1854 matches found
[ASA-201803-16] lib32-curl: multiple issues
Arch Linux Security Advisory ASA-201803-16 ========================================== Severity: Medium Date : 2018-03-19 CVE-ID : CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122 Package : lib32-curl Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-654 Summary =====...
[ASA-201803-7] dovecot: multiple issues
Arch Linux Security Advisory ASA-201803-7 ========================================= Severity: High Date : 2018-03-06 CVE-ID : CVE-2017-14461 CVE-2017-15130 CVE-2017-15132 Package : dovecot Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-645 Summary ======= The packag...
[ASA-201802-3] go-pie: arbitrary code execution
Arch Linux Security Advisory ASA-201802-3 ========================================= Severity: High Date : 2018-02-09 CVE-ID : CVE-2018-6574 Package : go-pie Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-606 Summary ======= The package go-pie before version...
[ASA-201801-17] zziplib: denial of service
Arch Linux Security Advisory ASA-201801-17 ========================================== Severity: Medium Date : 2018-01-18 CVE-ID : CVE-2017-5977 CVE-2017-5978 Package : zziplib Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-273 Summary ======= The package zziplib...
[ASA-201711-43] thunderbird: multiple issues
Arch Linux Security Advisory ASA-201711-43 ========================================== Severity: Critical Date : 2017-11-30 CVE-ID : CVE-2017-7826 CVE-2017-7828 CVE-2017-7830 Package : thunderbird Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-530 Summary ======= The...
[ASA-201710-31] chromium: arbitrary code execution
Arch Linux Security Advisory ASA-201710-31 ========================================== Severity: Critical Date : 2017-10-27 CVE-ID : CVE-2017-15396 Package : chromium Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-472 Summary ======= The package chromium...
[ASA-201710-11] lame: denial of service
Arch Linux Security Advisory ASA-201710-11 ========================================== Severity: Low Date : 2017-10-09 CVE-ID : CVE-2017-15018 Package : lame Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-437 Summary ======= The package lame before version 3.99.5-4 ...
[ASA-201710-6] lib32-libcurl-compat: multiple issues
Arch Linux Security Advisory ASA-201710-6 ========================================= Severity: Medium Date : 2017-10-05 CVE-ID : CVE-2017-1000099 CVE-2017-1000100 CVE-2017-1000254 Package : lib32-libcurl-compat Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-388 Summa...
[ASA-201709-10] ffmpeg: denial of service
Arch Linux Security Advisory ASA-201709-10 ========================================== Severity: Medium Date : 2017-09-15 CVE-ID : CVE-2017-14054 CVE-2017-14055 CVE-2017-14056 CVE-2017-14057 CVE-2017-14058 CVE-2017-14059 CVE-2017-14169 CVE-2017-14170 CVE-2017-14171 CVE-2017-14222 CVE-2017-14223...
[ASA-201707-25] webkit2gtk: multiple issues
Arch Linux Security Advisory ASA-201707-25 ========================================== Severity: Critical Date : 2017-07-26 CVE-ID : CVE-2017-7018 CVE-2017-7030 CVE-2017-7034 CVE-2017-7037 CVE-2017-7039 CVE-2017-7046 CVE-2017-7048 CVE-2017-7055 CVE-2017-7056 CVE-2017-7061 CVE-2017-7064 Package :...
[ASA-201707-19] gvim: arbitrary code execution
Arch Linux Security Advisory ASA-201707-19 ========================================== Severity: High Date : 2017-07-18 CVE-ID : CVE-2017-11109 Package : gvim Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-347 Summary ======= The package gvim before version...
[ASA-201707-20] pcre: multiple issues
Arch Linux Security Advisory ASA-201707-20 ========================================== Severity: Medium Date : 2017-07-18 CVE-ID : CVE-2017-7186 CVE-2017-7244 CVE-2017-7245 CVE-2017-7246 Package : pcre Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-222 Summary ======...
[ASA-201706-33] poppler: arbitrary code execution
Arch Linux Security Advisory ASA-201706-33 ========================================== Severity: High Date : 2017-06-26 CVE-ID : CVE-2017-9775 CVE-2017-9776 Package : poppler Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-326 Summary ======= The package...
[ASA-201706-23] glibc: privilege escalation
Arch Linux Security Advisory ASA-201706-23 ========================================== Severity: High Date : 2017-06-20 CVE-ID : CVE-2017-1000366 Package : glibc Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-307 Summary ======= The package glibc before version...
[ASA-201706-13] tor: denial of service
Arch Linux Security Advisory ASA-201706-13 ========================================== Severity: Medium Date : 2017-06-13 CVE-ID : CVE-2017-0375 CVE-2017-0376 Package : tor Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-296 Summary ======= The package tor before...
[ASA-201706-3] libtasn1: arbitrary code execution
Arch Linux Security Advisory ASA-201706-3 ========================================= Severity: High Date : 2017-06-02 CVE-ID : CVE-2017-6891 Package : libtasn1 Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-285 Summary ======= The package libtasn1 before...
[ASA-201705-6] lib32-libtirpc: denial of service
Arch Linux Security Advisory ASA-201705-6 ========================================= Severity: Medium Date : 2017-05-07 CVE-ID : CVE-2017-8779 Package : lib32-libtirpc Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-263 Summary ======= The package lib32-libtirpc...
[ASA-201703-13] linux-zen: privilege escalation
Arch Linux Security Advisory ASA-201703-13 ========================================== Severity: High Date : 2017-03-16 CVE-ID : CVE-2017-2636 Package : linux-zen Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-203 Summary ======= The package linux-zen before...
[ASA-201703-8] linux: privilege escalation
Arch Linux Security Advisory ASA-201703-8 ========================================= Severity: High Date : 2017-03-14 CVE-ID : CVE-2017-2636 Package : linux Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-192 Summary ======= The package linux before version 4.10.2...
[ASA-201702-9] webkit2gtk: multiple issues
Arch Linux Security Advisory ASA-201702-9 ========================================= Severity: Critical Date : 2017-02-11 CVE-ID : CVE-2017-2350 CVE-2017-2354 CVE-2017-2355 CVE-2017-2356 CVE-2017-2362 CVE-2017-2363 CVE-2017-2364 CVE-2017-2365 CVE-2017-2366 CVE-2017-2369 CVE-2017-2371 CVE-2017-2373...
[ASA-201701-8] libcurl-gnutls: multiple issues
Arch Linux Security Advisory ASA-201701-8 ========================================= Severity: Medium Date : 2017-01-03 CVE-ID : CVE-2016-9586 CVE-2016-9594 Package : libcurl-gnutls Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-114 Summary ======= The package...
[ASA-201610-15] chromium: multiple issues
Arch Linux Security Advisory ASA-201610-15 ========================================== Severity: Critical Date : 2016-10-23 CVE-ID : CVE-2016-5181 CVE-2016-5182 CVE-2016-5183 CVE-2016-5184 CVE-2016-5185 CVE-2016-5186 CVE-2016-5187 CVE-2016-5188 CVE-2016-5189 CVE-2016-5190 CVE-2016-5191 CVE-2016-51...
[ASA-201610-1] chromium: arbitrary code execution
Arch Linux Security Advisory ASA-201610-1 ========================================= Severity: Critical Date : 2016-10-03 CVE-ID : CVE-2016-5177 CVE-2016-5178 Package : chromium Type : arbitrary code execution Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package...
[ASA-201609-27] wireshark-cli: denial of service
Arch Linux Security Advisory ASA-201609-27 ========================================== Severity: Medium Date : 2016-09-26 CVE-ID : CVE-2016-7175 CVE-2016-7176 CVE-2016-7177 CVE-2016-7178 CVE-2016-7179 CVE-2016-7180 Package : wireshark-cli Type : denial of service Remote : Yes Link :...
chromium: multiple issues
CVE-2016-5170, CVE-2016-5171 arbitrary code execution Use after free in Blink. - CVE-2016-5172 information leakage Arbitrary Memory Read in v8. - CVE-2016-5173 access restriction bypass Extension resource access. - CVE-2016-5174 Popup not correctly suppressed. - CVE-2016-5175 arbitrary code...
graphicsmagick: multiple issues
A last instance of CVE-2016-2317 heap buffer overflow in the MVG rendering code also impacts SVG. This problem was originally reported by Gustavo Grieco. 2. A possible heap overflow of the EscapeParenthesis function. While I was not able to reproduce it for myself, the implementation is replaced...
thunderbird: arbitrary code execution
CVE-2016-2835 arbitrary code execution Carsten Book, Christian Holler, Gary Kwong, Jesse Ruderman, Andrew McCreight, Phil Ringnalda and Philipp reported memory safety problems and crashes. - CVE-2016-2836 arbitrary code execution Christian Holler, Tyson Smith, Boris Zbarsky, Byron Campen, and...
postgresql: multiple issues
CVE-2016-5423 arbitrary code execution It was discovered that certain SQL statements containing CASE/WHEN commands could crash the PostgreSQL server, or disclose a few bytes of server memory, potentially leading to arbitrary code execution. - CVE-2016-5424 privilege escalation It was found that...
glibc: denial of service
CVE-2016-3075 denial of service The getnetbyname implementation in nssdns contains a potentially unbounded alloca call in the form of a call to strdupa, leading to a stack overflow stack exhaustion and a crash if getnetbyname is invoked on a very long name. - CVE-2016-5417 denial of service The...
Squid: denial of service
Due to incorrect bounds checking Squid is vulnerable to a denial of service attack when processing HTTP responses...
putty: arbitrary code execution
A potential memory-corrupting integer overflow has been discovered in the handling of the ECH erase characters control sequence in the terminal emulator. To exploit a vulnerability in the terminal emulator, an attacker must be able to insert a carefully crafted escape sequence into the terminal...
chromium: cross-origin bypass
CVE-2015-1303: Cross-origin bypass in DOM. Credit to Mariusz Mlynski. - CVE-2015-1304: Cross-origin bypass in V8. Credit to Mariusz Mlynski...
icedtea-web: multiple issues
CVE-2015-5234 unexpected permanent authorization of unsigned applets It was discovered that IcedTea-Web did not properly sanitize applet URLs when storing applet trust settings. A malicious web page could use this flaw to inject trust-settings configuration, and cause applets to be executed...
docker: multiple issues
CVE-2015-3627 privilege escalation The file-descriptor passed by libcontainer to the pid-1 process of a container has been found to be opened prior to performing the chroot, allowing insecure open and symlink traversal. This allows malicious container images to trigger a local privilege...
elfutils: directory traversal
Directory traversal vulnerability in the readlongnames function in libelf/elfbegin.c allows remote attackers to write to arbitrary files to the root directory via a / slash in a crafted archive, as demonstrated using the ar program...
ntp: multiple issues
CVE-2014-9297 information disclosure, denial of service The vallen packet value is not validated in several code paths in ntpcrypto.c which can lead to information leakage or a possible crash. - CVE-2014-9298 access restriction bypass While available kernels will prevent 127.0.0.1 addresses from...
binutils: multiple issues
CVE-2014-8484 invalid read Invalid read flaw leads to denial of service while parsing specially crafted files in programs using libbfd. - CVE-2014-8485 out-of-bounds write Lack of range checking leading to controlled write in bfdelfsetupsections which results in denial of service or possible code...
imagemagick: denial of service
Converting some specially crafted jpeg with convert could lead to a dos...
[ASA-202505-4] webkit2gtk-4.1: arbitrary code execution
Arch Linux Security Advisory ASA-202505-4 ========================================= Severity: High Date : 2025-05-18 CVE-ID : CVE-2023-42875 CVE-2023-42970 Package : webkit2gtk-4.1 Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-2868 Summary ======= The...
[ASA-202204-10] powerdns-recursor: denial of service
Arch Linux Security Advisory ASA-202204-10 ========================================== Severity: Low Date : 2022-04-15 CVE-ID : CVE-2022-27227 Package : powerdns-recursor Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-2656 Summary ======= The package...
[ASA-202111-5] grafana: cross-site scripting
Arch Linux Security Advisory ASA-202111-5 ========================================= Severity: Medium Date : 2021-11-05 CVE-ID : CVE-2021-41174 Package : grafana Type : cross-site scripting Remote : Yes Link : https://security.archlinux.org/AVG-2517 Summary ======= The package grafana before versi...
[ASA-202009-9] chromium: multiple issues
Arch Linux Security Advisory ASA-202009-9 ========================================= Severity: High Date : 2020-09-23 CVE-ID : CVE-2020-15960 CVE-2020-15961 CVE-2020-15962 CVE-2020-15963 CVE-2020-15964 CVE-2020-15965 CVE-2020-15966 Package : chromium Type : multiple issues Remote : Yes Link :...
[ASA-202006-16] tomcat8: denial of service
Arch Linux Security Advisory ASA-202006-16 ========================================== Severity: Medium Date : 2020-06-28 CVE-ID : CVE-2020-11996 Package : tomcat8 Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1197 Summary ======= The package tomcat8 before versio...
[ASA-202006-8] python-django: multiple issues
Arch Linux Security Advisory ASA-202006-8 ========================================= Severity: Medium Date : 2020-06-06 CVE-ID : CVE-2020-13254 CVE-2020-13596 Package : python-django Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1176 Summary ======= The package...
[ASA-202005-12] chromium: multiple issues
Arch Linux Security Advisory ASA-202005-12 ========================================== Severity: High Date : 2020-05-20 CVE-ID : CVE-2020-6465 CVE-2020-6466 CVE-2020-6467 CVE-2020-6468 CVE-2020-6469 CVE-2020-6470 CVE-2020-6471 CVE-2020-6472 CVE-2020-6473 CVE-2020-6474 CVE-2020-6475 CVE-2020-6476...
[ASA-202005-10] powerdns-recursor: multiple issues
Arch Linux Security Advisory ASA-202005-10 ========================================== Severity: Medium Date : 2020-05-19 CVE-ID : CVE-2020-10995 CVE-2020-12244 Package : powerdns-recursor Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1163 Summary ======= The packag...
[ASA-202003-7] mbedtls: private key recovery
Arch Linux Security Advisory ASA-202003-7 ========================================= Severity: High Date : 2020-03-11 CVE-ID : CVE-2019-18222 Package : mbedtls Type : private key recovery Remote : No Link : https://security.archlinux.org/AVG-1104 Summary ======= The package mbedtls before version...
[ASA-202003-3] ppp: arbitrary code execution
Arch Linux Security Advisory ASA-202003-3 ========================================= Severity: Medium Date : 2020-03-07 CVE-ID : CVE-2020-8597 Package : ppp Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1101 Summary ======= The package ppp before version...
[ASA-202002-11] chromium: multiple issues
Arch Linux Security Advisory ASA-202002-11 ========================================== Severity: High Date : 2020-02-25 CVE-ID : CVE-2020-6407 CVE-2020-6418 Package : chromium Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1102 Summary ======= The package chromium...
[ASA-201910-11] go-pie: denial of service
Arch Linux Security Advisory ASA-201910-11 ========================================== Severity: Medium Date : 2019-10-21 CVE-ID : CVE-2019-17596 Package : go-pie Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1051 Summary ======= The package go-pie before version...