1854 matches found
[ASA-201901-8] irssi: denial of service
Arch Linux Security Advisory ASA-201901-8 ========================================= Severity: Low Date : 2019-01-11 CVE-ID : CVE-2019-5882 Package : irssi Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-847 Summary ======= The package irssi before version 1.1.2-1 i...
[ASA-201811-22] samba: multiple issues
Arch Linux Security Advisory ASA-201811-22 ========================================== Severity: High Date : 2018-11-28 CVE-ID : CVE-2018-14629 CVE-2018-16841 CVE-2018-16851 CVE-2018-16852 CVE-2018-16853 CVE-2018-16857 Package : samba Type : multiple issues Remote : Yes Link :...
[ASA-201811-7] lib32-libcurl-gnutls: arbitrary code execution
Arch Linux Security Advisory ASA-201811-7 ========================================= Severity: High Date : 2018-11-06 CVE-ID : CVE-2018-16839 CVE-2018-16840 Package : lib32-libcurl-gnutls Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-798 Summary ======= The...
[ASA-201810-13] thunderbird: multiple issues
Arch Linux Security Advisory ASA-201810-13 ========================================== Severity: Critical Date : 2018-10-18 CVE-ID : CVE-2018-12376 CVE-2018-12377 CVE-2018-12378 CVE-2018-12379 CVE-2018-12383 CVE-2018-12385 Package : thunderbird Type : multiple issues Remote : Yes Link :...
[ASA-201810-6] firefox: multiple issues
Arch Linux Security Advisory ASA-201810-6 ========================================= Severity: Critical Date : 2018-10-04 CVE-ID : CVE-2018-12386 CVE-2018-12387 Package : firefox Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-775 Summary ======= The package firefox...
[ASA-201808-1] python-django: open redirect
Arch Linux Security Advisory ASA-201808-1 ========================================= Severity: Medium Date : 2018-08-01 CVE-ID : CVE-2018-14574 Package : python-django Type : open redirect Remote : Yes Link : https://security.archlinux.org/AVG-743 Summary ======= The package python-django before...
[ASA-201807-14] jenkins: multiple issues
Arch Linux Security Advisory ASA-201807-14 ========================================== Severity: High Date : 2018-07-21 CVE-ID : CVE-2018-1999001 CVE-2018-1999002 CVE-2018-1999003 CVE-2018-1999004 CVE-2018-1999005 CVE-2018-1999006 CVE-2018-1999007 Package : jenkins Type : multiple issues Remote :...
[ASA-201803-22] thunderbird: multiple issues
Arch Linux Security Advisory ASA-201803-22 ========================================== Severity: Critical Date : 2018-03-24 CVE-ID : CVE-2018-5125 CVE-2018-5127 CVE-2018-5129 CVE-2018-5144 CVE-2018-5145 CVE-2018-5146 Package : thunderbird Type : multiple issues Remote : Yes Link :...
[ASA-201803-16] lib32-curl: multiple issues
Arch Linux Security Advisory ASA-201803-16 ========================================== Severity: Medium Date : 2018-03-19 CVE-ID : CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122 Package : lib32-curl Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-654 Summary =====...
[ASA-201803-11] ntp: multiple issues
Arch Linux Security Advisory ASA-201803-11 ========================================== Severity: High Date : 2018-03-16 CVE-ID : CVE-2016-1549 CVE-2018-7170 CVE-2018-7182 CVE-2018-7183 CVE-2018-7184 CVE-2018-7185 Package : ntp Type : multiple issues Remote : Yes Link :...
[ASA-201801-26] lib32-libcurl-compat: multiple issues
Arch Linux Security Advisory ASA-201801-26 ========================================== Severity: Medium Date : 2018-01-29 CVE-ID : CVE-2018-1000005 CVE-2018-1000007 Package : lib32-libcurl-compat Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-598 Summary ======= The...
[ASA-201801-8] lib32-glibc: multiple issues
Arch Linux Security Advisory ASA-201801-8 ========================================= Severity: High Date : 2018-01-10 CVE-ID : CVE-2017-15670 CVE-2017-15671 Package : lib32-glibc Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-460 Summary ======= The package lib32-gli...
[ASA-201710-34] wget: multiple issues
Arch Linux Security Advisory ASA-201710-34 ========================================== Severity: Critical Date : 2017-10-29 CVE-ID : CVE-2017-13089 CVE-2017-13090 CVE-2017-6508 Package : wget Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-473 Summary ======= The...
[ASA-201710-31] chromium: arbitrary code execution
Arch Linux Security Advisory ASA-201710-31 ========================================== Severity: Critical Date : 2017-10-27 CVE-ID : CVE-2017-15396 Package : chromium Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-472 Summary ======= The package chromium...
[ASA-201710-14] wireshark-cli: denial of service
Arch Linux Security Advisory ASA-201710-14 ========================================== Severity: Medium Date : 2017-10-12 CVE-ID : CVE-2017-15189 CVE-2017-15190 CVE-2017-15191 CVE-2017-15192 CVE-2017-15193 Package : wireshark-cli Type : denial of service Remote : Yes Link :...
[ASA-201709-23] ffmpeg2.8: denial of service
Arch Linux Security Advisory ASA-201709-23 ========================================== Severity: Medium Date : 2017-09-28 CVE-ID : CVE-2017-14055 CVE-2017-14056 CVE-2017-14057 CVE-2017-14058 CVE-2017-14059 CVE-2017-14169 CVE-2017-14170 CVE-2017-14171 CVE-2017-14225 Package : ffmpeg2.8 Type : denia...
[ASA-201709-8] linux-lts: arbitrary code execution
Arch Linux Security Advisory ASA-201709-8 ========================================= Severity: High Date : 2017-09-14 CVE-ID : CVE-2017-1000251 Package : linux-lts Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-393 Summary ======= The package linux-lts befor...
[ASA-201709-4] linux-hardened: arbitrary code execution
Arch Linux Security Advisory ASA-201709-4 ========================================= Severity: High Date : 2017-09-13 CVE-ID : CVE-2017-1000251 Package : linux-hardened Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-395 Summary ======= The package...
[ASA-201706-23] glibc: privilege escalation
Arch Linux Security Advisory ASA-201706-23 ========================================== Severity: High Date : 2017-06-20 CVE-ID : CVE-2017-1000366 Package : glibc Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-307 Summary ======= The package glibc before version...
[ASA-201706-21] chromium: multiple issues
Arch Linux Security Advisory ASA-201706-21 ========================================== Severity: High Date : 2017-06-17 CVE-ID : CVE-2017-5087 CVE-2017-5088 CVE-2017-5089 Package : chromium Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-304 Summary ======= The packag...
[ASA-201705-14] git: access restriction bypass
Arch Linux Security Advisory ASA-201705-14 ========================================== Severity: High Date : 2017-05-12 CVE-ID : CVE-2017-8386 Package : git Type : access restriction bypass Remote : Yes Link : https://security.archlinux.org/AVG-267 Summary ======= The package git before version...
[ASA-201705-9] lib32-flashplugin: arbitrary code execution
Arch Linux Security Advisory ASA-201705-9 ========================================= Severity: Critical Date : 2017-05-09 CVE-ID : CVE-2017-3068 CVE-2017-3069 CVE-2017-3070 CVE-2017-3071 CVE-2017-3072 CVE-2017-3073 CVE-2017-3074 Package : lib32-flashplugin Type : arbitrary code execution Remote :...
[ASA-201703-13] linux-zen: privilege escalation
Arch Linux Security Advisory ASA-201703-13 ========================================== Severity: High Date : 2017-03-16 CVE-ID : CVE-2017-2636 Package : linux-zen Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-203 Summary ======= The package linux-zen before...
[ASA-201610-1] chromium: arbitrary code execution
Arch Linux Security Advisory ASA-201610-1 ========================================= Severity: Critical Date : 2016-10-03 CVE-ID : CVE-2016-5177 CVE-2016-5178 Package : chromium Type : arbitrary code execution Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package...
[ASA-201609-31] c-ares: arbitrary code execution
Arch Linux Security Advisory ASA-201609-31 ========================================== Severity: High Date : 2016-09-30 CVE-ID : CVE-2016-5180 Package : c-ares Type : arbitrary code execution Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package c-ares before...
[ASA-201609-30] openssl: denial of service
Arch Linux Security Advisory ASA-201609-30 ========================================== Severity: Medium Date : 2016-09-28 CVE-ID : CVE-2016-7052 Package : openssl Type : denial of service Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package openssl before versio...
[ASA-201609-27] wireshark-cli: denial of service
Arch Linux Security Advisory ASA-201609-27 ========================================== Severity: Medium Date : 2016-09-26 CVE-ID : CVE-2016-7175 CVE-2016-7176 CVE-2016-7177 CVE-2016-7178 CVE-2016-7179 CVE-2016-7180 Package : wireshark-cli Type : denial of service Remote : Yes Link :...
[ASA-201609-26] lib32-gnutls: certificate verification bypass
Arch Linux Security Advisory ASA-201609-26 ========================================== Severity: Medium Date : 2016-09-26 CVE-ID : CVE-2016-7444 Package : lib32-gnutls Type : certificate verification bypass Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package...
chromium: multiple issues
CVE-2016-5170, CVE-2016-5171 arbitrary code execution Use after free in Blink. - CVE-2016-5172 information leakage Arbitrary Memory Read in v8. - CVE-2016-5173 access restriction bypass Extension resource access. - CVE-2016-5174 Popup not correctly suppressed. - CVE-2016-5175 arbitrary code...
graphicsmagick: multiple issues
A last instance of CVE-2016-2317 heap buffer overflow in the MVG rendering code also impacts SVG. This problem was originally reported by Gustavo Grieco. 2. A possible heap overflow of the EscapeParenthesis function. While I was not able to reproduce it for myself, the implementation is replaced...
thunderbird: arbitrary code execution
CVE-2016-2835 arbitrary code execution Carsten Book, Christian Holler, Gary Kwong, Jesse Ruderman, Andrew McCreight, Phil Ringnalda and Philipp reported memory safety problems and crashes. - CVE-2016-2836 arbitrary code execution Christian Holler, Tyson Smith, Boris Zbarsky, Byron Campen, and...
mupdf: arbitrary code execution
Marco Grassi discovered a use-after-free vulnerability in MuPDF. An attacker can take advantage of this flaw to cause an application crash denial-of-service, or potentially to execute arbitrary code with the privileges of the user running MuPDF, if a specially crafted PDF file is processed...
Squid: denial of service
Due to incorrect bounds checking Squid is vulnerable to a denial of service attack when processing HTTP responses...
firefox: multiple issues
CVE-2015-7201 CVE-2015-7202 arbitrary code execution Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we...
flashplugin: arbitrary code execution
Several critical type confusion vulnerabilities CVE-2015-7645, CVE-2015-7647, CVE-2015-7648 have been identified in Adobe Flash Player 11.2.202.535 and earlier 11.x versions for Linux. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected...
crypto++: private key recovery
Evgeny Sidorov discovered that it is possible to recover the private key when using Rabin-Williams signatures due to a bad interaction with the blinding value used to mask private key operations. The bad interaction had to do with the random value not meeting certain Jacobi requirements, which...
libuser: multiple issues
CVE-2015-3245 denial of service It was found that libuser, as used by the chfn userhelper functionality, did not properly filter out newline characters in GECOS fields. A local, authenticated user could use this flaw to corrupt the /etc/passwd file, resulting in a denial-of-service on the system...
flashplugin: arbitrary code execution
CVE-2015-5122 arbitrary code execution Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 AS3 implementation allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via crafted Flash content that leverages improper handling of...
nbd: denial of service
Signal handlers themselves were entered only once, but they called posixly unsafe, non-reentrant functions, such as syslog. If a signal was caught in the middle of the execution of such function, consequences were undefined. In practice, nbd-server was observed to deadlock during the execution of...
docker: multiple issues
CVE-2015-3627 privilege escalation The file-descriptor passed by libcontainer to the pid-1 process of a container has been found to be opened prior to performing the chroot, allowing insecure open and symlink traversal. This allows malicious container images to trigger a local privilege...
python2-django python-django - cross site scripting
XSS attack via properties in ModelAdmin.readonlyfields...
flashplugin: multiple issues
CVE-2014-0580 policy bypass A flaw allows remote attackers to bypass the same origin policy via unspecified vectors. - CVE-2014-0587 arbitrary code execution A flaw allows attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors. - CVE-2014-8443...
nvidia: arbitrary code execution
It was discovered that the NVIDIA graphics drivers incorrectly handled GLX indirect rendering support. An attacker able to connect to an X server, either locally or remotely, could use these issues to cause the X server to crash or execute arbitrary code resulting in possible privilege escalation...
libvirt: out-of-bounds read access
Luyao Huang of Red Hat found that the qemu implementation of virDomainGetBlockIoTune computed an index into the array of disks for the live definition, then used it as the index into the array of disks for the persistent definition, which could result into an out-of-bounds read access in...
[ASA-202111-5] grafana: cross-site scripting
Arch Linux Security Advisory ASA-202111-5 ========================================= Severity: Medium Date : 2021-11-05 CVE-ID : CVE-2021-41174 Package : grafana Type : cross-site scripting Remote : Yes Link : https://security.archlinux.org/AVG-2517 Summary ======= The package grafana before versi...
[ASA-202109-2] firefox: multiple issues
Arch Linux Security Advisory ASA-202109-2 ========================================= Severity: High Date : 2021-09-14 CVE-ID : CVE-2021-38491 CVE-2021-38494 Package : firefox Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2350 Summary ======= The package firefox befo...
[ASA-202009-10] firefox: multiple issues
Arch Linux Security Advisory ASA-202009-10 ========================================== Severity: High Date : 2020-09-23 CVE-ID : CVE-2020-15673 CVE-2020-15674 CVE-2020-15675 CVE-2020-15676 CVE-2020-15677 CVE-2020-15678 Package : firefox Type : multiple issues Remote : Yes Link :...
[ASA-202006-16] tomcat8: denial of service
Arch Linux Security Advisory ASA-202006-16 ========================================== Severity: Medium Date : 2020-06-28 CVE-ID : CVE-2020-11996 Package : tomcat8 Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1197 Summary ======= The package tomcat8 before versio...
[ASA-202004-24] libmicrodns: multiple issues
Arch Linux Security Advisory ASA-202004-24 ========================================== Severity: Critical Date : 2020-04-30 CVE-ID : CVE-2020-6071 CVE-2020-6072 CVE-2020-6073 CVE-2020-6077 CVE-2020-6078 CVE-2020-6079 CVE-2020-6080 Package : libmicrodns Type : multiple issues Remote : Yes Link :...
[ASA-202003-1] chromium: access restriction bypass
Arch Linux Security Advisory ASA-202003-1 ========================================= Severity: High Date : 2020-03-04 CVE-ID : CVE-2020-6420 Package : chromium Type : access restriction bypass Remote : Yes Link : https://security.archlinux.org/AVG-1107 Summary ======= The package chromium before...