Lucene search
K
ArchlinuxMost viewed

1854 matches found

ArchLinux
ArchLinux
•added 2014/12/08 12:0 a.m.•41 views

bind: denial of service

By making use of maliciously-constructed zones or a rogue server, an attacker can exploit an oversight in the code BIND 9 uses to follow delegations in the Domain Name Service, causing BIND to issue unlimited queries in an attempt to follow the delegation. This can lead to resource exhaustion and...

7.8CVSS3.8AI score0.65683EPSS
Exploits0References2
ArchLinux
ArchLinux
•added 2014/11/11 12:0 a.m.•41 views

curl: out-of-bounds read

Symeon Paraschoudis discovered that the curleasyduphandle function has a bug that can lead to libcurl eventually sending off sensitive data that was not intended for sending...

4.3CVSS1.3AI score0.05121EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2020/05/20 12:0 a.m.•40 views

[ASA-202005-14] unbound: denial of service

Arch Linux Security Advisory ASA-202005-14 ========================================== Severity: High Date : 2020-05-20 CVE-ID : CVE-2020-12662 CVE-2020-12663 Package : unbound Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1164 Summary ======= The package unbound...

7.5CVSS1.1AI score0.03588EPSS
Exploits0References6
ArchLinux
ArchLinux
•added 2020/03/13 12:0 a.m.•40 views

[ASA-202003-9] webkit2gtk: arbitrary code execution

Arch Linux Security Advisory ASA-202003-9 ========================================= Severity: Critical Date : 2020-03-13 CVE-ID : CVE-2020-10018 Package : webkit2gtk Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1114 Summary ======= The package webkit2gtk...

9.8CVSS3.3AI score0.04987EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2019/11/07 12:0 a.m.•40 views

[ASA-201911-8] squid: multiple issues

Arch Linux Security Advisory ASA-201911-8 ========================================= Severity: Critical Date : 2019-11-07 CVE-ID : CVE-2019-12526 CVE-2019-18678 CVE-2019-18679 Package : squid Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1062 Summary ======= The...

9.8CVSS1.7AI score0.40982EPSS
Exploits0References10
ArchLinux
ArchLinux
•added 2019/02/15 12:0 a.m.•40 views

[ASA-201902-17] webkit2gtk: arbitrary code execution

Arch Linux Security Advisory ASA-201902-17 ========================================== Severity: Critical Date : 2019-02-15 CVE-ID : CVE-2019-6212 CVE-2019-6215 Package : webkit2gtk Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-899 Summary ======= The packa...

8.8CVSS1.3AI score0.09755EPSS
Exploits3References6
ArchLinux
ArchLinux
•added 2019/02/12 12:0 a.m.•40 views

[ASA-201902-9] curl: arbitrary code execution

Arch Linux Security Advisory ASA-201902-9 ========================================= Severity: High Date : 2019-02-12 CVE-ID : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 Package : curl Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-873 Summary ======= The...

9.8CVSS1.6AI score0.12771EPSS
Exploits2References10
ArchLinux
ArchLinux
•added 2019/01/24 12:0 a.m.•40 views

[ASA-201901-15] haproxy: denial of service

Arch Linux Security Advisory ASA-201901-15 ========================================== Severity: Medium Date : 2019-01-24 CVE-ID : CVE-2018-20102 CVE-2018-20103 Package : haproxy Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-836 Summary ======= The package haproxy...

7.5CVSS2.1AI score0.06593EPSS
Exploits0References7
ArchLinux
ArchLinux
•added 2018/11/12 12:0 a.m.•40 views

[ASA-201811-14] patch: multiple issues

Arch Linux Security Advisory ASA-201811-14 ========================================== Severity: High Date : 2018-11-12 CVE-ID : CVE-2018-6952 CVE-2018-1000156 Package : patch Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-808 Summary ======= The package patch before...

7.8CVSS0.8AI score0.08411EPSS
Exploits0References9
ArchLinux
ArchLinux
•added 2018/11/01 12:0 a.m.•40 views

[ASA-201811-1] linux: denial of service

Arch Linux Security Advisory ASA-201811-1 ========================================= Severity: Low Date : 2018-11-01 CVE-ID : CVE-2018-18445 Package : linux Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-784 Summary ======= The package linux before version...

7.8CVSS1.9AI score0.00533EPSS
Exploits0References7
ArchLinux
ArchLinux
•added 2018/10/09 12:0 a.m.•40 views

[ASA-201810-8] patch: multiple issues

Arch Linux Security Advisory ASA-201810-8 ========================================= Severity: High Date : 2018-10-09 CVE-ID : CVE-2018-6951 CVE-2018-6952 CVE-2018-1000156 Package : patch Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-619 Summary ======= The package...

7.8CVSS1AI score0.08585EPSS
Exploits0References11
ArchLinux
ArchLinux
•added 2018/06/27 12:0 a.m.•40 views

[ASA-201806-14] firefox: multiple issues

Arch Linux Security Advisory ASA-201806-14 ========================================== Severity: Critical Date : 2018-06-27 CVE-ID : CVE-2018-5186 CVE-2018-5187 CVE-2018-5188 CVE-2018-12356 CVE-2018-12358 CVE-2018-12359 CVE-2018-12360 CVE-2018-12361 CVE-2018-12362 CVE-2018-12363 CVE-2018-12364...

9.8CVSS0.3AI score0.04648EPSS
Exploits2References54
ArchLinux
ArchLinux
•added 2018/05/10 12:0 a.m.•40 views

[ASA-201805-5] mupdf-gl: multiple issues

Arch Linux Security Advisory ASA-201805-5 ========================================= Severity: High Date : 2018-05-10 CVE-ID : CVE-2018-5686 CVE-2018-6187 CVE-2018-6192 CVE-2018-6544 CVE-2018-1000051 Package : mupdf-gl Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-6...

7.8CVSS3.1AI score0.01906EPSS
Exploits5References21
ArchLinux
ArchLinux
•added 2018/03/19 12:0 a.m.•40 views

[ASA-201803-20] lib32-libcurl-gnutls: multiple issues

Arch Linux Security Advisory ASA-201803-20 ========================================== Severity: Medium Date : 2018-03-19 CVE-ID : CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122 Package : lib32-libcurl-gnutls Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-656...

9.8CVSS0.6AI score0.12058EPSS
Exploits0References13
ArchLinux
ArchLinux
•added 2018/01/29 12:0 a.m.•40 views

[ASA-201801-26] lib32-libcurl-compat: multiple issues

Arch Linux Security Advisory ASA-201801-26 ========================================== Severity: Medium Date : 2018-01-29 CVE-ID : CVE-2018-1000005 CVE-2018-1000007 Package : lib32-libcurl-compat Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-598 Summary ======= The...

9.8CVSS9.4AI score0.08031EPSS
Exploits0References7
ArchLinux
ArchLinux
•added 2018/01/28 12:0 a.m.•40 views

[ASA-201801-20] curl: multiple issues

Arch Linux Security Advisory ASA-201801-20 ========================================== Severity: Medium Date : 2018-01-28 CVE-ID : CVE-2018-1000005 CVE-2018-1000007 Package : curl Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-593 Summary ======= The package curl...

9.8CVSS9.3AI score0.08031EPSS
Exploits0References7
ArchLinux
ArchLinux
•added 2018/01/10 12:0 a.m.•40 views

[ASA-201801-8] lib32-glibc: multiple issues

Arch Linux Security Advisory ASA-201801-8 ========================================= Severity: High Date : 2018-01-10 CVE-ID : CVE-2017-15670 CVE-2017-15671 Package : lib32-glibc Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-460 Summary ======= The package lib32-gli...

9.8CVSS1AI score0.02977EPSS
Exploits0References11
ArchLinux
ArchLinux
•added 2017/11/01 12:0 a.m.•40 views

[ASA-201711-4] mupdf: arbitrary code execution

Arch Linux Security Advisory ASA-201711-4 ========================================= Severity: High Date : 2017-11-01 CVE-ID : CVE-2017-14685 CVE-2017-14686 CVE-2017-14687 CVE-2017-15587 Package : mupdf Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-458 Summa...

7.8CVSS3.2AI score0.0186EPSS
Exploits3References13
ArchLinux
ArchLinux
•added 2017/11/01 12:0 a.m.•40 views

[ASA-201711-1] mupdf-gl: arbitrary code execution

Arch Linux Security Advisory ASA-201711-1 ========================================= Severity: High Date : 2017-11-01 CVE-ID : CVE-2017-14685 CVE-2017-14686 CVE-2017-14687 CVE-2017-15587 Package : mupdf-gl Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-458...

7.8CVSS3.2AI score0.0186EPSS
Exploits3References13
ArchLinux
ArchLinux
•added 2017/10/21 12:0 a.m.•40 views

[ASA-201710-29] xorg-server: arbitrary code execution

Arch Linux Security Advisory ASA-201710-29 ========================================== Severity: High Date : 2017-10-21 CVE-ID : CVE-2017-12176 CVE-2017-12177 CVE-2017-12178 CVE-2017-12183 Package : xorg-server Type : arbitrary code execution Remote : Yes Link :...

9.8CVSS1.1AI score0.0437EPSS
Exploits0References10
ArchLinux
ArchLinux
•added 2017/10/12 12:0 a.m.•40 views

[ASA-201710-19] thunderbird: multiple issues

Arch Linux Security Advisory ASA-201710-19 ========================================== Severity: Critical Date : 2017-10-12 CVE-ID : CVE-2017-7793 CVE-2017-7805 CVE-2017-7810 CVE-2017-7814 CVE-2017-7818 CVE-2017-7819 CVE-2017-7823 CVE-2017-7824 Package : thunderbird Type : multiple issues Remote :...

10CVSS10AI score0.03641EPSS
Exploits3References26
ArchLinux
ArchLinux
•added 2017/10/02 12:0 a.m.•40 views

[ASA-201710-1] dnsmasq: multiple issues

Arch Linux Security Advisory ASA-201710-1 ========================================= Severity: Critical Date : 2017-10-02 CVE-ID : CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 CVE-2017-14494 CVE-2017-14495 CVE-2017-14496 Package : dnsmasq Type : multiple issues Remote : Yes Link :...

9.8CVSS1.7AI score0.93307EPSS
Exploits32References16
ArchLinux
ArchLinux
•added 2017/07/18 12:0 a.m.•40 views

[ASA-201707-22] vim: arbitrary code execution

Arch Linux Security Advisory ASA-201707-22 ========================================== Severity: High Date : 2017-07-18 CVE-ID : CVE-2017-11109 Package : vim Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-347 Summary ======= The package vim before version...

7.8CVSS3.1AI score0.01088EPSS
Exploits0References5
ArchLinux
ArchLinux
•added 2017/06/17 12:0 a.m.•40 views

[ASA-201706-21] chromium: multiple issues

Arch Linux Security Advisory ASA-201706-21 ========================================== Severity: High Date : 2017-06-17 CVE-ID : CVE-2017-5087 CVE-2017-5088 CVE-2017-5089 Package : chromium Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-304 Summary ======= The packag...

8.8CVSS0.1AI score0.03151EPSS
Exploits0References8
ArchLinux
ArchLinux
•added 2017/05/09 12:0 a.m.•40 views

[ASA-201705-9] lib32-flashplugin: arbitrary code execution

Arch Linux Security Advisory ASA-201705-9 ========================================= Severity: Critical Date : 2017-05-09 CVE-ID : CVE-2017-3068 CVE-2017-3069 CVE-2017-3070 CVE-2017-3071 CVE-2017-3072 CVE-2017-3073 CVE-2017-3074 Package : lib32-flashplugin Type : arbitrary code execution Remote :...

9.3CVSS1.5AI score0.20353EPSS
Exploits2References9
ArchLinux
ArchLinux
•added 2017/04/29 12:0 a.m.•40 views

[ASA-201704-12] curl: certificate verification bypass

Arch Linux Security Advisory ASA-201704-12 ========================================== Severity: Medium Date : 2017-04-29 CVE-ID : CVE-2017-7468 Package : curl Type : certificate verification bypass Remote : Yes Link : https://security.archlinux.org/AVG-241 Summary ======= The package curl before...

7.5CVSS0.1AI score0.01862EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2017/01/02 12:0 a.m.•40 views

[ASA-201701-3] gst-plugins-bad: multiple issues

Arch Linux Security Advisory ASA-201701-3 ========================================= Severity: High Date : 2017-01-02 CVE-ID : CVE-2016-9445 CVE-2016-9446 Package : gst-plugins-bad Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-76 Summary ======= The package...

7.5CVSS0.8AI score0.03691EPSS
Exploits0References7
ArchLinux
ArchLinux
•added 2016/12/27 12:0 a.m.•40 views

[ASA-201612-22] curl: multiple issues

Arch Linux Security Advisory ASA-201612-22 ========================================== Severity: Medium Date : 2016-12-27 CVE-ID : CVE-2016-9586 CVE-2016-9594 Package : curl Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-112 Summary ======= The package curl before...

8.1CVSS1AI score0.04935EPSS
Exploits0References6
ArchLinux
ArchLinux
•added 2016/09/28 12:0 a.m.•40 views

[ASA-201609-30] openssl: denial of service

Arch Linux Security Advisory ASA-201609-30 ========================================== Severity: Medium Date : 2016-09-28 CVE-ID : CVE-2016-7052 Package : openssl Type : denial of service Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package openssl before versio...

7.5CVSS1.4AI score0.30216EPSS
Exploits1References3
ArchLinux
ArchLinux
•added 2016/09/27 12:0 a.m.•40 views

[ASA-201609-28] lib32-openssl: denial of service

Arch Linux Security Advisory ASA-201609-28 ========================================== Severity: Medium Date : 2016-09-27 CVE-ID : CVE-2016-7052 Package : lib32-openssl Type : denial of service Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package lib32-openssl...

7.5CVSS1.5AI score0.30216EPSS
Exploits1References3
ArchLinux
ArchLinux
•added 2016/09/26 12:0 a.m.•40 views

[ASA-201609-26] lib32-gnutls: certificate verification bypass

Arch Linux Security Advisory ASA-201609-26 ========================================== Severity: Medium Date : 2016-09-26 CVE-ID : CVE-2016-7444 Package : lib32-gnutls Type : certificate verification bypass Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package...

7.5CVSS0.8AI score0.02437EPSS
Exploits0References4
ArchLinux
ArchLinux
•added 2016/08/30 12:0 a.m.•40 views

mupdf: arbitrary code execution

Yu Hong and Zheng Jihong discovered a heap overflow vulnerability within the pdfloadmeshparams function, allowing an attacker to cause an application crash denial-of-service, or potentially to execute arbitrary code with the privileges of the user running MuPDF, if a specially crafted PDF file is...

3.5AI score0.03772EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2016/07/22 12:0 a.m.•40 views

python-django: cross-site scripting

Unsafe usage of JavaScript's Element.innerHTML could result in XSS in the admin's add/change related popup. Element.textContent is now used to prevent execution of the data. The debug view also used innerHTML. Although a security issue wasn't identified there, out of an abundance of caution it's...

4.3CVSS0.8AI score0.05536EPSS
Exploits6References3
ArchLinux
ArchLinux
•added 2016/02/28 12:0 a.m.•40 views

glibc: unbound stack usage

CVE-2014-9761 unbound stack usage The nan, nanf and nanl functions no longer have unbounded stack usage depending on the length of the string passed as an argument to the functions...

4.9CVSS2.2AI score0.05506EPSS
Exploits2References2
ArchLinux
ArchLinux
•added 2016/01/16 12:0 a.m.•40 views

go: information leakage

This issue can affect RSA computations in crypto/rsa, which is used by crypto/tls. TLS servers on 32-bit systems could plausibly leak their RSA private key due to this issue. Other protocol implementations that create many RSA signatures could also be impacted in the same way. Specifically,...

5CVSS2.8AI score0.02627EPSS
Exploits0References2
ArchLinux
ArchLinux
•added 2016/01/09 12:0 a.m.•40 views

gajim: man-in-the-middle

It was found that gajim doesn't verify the origin of roster pushes thus allowing third parties to modify the roster. This vulnerability allows to intercept messages resulting in man-in-the-middle...

5.8CVSS2.6AI score0.01723EPSS
Exploits1References3
ArchLinux
ArchLinux
•added 2015/09/12 12:0 a.m.•40 views

openldap: denial of service

By sending a crafted packet, an attacker can cause the OpenLDAP daemon to crash with a SIGABRT. This is due to an assert call within the bergetnext method io.c line 682 that is hit when decoding tampered BER data. The following proof of concept exploit can be used to trigger the condition: echo...

5CVSS1.1AI score0.19984EPSS
Exploits1References4
ArchLinux
ArchLinux
•added 2015/08/25 12:0 a.m.•40 views

python-django, python2-django: denial of service

Previously, a session could be created when anonymously accessing the django.contrib.auth.views.logout view provided it wasn't decorated with django.contrib.auth.decorators.loginrequired as done in the admin. This could allow an attacker to easily create many new session records by sending repeat...

5CVSS4AI score0.05163EPSS
Exploits0References2
ArchLinux
ArchLinux
•added 2015/07/12 12:0 a.m.•40 views

lib32-krb5: multiple issues

CVE-2014-5355 denial of service When a server process uses the krb5recvauth function, an unauthenticated remote attacker can cause a NULL dereference by sending a zero-byte version string, or a read beyond the end of allocated storage by sending a non-null-terminated version string. The example...

5.8CVSS2.4AI score0.04587EPSS
Exploits0References5
ArchLinux
ArchLinux
•added 2015/05/08 12:0 a.m.•40 views

libtasn1: arbitrary code execution

A heap-based buffer overflow flaw was found in the way the libtasn1 library decoded certain DER-encoded input. A specially crafted, DER-encoded input could cause an application using libtasn1 to perform an invalid read, causing the application to crash or, possibly, execute arbitrary code. The he...

4.3CVSS3AI score0.33094EPSS
Exploits1References2
ArchLinux
ArchLinux
•added 2015/04/30 12:0 a.m.•40 views

perl-xml-libxml: XML External Entity

Unpreserved unset options after a clone call e.g: in loadxml leads to not preserved expandentities. Therefore it leads to a XML-External-Entity Vulnerability...

5CVSS1.9AI score0.04013EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2015/04/29 12:0 a.m.•40 views

chromium: multiple issues

CVE-2015-1243 use-after-free: Use-after-free in DOM. Credit to Saif El-Sherei. - CVE-2015-1250: Various fixes from internal audits, fuzzing and other initiatives...

7.5CVSS2.9AI score0.02343EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2015/03/17 12:0 a.m.•40 views

ettercap: multiple issues

CVE-2014-6395 arbitrary code execution Heap-based buffer overflow in the dissectorpostgresql function in dissectors/ecpostgresql.c allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted password length value that is inconsistent with the actual...

7.5CVSS7.6AI score0.13056EPSS
Exploits6References11
ArchLinux
ArchLinux
•added 2014/10/01 12:0 a.m.•40 views

rsyslog: remote denial of service

Sending a syslog message containing an invalid PRI value to a vulnerable rsyslog server accepting remote message will trigger a denial of service by crashing the rsyslog process...

7.5CVSS4.3AI score0.07546EPSS
Exploits1References3
ArchLinux
ArchLinux
•added 2024/10/04 12:0 a.m.•39 views

[ASA-202410-1] oath-toolkit: privilege escalation

Arch Linux Security Advisory ASA-202410-1 ========================================= Severity: High Date : 2024-10-04 CVE-ID : CVE-2024-47191 Package : oath-toolkit Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-2857 Summary ======= The package oath-toolkit befor...

7.1CVSS7.3AI score0.00341EPSS
Exploits0References5
ArchLinux
ArchLinux
•added 2021/12/11 12:0 a.m.•39 views

[ASA-202112-12] grafana-agent: information disclosure

Arch Linux Security Advisory ASA-202112-12 ========================================== Severity: High Date : 2021-12-11 CVE-ID : CVE-2021-41090 Package : grafana-agent Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-2614 Summary ======= The package grafana-agen...

7.5CVSS0.2AI score0.00736EPSS
Exploits0References3
ArchLinux
ArchLinux
•added 2020/09/26 12:0 a.m.•39 views

[ASA-202009-14] yaws: multiple issues

Arch Linux Security Advisory ASA-202009-14 ========================================== Severity: High Date : 2020-09-26 CVE-ID : CVE-2020-12872 CVE-2020-24379 CVE-2020-24916 Package : yaws Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1228 Summary ======= The packag...

10CVSS1.8AI score0.17374EPSS
Exploits5References13
ArchLinux
ArchLinux
•added 2020/07/31 12:0 a.m.•39 views

[ASA-202007-4] ffmpeg: arbitrary code execution

Arch Linux Security Advisory ASA-202007-4 ========================================= Severity: High Date : 2020-07-31 CVE-ID : CVE-2020-13904 Package : ffmpeg Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1180 Summary ======= The package ffmpeg before versi...

5.5CVSS3AI score0.01279EPSS
Exploits1References4
ArchLinux
ArchLinux
•added 2020/06/28 12:0 a.m.•39 views

[ASA-202006-11] sqlite: arbitrary code execution

Arch Linux Security Advisory ASA-202006-11 ========================================== Severity: High Date : 2020-06-28 CVE-ID : CVE-2020-13871 Package : sqlite Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-1182 Summary ======= The package sqlite before...

7.5CVSS1.3AI score0.04447EPSS
Exploits1References5
ArchLinux
ArchLinux
•added 2020/04/22 12:0 a.m.•39 views

[ASA-202004-19] lib32-openssl: denial of service

Arch Linux Security Advisory ASA-202004-19 ========================================== Severity: High Date : 2020-04-22 CVE-ID : CVE-2020-1967 Package : lib32-openssl Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1142 Summary ======= The package lib32-openssl befo...

7.5CVSS1AI score0.53336EPSS
Exploits2References4
Total number of security vulnerabilities1854