1854 matches found
[ASA-202010-1] chromium: multiple issues
Arch Linux Security Advisory ASA-202010-1 ========================================= Severity: Critical Date : 2020-10-10 CVE-ID : CVE-2020-6557 CVE-2020-15967 CVE-2020-15968 CVE-2020-15969 CVE-2020-15970 CVE-2020-15971 CVE-2020-15972 CVE-2020-15973 CVE-2020-15974 CVE-2020-15975 CVE-2020-15976...
[ASA-202009-10] firefox: multiple issues
Arch Linux Security Advisory ASA-202009-10 ========================================== Severity: High Date : 2020-09-23 CVE-ID : CVE-2020-15673 CVE-2020-15674 CVE-2020-15675 CVE-2020-15676 CVE-2020-15677 CVE-2020-15678 Package : firefox Type : multiple issues Remote : Yes Link :...
[ASA-202006-13] bind: denial of service
Arch Linux Security Advisory ASA-202006-13 ========================================== Severity: Medium Date : 2020-06-28 CVE-ID : CVE-2020-8618 CVE-2020-8619 Package : bind Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1191 Summary ======= The package bind before...
[ASA-202005-7] thunderbird: multiple issues
Arch Linux Security Advisory ASA-202005-7 ========================================= Severity: Critical Date : 2020-05-09 CVE-ID : CVE-2020-6831 CVE-2020-12387 CVE-2020-12392 CVE-2020-12395 CVE-2020-12397 Package : thunderbird Type : multiple issues Remote : Yes Link :...
[ASA-202004-2] linux-hardened: privilege escalation
Arch Linux Security Advisory ASA-202004-2 ========================================= Severity: High Date : 2020-04-01 CVE-ID : CVE-2020-8835 Package : linux-hardened Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-1120 Summary ======= The package linux-hardened...
[ASA-202003-2] opensc: denial of service
Arch Linux Security Advisory ASA-202003-2 ========================================= Severity: Medium Date : 2020-03-04 CVE-ID : CVE-2019-6502 CVE-2019-15945 CVE-2019-15946 CVE-2019-19479 CVE-2019-19480 CVE-2019-19481 Package : opensc Type : denial of service Remote : No Link :...
[ASA-201906-21] libarchive: multiple issues
Arch Linux Security Advisory ASA-201906-21 ========================================== Severity: High Date : 2019-06-25 CVE-ID : CVE-2018-1000877 CVE-2018-1000878 CVE-2018-1000879 CVE-2018-1000880 CVE-2019-1000019 CVE-2019-1000020 Package : libarchive Type : multiple issues Remote : No Link :...
[ASA-201905-12] libcurl-gnutls: arbitrary code execution
Arch Linux Security Advisory ASA-201905-12 ========================================== Severity: High Date : 2019-05-31 CVE-ID : CVE-2019-5436 Package : libcurl-gnutls Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-960 Summary ======= The package...
[ASA-201901-8] irssi: denial of service
Arch Linux Security Advisory ASA-201901-8 ========================================= Severity: Low Date : 2019-01-11 CVE-ID : CVE-2019-5882 Package : irssi Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-847 Summary ======= The package irssi before version 1.1.2-1 i...
[ASA-201811-22] samba: multiple issues
Arch Linux Security Advisory ASA-201811-22 ========================================== Severity: High Date : 2018-11-28 CVE-ID : CVE-2018-14629 CVE-2018-16841 CVE-2018-16851 CVE-2018-16852 CVE-2018-16853 CVE-2018-16857 Package : samba Type : multiple issues Remote : Yes Link :...
[ASA-201810-13] thunderbird: multiple issues
Arch Linux Security Advisory ASA-201810-13 ========================================== Severity: Critical Date : 2018-10-18 CVE-ID : CVE-2018-12376 CVE-2018-12377 CVE-2018-12378 CVE-2018-12379 CVE-2018-12383 CVE-2018-12385 Package : thunderbird Type : multiple issues Remote : Yes Link :...
[ASA-201810-6] firefox: multiple issues
Arch Linux Security Advisory ASA-201810-6 ========================================= Severity: Critical Date : 2018-10-04 CVE-ID : CVE-2018-12386 CVE-2018-12387 Package : firefox Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-775 Summary ======= The package firefox...
[ASA-201807-14] jenkins: multiple issues
Arch Linux Security Advisory ASA-201807-14 ========================================== Severity: High Date : 2018-07-21 CVE-ID : CVE-2018-1999001 CVE-2018-1999002 CVE-2018-1999003 CVE-2018-1999004 CVE-2018-1999005 CVE-2018-1999006 CVE-2018-1999007 Package : jenkins Type : multiple issues Remote :...
[ASA-201805-24] wireshark-common: multiple issues
Arch Linux Security Advisory ASA-201805-24 ========================================== Severity: Critical Date : 2018-05-25 CVE-ID : CVE-2018-11354 CVE-2018-11355 CVE-2018-11356 CVE-2018-11357 CVE-2018-11358 CVE-2018-11359 CVE-2018-11360 CVE-2018-11361 CVE-2018-11362 Package : wireshark-common Typ...
[ASA-201805-15] lib32-libcurl-compat: multiple issues
Arch Linux Security Advisory ASA-201805-15 ========================================== Severity: Critical Date : 2018-05-18 CVE-ID : CVE-2018-1000300 CVE-2018-1000301 Package : lib32-libcurl-compat Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-696 Summary ======= Th...
[ASA-201805-4] mupdf: multiple issues
Arch Linux Security Advisory ASA-201805-4 ========================================= Severity: High Date : 2018-05-09 CVE-ID : CVE-2018-5686 CVE-2018-6187 CVE-2018-6192 CVE-2018-6544 CVE-2018-1000051 Package : mupdf Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-609...
[ASA-201711-22] lib32-flashplugin: arbitrary code execution
Arch Linux Security Advisory ASA-201711-22 ========================================== Severity: Critical Date : 2017-11-15 CVE-ID : CVE-2017-11213 CVE-2017-11215 CVE-2017-11225 CVE-2017-3112 CVE-2017-3114 Package : lib32-flashplugin Type : arbitrary code execution Remote : Yes Link :...
[ASA-201711-21] flashplugin: arbitrary code execution
Arch Linux Security Advisory ASA-201711-21 ========================================== Severity: Critical Date : 2017-11-15 CVE-ID : CVE-2017-11213 CVE-2017-11215 CVE-2017-11225 CVE-2017-3112 CVE-2017-3114 Package : flashplugin Type : arbitrary code execution Remote : Yes Link :...
[ASA-201710-34] wget: multiple issues
Arch Linux Security Advisory ASA-201710-34 ========================================== Severity: Critical Date : 2017-10-29 CVE-ID : CVE-2017-13089 CVE-2017-13090 CVE-2017-6508 Package : wget Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-473 Summary ======= The...
[ASA-201710-14] wireshark-cli: denial of service
Arch Linux Security Advisory ASA-201710-14 ========================================== Severity: Medium Date : 2017-10-12 CVE-ID : CVE-2017-15189 CVE-2017-15190 CVE-2017-15191 CVE-2017-15192 CVE-2017-15193 Package : wireshark-cli Type : denial of service Remote : Yes Link :...
[ASA-201709-23] ffmpeg2.8: denial of service
Arch Linux Security Advisory ASA-201709-23 ========================================== Severity: Medium Date : 2017-09-28 CVE-ID : CVE-2017-14055 CVE-2017-14056 CVE-2017-14057 CVE-2017-14058 CVE-2017-14059 CVE-2017-14169 CVE-2017-14170 CVE-2017-14171 CVE-2017-14225 Package : ffmpeg2.8 Type : denia...
[ASA-201709-8] linux-lts: arbitrary code execution
Arch Linux Security Advisory ASA-201709-8 ========================================= Severity: High Date : 2017-09-14 CVE-ID : CVE-2017-1000251 Package : linux-lts Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-393 Summary ======= The package linux-lts befor...
[ASA-201709-4] linux-hardened: arbitrary code execution
Arch Linux Security Advisory ASA-201709-4 ========================================= Severity: High Date : 2017-09-13 CVE-ID : CVE-2017-1000251 Package : linux-hardened Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-395 Summary ======= The package...
[ASA-201707-25] webkit2gtk: multiple issues
Arch Linux Security Advisory ASA-201707-25 ========================================== Severity: Critical Date : 2017-07-26 CVE-ID : CVE-2017-7018 CVE-2017-7030 CVE-2017-7034 CVE-2017-7037 CVE-2017-7039 CVE-2017-7046 CVE-2017-7048 CVE-2017-7055 CVE-2017-7056 CVE-2017-7061 CVE-2017-7064 Package :...
[ASA-201707-20] pcre: multiple issues
Arch Linux Security Advisory ASA-201707-20 ========================================== Severity: Medium Date : 2017-07-18 CVE-ID : CVE-2017-7186 CVE-2017-7244 CVE-2017-7245 CVE-2017-7246 Package : pcre Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-222 Summary ======...
[ASA-201706-28] linux-hardened: privilege escalation
Arch Linux Security Advisory ASA-201706-28 ========================================== Severity: High Date : 2017-06-22 CVE-ID : CVE-2017-1000364 Package : linux-hardened Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-314 Summary ======= The package linux-hardene...
[ASA-201706-23] glibc: privilege escalation
Arch Linux Security Advisory ASA-201706-23 ========================================== Severity: High Date : 2017-06-20 CVE-ID : CVE-2017-1000366 Package : glibc Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-307 Summary ======= The package glibc before version...
[ASA-201705-15] zziplib: multiple issues
Arch Linux Security Advisory ASA-201705-15 ========================================== Severity: High Date : 2017-05-12 CVE-ID : CVE-2017-5974 CVE-2017-5975 CVE-2017-5976 CVE-2017-5979 CVE-2017-5981 Package : zziplib Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-191...
[ASA-201610-15] chromium: multiple issues
Arch Linux Security Advisory ASA-201610-15 ========================================== Severity: Critical Date : 2016-10-23 CVE-ID : CVE-2016-5181 CVE-2016-5182 CVE-2016-5183 CVE-2016-5184 CVE-2016-5185 CVE-2016-5186 CVE-2016-5187 CVE-2016-5188 CVE-2016-5189 CVE-2016-5190 CVE-2016-5191 CVE-2016-51...
[ASA-201610-1] chromium: arbitrary code execution
Arch Linux Security Advisory ASA-201610-1 ========================================= Severity: Critical Date : 2016-10-03 CVE-ID : CVE-2016-5177 CVE-2016-5178 Package : chromium Type : arbitrary code execution Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package...
[ASA-201609-22] firefox: multiple issues
Arch Linux Security Advisory ASA-201609-22 ========================================== Severity: Critical Date : 2016-09-22 CVE-ID : CVE-2016-5256 CVE-2016-5257 CVE-2016-5270 CVE-2016-5271 CVE-2016-5272 CVE-2016-5273 CVE-2016-5274 CVE-2016-5275 CVE-2016-5276 CVE-2016-5277 CVE-2016-5278 CVE-2016-52...
mupdf: arbitrary code execution
Marco Grassi discovered a use-after-free vulnerability in MuPDF. An attacker can take advantage of this flaw to cause an application crash denial-of-service, or potentially to execute arbitrary code with the privileges of the user running MuPDF, if a specially crafted PDF file is processed...
libreoffice-fresh: arbitrary code execution
A use after free vulnerability was found in the RTF parser of LibreOffice. The vulnerability lies in the parsing of documents containing both stylesheet and superscript tokens. A specially crafted RTF document containing both a stylesheet and superscript element causes LibreOffice to access an...
thunderbird: arbitrary code execution
CVE-2016-2804: Gary Kwong, Christian Holler, Andrew McCreight, Boris Zbarsky, and Steve Fink reported memory safety problems and crashes. - CVE-2016-2805: Christian Holler reported a memory safety problem. - CVE-2016-2806: Gary Kwong, Christian Holler, Jesse Ruderman, Mats Palmgren, Carsten Book,...
dhcpcd: denial of service
CVE-2016-1503 denial of service An issue has been discovered that can lead to a heap overflow via malformed dhcp responses later in printoption via dhcpenvoption1 due to incorrect option length values. - CVE-2016-1504 denial of service A malformed dhcp response can lead to an invalid read/crash...
firefox: multiple issues
CVE-2015-7201 CVE-2015-7202 arbitrary code execution Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we...
flashplugin: multiple issues
CVE-2015-5573 arbitrary code execution These updates resolve a type confusion vulnerability that could lead to code execution. - CVE-2015-5570 CVE-2015-5574 CVE-2015-5581 CVE-2015-5584 CVE-2015-6682 arbitrary code execution These updates resolve use-after-free vulnerabilities that could lead to...
icedtea-web: multiple issues
CVE-2015-5234 unexpected permanent authorization of unsigned applets It was discovered that IcedTea-Web did not properly sanitize applet URLs when storing applet trust settings. A malicious web page could use this flaw to inject trust-settings configuration, and cause applets to be executed...
openssl: man-in-the-middle
During certificate verification, OpenSSL will attempt to find an alternative certificate chain if the first attempt to build such a chain fails. An error in the implementation of this logic can mean that an attacker could cause certain checks on untrusted certificates to be bypassed, such as the ...
firefox: multiple issues
CVE-2015-2722, CVE-2015-2733 Use-after-free in workers while using XMLHttpRequest: Security researcher Looben Yan used the Address Sanitizer tool to discover two related use-after-free vulnerabilities that occur when using XMLHttpRequest in concert with either shared or dedicated workers. These...
webkitgtk: man-in-the-middle
It was found that WebKitGTK+ version performed TLS certificate verification too late, after sending an HTTP request rather than before. This issue allows a man-in-the-middle attack to possibly gain sensitive information...
docker: multiple issues
CVE-2015-3627 privilege escalation The file-descriptor passed by libcontainer to the pid-1 process of a container has been found to be opened prior to performing the chroot, allowing insecure open and symlink traversal. This allows malicious container images to trigger a local privilege...
tor: multiple issues
CVE-2015-2928 "disgleirio" discovered that a malicious client could trigger an assertion failure in a Tor instance providing a hidden service, thus rendering the service inaccessible. CVE-2015-2929 "DonnchaC" discovered that Tor clients would crash with an assertion failure upon parsing specially...
python2-django python-django - cross site scripting
XSS attack via properties in ModelAdmin.readonlyfields...
flashplugin: multiple issues
CVE-2014-0580 policy bypass A flaw allows remote attackers to bypass the same origin policy via unspecified vectors. - CVE-2014-0587 arbitrary code execution A flaw allows attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors. - CVE-2014-8443...
file: denial of service through out-of-bounds read
An out-of-bounds read flaw was found in file's donote function in the way the file utility determined the note headers of a elf file. This could possibly lead to file executable crash...
[ASA-202004-24] libmicrodns: multiple issues
Arch Linux Security Advisory ASA-202004-24 ========================================== Severity: Critical Date : 2020-04-30 CVE-ID : CVE-2020-6071 CVE-2020-6072 CVE-2020-6073 CVE-2020-6077 CVE-2020-6078 CVE-2020-6079 CVE-2020-6080 Package : libmicrodns Type : multiple issues Remote : Yes Link :...
[ASA-202003-1] chromium: access restriction bypass
Arch Linux Security Advisory ASA-202003-1 ========================================= Severity: High Date : 2020-03-04 CVE-ID : CVE-2020-6420 Package : chromium Type : access restriction bypass Remote : Yes Link : https://security.archlinux.org/AVG-1107 Summary ======= The package chromium before...
[ASA-201910-7] chromium: multiple issues
Arch Linux Security Advisory ASA-201910-7 ========================================= Severity: High Date : 2019-10-11 CVE-ID : CVE-2019-13693 CVE-2019-13694 CVE-2019-13695 CVE-2019-13696 CVE-2019-13697 Package : chromium Type : multiple issues Remote : Yes Link :...
[ASA-201905-13] lib32-libcurl-gnutls: arbitrary code execution
Arch Linux Security Advisory ASA-201905-13 ========================================== Severity: High Date : 2019-05-31 CVE-ID : CVE-2019-5435 CVE-2019-5436 Package : lib32-libcurl-gnutls Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-961 Summary ======= The...