1854 matches found
[ASA-201902-28] logstash: information disclosure
Arch Linux Security Advisory ASA-201902-28 ========================================== Severity: High Date : 2019-02-25 CVE-ID : CVE-2019-7612 Package : logstash Type : information disclosure Remote : No Link : https://security.archlinux.org/AVG-913 Summary ======= The package logstash before...
[ASA-201901-17] subversion: denial of service
Arch Linux Security Advisory ASA-201901-17 ========================================== Severity: High Date : 2019-01-28 CVE-ID : CVE-2018-11803 Package : subversion Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-858 Summary ======= The package subversion before...
[ASA-201901-10] go-pie: private key recovery
Arch Linux Security Advisory ASA-201901-10 ========================================== Severity: Medium Date : 2019-01-24 CVE-ID : CVE-2019-6486 Package : go-pie Type : private key recovery Remote : Yes Link : https://security.archlinux.org/AVG-859 Summary ======= The package go-pie before version...
[ASA-201812-4] texlive-bin: arbitrary code execution
Arch Linux Security Advisory ASA-201812-4 ========================================= Severity: High Date : 2018-12-08 CVE-ID : CVE-2018-17407 Package : texlive-bin Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-770 Summary ======= The package texlive-bin befo...
[ASA-201811-10] thunderbird: arbitrary code execution
Arch Linux Security Advisory ASA-201811-10 ========================================== Severity: Critical Date : 2018-11-06 CVE-ID : CVE-2018-12389 CVE-2018-12390 CVE-2018-12392 Package : thunderbird Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-803 Summary...
[ASA-201810-7] git: arbitrary code execution
Arch Linux Security Advisory ASA-201810-7 ========================================= Severity: High Date : 2018-10-09 CVE-ID : CVE-2018-17456 Package : git Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-776 Summary ======= The package git before version...
[ASA-201805-22] wireshark-gtk: multiple issues
Arch Linux Security Advisory ASA-201805-22 ========================================== Severity: Critical Date : 2018-05-25 CVE-ID : CVE-2018-11354 CVE-2018-11355 CVE-2018-11356 CVE-2018-11357 CVE-2018-11358 CVE-2018-11359 CVE-2018-11360 CVE-2018-11361 CVE-2018-11362 Package : wireshark-gtk Type :...
[ASA-201805-7] mupdf-tools: multiple issues
Arch Linux Security Advisory ASA-201805-7 ========================================= Severity: High Date : 2018-05-10 CVE-ID : CVE-2018-5686 CVE-2018-6187 CVE-2018-6192 CVE-2018-6544 CVE-2018-1000051 Package : mupdf-tools Type : multiple issues Remote : Yes Link :...
[ASA-201803-9] postgresql: privilege escalation
Arch Linux Security Advisory ASA-201803-9 ========================================= Severity: High Date : 2018-03-11 CVE-ID : CVE-2018-1058 Package : postgresql Type : privilege escalation Remote : Yes Link : https://security.archlinux.org/AVG-643 Summary ======= The package postgresql before...
[ASA-201802-9] libmspack: multiple issues
Arch Linux Security Advisory ASA-201802-9 ========================================= Severity: Critical Date : 2018-02-20 CVE-ID : CVE-2017-6419 CVE-2017-11423 Package : libmspack Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-603 Summary ======= The package libmspac...
[ASA-201802-6] exim: arbitrary code execution
Arch Linux Security Advisory ASA-201802-6 ========================================= Severity: High Date : 2018-02-12 CVE-ID : CVE-2018-6789 Package : exim Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-608 Summary ======= The package exim before version...
[ASA-201801-16] bind: denial of service
Arch Linux Security Advisory ASA-201801-16 ========================================== Severity: High Date : 2018-01-18 CVE-ID : CVE-2017-3145 Package : bind Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-589 Summary ======= The package bind before version...
[ASA-201801-9] glibc: multiple issues
Arch Linux Security Advisory ASA-201801-9 ========================================= Severity: High Date : 2018-01-10 CVE-ID : CVE-2017-15670 CVE-2017-15671 Package : glibc Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-460 Summary ======= The package glibc before...
[ASA-201711-28] jbig2dec: denial of service
Arch Linux Security Advisory ASA-201711-28 ========================================== Severity: Medium Date : 2017-11-22 CVE-ID : CVE-2017-9216 Package : jbig2dec Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-517 Summary ======= The package jbig2dec before versio...
[ASA-201711-27] roundcubemail: arbitrary filesystem access
Arch Linux Security Advisory ASA-201711-27 ========================================== Severity: High Date : 2017-11-21 CVE-ID : CVE-2017-16651 Package : roundcubemail Type : arbitrary filesystem access Remote : Yes Link : https://security.archlinux.org/AVG-506 Summary ======= The package...
[ASA-201711-26] lib32-icu: arbitrary code execution
Arch Linux Security Advisory ASA-201711-26 ========================================== Severity: Critical Date : 2017-11-20 CVE-ID : CVE-2017-14952 Package : lib32-icu Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-507 Summary ======= The package lib32-icu...
[ASA-201708-17] salt: directory traversal
Arch Linux Security Advisory ASA-201708-17 ========================================== Severity: Medium Date : 2017-08-23 CVE-ID : CVE-2017-12791 Package : salt Type : directory traversal Remote : Yes Link : https://security.archlinux.org/AVG-383 Summary ======= The package salt before version...
[ASA-201708-14] subversion: arbitrary command execution
Arch Linux Security Advisory ASA-201708-14 ========================================== Severity: Critical Date : 2017-08-15 CVE-ID : CVE-2017-9800 Package : subversion Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-379 Summary ======= The package subversi...
[ASA-201708-9] audiofile: multiple issues
Arch Linux Security Advisory ASA-201708-9 ========================================= Severity: High Date : 2017-08-14 CVE-ID : CVE-2017-6827 CVE-2017-6828 CVE-2017-6829 CVE-2017-6830 CVE-2017-6831 CVE-2017-6832 CVE-2017-6833 CVE-2017-6834 CVE-2017-6835 CVE-2017-6836 CVE-2017-6837 CVE-2017-6838...
[ASA-201708-2] flashplugin: multiple issues
Arch Linux Security Advisory ASA-201708-2 ========================================= Severity: Critical Date : 2017-08-10 CVE-ID : CVE-2017-3085 CVE-2017-3106 Package : flashplugin Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-373 Summary ======= The package...
[ASA-201707-4] qt5-webengine: multiple issues
Arch Linux Security Advisory ASA-201707-4 ========================================= Severity: Critical Date : 2017-07-04 CVE-ID : CVE-2017-5070 CVE-2017-5071 CVE-2017-5075 CVE-2017-5076 CVE-2017-5077 CVE-2017-5078 CVE-2017-5079 CVE-2017-5083 CVE-2017-5088 CVE-2017-5089 Package : qt5-webengine Typ...
[ASA-201706-9] wireshark-cli: denial of service
Arch Linux Security Advisory ASA-201706-9 ========================================= Severity: Low Date : 2017-06-12 CVE-ID : CVE-2017-9343 CVE-2017-9344 CVE-2017-9345 CVE-2017-9346 CVE-2017-9347 CVE-2017-9348 CVE-2017-9349 CVE-2017-9350 CVE-2017-9351 CVE-2017-9352 CVE-2017-9353 CVE-2017-9354...
[ASA-201705-25] sudo: access restriction bypass
Arch Linux Security Advisory ASA-201705-25 ========================================== Severity: Medium Date : 2017-05-30 CVE-ID : CVE-2017-1000367 Package : sudo Type : access restriction bypass Remote : No Link : https://security.archlinux.org/AVG-282 Summary ======= The package sudo before...
[ASA-201705-1] dovecot: denial of service
Arch Linux Security Advisory ASA-201705-1 ========================================= Severity: Medium Date : 2017-05-01 CVE-ID : CVE-2017-2669 Package : dovecot Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-238 Summary ======= The package dovecot before version...
[ASA-201704-10] libtiff: multiple issues
Arch Linux Security Advisory ASA-201704-10 ========================================== Severity: Medium Date : 2017-04-28 CVE-ID : CVE-2017-7592 CVE-2017-7593 CVE-2017-7594 CVE-2017-7595 CVE-2017-7596 CVE-2017-7597 CVE-2017-7598 CVE-2017-7599 CVE-2017-7600 CVE-2017-7601 CVE-2017-7602 Package :...
[ASA-201704-4] nss: arbitrary code execution
Arch Linux Security Advisory ASA-201704-4 ========================================= Severity: Critical Date : 2017-04-20 CVE-ID : CVE-2017-5461 Package : nss Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-247 Summary ======= The package nss before version...
[ASA-201703-5] libxslt: arbitrary code execution
Arch Linux Security Advisory ASA-201703-5 ========================================= Severity: Critical Date : 2017-03-12 CVE-ID : CVE-2017-5029 Package : libxslt Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-195 Summary ======= The package libxslt before...
[ASA-201702-10] ffmpeg: arbitrary code execution
Arch Linux Security Advisory ASA-201702-10 ========================================== Severity: Critical Date : 2017-02-12 CVE-ID : CVE-2017-5024 CVE-2017-5025 Package : ffmpeg Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-172 Summary ======= The package...
[ASA-201701-25] python2-crypto: arbitrary code execution
Arch Linux Security Advisory ASA-201701-25 ========================================== Severity: Critical Date : 2017-01-15 CVE-ID : CVE-2013-7459 Package : python2-crypto Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-118 Summary ======= The package...
[ASA-201701-21] libgit2: multiple issues
Arch Linux Security Advisory ASA-201701-21 ========================================== Severity: High Date : 2017-01-15 CVE-ID : CVE-2016-10128 CVE-2016-10129 CVE-2016-10130 Package : libgit2 Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-131 Summary ======= The...
[ASA-201701-19] docker: privilege escalation
Arch Linux Security Advisory ASA-201701-19 ========================================== Severity: High Date : 2017-01-13 CVE-ID : CVE-2016-9962 Package : docker Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-133 Summary ======= The package docker before version...
[ASA-201610-10] guile: multiple issues
Arch Linux Security Advisory ASA-201610-10 ========================================== Severity: High Date : 2016-10-16 CVE-ID : CVE-2016-8605 CVE-2016-8606 Package : guile Type : multiple issues Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package guile before...
[ASA-201609-21] tomcat7: proxy injection
Arch Linux Security Advisory ASA-201609-21 ========================================== Severity: Medium Date : 2016-09-22 CVE-ID : CVE-2016-5388 Package : tomcat7 Type : proxy injection Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package tomcat7 before version...
libupnp: arbitrary filesystem access
A vulnerability was found in libupnp. If there's no registered handler for a POST or GET request, the default behavior is to write to or read from the filesystem. This allows an unauthenticated attacker to store or retrieve arbitrary data. This issue allows full host filesystem access if the...
python-django: permission bypass
If a ModelAdmin uses saveas=True not the default, the admin provides an option when editing objects to "Save as new". A regression in Django 1.9 prevented that form submission from raising a "Permission Denied" error for users without the "add" permission...
wordpress: cross-side scripting
A cross-site scripting vulnerability has been discovered that could allow a site to be compromised...
chromium: information leakage
The PDF viewer does not properly restrict scripting messages and API exposure, which allows remote attackers to bypass the Same Origin Policy via an unintended embedder or unintended plugin loading, related to pdf.js and outofprocessinstance.cc...
squid: weak certificate validation
The flaw allows remote servers to bypass client certificate validation. Some attackers may also be able to use valid certificates for one domain signed by a global Certificate Authority to abuse an unrelated domain. However, the bug is exploitable only if you have configured Squid to perform SSL...
icecast: denial of service
CVE-2015-3026 denial of service: The bug can only be triggered if "streamauth" is being used. This means, that all installations that use a default configuration are NOT affected.The default configuration only uses source-password. Neither are simple mountpoints affected that use password. A...
konversation: denial of service
Konversation's Blowfish ECB encryption support assumes incoming blocks to be the expected 12 bytes. The lack of a sanity-check for the actual size can cause a denial of service and an information leak to the local user...
[ASA-202111-7] kubectl-ingress-nginx: information disclosure
Arch Linux Security Advisory ASA-202111-7 ========================================= Severity: High Date : 2021-11-18 CVE-ID : CVE-2021-25742 Package : kubectl-ingress-nginx Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-2490 Summary ======= The package...
[ASA-202007-3] tcpreplay: information disclosure
Arch Linux Security Advisory ASA-202007-3 ========================================= Severity: Medium Date : 2020-07-31 CVE-ID : CVE-2020-12740 Package : tcpreplay Type : information disclosure Remote : No Link : https://security.archlinux.org/AVG-1154 Summary ======= The package tcpreplay before...
[ASA-202005-11] openconnect: arbitrary code execution
Arch Linux Security Advisory ASA-202005-11 ========================================== Severity: Low Date : 2020-05-19 CVE-ID : CVE-2020-12823 Package : openconnect Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-1157 Summary ======= The package openconnect...
[ASA-202004-18] openssl: denial of service
Arch Linux Security Advisory ASA-202004-18 ========================================== Severity: High Date : 2020-04-21 CVE-ID : CVE-2020-1967 Package : openssl Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1139 Summary ======= The package openssl before version...
[ASA-202004-17] webkit2gtk: arbitrary code execution
Arch Linux Security Advisory ASA-202004-17 ========================================== Severity: Critical Date : 2020-04-19 CVE-ID : CVE-2020-11793 Package : webkit2gtk Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1137 Summary ======= The package webkit2gt...
[ASA-202004-13] git: information disclosure
Arch Linux Security Advisory ASA-202004-13 ========================================== Severity: High Date : 2020-04-14 CVE-ID : CVE-2020-5260 Package : git Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-1133 Summary ======= The package git before version...
[ASA-202004-7] haproxy: arbitrary code execution
Arch Linux Security Advisory ASA-202004-7 ========================================= Severity: Critical Date : 2020-04-08 CVE-ID : CVE-2020-11100 Package : haproxy Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1124 Summary ======= The package haproxy before...
[ASA-202003-12] chromium: multiple issues
Arch Linux Security Advisory ASA-202003-12 ========================================== Severity: High Date : 2020-03-19 CVE-ID : CVE-2019-20503 CVE-2020-6422 CVE-2020-6424 CVE-2020-6425 CVE-2020-6426 CVE-2020-6427 CVE-2020-6428 CVE-2020-6429 CVE-2020-6449 Package : chromium Type : multiple issues...
[ASA-202003-4] golang-golang-x-crypto: denial of service
Arch Linux Security Advisory ASA-202003-4 ========================================= Severity: Medium Date : 2020-03-08 CVE-ID : CVE-2020-9283 Package : golang-golang-x-crypto Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1109 Summary ======= The package...
[ASA-202002-12] weechat: multiple issues
Arch Linux Security Advisory ASA-202002-12 ========================================== Severity: Critical Date : 2020-02-25 CVE-ID : CVE-2020-8955 CVE-2020-9759 CVE-2020-9760 Package : weechat Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1103 Summary ======= The...