1854 matches found
[ASA-201806-2] radare2: multiple issues
Arch Linux Security Advisory ASA-201806-2 ========================================= Severity: High Date : 2018-06-05 CVE-ID : CVE-2018-11375 CVE-2018-11376 CVE-2018-11377 CVE-2018-11378 CVE-2018-11379 CVE-2018-11380 CVE-2018-11381 CVE-2018-11382 CVE-2018-11383 CVE-2018-11384 Package : radare2 Typ...
[ASA-201805-17] libcurl-compat: multiple issues
Arch Linux Security Advisory ASA-201805-17 ========================================== Severity: Critical Date : 2018-05-18 CVE-ID : CVE-2018-1000300 CVE-2018-1000301 Package : libcurl-compat Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-698 Summary ======= The...
[ASA-201803-16] lib32-curl: multiple issues
Arch Linux Security Advisory ASA-201803-16 ========================================== Severity: Medium Date : 2018-03-19 CVE-ID : CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122 Package : lib32-curl Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-654 Summary =====...
[ASA-201801-27] mupdf: arbitrary code execution
Arch Linux Security Advisory ASA-201801-27 ========================================== Severity: High Date : 2018-01-30 CVE-ID : CVE-2017-17858 Package : mupdf Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-599 Summary ======= The package mupdf before version...
[ASA-201801-18] glibc: privilege escalation
Arch Linux Security Advisory ASA-201801-18 ========================================== Severity: High Date : 2018-01-28 CVE-ID : CVE-2018-1000001 Package : glibc Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-590 Summary ======= The package glibc before version...
[ASA-201711-32] exim: multiple issues
Arch Linux Security Advisory ASA-201711-32 ========================================== Severity: Critical Date : 2017-11-30 CVE-ID : CVE-2017-1000369 CVE-2017-10140 CVE-2017-16943 CVE-2017-16944 Package : exim Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-518 Summar...
[ASA-201711-43] thunderbird: multiple issues
Arch Linux Security Advisory ASA-201711-43 ========================================== Severity: Critical Date : 2017-11-30 CVE-ID : CVE-2017-7826 CVE-2017-7828 CVE-2017-7830 Package : thunderbird Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-530 Summary ======= The...
[ASA-201711-30] powerdns: access restriction bypass
Arch Linux Security Advisory ASA-201711-30 ========================================== Severity: Low Date : 2017-11-27 CVE-ID : CVE-2017-15091 Package : powerdns Type : access restriction bypass Remote : Yes Link : https://security.archlinux.org/AVG-519 Summary ======= The package powerdns before...
[ASA-201711-9] lib32-libcurl-gnutls: information disclosure
Arch Linux Security Advisory ASA-201711-9 ========================================= Severity: Medium Date : 2017-11-02 CVE-ID : CVE-2017-1000257 Package : lib32-libcurl-gnutls Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-464 Summary ======= The package...
[ASA-201711-8] lib32-libcurl-compat: information disclosure
Arch Linux Security Advisory ASA-201711-8 ========================================= Severity: Medium Date : 2017-11-02 CVE-ID : CVE-2017-1000257 Package : lib32-libcurl-compat Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-465 Summary ======= The package...
[ASA-201710-25] linux-hardened: privilege escalation
Arch Linux Security Advisory ASA-201710-25 ========================================== Severity: High Date : 2017-10-16 CVE-ID : CVE-2017-5123 Package : linux-hardened Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-446 Summary ======= The package linux-hardened...
[ASA-201708-1] lib32-flashplugin: multiple issues
Arch Linux Security Advisory ASA-201708-1 ========================================= Severity: Critical Date : 2017-08-10 CVE-ID : CVE-2017-3085 CVE-2017-3106 Package : lib32-flashplugin Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-372 Summary ======= The package...
[ASA-201707-19] gvim: arbitrary code execution
Arch Linux Security Advisory ASA-201707-19 ========================================== Severity: High Date : 2017-07-18 CVE-ID : CVE-2017-11109 Package : gvim Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-347 Summary ======= The package gvim before version...
[ASA-201706-22] lib32-glibc: privilege escalation
Arch Linux Security Advisory ASA-201706-22 ========================================== Severity: High Date : 2017-06-20 CVE-ID : CVE-2017-1000366 Package : lib32-glibc Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-308 Summary ======= The package lib32-glibc befo...
[ASA-201705-14] git: access restriction bypass
Arch Linux Security Advisory ASA-201705-14 ========================================== Severity: High Date : 2017-05-12 CVE-ID : CVE-2017-8386 Package : git Type : access restriction bypass Remote : Yes Link : https://security.archlinux.org/AVG-267 Summary ======= The package git before version...
[ASA-201702-13] vim: arbitrary code execution
Arch Linux Security Advisory ASA-201702-13 ========================================== Severity: Medium Date : 2017-02-15 CVE-ID : CVE-2017-5953 Package : vim Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-174 Summary ======= The package vim before version...
[ASA-201701-23] nginx: privilege escalation
Arch Linux Security Advisory ASA-201701-23 ========================================== Severity: High Date : 2017-01-15 CVE-ID : CVE-2016-1247 Package : nginx Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-138 Summary ======= The package nginx before version...
[ASA-201609-22] firefox: multiple issues
Arch Linux Security Advisory ASA-201609-22 ========================================== Severity: Critical Date : 2016-09-22 CVE-ID : CVE-2016-5256 CVE-2016-5257 CVE-2016-5270 CVE-2016-5271 CVE-2016-5272 CVE-2016-5273 CVE-2016-5274 CVE-2016-5275 CVE-2016-5276 CVE-2016-5277 CVE-2016-5278 CVE-2016-52...
thunderbird: arbitrary code execution
CVE-2016-2835 arbitrary code execution Carsten Book, Christian Holler, Gary Kwong, Jesse Ruderman, Andrew McCreight, Phil Ringnalda and Philipp reported memory safety problems and crashes. - CVE-2016-2836 arbitrary code execution Christian Holler, Tyson Smith, Boris Zbarsky, Byron Campen, and...
chromium: multiple issues
CVE-2016-5139 arbitrary code execution Multiple integer overflows in the opjtcdinittile function in tcd.c in OpenJPEG, as used in PDFium, allow remote attackers to cause a denial of service heap-based buffer overflow or possibly have other unspecified impact via crafted JPEG 2000 data. -...
glibc: denial of service
CVE-2016-3075 denial of service The getnetbyname implementation in nssdns contains a potentially unbounded alloca call in the form of a call to strdupa, leading to a stack overflow stack exhaustion and a crash if getnetbyname is invoked on a very long name. - CVE-2016-5417 denial of service The...
Squid: denial of service
Due to incorrect bounds checking Squid is vulnerable to a denial of service attack when processing HTTP responses...
roundcubemail: remote code execution
High-Tech Bridge Security Research Lab discovered a path traversal vulnerability in Roundcube. Vulnerability can be exploited to gain access to sensitive information and under certain circumstances to execute arbitrary code and totally compromise the vulnerable server. The vulnerability exists du...
chromium: cross-origin bypass
CVE-2015-1303: Cross-origin bypass in DOM. Credit to Mariusz Mlynski. - CVE-2015-1304: Cross-origin bypass in V8. Credit to Mariusz Mlynski...
libvdpau lib32vdpau: multiple issues
CVE-2015-5198 Local Privilege Escalation When used in a setuid or setgid application, libvdpau/lib32-libvdpau allows local users to gain privileges via unspecified vectors, related to the VDPAUDRIVERPATH environment variable. - CVE-2015-5199 Directory Traversal Directory traversal vulnerability...
jasper: denial of service
A double free issue has been discovered in the function jasperimagestopload. This vulnerability can be triggered by loading a specially crafted image through jasper...
ntp: denial of service
Under limited and specific circumstances an attacker can send a crafted remote-configuration packet containing a NUL-byte to cause a vulnerable ntpd instance to crash. This requires each of the following to be true: - ntpd set up to allow for remote configuration not allowed by default - knowledg...
flashplugin: remote code execution
A heap-based buffer overflow has been found in the FLV handling of Adobe Flash Player, leading to code execution...
pcre: buffer overflow
Several buffer overflows have been found in pcre = 8.37. By compiling a crafted regular expression, it is possible to write more than the expected size into various buffers, allowing arbitrary code execution...
mutt: denial of service
The writeoneheader function does not properly handle newline characters at the beginning of a header, which allows remote attackers to cause a denial of service crash via a header with an empty body, which triggers a heap-based buffer overflow in the muttsubstrdup function...
elfutils: directory traversal
Directory traversal vulnerability in the readlongnames function in libelf/elfbegin.c allows remote attackers to write to arbitrary files to the root directory via a / slash in a crafted archive, as demonstrated using the ar program...
avr-binutils: multiple issues
CVE-2014-8484 invalid read Invalid read flaw leads to denial of service while parsing specially crafted files in programs using libbfd. - CVE-2014-8485 out-of-bounds write Lack of range checking leading to controlled write in bfdelfsetupsections which results in denial of service or possible code...
[ASA-202505-2] wpewebkit: arbitrary code execution
Arch Linux Security Advisory ASA-202505-2 ========================================= Severity: High Date : 2025-05-18 CVE-ID : CVE-2023-42875 CVE-2023-42970 Package : wpewebkit Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-2870 Summary ======= The package...
[ASA-202111-3] thunderbird: multiple issues
Arch Linux Security Advisory ASA-202111-3 ========================================= Severity: High Date : 2021-11-05 CVE-ID : CVE-2021-38503 CVE-2021-38504 CVE-2021-38506 CVE-2021-38507 CVE-2021-38508 CVE-2021-38509 Package : thunderbird Type : multiple issues Remote : Yes Link :...
[ASA-202110-3] virtualbox: multiple issues
Arch Linux Security Advisory ASA-202110-3 ========================================= Severity: High Date : 2021-10-21 CVE-ID : CVE-2021-2475 CVE-2021-35538 CVE-2021-35540 CVE-2021-35542 CVE-2021-35545 Package : virtualbox Type : multiple issues Remote : No Link :...
[ASA-202109-3] ghostscript: arbitrary command execution
Arch Linux Security Advisory ASA-202109-3 ========================================= Severity: High Date : 2021-09-14 CVE-ID : CVE-2021-3781 Package : ghostscript Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-2374 Summary ======= The package ghostscript...
[ASA-202011-2] chromium: multiple issues
Arch Linux Security Advisory ASA-202011-2 ========================================= Severity: Critical Date : 2020-11-03 CVE-ID : CVE-2020-16004 CVE-2020-16005 CVE-2020-16006 CVE-2020-16007 CVE-2020-16008 CVE-2020-16009 Package : chromium Type : multiple issues Remote : Yes Link :...
[ASA-202009-15] lib32-zeromq: denial of service
Arch Linux Security Advisory ASA-202009-15 ========================================== Severity: High Date : 2020-09-26 CVE-ID : CVE-2020-15166 Package : lib32-zeromq Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1220 Summary ======= The package lib32-zeromq befor...
[ASA-202007-6] libjcat: insufficient validation
Arch Linux Security Advisory ASA-202007-6 ========================================= Severity: High Date : 2020-07-31 CVE-ID : CVE-2020-10759 Package : libjcat Type : insufficient validation Remote : Yes Link : https://security.archlinux.org/AVG-1185 Summary ======= The package libjcat before...
[ASA-202006-16] tomcat8: denial of service
Arch Linux Security Advisory ASA-202006-16 ========================================== Severity: Medium Date : 2020-06-28 CVE-ID : CVE-2020-11996 Package : tomcat8 Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1197 Summary ======= The package tomcat8 before versio...
[ASA-202006-8] python-django: multiple issues
Arch Linux Security Advisory ASA-202006-8 ========================================= Severity: Medium Date : 2020-06-06 CVE-ID : CVE-2020-13254 CVE-2020-13596 Package : python-django Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1176 Summary ======= The package...
[ASA-202005-10] powerdns-recursor: multiple issues
Arch Linux Security Advisory ASA-202005-10 ========================================== Severity: Medium Date : 2020-05-19 CVE-ID : CVE-2020-10995 CVE-2020-12244 Package : powerdns-recursor Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1163 Summary ======= The packag...
[ASA-202004-1] chromium: arbitrary code execution
Arch Linux Security Advisory ASA-202004-1 ========================================= Severity: High Date : 2020-04-01 CVE-ID : CVE-2020-6450 CVE-2020-6451 CVE-2020-6452 Package : chromium Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1123 Summary ======= Th...
[ASA-202003-5] python-django: sql injection
Arch Linux Security Advisory ASA-202003-5 ========================================= Severity: Medium Date : 2020-03-08 CVE-ID : CVE-2020-9402 Package : python-django Type : sql injection Remote : Yes Link : https://security.archlinux.org/AVG-1111 Summary ======= The package python-django before...
[ASA-202003-3] ppp: arbitrary code execution
Arch Linux Security Advisory ASA-202003-3 ========================================= Severity: Medium Date : 2020-03-07 CVE-ID : CVE-2020-8597 Package : ppp Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1101 Summary ======= The package ppp before version...
[ASA-201906-6] lib32-openssl: information disclosure
Arch Linux Security Advisory ASA-201906-6 ========================================= Severity: Low Date : 2019-06-11 CVE-ID : CVE-2019-1543 Package : lib32-openssl Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-920 Summary ======= The package lib32-openssl...
[ASA-201905-8] thunderbird: multiple issues
Arch Linux Security Advisory ASA-201905-8 ========================================= Severity: Critical Date : 2019-05-23 CVE-ID : CVE-2019-5798 CVE-2019-7317 CVE-2019-9800 CVE-2019-9816 CVE-2019-9817 CVE-2019-9819 CVE-2019-11691 CVE-2019-11692 CVE-2019-11693 CVE-2019-11698 CVE-2019-18511 Package ...
[ASA-201905-6] dovecot: denial of service
Arch Linux Security Advisory ASA-201905-6 ========================================= Severity: Medium Date : 2019-05-06 CVE-ID : CVE-2019-11494 CVE-2019-11499 Package : dovecot Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-954 Summary ======= The package dovecot...
[ASA-201903-16] dovecot: privilege escalation
Arch Linux Security Advisory ASA-201903-16 ========================================== Severity: High Date : 2019-03-28 CVE-ID : CVE-2019-7524 Package : dovecot Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-944 Summary ======= The package dovecot before version...
[ASA-201903-9] libelf: denial of service
Arch Linux Security Advisory ASA-201903-9 ========================================= Severity: Medium Date : 2019-03-18 CVE-ID : CVE-2019-7148 CVE-2019-7149 CVE-2019-7150 CVE-2019-7664 CVE-2019-7665 Package : libelf Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-86...