Lucene search
K
ArchlinuxMost viewed

1854 matches found

ArchLinux
ArchLinux
•added 2020/02/06 12:0 a.m.•43 views

[ASA-202002-3] chromium: multiple issues

Arch Linux Security Advisory ASA-202002-3 ========================================= Severity: Critical Date : 2020-02-06 CVE-ID : CVE-2019-18197 CVE-2019-19880 CVE-2019-19923 CVE-2019-19925 CVE-2019-19926 CVE-2020-6381 CVE-2020-6382 CVE-2020-6385 CVE-2020-6387 CVE-2020-6388 CVE-2020-6389...

8.8CVSS0.5AI score0.06997EPSS
Exploits19References75
ArchLinux
ArchLinux
•added 2020/02/03 12:0 a.m.•43 views

[ASA-202002-1] python-django: sql injection

Arch Linux Security Advisory ASA-202002-1 ========================================= Severity: Medium Date : 2020-02-03 CVE-ID : CVE-2020-7471 Package : python-django Type : sql injection Remote : Yes Link : https://security.archlinux.org/AVG-1091 Summary ======= The package python-django before...

9.8CVSS1.3AI score0.65336EPSS
Exploits9References3
ArchLinux
ArchLinux
•added 2019/12/18 12:0 a.m.•43 views

[ASA-201912-6] git: arbitrary code execution

Arch Linux Security Advisory ASA-201912-6 ========================================= Severity: High Date : 2019-12-18 CVE-ID : CVE-2019-1348 CVE-2019-1349 CVE-2019-1352 CVE-2019-1387 CVE-2019-19604 Package : git Type : arbitrary code execution Remote : Yes Link :...

9.3CVSS1.6AI score0.34007EPSS
Exploits1References12
ArchLinux
ArchLinux
•added 2019/10/02 12:0 a.m.•43 views

[ASA-201910-1] exim: arbitrary code execution

Arch Linux Security Advisory ASA-201910-1 ========================================= Severity: Critical Date : 2019-10-02 CVE-ID : CVE-2019-16928 Package : exim Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1038 Summary ======= The package exim before versi...

9.8CVSS2.1AI score0.41589EPSS
Exploits3References6
ArchLinux
ArchLinux
•added 2019/09/04 12:0 a.m.•43 views

[ASA-201909-2] firefox: multiple issues

Arch Linux Security Advisory ASA-201909-2 ========================================= Severity: High Date : 2019-09-04 CVE-ID : CVE-2019-5849 CVE-2019-9812 CVE-2019-11734 CVE-2019-11735 CVE-2019-11737 CVE-2019-11738 CVE-2019-11740 CVE-2019-11741 CVE-2019-11742 CVE-2019-11743 CVE-2019-11744...

9.8CVSS10AI score0.0216EPSS
Exploits2References57
ArchLinux
ArchLinux
•added 2018/10/17 12:0 a.m.•43 views

[ASA-201810-12] chromium: multiple issues

Arch Linux Security Advisory ASA-201810-12 ========================================== Severity: Critical Date : 2018-10-17 CVE-ID : CVE-2018-5179 CVE-2018-17462 CVE-2018-17463 CVE-2018-17464 CVE-2018-17465 CVE-2018-17466 CVE-2018-17467 CVE-2018-17468 CVE-2018-17469 CVE-2018-17470 CVE-2018-17471...

9.6CVSS0.9AI score0.84564EPSS
Exploits7References34
ArchLinux
ArchLinux
•added 2018/03/16 12:0 a.m.•43 views

[ASA-201803-12] libvorbis: multiple issues

Arch Linux Security Advisory ASA-201803-12 ========================================== Severity: Critical Date : 2018-03-16 CVE-ID : CVE-2017-14632 CVE-2017-14633 CVE-2018-5146 Package : libvorbis Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-367 Summary ======= The...

9.8CVSS1.2AI score0.12054EPSS
Exploits0References10
ArchLinux
ArchLinux
•added 2018/03/06 12:0 a.m.•43 views

[ASA-201803-5] python-django: denial of service

Arch Linux Security Advisory ASA-201803-5 ========================================= Severity: Medium Date : 2018-03-06 CVE-ID : CVE-2018-7536 CVE-2018-7537 Package : python-django Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-649 Summary ======= The package...

5.3CVSS1.9AI score0.04772EPSS
Exploits0References6
ArchLinux
ArchLinux
•added 2017/11/15 12:0 a.m.•43 views

[ASA-201711-20] mediawiki: multiple issues

Arch Linux Security Advisory ASA-201711-20 ========================================== Severity: High Date : 2017-11-15 CVE-ID : CVE-2017-0361 CVE-2017-8808 CVE-2017-8809 CVE-2017-8810 CVE-2017-8811 CVE-2017-8812 CVE-2017-8814 CVE-2017-8815 Package : mediawiki Type : multiple issues Remote : Yes...

9.8CVSS1AI score0.07714EPSS
Exploits0References29
ArchLinux
ArchLinux
•added 2017/11/07 12:0 a.m.•43 views

[ASA-201711-12] chromium: arbitrary code execution

Arch Linux Security Advisory ASA-201711-12 ========================================== Severity: Critical Date : 2017-11-07 CVE-ID : CVE-2017-15398 CVE-2017-15399 Package : chromium Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-482 Summary ======= The packa...

9.8CVSS2.8AI score0.04889EPSS
Exploits0References6
ArchLinux
ArchLinux
•added 2017/08/10 12:0 a.m.•43 views

[ASA-201708-3] firefox: multiple issues

Arch Linux Security Advisory ASA-201708-3 ========================================= Severity: Critical Date : 2017-08-10 CVE-ID : CVE-2017-7753 CVE-2017-7779 CVE-2017-7780 CVE-2017-7781 CVE-2017-7783 CVE-2017-7784 CVE-2017-7785 CVE-2017-7786 CVE-2017-7787 CVE-2017-7788 CVE-2017-7789 CVE-2017-7791...

10CVSS0.2AI score0.13697EPSS
Exploits25References77
ArchLinux
ArchLinux
•added 2017/07/14 12:0 a.m.•43 views

[ASA-201707-15] apache: multiple issues

Arch Linux Security Advisory ASA-201707-15 ========================================== Severity: Critical Date : 2017-07-14 CVE-ID : CVE-2017-9788 CVE-2017-9789 Package : apache Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-350 Summary ======= The package apache...

9.1CVSS1.9AI score0.5677EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2017/07/11 12:0 a.m.•43 views

[ASA-201707-9] lib32-flashplugin: multiple issues

Arch Linux Security Advisory ASA-201707-9 ========================================= Severity: Critical Date : 2017-07-11 CVE-ID : CVE-2017-3080 CVE-2017-3099 CVE-2017-3100 Package : lib32-flashplugin Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-343 Summary =======...

9.3CVSS0.9AI score0.08552EPSS
Exploits0References5
ArchLinux
ArchLinux
•added 2017/05/09 12:0 a.m.•43 views

[ASA-201705-7] freetype2: arbitrary code execution

Arch Linux Security Advisory ASA-201705-7 ========================================= Severity: High Date : 2017-05-09 CVE-ID : CVE-2017-8105 CVE-2017-8287 Package : freetype2 Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-257 Summary ======= The package...

9.8CVSS1.2AI score0.04188EPSS
Exploits0References7
ArchLinux
ArchLinux
•added 2017/02/02 12:0 a.m.•43 views

[ASA-201702-2] qt5-webengine: multiple issues

Arch Linux Security Advisory ASA-201702-2 ========================================= Severity: High Date : 2017-02-02 CVE-ID : CVE-2016-5182 CVE-2016-5183 CVE-2016-5189 CVE-2016-5199 CVE-2016-5201 CVE-2016-5203 CVE-2016-5204 CVE-2016-5205 CVE-2016-5206 CVE-2016-5207 CVE-2016-5208 CVE-2016-5210...

8.8CVSS0.4AI score0.11182EPSS
Exploits5References35
ArchLinux
ArchLinux
•added 2016/08/11 12:0 a.m.•43 views

websvn: cross-site scripting

Multiple cross-site scripting XSS vulnerabilities in revision.php, log.php, listing.php, and comp.php in WebSVN allow context-dependent attackers to inject arbitrary web script or HTML via the name of a file or directory in a repository...

4.3CVSS3.2AI score0.00857EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2016/07/24 12:0 a.m.•43 views

chromium: multiple issues

CVE-2016-1705 arbitrary code execution Various fixes from internal audits, fuzzing and other initiatives. - CVE-2016-1706 sandbox escape Sandbox escape in PPAPI. Credit to Pinkie Pie. - CVE-2016-1708 arbitrary code execution Use-after-free in Extensions. Credit to Adam Varsan. - CVE-2016-1709...

9.3CVSS0.9AI score0.0246EPSS
Exploits1References18
ArchLinux
ArchLinux
•added 2016/07/10 12:0 a.m.•43 views

thunderbird: arbitrary code execution

CVE-2016-2815 arbitrary code execution Mozilla developers and community members reported several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with...

6.8CVSS3.6AI score0.03873EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2016/07/05 12:0 a.m.•43 views

xerces-c: denial of service

The Xerces-C XML parser fails to successfully parse a DTD that is deeply nested, and this causes a stack overflow, which makes a denial of service attack against many applications possible by an unauthenticated attacker...

5CVSS5.2AI score0.14138EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2016/05/13 12:0 a.m.•43 views

glibc: multiple issues

CVE-2016-1234 arbitrary code execution It was found that glob implementation in glibc does not correctly handle overlong names in struct dirent buffers when GLOBALTDIRFUNC is used, causing a large stack-based buffer overflow with controlled length and content. - CVE-2016-3706 denial of service A...

5CVSS3.2AI score0.05926EPSS
Exploits3References4
ArchLinux
ArchLinux
•added 2016/02/21 12:0 a.m.•43 views

chromium: multiple issues

Same-origin bypass in Blink and Sandbox escape in Chrome...

10CVSS1.8AI score0.02639EPSS
Exploits0References2
ArchLinux
ArchLinux
•added 2015/11/03 12:0 a.m.•43 views

unzip: multiple issues

CVE-2015-7696 arbitrary code execution A heap buffer overflow triggered by unzipping a file with password that can lead to arbitrary code execution. - CVE-2015-7697 denial of service A denial of service with a file that never finishes unzipping...

6.8CVSS3.4AI score0.07184EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2015/10/08 12:0 a.m.•43 views

bugzilla: unauthorized account creation

Login names usually an email address longer than 127 characters are silently truncated in MySQL which could cause the domain name of the email address to be corrupted. An attacker could use this vulnerability to create an account with an email address different from the one originally requested...

7.5CVSS2.6AI score0.03371EPSS
Exploits1References4
ArchLinux
ArchLinux
•added 2015/07/13 12:0 a.m.•43 views

lib32-openssl: man-in-the-middle

During certificate verification, OpenSSL will attempt to find an alternative certificate chain if the first attempt to build such a chain fails. An error in the implementation of this logic can mean that an attacker could cause certain checks on untrusted certificates to be bypassed, such as the ...

6.4CVSS3.8AI score0.61798EPSS
Exploits6References2
ArchLinux
ArchLinux
•added 2015/04/24 12:0 a.m.•43 views

powerdns-recursor: denial of service

A bug was discovered in our label decompression code, making it possible for names to refer to themselves, thus causing a loop during decompression. This loop is capped at a 1000 iterations by a failsafe, making the issue harmless on most platforms. However, on specific platforms, the recursion...

7.8CVSS2.5AI score0.81834EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2015/03/24 12:0 a.m.•43 views

util-linux: command injection

There is a command injection inside blkid. It uses caching files /dev/.blkid.tab or /run/blkid/blkid.tab to store info about the UUID, LABEL etc it finds on certain devices. However, it does not strip " character, so it can be confused to build variable names containing embedded shell metas, whic...

6.1CVSS1.3AI score0.00648EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2015/02/23 12:0 a.m.•43 views

samba: arbitrary code execution

A malicious client could send packets that may set up the stack in such a way that the freeing of memory in a subsequent anonymous netlogon packet could allow execution of arbitrary code. This code would execute with root privileges. This flaw arises because of an uninitialized pointer is passed ...

10CVSS2.6AI score0.87636EPSS
Exploits7References3
ArchLinux
ArchLinux
•added 2015/02/06 12:0 a.m.•43 views

mantisbt: multiple issues

CVE-2014-9571 cross-side scripting Cross-site scripting XSS vulnerability in admin/install.php allows remote attackers to inject arbitrary web script or HTML via the 1 adminusername or 2 adminpassword parameter. - CVE-2014-9572 information disclosure It was discovered that mantisbt does not...

7.5CVSS4.8AI score0.03002EPSS
Exploits7References6
ArchLinux
ArchLinux
•added 2015/01/25 12:0 a.m.•43 views

chromium: multiple issues

CVE-2014-7923 memory corruption The Regular Expressions package in International Components for Unicode ICU 52, allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via vectors related to a 1 zero-length quantifier or 2 look-behind...

7.5CVSS5AI score0.04339EPSS
Exploits0References28
ArchLinux
ArchLinux
•added 2015/01/10 12:0 a.m.•43 views

unzip: arbitrary code execution

CVE-2014-8139 heap buffer overflow A heap-based buffer overflow exists in the CRC32 verification that allows attackers to potentially execute arbitrary code or cause a denial of service memory corruption. - CVE-2014-8140 out-of-bounds read/write Out-of-bounds access both read and write issues...

3.4CVSS6AI score0.07448EPSS
Exploits0References6
ArchLinux
ArchLinux
•added 2014/12/19 12:0 a.m.•43 views

jasper: arbitrary code execution

CVE-2014-8137 arbitrary code execution A double free flaw was found in the way JasPer parsed ICC color profiles in JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. - CVE-2014-9029 arbitrary code execution...

7.5CVSS6.1AI score0.18404EPSS
Exploits0References8
ArchLinux
ArchLinux
•added 2014/12/15 12:0 a.m.•43 views

docker: multiple issues

CVE-2014-9356 path traversal Path traversal attacks are possible in the processing of absolute symlinks. In checking symlinks for traversals, only relative links were considered. This allowed path traversals to exist where they should have otherwise been prevented. This was exploitable via both...

10CVSS3.5AI score0.06452EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2014/11/28 12:0 a.m.•43 views

libjpeg-turbo: denial of service

Special crafted jpeg files lead to stack smashing and lead to at least a dos maybe remote due to imagick. The Huffman encoder's local buffer can be overrun when a buffered destination manager is being used and an extremely-high-frequency block basically junk image data is being encoded. Even thou...

0.5AI score0.03235EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2014/11/20 12:0 a.m.•43 views

chromium: multiple issues

CVE-2014-7899 address bar spoofing A flaw allows remote attackers to spoof the address bar by placing a blob: substring at the beginning of the URL, followed by the original URI scheme and a long username string. - CVE-2014-7900 use-after-free Use-after-free vulnerability in the...

7.5CVSS5.5AI score0.07653EPSS
Exploits0References12
ArchLinux
ArchLinux
•added 2020/09/26 12:0 a.m.•42 views

[ASA-202009-16] zeromq: denial of service

Arch Linux Security Advisory ASA-202009-16 ========================================== Severity: High Date : 2020-09-26 CVE-ID : CVE-2020-15166 Package : zeromq Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1219 Summary ======= The package zeromq before version...

7.5CVSS2.5AI score0.03408EPSS
Exploits0References5
ArchLinux
ArchLinux
•added 2020/05/20 12:0 a.m.•42 views

[ASA-202005-15] ant: arbitrary command execution

Arch Linux Security Advisory ASA-202005-15 ========================================== Severity: Medium Date : 2020-05-20 CVE-ID : CVE-2020-1945 Package : ant Type : arbitrary command execution Remote : No Link : https://security.archlinux.org/AVG-1159 Summary ======= The package ant before versio...

6.3CVSS0.4AI score0.01793EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2020/04/04 12:0 a.m.•42 views

[ASA-202004-6] firefox: arbitrary code execution

Arch Linux Security Advisory ASA-202004-6 ========================================= Severity: Critical Date : 2020-04-04 CVE-ID : CVE-2020-6819 CVE-2020-6820 Package : firefox Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1125 Summary ======= The package...

8.1CVSS1.5AI score0.06305EPSS
Exploits1References8
ArchLinux
ArchLinux
•added 2020/04/01 12:0 a.m.•42 views

[ASA-202004-4] linux: privilege escalation

Arch Linux Security Advisory ASA-202004-4 ========================================= Severity: High Date : 2020-04-01 CVE-ID : CVE-2020-8835 Package : linux Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-1122 Summary ======= The package linux before version...

7.8CVSS3AI score0.0601EPSS
Exploits9References5
ArchLinux
ArchLinux
•added 2020/04/01 12:0 a.m.•42 views

[ASA-202004-3] linux-lts: privilege escalation

Arch Linux Security Advisory ASA-202004-3 ========================================= Severity: High Date : 2020-04-01 CVE-ID : CVE-2020-8835 Package : linux-lts Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-1121 Summary ======= The package linux-lts before versi...

7.8CVSS3AI score0.0601EPSS
Exploits9References5
ArchLinux
ArchLinux
•added 2020/03/16 12:0 a.m.•42 views

[ASA-202003-11] thunderbird: multiple issues

Arch Linux Security Advisory ASA-202003-11 ========================================== Severity: Critical Date : 2020-03-16 CVE-ID : CVE-2019-20503 CVE-2020-6805 CVE-2020-6806 CVE-2020-6807 CVE-2020-6811 CVE-2020-6812 CVE-2020-6814 Package : thunderbird Type : multiple issues Remote : Yes Link :...

9.8CVSS0.2AI score0.03191EPSS
Exploits2References30
ArchLinux
ArchLinux
•added 2020/03/08 12:0 a.m.•42 views

[ASA-202003-6] linux: multiple issues

Arch Linux Security Advisory ASA-202003-6 ========================================= Severity: High Date : 2020-03-08 CVE-ID : CVE-2020-2732 CVE-2020-9383 Package : linux Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-1108 Summary ======= The package linux before...

7.1CVSS0.4AI score0.00927EPSS
Exploits1References9
ArchLinux
ArchLinux
•added 2020/02/06 12:0 a.m.•42 views

[ASA-202002-2] sudo: privilege escalation

Arch Linux Security Advisory ASA-202002-2 ========================================= Severity: High Date : 2020-02-06 CVE-ID : CVE-2019-18634 Package : sudo Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-1093 Summary ======= The package sudo before version 1.8.31...

7.8CVSS1.4AI score0.19426EPSS
Exploits13References4
ArchLinux
ArchLinux
•added 2019/02/06 12:0 a.m.•42 views

[ASA-201902-1] dovecot: authentication bypass

Arch Linux Security Advisory ASA-201902-1 ========================================= Severity: High Date : 2019-02-06 CVE-ID : CVE-2019-3814 Package : dovecot Type : authentication bypass Remote : Yes Link : https://security.archlinux.org/AVG-872 Summary ======= The package dovecot before version...

7.7CVSS1.5AI score0.02462EPSS
Exploits1References4
ArchLinux
ArchLinux
•added 2018/12/08 12:0 a.m.•42 views

[ASA-201812-3] wireshark-cli: multiple issues

Arch Linux Security Advisory ASA-201812-3 ========================================= Severity: Critical Date : 2018-12-08 CVE-ID : CVE-2018-19622 CVE-2018-19623 CVE-2018-19624 CVE-2018-19625 CVE-2018-19626 CVE-2018-19627 CVE-2018-19628 Package : wireshark-cli Type : multiple issues Remote : Yes Li...

7.5CVSS1AI score0.17697EPSS
Exploits7References30
ArchLinux
ArchLinux
•added 2018/07/20 12:0 a.m.•42 views

[ASA-201807-12] apache: denial of service

Arch Linux Security Advisory ASA-201807-12 ========================================== Severity: Medium Date : 2018-07-20 CVE-ID : CVE-2018-1333 CVE-2018-8011 Package : apache Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-736 Summary ======= The package apache...

7.5CVSS1.7AI score0.51714EPSS
Exploits0References5
ArchLinux
ArchLinux
•added 2018/06/05 12:0 a.m.•42 views

[ASA-201806-3] krb5: insufficient validation

Arch Linux Security Advisory ASA-201806-3 ========================================= Severity: Medium Date : 2018-06-05 CVE-ID : CVE-2018-5729 CVE-2018-5730 Package : krb5 Type : insufficient validation Remote : Yes Link : https://security.archlinux.org/AVG-586 Summary ======= The package krb5...

6.5CVSS0.8AI score0.026EPSS
Exploits0References5
ArchLinux
ArchLinux
•added 2018/05/18 12:0 a.m.•42 views

[ASA-201805-18] libcurl-gnutls: multiple issues

Arch Linux Security Advisory ASA-201805-18 ========================================== Severity: Critical Date : 2018-05-18 CVE-ID : CVE-2018-1000300 CVE-2018-1000301 Package : libcurl-gnutls Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-699 Summary ======= The...

9.8CVSS1.2AI score0.06003EPSS
Exploits0References7
ArchLinux
ArchLinux
•added 2018/04/01 12:0 a.m.•42 views

[ASA-201804-2] openssl: multiple issues

Arch Linux Security Advisory ASA-201804-2 ========================================= Severity: Medium Date : 2018-04-01 CVE-ID : CVE-2017-3738 CVE-2018-0739 Package : openssl Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-540 Summary ======= The package openssl befor...

6.5CVSS1.5AI score0.19295EPSS
Exploits0References8
ArchLinux
ArchLinux
•added 2017/12/16 12:0 a.m.•42 views

[ASA-201712-8] chromium: cross-site scripting

Arch Linux Security Advisory ASA-201712-8 ========================================= Severity: High Date : 2017-12-16 CVE-ID : CVE-2017-15429 Package : chromium Type : cross-site scripting Remote : Yes Link : https://security.archlinux.org/AVG-546 Summary ======= The package chromium before versio...

6.1CVSS0.7AI score0.01142EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2017/11/01 12:0 a.m.•42 views

[ASA-201711-2] libmupdf: arbitrary code execution

Arch Linux Security Advisory ASA-201711-2 ========================================= Severity: High Date : 2017-11-01 CVE-ID : CVE-2017-14685 CVE-2017-14686 CVE-2017-14687 CVE-2017-15587 Package : libmupdf Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-458...

7.8CVSS3.4AI score0.0186EPSS
Exploits3References13
Total number of security vulnerabilities1854