Archlinux - Page 19 of Archlinux Most Viewed Vulnerabilities List

ArchlinuxMost viewed

1854 matches found

ArchLinux•added 2014/01/15 12:0 a.m.•44 views

flashplugin: multiple issues

CVE-2015-0301 Improper file validation issue. - CVE-2015-0302 information disclosure Information disclosure vulnerability that could be exploited to capture keystrokes on the affected system. - CVE-2015-0303, CVE-2015-0306 arbitrary code execution Memory corruption vulnerabilities that could lead...

10CVSS3AI score0.08742EPSS

Exploits0References11

ArchLinux•added 2022/04/04 12:0 a.m.•43 views

[ASA-202204-5] bind: multiple issues

Arch Linux Security Advisory ASA-202204-5 ========================================= Severity: High Date : 2022-04-04 CVE-ID : CVE-2021-25220 CVE-2022-0396 CVE-2022-0635 CVE-2022-0667 Package : bind Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2661 Summary =======...

7.5CVSS6.9AI score0.0325EPSS

Exploits0References16

ArchLinux•added 2021/10/29 12:0 a.m.•43 views

[ASA-202110-8] opera: multiple issues

Arch Linux Security Advisory ASA-202110-8 ========================================= Severity: High Date : 2021-10-29 CVE-ID : CVE-2021-37977 CVE-2021-37978 CVE-2021-37979 CVE-2021-37980 Package : opera Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2444 Summary...

8.8CVSS2.4AI score0.01711EPSS

Exploits1References11

ArchLinux•added 2020/05/06 12:0 a.m.•43 views

[ASA-202005-2] chromium: arbitrary code execution

Arch Linux Security Advisory ASA-202005-2 ========================================= Severity: High Date : 2020-05-06 CVE-ID : CVE-2020-6464 CVE-2020-6831 Package : chromium Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1149 Summary ======= The package...

9.8CVSS1.5AI score0.05803EPSS

Exploits1References8

ArchLinux•added 2020/01/10 12:0 a.m.•43 views

[ASA-202001-3] firefox: arbitrary code execution

Arch Linux Security Advisory ASA-202001-3 ========================================= Severity: Critical Date : 2020-01-10 CVE-ID : CVE-2019-17026 Package : firefox Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1085 Summary ======= The package firefox before...

8.8CVSS1.9AI score0.46589EPSS

Exploits7References5

ArchLinux•added 2019/10/26 12:0 a.m.•43 views

[ASA-201910-16] firefox: multiple issues

Arch Linux Security Advisory ASA-201910-16 ========================================== Severity: Critical Date : 2019-10-26 CVE-ID : CVE-2018-6156 CVE-2019-11757 CVE-2019-11759 CVE-2019-11760 CVE-2019-11761 CVE-2019-11762 CVE-2019-11763 CVE-2019-11764 CVE-2019-11765 CVE-2019-15903 CVE-2019-17000...

8.8CVSS0.2AI score0.06643EPSS

Exploits3References50

ArchLinux•added 2019/08/28 12:0 a.m.•43 views

[ASA-201908-19] pigeonhole: arbitrary code execution

Arch Linux Security Advisory ASA-201908-19 ========================================== Severity: Critical Date : 2019-08-28 CVE-ID : CVE-2019-11500 Package : pigeonhole Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1027 Summary ======= The package pigeonhol...

9.8CVSS1.9AI score0.62324EPSS

Exploits1References8

ArchLinux•added 2019/06/18 12:0 a.m.•43 views

[ASA-201906-15] linux-zen: denial of service

Arch Linux Security Advisory ASA-201906-15 ========================================== Severity: High Date : 2019-06-18 CVE-ID : CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 Package : linux-zen Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-985 Summary ======= The...

7.8CVSS0.3AI score0.98745EPSS

Exploits4References10

ArchLinux•added 2019/06/04 12:0 a.m.•43 views

[ASA-201906-3] binutils: multiple issues

Arch Linux Security Advisory ASA-201906-3 ========================================= Severity: High Date : 2019-06-04 CVE-ID : CVE-2018-19931 CVE-2018-19932 CVE-2018-20002 CVE-2018-20712 Package : binutils Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-832 Summary...

7.8CVSS1AI score0.02663EPSS

Exploits3References16

ArchLinux•added 2019/03/22 12:0 a.m.•43 views

[ASA-201903-12] libssh2: multiple issues

Arch Linux Security Advisory ASA-201903-12 ========================================== Severity: Critical Date : 2019-03-22 CVE-ID : CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863 Package : libssh2 Type : multiple issue...

9.3CVSS0.9AI score0.09219EPSS

Exploits0References29

ArchLinux•added 2019/03/03 12:0 a.m.•43 views

[ASA-201903-6] lib32-openssl-1.0: information disclosure

Arch Linux Security Advisory ASA-201903-6 ========================================= Severity: Medium Date : 2019-03-03 CVE-ID : CVE-2019-1559 Package : lib32-openssl-1.0 Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-918 Summary ======= The package...

5.9CVSS0.8AI score0.17139EPSS

Exploits0References3

ArchLinux•added 2019/02/06 12:0 a.m.•43 views

[ASA-201902-2] firefox: multiple issues

Arch Linux Security Advisory ASA-201902-2 ========================================= Severity: Critical Date : 2019-02-06 CVE-ID : CVE-2018-18500 CVE-2018-18501 CVE-2018-18502 CVE-2018-18503 CVE-2018-18504 CVE-2018-18505 CVE-2018-18506 Package : firefox Type : multiple issues Remote : Yes Link :...

10CVSS0.2AI score0.12658EPSS

Exploits1References23

ArchLinux•added 2019/01/10 12:0 a.m.•43 views

[ASA-201901-5] wireshark-cli: multiple issues

Arch Linux Security Advisory ASA-201901-5 ========================================= Severity: Medium Date : 2019-01-10 CVE-ID : CVE-2019-5716 CVE-2019-5717 CVE-2019-5718 CVE-2019-5719 Package : wireshark-cli Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-844 Summary...

5.5CVSS1.3AI score0.01436EPSS

Exploits4References18

ArchLinux•added 2018/10/24 12:0 a.m.•43 views

[ASA-201810-14] firefox: multiple issues

Arch Linux Security Advisory ASA-201810-14 ========================================== Severity: Critical Date : 2018-10-24 CVE-ID : CVE-2018-12388 CVE-2018-12390 CVE-2018-12392 CVE-2018-12395 CVE-2018-12396 CVE-2018-12397 CVE-2018-12398 CVE-2018-12399 CVE-2018-12401 CVE-2018-12402 CVE-2018-12403...

9.8CVSS10AI score0.03425EPSS

Exploits0References36

ArchLinux•added 2018/08/03 12:0 a.m.•43 views

[ASA-201808-3] python2-django: open redirect

Arch Linux Security Advisory ASA-201808-3 ========================================= Severity: Medium Date : 2018-08-03 CVE-ID : CVE-2018-14574 Package : python2-django Type : open redirect Remote : Yes Link : https://security.archlinux.org/AVG-746 Summary ======= The package python2-django before...

6.1CVSS0.5AI score0.2549EPSS

Exploits0References4

ArchLinux•added 2018/07/16 12:0 a.m.•43 views

[ASA-201807-6] lib32-libcurl-compat: arbitrary code execution

Arch Linux Security Advisory ASA-201807-6 ========================================= Severity: High Date : 2018-07-16 CVE-ID : CVE-2018-0500 Package : lib32-libcurl-compat Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-731 Summary ======= The package...

9.8CVSS2.1AI score0.06433EPSS

Exploits1References3

ArchLinux•added 2018/06/16 12:0 a.m.•43 views

[ASA-201806-10] libgcrypt: private key recovery

Arch Linux Security Advisory ASA-201806-10 ========================================== Severity: High Date : 2018-06-16 CVE-ID : CVE-2018-0495 Package : libgcrypt Type : private key recovery Remote : No Link : https://security.archlinux.org/AVG-719 Summary ======= The package libgcrypt before...

4.7CVSS0.2AI score0.00887EPSS

Exploits1References5

ArchLinux•added 2017/11/07 12:0 a.m.•43 views

[ASA-201711-14] openssl: multiple issues

Arch Linux Security Advisory ASA-201711-14 ========================================== Severity: Medium Date : 2017-11-07 CVE-ID : CVE-2017-3735 CVE-2017-3736 Package : openssl Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-477 Summary ======= The package openssl...

6.5CVSS0.6AI score0.17699EPSS

Exploits0References9

ArchLinux•added 2017/06/23 12:0 a.m.•43 views

[ASA-201706-31] linux: privilege escalation

Arch Linux Security Advisory ASA-201706-31 ========================================== Severity: High Date : 2017-06-23 CVE-ID : CVE-2017-1000364 Package : linux Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-313 Summary ======= The package linux before version...

7.4CVSS0.6AI score0.05186EPSS

Exploits3References4

ArchLinux•added 2017/06/06 12:0 a.m.•43 views

[ASA-201706-6] tomcat7: access restriction bypass

Arch Linux Security Advisory ASA-201706-6 ========================================= Severity: High Date : 2017-06-06 CVE-ID : CVE-2017-5664 Package : tomcat7 Type : access restriction bypass Remote : Yes Link : https://security.archlinux.org/AVG-290 Summary ======= The package tomcat7 before...

7.5CVSS0.16567EPSS

Exploits1References6

ArchLinux•added 2016/09/10 12:0 a.m.•44 views

[ASA-201609-7] tomcat8: proxy injection

Arch Linux Security Advisory ASA-201609-7 ========================================= Severity: Medium Date : 2016-09-10 CVE-ID : CVE-2016-5388 Package : tomcat8 Type : proxy injection Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package tomcat8 before version...

8.1CVSS0.2AI score0.50896EPSS

Exploits0References3

ArchLinux•added 2016/09/01 12:0 a.m.•43 views

webkit2gtk: multiple issues

CVE-2016-4590 same-origin policy bypass xisigr of Tencents Xuanwu Lab discovered a vulnerability in the way webkit handles URLs, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. - CVE-2016-4591 arbitrary filesystem access ma.la of LINE Corporation discoveered...

7.8CVSS6.7AI score0.18843EPSS

Exploits4References5

ArchLinux•added 2016/06/05 12:0 a.m.•43 views

chromium: multiple issues

CVE-2016-1696 cross-origin bypass: Cross-origin bypass in Extension bindings. Credit to anonymous. - CVE-2016-1697 cross-origin bypass: Cross-origin bypass in Blink. Credit to Mariusz Mlynski. - CVE-2016-1698 information leakage: Information leak in Extension bindings. Credit to Rob Wu. -...

6.8CVSS1.6AI score0.01849EPSS

Exploits1References9

ArchLinux•added 2016/04/30 12:0 a.m.•43 views

firefox: multiple issues

CVE-2016-2804: Gary Kwong, Christian Holler, Andrew McCreight, Boris Zbarsky, and Steve Fink reported memory safety problems and crashes that are fixed in Firefox 46. - CVE-2016-2805: Christian Holler reported a memory safety problem that is fixed in Firefox ESR 38.8. - CVE-2016-2806: Gary Kwong,...

10CVSS0.3AI score0.04841EPSS

Exploits0References19

ArchLinux•added 2016/04/23 12:0 a.m.•43 views

thunderbird: multiple issues

CVE-2016-1955 same-origin policy bypass A vulnerability allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy CSP violation report that contains path information associated with an IFRAME element. - CVE-2016-1956 denial of...

7.1CVSS7.2AI score0.02425EPSS

Exploits0References4

ArchLinux•added 2016/01/25 12:0 a.m.•43 views

privoxy: denial of service

CVE-2016-1982 denial of service A vulnerability was discovered in a way the privoxy deals with corrupted chunk-encoded content. A maliciously crafted input can result in a remote denial of service. - CVE-2016-1983 denial of service A vulnerability was found in a way the privoxy processes specific...

5CVSS2.9AI score0.02813EPSS

Exploits0References3

ArchLinux•added 2016/01/25 12:0 a.m.•43 views

ecryptfs-utils: privilege escalation

An unprivileged user can mount an ecryptfs over /proc/$pid because according to stat, it is a normal directory and owned by the user. However, the user is not actually permitted to create arbitrary directory entries in /proc/$pid, and ecryptfs' behavior might be enabling privilege escalation...

4.6CVSS1.5AI score0.00368EPSS

Exploits0References3

ArchLinux•added 2016/01/17 12:0 a.m.•43 views

keybase: information leakage

This issue can affect RSA computations in crypto/rsa, which is used by crypto/tls. TLS servers on 32-bit systems could plausibly leak their RSA private key due to this issue. Other protocol implementations that create many RSA signatures could also be impacted in the same way. Specifically,...

5CVSS2.8AI score0.02627EPSS

Exploits0References3

ArchLinux•added 2015/08/07 12:0 a.m.•43 views

wordpress: multiple issues

CVE-2015-2213: SQL injection in comments ID. - CVE-2015-5730: Timing attack in widgets. - CVE-2015-5731: Denial of service by locking a post from being edited. - CVE-2015-5732, CVE-2015-5733 CVE-2015-5734: XSS...

7.5CVSS2.8AI score0.10986EPSS

Exploits0References8

ArchLinux•added 2015/05/18 12:0 a.m.•43 views

thunderbird: multiple issues

CVE-2015-2708 Memory safety bugs fixed in Firefox ESR 31.7 and Firefox 38: Jesse Ruderman, Mats Palmgren, Byron Campen, and Steve Fink reported memory safety problems and crashes that affect Firefox ESR 31.6 and Firefox 37. - CVE-2015-2709 Memory safety bugs fixed in Firefox 38: Gary Kwong,...

7.5CVSS0.6AI score0.07417EPSS

Exploits0References6

ArchLinux•added 2015/04/29 12:0 a.m.•43 views

dovecot: denial of service

Dovecot = 2.2.14 does not correctly handle SSL/TLS handshake failure in the login process, asking OpenSSL to flush a connection that has already been aborted. This results in a crash with some versions of OpenSSL most likely = 1.0.2. A patch to OpenSSL has also been written to handle more...

4.3CVSS6AI score0.02842EPSS

Exploits0References5

ArchLinux•added 2015/04/17 12:0 a.m.•43 views

flashplugin: multiple issues

CVE-2015-0346 arbitrary code execution A double-free vulnerability allows attackers to execute arbitrary code via unspecified vectors. - CVE-2015-0347 arbitrary code execution Memory corruption vulnerability that could lead to arbitrary code execution or cause a denial of service via unspecified...

10CVSS6.2AI score0.95184EPSS

Exploits11References23

ArchLinux•added 2015/04/14 12:0 a.m.•43 views

ruby: permissive certificate verification

After reviewing RFC 6125 and RFC 5280, multiple violations were found of matching hostnames and particularly wildcard certificates. Rubys OpenSSL extension will now provide a string-based matching algorithm which follows more strict behavior, as recommended by these RFCs. In particular, matching ...

4.7CVSS1.6AI score0.02815EPSS

Exploits0References3

ArchLinux•added 2015/03/23 12:0 a.m.•43 views

cpio: directory traversal

It was reported that cpio is vulnerable to a directory traversal vulnerability when using the --no-absolute-filenames option. While extracting an archive, it will extract symlinks and then follow them if they are referenced in further entries. This can be exploited by a rogue archive to write to...

1.9CVSS3.9AI score0.02906EPSS

Exploits4References3

ArchLinux•added 2015/02/25 12:0 a.m.•43 views

thunderbird: multiple issues

CVE-2015-0822 information leak: Security researcher Armin Razmdjou reported that a user readable file in a known local path could be uploaded to a malicious site. This was done by manipulating the autocomplete feature in a form and user interaction with it. While the local file is not visibly...

7.5CVSS1.7AI score0.04359EPSS

Exploits0References6

ArchLinux•added 2014/12/16 12:0 a.m.•43 views

dokuwiki: cross-site scripting

It was discovered that dokuwiki did not sufficiently filter uploaded files. A remote attacker with upload access is able to use this flaw in order to upload SWF files leading to possible cross-site scripting...

4.3CVSS2AI score0.02365EPSS

Exploits0References4

ArchLinux•added 2014/12/03 12:0 a.m.•43 views

firefox: multiple issues

CVE-2014-1587: Gary Kwong, Randell Jesup, Nils Ohlmeier, Jesse Ruderman, and Max Jonas Werner reported memory safety problems and crashes that affect Firefox ESR 31.2 and Firefox 33. CVE-2014-1588: Christian Holler, Gary Kwong, Jon Coppeard, Eric Rahm, Byron Campen, Eric Rescorla, and Xidorn Quan...

6.8CVSS5.2AI score0.04052EPSS

Exploits0References11

ArchLinux•added 2014/12/02 12:0 a.m.•43 views

openvpn: denial of service

It was discovered that an authenticated client could trigger an ASSERT in OpenVPN by sending a too-short control channel packet to the server. This could cause the OpenVPN server to crash and deny access to the VPN to other legitimate users...

6.8CVSS3.3AI score0.03478EPSS

Exploits0References4

ArchLinux•added 2014/11/20 12:0 a.m.•43 views

clamav: denial of service

It was discovered that clamav crashes on certain files when using 'clamscan -a' or while scanning maliciously crafted files...

2.1CVSS2.1AI score0.01133EPSS

Exploits0References3

ArchLinux•added 2014/11/20 12:0 a.m.•43 views

wireshark-qt: denial of service

CVE-2014-8710 out-of-bounds read Out-of-bounds read flaw in the SigComp dissector sigcomp-udvm leads to denial of service while processing malformed packets. - CVE-2014-8711 out-of-bounds read The AMQP dissector is seeing a large value in the capture file for what it thinks should be a field...

5CVSS3.2AI score0.03792EPSS

Exploits0References15

ArchLinux•added 2014/11/17 12:0 a.m.•43 views

ruby: denial of service

CPU exhaustion can occur as a result of recursive expansion with an empty string. When reading text nodes from an XML document, the REXML parser can be coerced into allocating extremely large string objects which can consume all of the memory on a machine, causing a denial of service...

5CVSS3.3AI score0.05555EPSS

Exploits1References2

ArchLinux•added 2022/05/16 12:0 a.m.•42 views

[ASA-202205-3] thunderbird: multiple issues

Arch Linux Security Advisory ASA-202205-3 ========================================= Severity: High Date : 2022-05-16 CVE-ID : CVE-2022-1520 CVE-2022-29909 CVE-2022-29911 CVE-2022-29912 CVE-2022-29913 CVE-2022-29914 CVE-2022-29916 CVE-2022-29917 Package : thunderbird Type : multiple issues Remote ...

9.3AI score0.01005EPSS

Exploits3References31

ArchLinux•added 2020/09/14 12:0 a.m.•42 views

[ASA-202009-7] netbeans: arbitrary code execution

Arch Linux Security Advisory ASA-202009-7 ========================================= Severity: Critical Date : 2020-09-14 CVE-ID : CVE-2020-11986 Package : netbeans Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1221 Summary ======= The package netbeans befo...

9.8CVSS2.1AI score0.09931EPSS

Exploits0References3

ArchLinux•added 2020/05/23 12:0 a.m.•42 views

[ASA-202005-16] freerdp: information disclosure

Arch Linux Security Advisory ASA-202005-16 ========================================== Severity: High Date : 2020-05-23 CVE-ID : CVE-2020-13396 CVE-2020-13397 CVE-2020-13398 Package : freerdp Type : information disclosure Remote : No Link : https://security.archlinux.org/AVG-1172 Summary ======= T...

8.3CVSS0.02401EPSS

Exploits0References8

ArchLinux•added 2020/02/03 12:0 a.m.•42 views

[ASA-202002-1] python-django: sql injection

Arch Linux Security Advisory ASA-202002-1 ========================================= Severity: Medium Date : 2020-02-03 CVE-ID : CVE-2020-7471 Package : python-django Type : sql injection Remote : Yes Link : https://security.archlinux.org/AVG-1091 Summary ======= The package python-django before...

9.8CVSS1.3AI score0.65336EPSS

Exploits9References3

ArchLinux•added 2019/11/07 12:0 a.m.•42 views

[ASA-201911-9] linux-hardened: arbitrary code execution

Arch Linux Security Advisory ASA-201911-9 ========================================= Severity: Critical Date : 2019-11-07 CVE-ID : CVE-2019-17666 Package : linux-hardened Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1063 Summary ======= The package...

8.8CVSS2AI score0.03017EPSS

Exploits0References4

ArchLinux•added 2019/10/11 12:0 a.m.•42 views

[ASA-201910-6] unbound: denial of service

Arch Linux Security Advisory ASA-201910-6 ========================================= Severity: High Date : 2019-10-11 CVE-ID : CVE-2019-16866 Package : unbound Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1042 Summary ======= The package unbound before version...

7.5CVSS2.1AI score0.03506EPSS

Exploits0References4

ArchLinux•added 2019/06/25 12:0 a.m.•42 views

[ASA-201906-20] firefox: sandbox escape

Arch Linux Security Advisory ASA-201906-20 ========================================== Severity: High Date : 2019-06-25 CVE-ID : CVE-2019-11708 Package : firefox Type : sandbox escape Remote : Yes Link : https://security.archlinux.org/AVG-997 Summary ======= The package firefox before version...

10CVSS1.3AI score0.55874EPSS

Exploits10References4

ArchLinux•added 2019/05/28 12:0 a.m.•42 views

[ASA-201905-10] webkit2gtk: multiple issues

Arch Linux Security Advisory ASA-201905-10 ========================================== Severity: Critical Date : 2019-05-28 CVE-ID : CVE-2019-8595 CVE-2019-8607 CVE-2019-8615 Package : webkit2gtk Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-967 Summary ======= The...

8.8CVSS1AI score0.019EPSS

Exploits0References8

ArchLinux•added 2019/03/13 12:0 a.m.•42 views

[ASA-201903-8] chromium: multiple issues

Arch Linux Security Advisory ASA-201903-8 ========================================= Severity: High Date : 2019-03-13 CVE-ID : CVE-2019-5787 CVE-2019-5788 CVE-2019-5789 CVE-2019-5790 CVE-2019-5791 CVE-2019-5792 CVE-2019-5793 CVE-2019-5794 CVE-2019-5795 CVE-2019-5796 CVE-2019-5797 CVE-2019-5798...

9.3CVSS0.6AI score0.07287EPSS

Exploits3References34

Total number of security vulnerabilities1854