Archlinux - Page 26 of Archlinux Most Viewed Vulnerabilities List

ArchLinux•added 2019/04/11 12:0 a.m.•35 views

[ASA-201904-7] jenkins: multiple issues

Arch Linux Security Advisory ASA-201904-7 ========================================= Severity: Medium Date : 2019-04-11 CVE-ID : CVE-2019-1003049 CVE-2019-1003050 Package : jenkins Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-948 Summary ======= The package jenkins...

8.1CVSS1.2AI score0.02111EPSS

ArchLinux•added 2019/02/12 12:0 a.m.•35 views

[ASA-201902-11] lib32-libcurl-gnutls: arbitrary code execution

Arch Linux Security Advisory ASA-201902-11 ========================================== Severity: High Date : 2019-02-12 CVE-ID : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 Package : lib32-libcurl-gnutls Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-876...

9.8CVSS1.5AI score0.12771EPSS

Exploits2References10

ArchLinux•added 2019/02/11 12:0 a.m.•35 views

[ASA-201902-3] chromium: multiple issues

Arch Linux Security Advisory ASA-201902-3 ========================================= Severity: Critical Date : 2019-02-11 CVE-ID : CVE-2019-5754 CVE-2019-5755 CVE-2019-5756 CVE-2019-5757 CVE-2019-5758 CVE-2019-5759 CVE-2019-5760 CVE-2019-5761 CVE-2019-5762 CVE-2019-5763 CVE-2019-5764 CVE-2019-5765...

9.6CVSS0.8AI score0.12879EPSS

Exploits2References61

ArchLinux•added 2019/01/24 12:0 a.m.•35 views

[ASA-201901-10] go-pie: private key recovery

Arch Linux Security Advisory ASA-201901-10 ========================================== Severity: Medium Date : 2019-01-24 CVE-ID : CVE-2019-6486 Package : go-pie Type : private key recovery Remote : Yes Link : https://security.archlinux.org/AVG-859 Summary ======= The package go-pie before version...

8.2CVSS1.7AI score0.04326EPSS

ArchLinux•added 2018/12/18 12:0 a.m.•36 views

[ASA-201812-12] go-pie: multiple issues

Arch Linux Security Advisory ASA-201812-12 ========================================== Severity: High Date : 2018-12-18 CVE-ID : CVE-2018-16873 CVE-2018-16874 CVE-2018-16875 Package : go-pie Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-835 Summary ======= The packa...

8.1CVSS1.2AI score0.66252EPSS

Exploits0References14

ArchLinux•added 2018/10/17 12:0 a.m.•35 views

[ASA-201810-10] libssh: authentication bypass

Arch Linux Security Advisory ASA-201810-10 ========================================== Severity: Critical Date : 2018-10-17 CVE-ID : CVE-2018-10933 Package : libssh Type : authentication bypass Remote : Yes Link : https://security.archlinux.org/AVG-780 Summary ======= The package libssh before...

9.1CVSS2.3AI score0.91789EPSS

Exploits10References12

ArchLinux•added 2018/06/13 12:0 a.m.•35 views

[ASA-201806-9] chromium: arbitrary code execution

Arch Linux Security Advisory ASA-201806-9 ========================================= Severity: High Date : 2018-06-13 CVE-ID : CVE-2018-6149 Package : chromium Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-717 Summary ======= The package chromium before...

8.8CVSS3.2AI score0.00726EPSS

ArchLinux•added 2018/06/07 12:0 a.m.•35 views

[ASA-201806-4] chromium: access restriction bypass

Arch Linux Security Advisory ASA-201806-4 ========================================= Severity: High Date : 2018-06-07 CVE-ID : CVE-2018-6148 Package : chromium Type : access restriction bypass Remote : Yes Link : https://security.archlinux.org/AVG-712 Summary ======= The package chromium before...

6.5CVSS1.3AI score0.00704EPSS

ArchLinux•added 2018/05/25 12:0 a.m.•35 views

[ASA-201805-24] wireshark-common: multiple issues

Arch Linux Security Advisory ASA-201805-24 ========================================== Severity: Critical Date : 2018-05-25 CVE-ID : CVE-2018-11354 CVE-2018-11355 CVE-2018-11356 CVE-2018-11357 CVE-2018-11358 CVE-2018-11359 CVE-2018-11360 CVE-2018-11361 CVE-2018-11362 Package : wireshark-common Typ...

7.5CVSS1.4AI score0.0348EPSS

Exploits0References28

ArchLinux•added 2018/05/18 12:0 a.m.•35 views

[ASA-201805-17] libcurl-compat: multiple issues

Arch Linux Security Advisory ASA-201805-17 ========================================== Severity: Critical Date : 2018-05-18 CVE-ID : CVE-2018-1000300 CVE-2018-1000301 Package : libcurl-compat Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-698 Summary ======= The...

9.8CVSS1.2AI score0.06003EPSS

ArchLinux•added 2018/05/18 12:0 a.m.•35 views

[ASA-201805-16] lib32-libcurl-gnutls: multiple issues

Arch Linux Security Advisory ASA-201805-16 ========================================== Severity: Critical Date : 2018-05-18 CVE-ID : CVE-2018-1000300 CVE-2018-1000301 Package : lib32-libcurl-gnutls Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-697 Summary ======= Th...

9.8CVSS1.2AI score0.06003EPSS

ArchLinux•added 2018/05/18 12:0 a.m.•35 views

[ASA-201805-15] lib32-libcurl-compat: multiple issues

Arch Linux Security Advisory ASA-201805-15 ========================================== Severity: Critical Date : 2018-05-18 CVE-ID : CVE-2018-1000300 CVE-2018-1000301 Package : lib32-libcurl-compat Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-696 Summary ======= Th...

9.8CVSS1.2AI score0.06003EPSS

ArchLinux•added 2018/01/30 12:0 a.m.•35 views

[ASA-201801-27] mupdf: arbitrary code execution

Arch Linux Security Advisory ASA-201801-27 ========================================== Severity: High Date : 2018-01-30 CVE-ID : CVE-2017-17858 Package : mupdf Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-599 Summary ======= The package mupdf before version...

7.8CVSS2.1AI score0.02785EPSS

Exploits1References5

ArchLinux•added 2017/11/02 12:0 a.m.•35 views

[ASA-201711-8] lib32-libcurl-compat: information disclosure

Arch Linux Security Advisory ASA-201711-8 ========================================= Severity: Medium Date : 2017-11-02 CVE-ID : CVE-2017-1000257 Package : lib32-libcurl-compat Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-465 Summary ======= The package...

9.1CVSS9.2AI score0.06224EPSS

ArchLinux•added 2017/10/16 12:0 a.m.•35 views

[ASA-201710-25] linux-hardened: privilege escalation

Arch Linux Security Advisory ASA-201710-25 ========================================== Severity: High Date : 2017-10-16 CVE-ID : CVE-2017-5123 Package : linux-hardened Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-446 Summary ======= The package linux-hardened...

8.8CVSS1.5AI score0.03714EPSS

Exploits10References4

ArchLinux•added 2017/10/09 12:0 a.m.•35 views

[ASA-201710-11] lame: denial of service

Arch Linux Security Advisory ASA-201710-11 ========================================== Severity: Low Date : 2017-10-09 CVE-ID : CVE-2017-15018 Package : lame Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-437 Summary ======= The package lame before version 3.99.5-4 ...

5.5CVSS0.1AI score0.00836EPSS

Exploits1References4

ArchLinux•added 2017/10/05 12:0 a.m.•35 views

[ASA-201710-6] lib32-libcurl-compat: multiple issues

Arch Linux Security Advisory ASA-201710-6 ========================================= Severity: Medium Date : 2017-10-05 CVE-ID : CVE-2017-1000099 CVE-2017-1000100 CVE-2017-1000254 Package : lib32-libcurl-compat Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-388 Summa...

7.5CVSS7.7AI score0.08465EPSS

Exploits0References11

ArchLinux•added 2017/09/15 12:0 a.m.•35 views

[ASA-201709-10] ffmpeg: denial of service

Arch Linux Security Advisory ASA-201709-10 ========================================== Severity: Medium Date : 2017-09-15 CVE-ID : CVE-2017-14054 CVE-2017-14055 CVE-2017-14056 CVE-2017-14057 CVE-2017-14058 CVE-2017-14059 CVE-2017-14169 CVE-2017-14170 CVE-2017-14171 CVE-2017-14222 CVE-2017-14223...

8.8CVSS1.2AI score0.02575EPSS

Exploits0References25

ArchLinux•added 2017/08/10 12:0 a.m.•35 views

[ASA-201708-1] lib32-flashplugin: multiple issues

Arch Linux Security Advisory ASA-201708-1 ========================================= Severity: Critical Date : 2017-08-10 CVE-ID : CVE-2017-3085 CVE-2017-3106 Package : lib32-flashplugin Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-372 Summary ======= The package...

9.3CVSS1.6AI score0.22311EPSS

Exploits3References4

ArchLinux•added 2017/06/20 12:0 a.m.•35 views

[ASA-201706-22] lib32-glibc: privilege escalation

Arch Linux Security Advisory ASA-201706-22 ========================================== Severity: High Date : 2017-06-20 CVE-ID : CVE-2017-1000366 Package : lib32-glibc Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-308 Summary ======= The package lib32-glibc befo...

7.8CVSS0.7AI score0.02733EPSS

Exploits14References3

ArchLinux•added 2017/06/02 12:0 a.m.•35 views

[ASA-201706-3] libtasn1: arbitrary code execution

Arch Linux Security Advisory ASA-201706-3 ========================================= Severity: High Date : 2017-06-02 CVE-ID : CVE-2017-6891 Package : libtasn1 Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-285 Summary ======= The package libtasn1 before...

8.8CVSS2.6AI score0.05585EPSS

ArchLinux•added 2017/05/09 12:0 a.m.•35 views

[ASA-201705-8] flashplugin: arbitrary code execution

Arch Linux Security Advisory ASA-201705-8 ========================================= Severity: Critical Date : 2017-05-09 CVE-ID : CVE-2017-3068 CVE-2017-3069 CVE-2017-3070 CVE-2017-3071 CVE-2017-3072 CVE-2017-3073 CVE-2017-3074 Package : flashplugin Type : arbitrary code execution Remote : Yes Li...

9.3CVSS1.4AI score0.20353EPSS

Exploits2References9

ArchLinux•added 2017/03/14 12:0 a.m.•35 views

[ASA-201703-8] linux: privilege escalation

Arch Linux Security Advisory ASA-201703-8 ========================================= Severity: High Date : 2017-03-14 CVE-ID : CVE-2017-2636 Package : linux Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-192 Summary ======= The package linux before version 4.10.2...

7CVSS0.6AI score0.01029EPSS

Exploits2References5

ArchLinux•added 2017/01/15 12:0 a.m.•35 views

[ASA-201701-23] nginx: privilege escalation

Arch Linux Security Advisory ASA-201701-23 ========================================== Severity: High Date : 2017-01-15 CVE-ID : CVE-2016-1247 Package : nginx Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-138 Summary ======= The package nginx before version...

7.8CVSS1.7AI score0.04863EPSS

Exploits6References4

ArchLinux•added 2017/01/13 12:0 a.m.•35 views

[ASA-201701-19] docker: privilege escalation

Arch Linux Security Advisory ASA-201701-19 ========================================== Severity: High Date : 2017-01-13 CVE-ID : CVE-2016-9962 Package : docker Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-133 Summary ======= The package docker before version...

6.4CVSS3.1AI score0.00381EPSS

ArchLinux•added 2017/01/03 12:0 a.m.•35 views

[ASA-201701-8] libcurl-gnutls: multiple issues

Arch Linux Security Advisory ASA-201701-8 ========================================= Severity: Medium Date : 2017-01-03 CVE-ID : CVE-2016-9586 CVE-2016-9594 Package : libcurl-gnutls Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-114 Summary ======= The package...

8.1CVSS0.9AI score0.04999EPSS

Exploits0References6

ArchLinux•added 2016/08/08 12:0 a.m.•35 views

glibc: denial of service

CVE-2016-3075 denial of service The getnetbyname implementation in nssdns contains a potentially unbounded alloca call in the form of a call to strdupa, leading to a stack overflow stack exhaustion and a crash if getnetbyname is invoked on a very long name. - CVE-2016-5417 denial of service The...

5CVSS2.1AI score0.07486EPSS

ArchLinux•added 2015/11/12 12:0 a.m.•35 views

putty: arbitrary code execution

A potential memory-corrupting integer overflow has been discovered in the handling of the ECH erase characters control sequence in the terminal emulator. To exploit a vulnerability in the terminal emulator, an attacker must be able to insert a carefully crafted escape sequence into the terminal...

4.3CVSS0.6AI score0.03467EPSS

Exploits0References2

ArchLinux•added 2015/09/28 12:0 a.m.•35 views

chromium: cross-origin bypass

CVE-2015-1303: Cross-origin bypass in DOM. Credit to Mariusz Mlynski. - CVE-2015-1304: Cross-origin bypass in V8. Credit to Mariusz Mlynski...

7.5CVSS1.7AI score0.01757EPSS

Exploits2References3

ArchLinux•added 2015/09/14 12:0 a.m.•35 views

icedtea-web: multiple issues

CVE-2015-5234 unexpected permanent authorization of unsigned applets It was discovered that IcedTea-Web did not properly sanitize applet URLs when storing applet trust settings. A malicious web page could use this flaw to inject trust-settings configuration, and cause applets to be executed...

6.8CVSS2.1AI score0.03037EPSS

ArchLinux•added 2015/07/07 12:0 a.m.•35 views

ntp: denial of service

Under limited and specific circumstances an attacker can send a crafted remote-configuration packet containing a NUL-byte to cause a vulnerable ntpd instance to crash. This requires each of the following to be true: - ntpd set up to allow for remote configuration not allowed by default - knowledg...

4.1AI score0.04095EPSS

Exploits0References2

ArchLinux•added 2015/06/24 12:0 a.m.•35 views

flashplugin: remote code execution

A heap-based buffer overflow has been found in the FLV handling of Adobe Flash Player, leading to code execution...

10CVSS3.1AI score0.9994EPSS

Exploits4References3

ArchLinux•added 2015/06/05 12:0 a.m.•35 views

pcre: buffer overflow

Several buffer overflows have been found in pcre = 8.37. By compiling a crafted regular expression, it is possible to write more than the expected size into various buffers, allowing arbitrary code execution...

6.1CVSS5.4AI score0.09157EPSS

Exploits1References4

ArchLinux•added 2015/05/01 12:0 a.m.•35 views

squid: weak certificate validation

The flaw allows remote servers to bypass client certificate validation. Some attackers may also be able to use valid certificates for one domain signed by a global Certificate Authority to abuse an unrelated domain. However, the bug is exploitable only if you have configured Squid to perform SSL...

2.6CVSS3.8AI score0.11402EPSS

ArchLinux•added 2014/11/19 12:0 a.m.•35 views

binutils: multiple issues

CVE-2014-8484 invalid read Invalid read flaw leads to denial of service while parsing specially crafted files in programs using libbfd. - CVE-2014-8485 out-of-bounds write Lack of range checking leading to controlled write in bfdelfsetupsections which results in denial of service or possible code...

7.5CVSS4.5AI score0.07486EPSS

Exploits7References11

ArchLinux•added 2014/11/13 12:0 a.m.•35 views

imagemagick: denial of service

Converting some specially crafted jpeg with convert could lead to a dos...

3.1AI score0.00402EPSS

ArchLinux•added 2024/10/04 12:0 a.m.•34 views

[ASA-202410-1] oath-toolkit: privilege escalation

Arch Linux Security Advisory ASA-202410-1 ========================================= Severity: High Date : 2024-10-04 CVE-ID : CVE-2024-47191 Package : oath-toolkit Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-2857 Summary ======= The package oath-toolkit befor...

7.1CVSS7.3AI score0.00341EPSS

ArchLinux•added 2021/09/14 12:0 a.m.•34 views

[ASA-202109-3] ghostscript: arbitrary command execution

Arch Linux Security Advisory ASA-202109-3 ========================================= Severity: High Date : 2021-09-14 CVE-ID : CVE-2021-3781 Package : ghostscript Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-2374 Summary ======= The package ghostscript...

9.9CVSS1.3AI score0.83913EPSS

ArchLinux•added 2020/11/03 12:0 a.m.•34 views

[ASA-202011-2] chromium: multiple issues

Arch Linux Security Advisory ASA-202011-2 ========================================= Severity: Critical Date : 2020-11-03 CVE-ID : CVE-2020-16004 CVE-2020-16005 CVE-2020-16006 CVE-2020-16007 CVE-2020-16008 CVE-2020-16009 Package : chromium Type : multiple issues Remote : Yes Link :...

8.8CVSS1.3AI score0.48574EPSS

Exploits3References15

ArchLinux•added 2020/07/31 12:0 a.m.•34 views

[ASA-202007-6] libjcat: insufficient validation

Arch Linux Security Advisory ASA-202007-6 ========================================= Severity: High Date : 2020-07-31 CVE-ID : CVE-2020-10759 Package : libjcat Type : insufficient validation Remote : Yes Link : https://security.archlinux.org/AVG-1185 Summary ======= The package libjcat before...

6CVSS0.8AI score0.0049EPSS

Exploits1References4

ArchLinux•added 2020/06/28 12:0 a.m.•34 views

[ASA-202006-13] bind: denial of service

Arch Linux Security Advisory ASA-202006-13 ========================================== Severity: Medium Date : 2020-06-28 CVE-ID : CVE-2020-8618 CVE-2020-8619 Package : bind Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1191 Summary ======= The package bind before...

4.9CVSS0.4AI score0.02088EPSS

Exploits0References9

ArchLinux•added 2020/06/06 12:0 a.m.•34 views

[ASA-202006-8] python-django: multiple issues

Arch Linux Security Advisory ASA-202006-8 ========================================= Severity: Medium Date : 2020-06-06 CVE-ID : CVE-2020-13254 CVE-2020-13596 Package : python-django Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1176 Summary ======= The package...

6.1CVSS1.7AI score0.06041EPSS

Exploits0References6

ArchLinux•added 2020/05/20 12:0 a.m.•34 views

[ASA-202005-12] chromium: multiple issues

Arch Linux Security Advisory ASA-202005-12 ========================================== Severity: High Date : 2020-05-20 CVE-ID : CVE-2020-6465 CVE-2020-6466 CVE-2020-6467 CVE-2020-6468 CVE-2020-6469 CVE-2020-6470 CVE-2020-6471 CVE-2020-6472 CVE-2020-6473 CVE-2020-6474 CVE-2020-6475 CVE-2020-6476...

9.6CVSS0.2AI score0.06414EPSS

Exploits13References56

ArchLinux•added 2020/05/19 12:0 a.m.•34 views

[ASA-202005-10] powerdns-recursor: multiple issues

Arch Linux Security Advisory ASA-202005-10 ========================================== Severity: Medium Date : 2020-05-19 CVE-ID : CVE-2020-10995 CVE-2020-12244 Package : powerdns-recursor Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1163 Summary ======= The packag...

7.5CVSS1.8AI score0.04372EPSS

Exploits0References9

ArchLinux•added 2020/04/14 12:0 a.m.•34 views

[ASA-202004-13] git: information disclosure

Arch Linux Security Advisory ASA-202004-13 ========================================== Severity: High Date : 2020-04-14 CVE-ID : CVE-2020-5260 Package : git Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-1133 Summary ======= The package git before version...

9.3CVSS0.2AI score0.10047EPSS

Exploits2References10

ArchLinux•added 2020/04/08 12:0 a.m.•34 views

[ASA-202004-7] haproxy: arbitrary code execution

Arch Linux Security Advisory ASA-202004-7 ========================================= Severity: Critical Date : 2020-04-08 CVE-ID : CVE-2020-11100 Package : haproxy Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1124 Summary ======= The package haproxy before...

8.8CVSS2.4AI score0.60727EPSS