Lucene search
K
ArchlinuxMost viewed

1854 matches found

ArchLinux
ArchLinux
•added 2020/05/06 12:0 a.m.•44 views

[ASA-202005-2] chromium: arbitrary code execution

Arch Linux Security Advisory ASA-202005-2 ========================================= Severity: High Date : 2020-05-06 CVE-ID : CVE-2020-6464 CVE-2020-6831 Package : chromium Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1149 Summary ======= The package...

9.8CVSS1.5AI score0.05803EPSS
Exploits1References8
ArchLinux
ArchLinux
•added 2020/04/28 12:0 a.m.•44 views

[ASA-202004-23] webkit2gtk: arbitrary code execution

Arch Linux Security Advisory ASA-202004-23 ========================================== Severity: Critical Date : 2020-04-28 CVE-ID : CVE-2020-3899 Package : webkit2gtk Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1144 Summary ======= The package webkit2gtk...

9.3CVSS2.3AI score0.04017EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2019/11/07 12:0 a.m.•44 views

[ASA-201911-9] linux-hardened: arbitrary code execution

Arch Linux Security Advisory ASA-201911-9 ========================================= Severity: Critical Date : 2019-11-07 CVE-ID : CVE-2019-17666 Package : linux-hardened Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1063 Summary ======= The package...

8.8CVSS2AI score0.03017EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2019/08/28 12:0 a.m.•44 views

[ASA-201908-19] pigeonhole: arbitrary code execution

Arch Linux Security Advisory ASA-201908-19 ========================================== Severity: Critical Date : 2019-08-28 CVE-ID : CVE-2019-11500 Package : pigeonhole Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1027 Summary ======= The package pigeonhol...

9.8CVSS1.9AI score0.62579EPSS
Exploits1References8
ArchLinux
ArchLinux
•added 2019/06/25 12:0 a.m.•44 views

[ASA-201906-20] firefox: sandbox escape

Arch Linux Security Advisory ASA-201906-20 ========================================== Severity: High Date : 2019-06-25 CVE-ID : CVE-2019-11708 Package : firefox Type : sandbox escape Remote : Yes Link : https://security.archlinux.org/AVG-997 Summary ======= The package firefox before version...

10CVSS1.3AI score0.55874EPSS
Exploits10References4
ArchLinux
ArchLinux
•added 2019/04/12 12:0 a.m.•44 views

[ASA-201904-8] flashplugin: multiple issues

Arch Linux Security Advisory ASA-201904-8 ========================================= Severity: Critical Date : 2019-04-12 CVE-ID : CVE-2019-7096 CVE-2019-7108 Package : flashplugin Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-949 Summary ======= The package...

10CVSS1.6AI score0.06376EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2019/02/20 12:0 a.m.•44 views

[ASA-201902-23] thunderbird: multiple issues

Arch Linux Security Advisory ASA-201902-23 ========================================== Severity: Critical Date : 2019-02-20 CVE-ID : CVE-2018-18335 CVE-2018-18356 CVE-2018-18509 CVE-2019-5785 Package : thunderbird Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-908...

8.8CVSS1.1AI score0.03724EPSS
Exploits0References20
ArchLinux
ArchLinux
•added 2019/02/16 12:0 a.m.•44 views

[ASA-201902-18] hiawatha: directory traversal

Arch Linux Security Advisory ASA-201902-18 ========================================== Severity: High Date : 2019-02-16 CVE-ID : CVE-2019-8358 Package : hiawatha Type : directory traversal Remote : Yes Link : https://security.archlinux.org/AVG-900 Summary ======= The package hiawatha before versio...

8.1CVSS3.5AI score0.01499EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2019/01/10 12:0 a.m.•44 views

[ASA-201901-5] wireshark-cli: multiple issues

Arch Linux Security Advisory ASA-201901-5 ========================================= Severity: Medium Date : 2019-01-10 CVE-ID : CVE-2019-5716 CVE-2019-5717 CVE-2019-5718 CVE-2019-5719 Package : wireshark-cli Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-844 Summary...

5.5CVSS1.3AI score0.01436EPSS
Exploits4References18
ArchLinux
ArchLinux
•added 2018/12/08 12:0 a.m.•44 views

[ASA-201812-2] chromium: multiple issues

Arch Linux Security Advisory ASA-201812-2 ========================================= Severity: Critical Date : 2018-12-08 CVE-ID : CVE-2018-17480 CVE-2018-17481 CVE-2018-18335 CVE-2018-18336 CVE-2018-18337 CVE-2018-18338 CVE-2018-18339 CVE-2018-18340 CVE-2018-18341 CVE-2018-18342 CVE-2018-18343...

8.8CVSS1.2AI score0.34292EPSS
Exploits1References56
ArchLinux
ArchLinux
•added 2018/10/24 12:0 a.m.•44 views

[ASA-201810-14] firefox: multiple issues

Arch Linux Security Advisory ASA-201810-14 ========================================== Severity: Critical Date : 2018-10-24 CVE-ID : CVE-2018-12388 CVE-2018-12390 CVE-2018-12392 CVE-2018-12395 CVE-2018-12396 CVE-2018-12397 CVE-2018-12398 CVE-2018-12399 CVE-2018-12401 CVE-2018-12402 CVE-2018-12403...

9.8CVSS10AI score0.03425EPSS
Exploits0References36
ArchLinux
ArchLinux
•added 2018/08/03 12:0 a.m.•44 views

[ASA-201808-3] python2-django: open redirect

Arch Linux Security Advisory ASA-201808-3 ========================================= Severity: Medium Date : 2018-08-03 CVE-ID : CVE-2018-14574 Package : python2-django Type : open redirect Remote : Yes Link : https://security.archlinux.org/AVG-746 Summary ======= The package python2-django before...

6.1CVSS0.5AI score0.2549EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2018/01/08 12:0 a.m.•44 views

[ASA-201801-7] graphicsmagick: multiple issues

Arch Linux Security Advisory ASA-201801-7 ========================================= Severity: High Date : 2018-01-08 CVE-ID : CVE-2017-11403 CVE-2017-12935 CVE-2017-12936 CVE-2017-12937 CVE-2017-13063 CVE-2017-13064 CVE-2017-13065 CVE-2017-13066 CVE-2017-13134 CVE-2017-13776 CVE-2017-13777...

8.8CVSS2.5AI score0.2831EPSS
Exploits1References45
ArchLinux
ArchLinux
•added 2017/11/07 12:0 a.m.•44 views

[ASA-201711-14] openssl: multiple issues

Arch Linux Security Advisory ASA-201711-14 ========================================== Severity: Medium Date : 2017-11-07 CVE-ID : CVE-2017-3735 CVE-2017-3736 Package : openssl Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-477 Summary ======= The package openssl...

6.5CVSS0.6AI score0.17699EPSS
Exploits0References9
ArchLinux
ArchLinux
•added 2017/10/05 12:0 a.m.•44 views

[ASA-201710-2] curl: denial of service

Arch Linux Security Advisory ASA-201710-2 ========================================= Severity: Low Date : 2017-10-05 CVE-ID : CVE-2017-1000254 Package : curl Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-422 Summary ======= The package curl before version 7.56.0-1...

7.5CVSS0.1AI score0.08465EPSS
Exploits0References5
ArchLinux
ArchLinux
•added 2017/09/13 12:0 a.m.•44 views

[ASA-201709-5] tcpdump: multiple issues

Arch Linux Security Advisory ASA-201709-5 ========================================= Severity: Critical Date : 2017-09-13 CVE-ID : CVE-2017-11541 CVE-2017-11542 CVE-2017-11543 CVE-2017-12893 CVE-2017-12894 CVE-2017-12895 CVE-2017-12896 CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900...

9.8CVSS1AI score0.06196EPSS
Exploits3References195
ArchLinux
ArchLinux
•added 2017/08/10 12:0 a.m.•44 views

[ASA-201708-5] libsoup: arbitrary code execution

Arch Linux Security Advisory ASA-201708-5 ========================================= Severity: Critical Date : 2017-08-10 CVE-ID : CVE-2017-2885 Package : libsoup Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-376 Summary ======= The package libsoup before...

9.8CVSS3.8AI score0.24337EPSS
Exploits4References3
ArchLinux
ArchLinux
•added 2017/06/23 12:0 a.m.•44 views

[ASA-201706-31] linux: privilege escalation

Arch Linux Security Advisory ASA-201706-31 ========================================== Severity: High Date : 2017-06-23 CVE-ID : CVE-2017-1000364 Package : linux Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-313 Summary ======= The package linux before version...

7.4CVSS0.6AI score0.05186EPSS
Exploits3References4
ArchLinux
ArchLinux
•added 2017/05/30 12:0 a.m.•44 views

[ASA-201705-22] samba: arbitrary code execution

Arch Linux Security Advisory ASA-201705-22 ========================================== Severity: High Date : 2017-05-30 CVE-ID : CVE-2017-7494 Package : samba Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-279 Summary ======= The package samba before version...

10CVSS1.3AI score0.99448EPSS
Exploits24References3
ArchLinux
ArchLinux
•added 2017/01/09 12:0 a.m.•44 views

[ASA-201701-13] icoutils: arbitrary code execution

Arch Linux Security Advisory ASA-201701-13 ========================================== Severity: High Date : 2017-01-09 CVE-ID : CVE-2017-5208 Package : icoutils Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-129 Summary ======= The package icoutils before...

8.8CVSS1.3AI score0.03591EPSS
Exploits0References6
ArchLinux
ArchLinux
•added 2016/09/15 12:0 a.m.•44 views

lib32-flashplugin: multiple issues

CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, CVE-2016-6924 arbitrary code execution Multiple Memory corruption vulnerabilities that could lead to arbitrary code execution have been found...

2AI score0.19443EPSS
Exploits2References27
ArchLinux
ArchLinux
•added 2016/07/29 12:0 a.m.•44 views

imagemagick: information leakage

An out-of-bounds read has been found in ImageMagick's Get8BIMProperty function. This issue can lead to memory leak since the data read is written to the output image afterwards...

2.8AI score0.05019EPSS
Exploits1References3
ArchLinux
ArchLinux
•added 2016/06/25 12:0 a.m.•44 views

phpmyadmin: multiple issues

CVE-2016-5702 cookie attribute injection A vulnerability was found where, under some circumstances, an attacker can inject arbitrary values in the browser cookies. Only affected when PHPSELF is not set. - CVE-2016-5703 SQL injection A vulnerability was discovered that allows an SQL injection...

7.5CVSS0.8AI score0.02948EPSS
Exploits0References23
ArchLinux
ArchLinux
•added 2016/05/05 12:0 a.m.•44 views

quassel-core: denial of service

CVE-2016-4414 denial of service It was found that quasselcore is vulnerable to a denial of service attack by unauthenticated clients. The protocol negotiation did not take into account lack of a match, in which case PeerFactory::createPeer returns a nullptr, which is immediately dereferenced...

5CVSS4AI score0.02934EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2016/04/30 12:0 a.m.•44 views

firefox: multiple issues

CVE-2016-2804: Gary Kwong, Christian Holler, Andrew McCreight, Boris Zbarsky, and Steve Fink reported memory safety problems and crashes that are fixed in Firefox 46. - CVE-2016-2805: Christian Holler reported a memory safety problem that is fixed in Firefox ESR 38.8. - CVE-2016-2806: Gary Kwong,...

10CVSS0.3AI score0.04841EPSS
Exploits0References19
ArchLinux
ArchLinux
•added 2016/04/23 12:0 a.m.•44 views

thunderbird: multiple issues

CVE-2016-1955 same-origin policy bypass A vulnerability allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy CSP violation report that contains path information associated with an IFRAME element. - CVE-2016-1956 denial of...

7.1CVSS7.2AI score0.02425EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2016/02/28 12:0 a.m.•44 views

cacti: sql injection

CVE-2015-8604 sql injection SQL injection in graphsnew.php. - CVE-2015-8377 sql injection SQL injection vulnerability in the hostnewgraphssave function in graphsnew.php. - CVE-2015-8369 sql injection SQL injection in graph.php...

7.5CVSS2.1AI score0.02319EPSS
Exploits7References3
ArchLinux
ArchLinux
•added 2016/02/13 12:0 a.m.•44 views

firefox: same-origin policy bypass

Jason Pang of OneSignal reported that service workers intercept responses to plugin network requests made through the browser. Plugins which make security decisions based on the content of network requests can have these decisions subverted if a service worker forges responses to those requests...

6.8CVSS8.5AI score0.01503EPSS
Exploits0References2
ArchLinux
ArchLinux
•added 2016/01/21 12:0 a.m.•44 views

bind: denial of service

CVE-2015-8704 denial of service A buffer size check used to guard against overflow could cause named to exit with an INSIST failure In apl42.c. A server could exit while performing certain string formatting operations. Examples include but may not be limited to: 1 Slaves using text-format db...

6.8CVSS2.6AI score0.20172EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2015/10/14 12:0 a.m.•44 views

chromium: multiple issues

CVE-2015-6755 cross-origin bypass: Cross-origin bypass in Blink. Credit to Mariusz Mlynski. - CVE-2015-6756 use-after-free: Use-after-free in PDFium. - CVE-2015-6757 use-after-free: Use-after-free in ServiceWorker. Credit to Collin Payne. - CVE-2015-6758: Bad-cast in PDFium. Credit to Atte...

7.5CVSS2.1AI score0.06974EPSS
Exploits2References10
ArchLinux
ArchLinux
•added 2015/09/21 12:0 a.m.•44 views

wordpress: multiple issues

CVE-2015-5714 cross-side scripting A cross-site scripting vulnerability has been discovered when processing shortcode tags. - CVE-2015-5715 permission bypass It has been discovered that users without proper permissions could publish private posts and make them sticky...

1.7AI score0.06389EPSS
Exploits2References4
ArchLinux
ArchLinux
•added 2015/05/18 12:0 a.m.•44 views

thunderbird: multiple issues

CVE-2015-2708 Memory safety bugs fixed in Firefox ESR 31.7 and Firefox 38: Jesse Ruderman, Mats Palmgren, Byron Campen, and Steve Fink reported memory safety problems and crashes that affect Firefox ESR 31.6 and Firefox 37. - CVE-2015-2709 Memory safety bugs fixed in Firefox 38: Gary Kwong,...

7.5CVSS0.6AI score0.07417EPSS
Exploits0References6
ArchLinux
ArchLinux
•added 2015/05/08 12:0 a.m.•44 views

mariadb-clients: denial of service

A heap-based buffer overflow was found in the way PCRE handled certain malformed regular expressions. This issue could cause a crash while parsing malicious regular expressions related to an assertion that allows zero repeats...

5CVSS3.7AI score0.06505EPSS
Exploits0References2
ArchLinux
ArchLinux
•added 2015/04/29 12:0 a.m.•44 views

dovecot: denial of service

Dovecot = 2.2.14 does not correctly handle SSL/TLS handshake failure in the login process, asking OpenSSL to flush a connection that has already been aborted. This results in a crash with some versions of OpenSSL most likely = 1.0.2. A patch to OpenSSL has also been written to handle more...

4.3CVSS6AI score0.02842EPSS
Exploits0References5
ArchLinux
ArchLinux
•added 2015/04/17 12:0 a.m.•44 views

flashplugin: multiple issues

CVE-2015-0346 arbitrary code execution A double-free vulnerability allows attackers to execute arbitrary code via unspecified vectors. - CVE-2015-0347 arbitrary code execution Memory corruption vulnerability that could lead to arbitrary code execution or cause a denial of service via unspecified...

10CVSS6.2AI score0.95184EPSS
Exploits11References23
ArchLinux
ArchLinux
•added 2015/04/14 12:0 a.m.•44 views

ruby: permissive certificate verification

After reviewing RFC 6125 and RFC 5280, multiple violations were found of matching hostnames and particularly wildcard certificates. Rubys OpenSSL extension will now provide a string-based matching algorithm which follows more strict behavior, as recommended by these RFCs. In particular, matching ...

4.7CVSS1.6AI score0.02815EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2015/04/02 12:0 a.m.•44 views

chromium: remote code execution

CVE-2015-1233 remote code execution: A combination of V8, Gamepad and IPC bugs can lead to remote code execution outside of the sandbox. - CVE-2015-1234 buffer overflow: Buffer overflow via a race condition in GPU...

7.5CVSS4.6AI score0.05304EPSS
Exploits0References6
ArchLinux
ArchLinux
•added 2015/01/20 12:0 a.m.•44 views

polarssl: remote code execution

During the parsing of a ASN.1 sequence, a pointer in the linked list of asn1sequence is not initialized by asn1getsequenceof. In case an error occurs during parsing of the list, a situation is created where the uninitialized pointer is passed to polarsslfree. This sequence can be triggered when a...

7.5CVSS5.5AI score0.03246EPSS
Exploits0References2
ArchLinux
ArchLinux
•added 2014/12/12 12:0 a.m.•44 views

xorg-server: multiple issues

CVE-2014-8091 denial of service X.Org X Window System, when using SUN-DES-1 Secure RPC authentication credentials, does not check the return value of a malloc call, which allows remote attackers to cause a denial of service NULL pointer dereference and server crash via a crafted connection...

6.5CVSS6.2AI score0.05192EPSS
Exploits0References15
ArchLinux
ArchLinux
•added 2014/12/02 12:0 a.m.•44 views

openvpn: denial of service

It was discovered that an authenticated client could trigger an ASSERT in OpenVPN by sending a too-short control channel packet to the server. This could cause the OpenVPN server to crash and deny access to the VPN to other legitimate users...

6.8CVSS3.3AI score0.03478EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2014/11/20 12:0 a.m.•44 views

clamav: denial of service

It was discovered that clamav crashes on certain files when using 'clamscan -a' or while scanning maliciously crafted files...

2.1CVSS2.1AI score0.01133EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2014/11/20 12:0 a.m.•44 views

wireshark-qt: denial of service

CVE-2014-8710 out-of-bounds read Out-of-bounds read flaw in the SigComp dissector sigcomp-udvm leads to denial of service while processing malformed packets. - CVE-2014-8711 out-of-bounds read The AMQP dissector is seeing a large value in the capture file for what it thinks should be a field...

5CVSS3.2AI score0.03792EPSS
Exploits0References15
ArchLinux
ArchLinux
•added 2014/11/19 12:0 a.m.•44 views

arm-none-eabi-binutils: multiple issues

CVE-2014-8484 invalid read Invalid read flaw leads to denial of service while parsing specially crafted files in programs using libbfd. - CVE-2014-8485 out-of-bounds write Lack of range checking leading to controlled write in bfdelfsetupsections which results in denial of service or possible code...

7.5CVSS4.6AI score0.07486EPSS
Exploits7References11
ArchLinux
ArchLinux
•added 2014/11/17 12:0 a.m.•44 views

ruby: denial of service

CPU exhaustion can occur as a result of recursive expansion with an empty string. When reading text nodes from an XML document, the REXML parser can be coerced into allocating extremely large string objects which can consume all of the memory on a machine, causing a denial of service...

5CVSS3.3AI score0.056EPSS
Exploits1References2
ArchLinux
ArchLinux
•added 2014/10/22 12:0 a.m.•44 views

libpurple: remote dos and information leakage

A malicious server and possibly even a malicious remote user could create a carefully crafted XMPP message that causes libpurple to send an XMPP message containing arbitrary memory. A malicious server or man-in-the-middle could trigger a crash in libpurple by sending an emoticon via MXit with an...

5CVSS2.5AI score0.03776EPSS
Exploits0References6
ArchLinux
ArchLinux
•added 2022/07/29 12:0 a.m.•43 views

[ASA-202207-2] wpewebkit: multiple issues

Arch Linux Security Advisory ASA-202207-2 ========================================= Severity: Critical Date : 2022-07-29 CVE-ID : CVE-2022-32792 CVE-2022-32816 Package : wpewebkit Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2789 Summary ======= The package...

1AI score0.06463EPSS
Exploits0References6
ArchLinux
ArchLinux
•added 2021/11/18 12:0 a.m.•43 views

[ASA-202111-8] opera: multiple issues

Arch Linux Security Advisory ASA-202111-8 ========================================= Severity: High Date : 2021-11-18 CVE-ID : CVE-2021-37997 CVE-2021-37998 CVE-2021-37999 CVE-2021-38000 CVE-2021-38001 CVE-2021-38002 CVE-2021-38003 CVE-2021-38004 Package : opera Type : multiple issues Remote : Yes...

9.6CVSS8.3AI score0.36238EPSS
Exploits5References19
ArchLinux
ArchLinux
•added 2020/11/03 12:0 a.m.•43 views

[ASA-202011-3] wordpress: multiple issues

Arch Linux Security Advisory ASA-202011-3 ========================================= Severity: Critical Date : 2020-11-03 CVE-ID : CVE-2020-28032 CVE-2020-28033 CVE-2020-28034 CVE-2020-28035 CVE-2020-28036 CVE-2020-28037 CVE-2020-28038 CVE-2020-28039 CVE-2020-28040 Package : wordpress Type :...

9.8CVSS2.1AI score0.16119EPSS
Exploits1References19
ArchLinux
ArchLinux
•added 2020/04/13 12:0 a.m.•43 views

[ASA-202004-12] thunderbird: multiple issues

Arch Linux Security Advisory ASA-202004-12 ========================================== Severity: Critical Date : 2020-04-13 CVE-ID : CVE-2020-6815 CVE-2020-6819 CVE-2020-6820 CVE-2020-6821 Package : thunderbird Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1132...

9.8CVSS0.7AI score0.06305EPSS
Exploits1References14
ArchLinux
ArchLinux
•added 2020/04/08 12:0 a.m.•43 views

[ASA-202004-8] firefox: multiple issues

Arch Linux Security Advisory ASA-202004-8 ========================================= Severity: Critical Date : 2020-04-08 CVE-ID : CVE-2020-6821 CVE-2020-6823 CVE-2020-6824 CVE-2020-6825 CVE-2020-6826 Package : firefox Type : multiple issues Remote : Yes Link :...

9.8CVSS0.1AI score0.01905EPSS
Exploits0References17
Total number of security vulnerabilities1854