Lucene search
K
ArchlinuxMost viewed

1854 matches found

ArchLinux
ArchLinux
•added 2019/04/12 12:0 a.m.•44 views

[ASA-201904-8] flashplugin: multiple issues

Arch Linux Security Advisory ASA-201904-8 ========================================= Severity: Critical Date : 2019-04-12 CVE-ID : CVE-2019-7096 CVE-2019-7108 Package : flashplugin Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-949 Summary ======= The package...

10CVSS1.6AI score0.06376EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2019/02/20 12:0 a.m.•44 views

[ASA-201902-23] thunderbird: multiple issues

Arch Linux Security Advisory ASA-201902-23 ========================================== Severity: Critical Date : 2019-02-20 CVE-ID : CVE-2018-18335 CVE-2018-18356 CVE-2018-18509 CVE-2019-5785 Package : thunderbird Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-908...

8.8CVSS1.1AI score0.03724EPSS
Exploits0References20
ArchLinux
ArchLinux
•added 2019/02/17 12:0 a.m.•44 views

[ASA-201902-20] flatpak: privilege escalation

Arch Linux Security Advisory ASA-201902-20 ========================================== Severity: High Date : 2019-02-17 CVE-ID : CVE-2019-5736 Package : flatpak Type : privilege escalation Remote : Yes Link : https://security.archlinux.org/AVG-880 Summary ======= The package flatpak before version...

9.3CVSS2.5AI score0.9857EPSS
Exploits33References5
ArchLinux
ArchLinux
•added 2019/02/16 12:0 a.m.•44 views

[ASA-201902-18] hiawatha: directory traversal

Arch Linux Security Advisory ASA-201902-18 ========================================== Severity: High Date : 2019-02-16 CVE-ID : CVE-2019-8358 Package : hiawatha Type : directory traversal Remote : Yes Link : https://security.archlinux.org/AVG-900 Summary ======= The package hiawatha before versio...

8.1CVSS3.5AI score0.01499EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2019/01/10 12:0 a.m.•44 views

[ASA-201901-5] wireshark-cli: multiple issues

Arch Linux Security Advisory ASA-201901-5 ========================================= Severity: Medium Date : 2019-01-10 CVE-ID : CVE-2019-5716 CVE-2019-5717 CVE-2019-5718 CVE-2019-5719 Package : wireshark-cli Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-844 Summary...

5.5CVSS1.3AI score0.01436EPSS
Exploits4References18
ArchLinux
ArchLinux
•added 2018/12/08 12:0 a.m.•44 views

[ASA-201812-2] chromium: multiple issues

Arch Linux Security Advisory ASA-201812-2 ========================================= Severity: Critical Date : 2018-12-08 CVE-ID : CVE-2018-17480 CVE-2018-17481 CVE-2018-18335 CVE-2018-18336 CVE-2018-18337 CVE-2018-18338 CVE-2018-18339 CVE-2018-18340 CVE-2018-18341 CVE-2018-18342 CVE-2018-18343...

8.8CVSS1.2AI score0.34292EPSS
Exploits1References56
ArchLinux
ArchLinux
•added 2018/10/24 12:0 a.m.•44 views

[ASA-201810-14] firefox: multiple issues

Arch Linux Security Advisory ASA-201810-14 ========================================== Severity: Critical Date : 2018-10-24 CVE-ID : CVE-2018-12388 CVE-2018-12390 CVE-2018-12392 CVE-2018-12395 CVE-2018-12396 CVE-2018-12397 CVE-2018-12398 CVE-2018-12399 CVE-2018-12401 CVE-2018-12402 CVE-2018-12403...

9.8CVSS10AI score0.03425EPSS
Exploits0References36
ArchLinux
ArchLinux
•added 2018/08/03 12:0 a.m.•44 views

[ASA-201808-3] python2-django: open redirect

Arch Linux Security Advisory ASA-201808-3 ========================================= Severity: Medium Date : 2018-08-03 CVE-ID : CVE-2018-14574 Package : python2-django Type : open redirect Remote : Yes Link : https://security.archlinux.org/AVG-746 Summary ======= The package python2-django before...

6.1CVSS0.5AI score0.2549EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2018/03/18 12:0 a.m.•44 views

[ASA-201803-14] clamav: multiple issues

Arch Linux Security Advisory ASA-201803-14 ========================================== Severity: Critical Date : 2018-03-18 CVE-ID : CVE-2012-6706 CVE-2017-6419 CVE-2017-11423 CVE-2018-0202 CVE-2018-1000085 Package : clamav Type : multiple issues Remote : Yes Link :...

10CVSS1.7AI score0.10027EPSS
Exploits4References27
ArchLinux
ArchLinux
•added 2018/01/08 12:0 a.m.•44 views

[ASA-201801-7] graphicsmagick: multiple issues

Arch Linux Security Advisory ASA-201801-7 ========================================= Severity: High Date : 2018-01-08 CVE-ID : CVE-2017-11403 CVE-2017-12935 CVE-2017-12936 CVE-2017-12937 CVE-2017-13063 CVE-2017-13064 CVE-2017-13065 CVE-2017-13066 CVE-2017-13134 CVE-2017-13776 CVE-2017-13777...

8.8CVSS2.5AI score0.2831EPSS
Exploits1References45
ArchLinux
ArchLinux
•added 2017/11/07 12:0 a.m.•44 views

[ASA-201711-14] openssl: multiple issues

Arch Linux Security Advisory ASA-201711-14 ========================================== Severity: Medium Date : 2017-11-07 CVE-ID : CVE-2017-3735 CVE-2017-3736 Package : openssl Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-477 Summary ======= The package openssl...

6.5CVSS0.6AI score0.17699EPSS
Exploits0References9
ArchLinux
ArchLinux
•added 2017/08/12 12:0 a.m.•44 views

[ASA-201708-7] mercurial: multiple issues

Arch Linux Security Advisory ASA-201708-7 ========================================= Severity: Critical Date : 2017-08-12 CVE-ID : CVE-2017-1000115 CVE-2017-1000116 Package : mercurial Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-378 Summary ======= The package...

10CVSS2.5AI score0.05734EPSS
Exploits1References4
ArchLinux
ArchLinux
•added 2017/06/23 12:0 a.m.•44 views

[ASA-201706-31] linux: privilege escalation

Arch Linux Security Advisory ASA-201706-31 ========================================== Severity: High Date : 2017-06-23 CVE-ID : CVE-2017-1000364 Package : linux Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-313 Summary ======= The package linux before version...

7.4CVSS0.6AI score0.05186EPSS
Exploits3References4
ArchLinux
ArchLinux
•added 2017/05/30 12:0 a.m.•44 views

[ASA-201705-22] samba: arbitrary code execution

Arch Linux Security Advisory ASA-201705-22 ========================================== Severity: High Date : 2017-05-30 CVE-ID : CVE-2017-7494 Package : samba Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-279 Summary ======= The package samba before version...

10CVSS1.3AI score0.99448EPSS
Exploits24References3
ArchLinux
ArchLinux
•added 2017/01/09 12:0 a.m.•44 views

[ASA-201701-13] icoutils: arbitrary code execution

Arch Linux Security Advisory ASA-201701-13 ========================================== Severity: High Date : 2017-01-09 CVE-ID : CVE-2017-5208 Package : icoutils Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-129 Summary ======= The package icoutils before...

8.8CVSS1.3AI score0.03591EPSS
Exploits0References6
ArchLinux
ArchLinux
•added 2016/09/15 12:0 a.m.•44 views

lib32-flashplugin: multiple issues

CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, CVE-2016-6924 arbitrary code execution Multiple Memory corruption vulnerabilities that could lead to arbitrary code execution have been found...

2AI score0.19443EPSS
Exploits2References27
ArchLinux
ArchLinux
•added 2016/07/29 12:0 a.m.•44 views

imagemagick: information leakage

An out-of-bounds read has been found in ImageMagick's Get8BIMProperty function. This issue can lead to memory leak since the data read is written to the output image afterwards...

2.8AI score0.05019EPSS
Exploits1References3
ArchLinux
ArchLinux
•added 2016/06/25 12:0 a.m.•44 views

phpmyadmin: multiple issues

CVE-2016-5702 cookie attribute injection A vulnerability was found where, under some circumstances, an attacker can inject arbitrary values in the browser cookies. Only affected when PHPSELF is not set. - CVE-2016-5703 SQL injection A vulnerability was discovered that allows an SQL injection...

7.5CVSS0.8AI score0.02948EPSS
Exploits0References23
ArchLinux
ArchLinux
•added 2016/05/05 12:0 a.m.•44 views

quassel-core: denial of service

CVE-2016-4414 denial of service It was found that quasselcore is vulnerable to a denial of service attack by unauthenticated clients. The protocol negotiation did not take into account lack of a match, in which case PeerFactory::createPeer returns a nullptr, which is immediately dereferenced...

5CVSS4AI score0.02934EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2016/04/30 12:0 a.m.•44 views

firefox: multiple issues

CVE-2016-2804: Gary Kwong, Christian Holler, Andrew McCreight, Boris Zbarsky, and Steve Fink reported memory safety problems and crashes that are fixed in Firefox 46. - CVE-2016-2805: Christian Holler reported a memory safety problem that is fixed in Firefox ESR 38.8. - CVE-2016-2806: Gary Kwong,...

10CVSS0.3AI score0.04841EPSS
Exploits0References19
ArchLinux
ArchLinux
•added 2016/04/23 12:0 a.m.•44 views

thunderbird: multiple issues

CVE-2016-1955 same-origin policy bypass A vulnerability allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy CSP violation report that contains path information associated with an IFRAME element. - CVE-2016-1956 denial of...

7.1CVSS7.2AI score0.02425EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2016/02/28 12:0 a.m.•44 views

cacti: sql injection

CVE-2015-8604 sql injection SQL injection in graphsnew.php. - CVE-2015-8377 sql injection SQL injection vulnerability in the hostnewgraphssave function in graphsnew.php. - CVE-2015-8369 sql injection SQL injection in graph.php...

7.5CVSS2.1AI score0.02319EPSS
Exploits7References3
ArchLinux
ArchLinux
•added 2016/02/13 12:0 a.m.•44 views

firefox: same-origin policy bypass

Jason Pang of OneSignal reported that service workers intercept responses to plugin network requests made through the browser. Plugins which make security decisions based on the content of network requests can have these decisions subverted if a service worker forges responses to those requests...

6.8CVSS8.5AI score0.01503EPSS
Exploits0References2
ArchLinux
ArchLinux
•added 2016/01/21 12:0 a.m.•44 views

bind: denial of service

CVE-2015-8704 denial of service A buffer size check used to guard against overflow could cause named to exit with an INSIST failure In apl42.c. A server could exit while performing certain string formatting operations. Examples include but may not be limited to: 1 Slaves using text-format db...

6.8CVSS2.6AI score0.20172EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2015/10/14 12:0 a.m.•44 views

chromium: multiple issues

CVE-2015-6755 cross-origin bypass: Cross-origin bypass in Blink. Credit to Mariusz Mlynski. - CVE-2015-6756 use-after-free: Use-after-free in PDFium. - CVE-2015-6757 use-after-free: Use-after-free in ServiceWorker. Credit to Collin Payne. - CVE-2015-6758: Bad-cast in PDFium. Credit to Atte...

7.5CVSS2.1AI score0.06974EPSS
Exploits2References10
ArchLinux
ArchLinux
•added 2015/09/21 12:0 a.m.•44 views

wordpress: multiple issues

CVE-2015-5714 cross-side scripting A cross-site scripting vulnerability has been discovered when processing shortcode tags. - CVE-2015-5715 permission bypass It has been discovered that users without proper permissions could publish private posts and make them sticky...

1.7AI score0.06389EPSS
Exploits2References4
ArchLinux
ArchLinux
•added 2015/05/18 12:0 a.m.•44 views

thunderbird: multiple issues

CVE-2015-2708 Memory safety bugs fixed in Firefox ESR 31.7 and Firefox 38: Jesse Ruderman, Mats Palmgren, Byron Campen, and Steve Fink reported memory safety problems and crashes that affect Firefox ESR 31.6 and Firefox 37. - CVE-2015-2709 Memory safety bugs fixed in Firefox 38: Gary Kwong,...

7.5CVSS0.6AI score0.07417EPSS
Exploits0References6
ArchLinux
ArchLinux
•added 2015/04/29 12:0 a.m.•44 views

dovecot: denial of service

Dovecot = 2.2.14 does not correctly handle SSL/TLS handshake failure in the login process, asking OpenSSL to flush a connection that has already been aborted. This results in a crash with some versions of OpenSSL most likely = 1.0.2. A patch to OpenSSL has also been written to handle more...

4.3CVSS6AI score0.02842EPSS
Exploits0References5
ArchLinux
ArchLinux
•added 2015/04/17 12:0 a.m.•44 views

flashplugin: multiple issues

CVE-2015-0346 arbitrary code execution A double-free vulnerability allows attackers to execute arbitrary code via unspecified vectors. - CVE-2015-0347 arbitrary code execution Memory corruption vulnerability that could lead to arbitrary code execution or cause a denial of service via unspecified...

10CVSS6.2AI score0.95184EPSS
Exploits11References23
ArchLinux
ArchLinux
•added 2015/04/14 12:0 a.m.•44 views

ruby: permissive certificate verification

After reviewing RFC 6125 and RFC 5280, multiple violations were found of matching hostnames and particularly wildcard certificates. Rubys OpenSSL extension will now provide a string-based matching algorithm which follows more strict behavior, as recommended by these RFCs. In particular, matching ...

4.7CVSS1.6AI score0.02815EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2015/04/02 12:0 a.m.•44 views

chromium: remote code execution

CVE-2015-1233 remote code execution: A combination of V8, Gamepad and IPC bugs can lead to remote code execution outside of the sandbox. - CVE-2015-1234 buffer overflow: Buffer overflow via a race condition in GPU...

7.5CVSS4.6AI score0.05304EPSS
Exploits0References6
ArchLinux
ArchLinux
•added 2015/01/20 12:0 a.m.•44 views

polarssl: remote code execution

During the parsing of a ASN.1 sequence, a pointer in the linked list of asn1sequence is not initialized by asn1getsequenceof. In case an error occurs during parsing of the list, a situation is created where the uninitialized pointer is passed to polarsslfree. This sequence can be triggered when a...

7.5CVSS5.5AI score0.03246EPSS
Exploits0References2
ArchLinux
ArchLinux
•added 2014/12/12 12:0 a.m.•44 views

xorg-server: multiple issues

CVE-2014-8091 denial of service X.Org X Window System, when using SUN-DES-1 Secure RPC authentication credentials, does not check the return value of a malloc call, which allows remote attackers to cause a denial of service NULL pointer dereference and server crash via a crafted connection...

6.5CVSS6.2AI score0.05192EPSS
Exploits0References15
ArchLinux
ArchLinux
•added 2014/12/09 12:0 a.m.•44 views

powerdns-recursor: denial of service

PowerDNS, while acting as a caching nameserver, can be negatively impacted by sending queries for specially configured, hard to resolve domain names. This is the same issue as the ones found in bind ASA-201412-7 and unbound ASA-201412-8...

5CVSS3.5AI score0.73532EPSS
Exploits0References2
ArchLinux
ArchLinux
•added 2014/12/02 12:0 a.m.•44 views

openvpn: denial of service

It was discovered that an authenticated client could trigger an ASSERT in OpenVPN by sending a too-short control channel packet to the server. This could cause the OpenVPN server to crash and deny access to the VPN to other legitimate users...

6.8CVSS3.3AI score0.03478EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2014/11/20 12:0 a.m.•44 views

clamav: denial of service

It was discovered that clamav crashes on certain files when using 'clamscan -a' or while scanning maliciously crafted files...

2.1CVSS2.1AI score0.01133EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2014/11/20 12:0 a.m.•44 views

wireshark-qt: denial of service

CVE-2014-8710 out-of-bounds read Out-of-bounds read flaw in the SigComp dissector sigcomp-udvm leads to denial of service while processing malformed packets. - CVE-2014-8711 out-of-bounds read The AMQP dissector is seeing a large value in the capture file for what it thinks should be a field...

5CVSS3.2AI score0.03792EPSS
Exploits0References15
ArchLinux
ArchLinux
•added 2014/11/19 12:0 a.m.•44 views

arm-none-eabi-binutils: multiple issues

CVE-2014-8484 invalid read Invalid read flaw leads to denial of service while parsing specially crafted files in programs using libbfd. - CVE-2014-8485 out-of-bounds write Lack of range checking leading to controlled write in bfdelfsetupsections which results in denial of service or possible code...

7.5CVSS4.6AI score0.07486EPSS
Exploits7References11
ArchLinux
ArchLinux
•added 2014/11/17 12:0 a.m.•44 views

ruby: denial of service

CPU exhaustion can occur as a result of recursive expansion with an empty string. When reading text nodes from an XML document, the REXML parser can be coerced into allocating extremely large string objects which can consume all of the memory on a machine, causing a denial of service...

5CVSS3.3AI score0.056EPSS
Exploits1References2
ArchLinux
ArchLinux
•added 2021/11/18 12:0 a.m.•43 views

[ASA-202111-8] opera: multiple issues

Arch Linux Security Advisory ASA-202111-8 ========================================= Severity: High Date : 2021-11-18 CVE-ID : CVE-2021-37997 CVE-2021-37998 CVE-2021-37999 CVE-2021-38000 CVE-2021-38001 CVE-2021-38002 CVE-2021-38003 CVE-2021-38004 Package : opera Type : multiple issues Remote : Yes...

9.6CVSS8.3AI score0.36238EPSS
Exploits5References19
ArchLinux
ArchLinux
•added 2020/11/03 12:0 a.m.•43 views

[ASA-202011-3] wordpress: multiple issues

Arch Linux Security Advisory ASA-202011-3 ========================================= Severity: Critical Date : 2020-11-03 CVE-ID : CVE-2020-28032 CVE-2020-28033 CVE-2020-28034 CVE-2020-28035 CVE-2020-28036 CVE-2020-28037 CVE-2020-28038 CVE-2020-28039 CVE-2020-28040 Package : wordpress Type :...

9.8CVSS2.1AI score0.16119EPSS
Exploits1References19
ArchLinux
ArchLinux
•added 2020/04/13 12:0 a.m.•43 views

[ASA-202004-12] thunderbird: multiple issues

Arch Linux Security Advisory ASA-202004-12 ========================================== Severity: Critical Date : 2020-04-13 CVE-ID : CVE-2020-6815 CVE-2020-6819 CVE-2020-6820 CVE-2020-6821 Package : thunderbird Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1132...

9.8CVSS0.7AI score0.06305EPSS
Exploits1References14
ArchLinux
ArchLinux
•added 2020/04/08 12:0 a.m.•43 views

[ASA-202004-8] firefox: multiple issues

Arch Linux Security Advisory ASA-202004-8 ========================================= Severity: Critical Date : 2020-04-08 CVE-ID : CVE-2020-6821 CVE-2020-6823 CVE-2020-6824 CVE-2020-6825 CVE-2020-6826 Package : firefox Type : multiple issues Remote : Yes Link :...

9.8CVSS0.1AI score0.01905EPSS
Exploits0References17
ArchLinux
ArchLinux
•added 2020/02/06 12:0 a.m.•43 views

[ASA-202002-3] chromium: multiple issues

Arch Linux Security Advisory ASA-202002-3 ========================================= Severity: Critical Date : 2020-02-06 CVE-ID : CVE-2019-18197 CVE-2019-19880 CVE-2019-19923 CVE-2019-19925 CVE-2019-19926 CVE-2020-6381 CVE-2020-6382 CVE-2020-6385 CVE-2020-6387 CVE-2020-6388 CVE-2020-6389...

8.8CVSS0.5AI score0.06997EPSS
Exploits19References75
ArchLinux
ArchLinux
•added 2020/02/03 12:0 a.m.•43 views

[ASA-202002-1] python-django: sql injection

Arch Linux Security Advisory ASA-202002-1 ========================================= Severity: Medium Date : 2020-02-03 CVE-ID : CVE-2020-7471 Package : python-django Type : sql injection Remote : Yes Link : https://security.archlinux.org/AVG-1091 Summary ======= The package python-django before...

9.8CVSS1.3AI score0.65336EPSS
Exploits9References3
ArchLinux
ArchLinux
•added 2019/12/18 12:0 a.m.•43 views

[ASA-201912-6] git: arbitrary code execution

Arch Linux Security Advisory ASA-201912-6 ========================================= Severity: High Date : 2019-12-18 CVE-ID : CVE-2019-1348 CVE-2019-1349 CVE-2019-1352 CVE-2019-1387 CVE-2019-19604 Package : git Type : arbitrary code execution Remote : Yes Link :...

9.3CVSS1.6AI score0.34007EPSS
Exploits1References12
ArchLinux
ArchLinux
•added 2019/10/02 12:0 a.m.•43 views

[ASA-201910-1] exim: arbitrary code execution

Arch Linux Security Advisory ASA-201910-1 ========================================= Severity: Critical Date : 2019-10-02 CVE-ID : CVE-2019-16928 Package : exim Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1038 Summary ======= The package exim before versi...

9.8CVSS2.1AI score0.41589EPSS
Exploits3References6
ArchLinux
ArchLinux
•added 2019/09/04 12:0 a.m.•43 views

[ASA-201909-2] firefox: multiple issues

Arch Linux Security Advisory ASA-201909-2 ========================================= Severity: High Date : 2019-09-04 CVE-ID : CVE-2019-5849 CVE-2019-9812 CVE-2019-11734 CVE-2019-11735 CVE-2019-11737 CVE-2019-11738 CVE-2019-11740 CVE-2019-11741 CVE-2019-11742 CVE-2019-11743 CVE-2019-11744...

9.8CVSS10AI score0.0216EPSS
Exploits2References57
ArchLinux
ArchLinux
•added 2019/03/03 12:0 a.m.•43 views

[ASA-201903-6] lib32-openssl-1.0: information disclosure

Arch Linux Security Advisory ASA-201903-6 ========================================= Severity: Medium Date : 2019-03-03 CVE-ID : CVE-2019-1559 Package : lib32-openssl-1.0 Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-918 Summary ======= The package...

5.9CVSS0.8AI score0.17139EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2018/10/17 12:0 a.m.•43 views

[ASA-201810-12] chromium: multiple issues

Arch Linux Security Advisory ASA-201810-12 ========================================== Severity: Critical Date : 2018-10-17 CVE-ID : CVE-2018-5179 CVE-2018-17462 CVE-2018-17463 CVE-2018-17464 CVE-2018-17465 CVE-2018-17466 CVE-2018-17467 CVE-2018-17468 CVE-2018-17469 CVE-2018-17470 CVE-2018-17471...

9.6CVSS0.9AI score0.84564EPSS
Exploits7References34
Total number of security vulnerabilities1854