AI score0.06677EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2016/01/25 12:0 a.m.•45 views

privoxy: denial of service

CVE-2016-1982 denial of service A vulnerability was discovered in a way the privoxy deals with corrupted chunk-encoded content. A maliciously crafted input can result in a remote denial of service. - CVE-2016-1983 denial of service A vulnerability was found in a way the privoxy processes specific...

5CVSS2.9AI score0.02867EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2016/01/17 12:0 a.m.•45 views

keybase: information leakage

This issue can affect RSA computations in crypto/rsa, which is used by crypto/tls. TLS servers on 32-bit systems could plausibly leak their RSA private key due to this issue. Other protocol implementations that create many RSA signatures could also be impacted in the same way. Specifically,...

5CVSS2.8AI score0.02627EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2015/08/07 12:0 a.m.•45 views

wordpress: multiple issues

CVE-2015-2213: SQL injection in comments ID. - CVE-2015-5730: Timing attack in widgets. - CVE-2015-5731: Denial of service by locking a post from being edited. - CVE-2015-5732, CVE-2015-5733 CVE-2015-5734: XSS...

7.5CVSS2.8AI score0.10986EPSS
Exploits0References8
ArchLinux
ArchLinux
•added 2015/02/17 12:0 a.m.•45 views

krb5: multiple issues

CVE-2014-5352 authenticated remote code execution: In the MIT krb5 libgssapikrb5 library, after gssprocesscontexttoken is used to process a valid context deletion token, the caller is left with a security context handle containing a dangling pointer. Further uses of this handle will result in...

9CVSS1.7AI score0.06213EPSS
Exploits0References8
ArchLinux
ArchLinux
•added 2014/12/03 12:0 a.m.•45 views

firefox: multiple issues

CVE-2014-1587: Gary Kwong, Randell Jesup, Nils Ohlmeier, Jesse Ruderman, and Max Jonas Werner reported memory safety problems and crashes that affect Firefox ESR 31.2 and Firefox 33. CVE-2014-1588: Christian Holler, Gary Kwong, Jon Coppeard, Eric Rahm, Byron Campen, Eric Rescorla, and Xidorn Quan...

6.8CVSS5.2AI score0.04052EPSS
Exploits0References11
ArchLinux
ArchLinux
•added 2014/11/28 12:0 a.m.•45 views

libksba: denial of service

By using special crafted S/MIME messages or ECC based OpenPGP data, it is possible to create a buffer overflow. The bug is not easy to exploit because there only 80 possible values which can be used to overwrite memory. However, a denial of service is possible and someone may come up with other...

5CVSS1.1AI score0.05167EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2014/11/20 12:0 a.m.•45 views

wireshark-cli: denial of service

CVE-2014-8710 out-of-bounds read Out-of-bounds read flaw in the SigComp dissector sigcomp-udvm leads to denial of service while processing malformed packets. - CVE-2014-8711 out-of-bounds read The AMQP dissector is seeing a large value in the capture file for what it thinks should be a field...

5CVSS3.2AI score0.03792EPSS
Exploits0References15
ArchLinux
ArchLinux
•added 2014/11/13 12:0 a.m.•45 views

flashplugin: remote code execution

These updates resolve memory corruption vulnerabilities that could lead to code execution CVE-2014-0576, CVE-2014-0581, CVE-2014-8440, CVE-2014-8441. These updates resolve use-after-free vulnerabilities that could lead to code execution CVE-2014-0573, CVE-2014-0588, CVE-2014-8438. These updates...

10CVSS2.1AI score0.81943EPSS
Exploits5References20
ArchLinux
ArchLinux
•added 2014/11/05 12:0 a.m.•45 views

mantisbt: sql injection

Edwin Gozeling and Wim Visser discovered that when the projectid parameter of the SOAP-request starts with the integer of a project to which the user or anonymous is authorized, the ENTIRE value will become the first item of $tprojects. As this value is concatenated in the SQL statement,...

7.5CVSS3.4AI score0.02447EPSS
Exploits1References4
ArchLinux
ArchLinux
•added 2014/01/15 12:0 a.m.•45 views

flashplugin: multiple issues

CVE-2015-0301 Improper file validation issue. - CVE-2015-0302 information disclosure Information disclosure vulnerability that could be exploited to capture keystrokes on the affected system. - CVE-2015-0303, CVE-2015-0306 arbitrary code execution Memory corruption vulnerabilities that could lead...

10CVSS3AI score0.08742EPSS
Exploits0References11
ArchLinux
ArchLinux
•added 2025/03/26 12:0 a.m.•44 views

[ASA-202503-1] exim: privilege escalation

Arch Linux Security Advisory ASA-202503-1 ========================================= Severity: High Date : 2025-03-26 CVE-ID : CVE-2025-30232 Package : exim Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-2859 Summary ======= The package exim before version 4.98.2...

8.1CVSS7.7AI score0.00509EPSS
Exploits0References5
ArchLinux
ArchLinux
•added 2022/04/04 12:0 a.m.•44 views

[ASA-202204-5] bind: multiple issues

Arch Linux Security Advisory ASA-202204-5 ========================================= Severity: High Date : 2022-04-04 CVE-ID : CVE-2021-25220 CVE-2022-0396 CVE-2022-0635 CVE-2022-0667 Package : bind Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2661 Summary =======...

7.5CVSS6.9AI score0.0325EPSS
Exploits0References16
ArchLinux
ArchLinux
•added 2021/12/11 12:0 a.m.•44 views

[ASA-202112-6] chromium: multiple issues

Arch Linux Security Advisory ASA-202112-6 ========================================= Severity: High Date : 2021-12-11 CVE-ID : CVE-2021-4052 CVE-2021-4053 CVE-2021-4054 CVE-2021-4055 CVE-2021-4056 CVE-2021-4057 CVE-2021-4058 CVE-2021-4059 CVE-2021-4061 CVE-2021-4062 CVE-2021-4063 CVE-2021-4064...

8.8CVSS1.6AI score0.02073EPSS
Exploits0References34
ArchLinux
ArchLinux
•added 2021/10/29 12:0 a.m.•44 views

[ASA-202110-8] opera: multiple issues

Arch Linux Security Advisory ASA-202110-8 ========================================= Severity: High Date : 2021-10-29 CVE-ID : CVE-2021-37977 CVE-2021-37978 CVE-2021-37979 CVE-2021-37980 Package : opera Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2444 Summary...

8.8CVSS2.4AI score0.01711EPSS
Exploits1References11
ArchLinux
ArchLinux
•added 2020/09/14 12:0 a.m.•44 views

[ASA-202009-7] netbeans: arbitrary code execution

Arch Linux Security Advisory ASA-202009-7 ========================================= Severity: Critical Date : 2020-09-14 CVE-ID : CVE-2020-11986 Package : netbeans Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1221 Summary ======= The package netbeans befo...

9.8CVSS2.1AI score0.09931EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2020/05/23 12:0 a.m.•44 views

[ASA-202005-16] freerdp: information disclosure

Arch Linux Security Advisory ASA-202005-16 ========================================== Severity: High Date : 2020-05-23 CVE-ID : CVE-2020-13396 CVE-2020-13397 CVE-2020-13398 Package : freerdp Type : information disclosure Remote : No Link : https://security.archlinux.org/AVG-1172 Summary ======= T...

8.3CVSS0.0239EPSS
Exploits0References8
ArchLinux
ArchLinux
•added 2020/05/07 12:0 a.m.•44 views

[ASA-202005-5] qutebrowser: certificate verification bypass

Arch Linux Security Advisory ASA-202005-5 ========================================= Severity: Low Date : 2020-05-07 CVE-ID : CVE-2020-11054 Package : qutebrowser Type : certificate verification bypass Remote : Yes Link : https://security.archlinux.org/AVG-1152 Summary ======= The package...

4.3CVSS0.4AI score0.01282EPSS
Exploits0References5
ArchLinux
ArchLinux
•added 2020/05/06 12:0 a.m.•44 views

[ASA-202005-2] chromium: arbitrary code execution

Arch Linux Security Advisory ASA-202005-2 ========================================= Severity: High Date : 2020-05-06 CVE-ID : CVE-2020-6464 CVE-2020-6831 Package : chromium Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1149 Summary ======= The package...

9.8CVSS1.5AI score0.05803EPSS
Exploits1References8
ArchLinux
ArchLinux
•added 2020/04/28 12:0 a.m.•44 views

[ASA-202004-23] webkit2gtk: arbitrary code execution

Arch Linux Security Advisory ASA-202004-23 ========================================== Severity: Critical Date : 2020-04-28 CVE-ID : CVE-2020-3899 Package : webkit2gtk Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1144 Summary ======= The package webkit2gtk...

9.3CVSS2.3AI score0.04017EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2019/11/07 12:0 a.m.•44 views

[ASA-201911-9] linux-hardened: arbitrary code execution

Arch Linux Security Advisory ASA-201911-9 ========================================= Severity: Critical Date : 2019-11-07 CVE-ID : CVE-2019-17666 Package : linux-hardened Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1063 Summary ======= The package...

8.8CVSS2AI score0.03017EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2019/10/11 12:0 a.m.•44 views

[ASA-201910-6] unbound: denial of service

Arch Linux Security Advisory ASA-201910-6 ========================================= Severity: High Date : 2019-10-11 CVE-ID : CVE-2019-16866 Package : unbound Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1042 Summary ======= The package unbound before version...

7.5CVSS2.1AI score0.03506EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2019/08/28 12:0 a.m.•44 views

[ASA-201908-19] pigeonhole: arbitrary code execution

Arch Linux Security Advisory ASA-201908-19 ========================================== Severity: Critical Date : 2019-08-28 CVE-ID : CVE-2019-11500 Package : pigeonhole Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1027 Summary ======= The package pigeonhol...

9.8CVSS1.9AI score0.62579EPSS
Exploits1References8
ArchLinux
ArchLinux
•added 2019/06/25 12:0 a.m.•44 views

[ASA-201906-20] firefox: sandbox escape

Arch Linux Security Advisory ASA-201906-20 ========================================== Severity: High Date : 2019-06-25 CVE-ID : CVE-2019-11708 Package : firefox Type : sandbox escape Remote : Yes Link : https://security.archlinux.org/AVG-997 Summary ======= The package firefox before version...

10CVSS1.3AI score0.55874EPSS
Exploits10References4
Total number of security vulnerabilities1854