Lucene search
K
ArchlinuxMost viewed

1854 matches found

ArchLinux
ArchLinux
added 2019/10/26 12:0 a.m.34 views

[ASA-201910-17] chromium: multiple issues

Arch Linux Security Advisory ASA-201910-17 ========================================== Severity: High Date : 2019-10-26 CVE-ID : CVE-2019-13699 CVE-2019-13700 CVE-2019-13701 CVE-2019-13702 CVE-2019-13703 CVE-2019-13704 CVE-2019-13705 CVE-2019-13706 CVE-2019-13707 CVE-2019-13708 CVE-2019-13709...

8.8CVSS0.2AI score0.06707EPSS
Exploits1References46
ArchLinux
ArchLinux
added 2019/05/06 12:0 a.m.34 views

[ASA-201905-2] linux: arbitrary code execution

Arch Linux Security Advisory ASA-201905-2 ========================================= Severity: High Date : 2019-05-06 CVE-ID : CVE-2019-11683 Package : linux Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-955 Summary ======= The package linux before version...

10CVSS3.3AI score0.07074EPSS
Exploits0References6
ArchLinux
ArchLinux
added 2019/04/11 12:0 a.m.34 views

[ASA-201904-5] ghostscript: sandbox escape

Arch Linux Security Advisory ASA-201904-5 ========================================= Severity: High Date : 2019-04-11 CVE-ID : CVE-2019-3835 CVE-2019-3838 Package : ghostscript Type : sandbox escape Remote : Yes Link : https://security.archlinux.org/AVG-929 Summary ======= The package ghostscript...

7.3CVSS7.4AI score0.02642EPSS
Exploits0References8
ArchLinux
ArchLinux
added 2019/02/25 12:0 a.m.34 views

[ASA-201902-27] elasticsearch: privilege escalation

Arch Linux Security Advisory ASA-201902-27 ========================================== Severity: High Date : 2019-02-25 CVE-ID : CVE-2019-7611 Package : elasticsearch Type : privilege escalation Remote : Yes Link : https://security.archlinux.org/AVG-912 Summary ======= The package elasticsearch...

8.1CVSS1.3AI score0.02149EPSS
Exploits0References3
ArchLinux
ArchLinux
added 2019/02/12 12:0 a.m.34 views

[ASA-201902-12] lib32-libcurl-compat: arbitrary code execution

Arch Linux Security Advisory ASA-201902-12 ========================================== Severity: High Date : 2019-02-12 CVE-ID : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 Package : lib32-libcurl-compat Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-875...

9.8CVSS1.5AI score0.12771EPSS
Exploits2References10
ArchLinux
ArchLinux
added 2019/02/11 12:0 a.m.34 views

[ASA-201902-5] rdesktop: multiple issues

Arch Linux Security Advisory ASA-201902-5 ========================================= Severity: High Date : 2019-02-11 CVE-ID : CVE-2018-8791 CVE-2018-8792 CVE-2018-8793 CVE-2018-8794 CVE-2018-8795 CVE-2018-8796 CVE-2018-8797 CVE-2018-8798 CVE-2018-8799 CVE-2018-8800 CVE-2018-20174 CVE-2018-20175...

9.8CVSS1.8AI score0.08214EPSS
Exploits9References22
ArchLinux
ArchLinux
added 2019/01/29 12:0 a.m.34 views

[ASA-201901-18] ghostscript: sandbox escape

Arch Linux Security Advisory ASA-201901-18 ========================================== Severity: High Date : 2019-01-29 CVE-ID : CVE-2019-6116 Package : ghostscript Type : sandbox escape Remote : Yes Link : https://security.archlinux.org/AVG-860 Summary ======= The package ghostscript before versi...

7.8CVSS0.4AI score0.43901EPSS
Exploits2References11
ArchLinux
ArchLinux
added 2018/11/28 12:0 a.m.34 views

[ASA-201811-21] powerdns-recursor: denial of service

Arch Linux Security Advisory ASA-201811-21 ========================================== Severity: Medium Date : 2018-11-28 CVE-ID : CVE-2018-16855 Package : powerdns-recursor Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-821 Summary ======= The package...

7.5CVSS2.4AI score0.59469EPSS
Exploits0References5
ArchLinux
ArchLinux
added 2018/11/01 12:0 a.m.34 views

[ASA-201811-2] linux-lts: denial of service

Arch Linux Security Advisory ASA-201811-2 ========================================= Severity: Low Date : 2018-11-01 CVE-ID : CVE-2018-18445 Package : linux-lts Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-801 Summary ======= The package linux-lts before version...

7.8CVSS1.8AI score0.00533EPSS
Exploits0References7
ArchLinux
ArchLinux
added 2018/05/18 12:0 a.m.34 views

[ASA-201805-14] lib32-curl: multiple issues

Arch Linux Security Advisory ASA-201805-14 ========================================== Severity: Critical Date : 2018-05-18 CVE-ID : CVE-2018-1000300 CVE-2018-1000301 Package : lib32-curl Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-695 Summary ======= The package...

9.8CVSS1.2AI score0.06003EPSS
Exploits0References7
ArchLinux
ArchLinux
added 2018/04/27 12:0 a.m.34 views

[ASA-201804-10] drupal: arbitrary command execution

Arch Linux Security Advisory ASA-201804-10 ========================================== Severity: Critical Date : 2018-04-27 CVE-ID : CVE-2018-7602 Package : drupal Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-679 Summary ======= The package drupal befor...

9.8CVSS3.3AI score0.99236EPSS
Exploits14References4
ArchLinux
ArchLinux
added 2018/02/24 12:0 a.m.34 views

[ASA-201802-15] mbedtls: arbitrary code execution

Arch Linux Security Advisory ASA-201802-15 ========================================== Severity: High Date : 2018-02-24 CVE-ID : CVE-2018-0487 CVE-2018-0488 Package : mbedtls Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-617 Summary ======= The package...

9.8CVSS3.9AI score0.04884EPSS
Exploits0References4
ArchLinux
ArchLinux
added 2018/01/29 12:0 a.m.34 views

[ASA-201801-24] libcurl-gnutls: multiple issues

Arch Linux Security Advisory ASA-201801-24 ========================================== Severity: Medium Date : 2018-01-29 CVE-ID : CVE-2018-1000005 CVE-2018-1000007 Package : libcurl-gnutls Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-596 Summary ======= The packag...

9.8CVSS9.3AI score0.08031EPSS
Exploits0References7
ArchLinux
ArchLinux
added 2018/01/29 12:0 a.m.34 views

[ASA-201801-22] lib32-curl: multiple issues

Arch Linux Security Advisory ASA-201801-22 ========================================== Severity: Medium Date : 2018-01-29 CVE-ID : CVE-2018-1000005 CVE-2018-1000007 Package : lib32-curl Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-594 Summary ======= The package...

9.8CVSS9.3AI score0.08031EPSS
Exploits0References7
ArchLinux
ArchLinux
added 2018/01/17 12:0 a.m.34 views

[ASA-201801-13] transmission-cli: arbitrary command execution

Arch Linux Security Advisory ASA-201801-13 ========================================== Severity: High Date : 2018-01-17 CVE-ID : CVE-2018-5702 Package : transmission-cli Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-588 Summary ======= The package...

8.8CVSS1.4AI score0.11926EPSS
Exploits1References7
ArchLinux
ArchLinux
added 2017/12/13 12:0 a.m.34 views

[ASA-201712-7] quagga: denial of service

Arch Linux Security Advisory ASA-201712-7 ========================================= Severity: Medium Date : 2017-12-13 CVE-ID : CVE-2017-16227 Package : quagga Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-481 Summary ======= The package quagga before version...

7.5CVSS1AI score0.1879EPSS
Exploits0References6
ArchLinux
ArchLinux
added 2017/11/30 12:0 a.m.34 views

[ASA-201711-42] lib32-libxcursor: arbitrary code execution

Arch Linux Security Advisory ASA-201711-42 ========================================== Severity: High Date : 2017-11-30 CVE-ID : CVE-2017-16612 Package : lib32-libxcursor Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-532 Summary ======= The package...

7.5CVSS1.8AI score0.05173EPSS
Exploits1References5
ArchLinux
ArchLinux
added 2017/11/07 12:0 a.m.34 views

[ASA-201711-13] libzip: arbitrary code execution

Arch Linux Security Advisory ASA-201711-13 ========================================== Severity: High Date : 2017-11-07 CVE-ID : CVE-2017-12858 Package : libzip Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-390 Summary ======= The package libzip before...

9.8CVSS2.1AI score0.03286EPSS
Exploits0References3
ArchLinux
ArchLinux
added 2017/10/27 12:0 a.m.34 views

[ASA-201710-32] apr: information disclosure

Arch Linux Security Advisory ASA-201710-32 ========================================== Severity: Medium Date : 2017-10-27 CVE-ID : CVE-2017-12613 Package : apr Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-469 Summary ======= The package apr before version...

7.1CVSS0.5AI score0.01749EPSS
Exploits0References3
ArchLinux
ArchLinux
added 2017/10/21 12:0 a.m.34 views

[ASA-201710-28] musl: arbitrary code execution

Arch Linux Security Advisory ASA-201710-28 ========================================== Severity: Critical Date : 2017-10-21 CVE-ID : CVE-2017-15650 Package : musl Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-457 Summary ======= The package musl before...

7.5CVSS2.3AI score0.02015EPSS
Exploits0References4
ArchLinux
ArchLinux
added 2017/10/17 12:0 a.m.34 views

[ASA-201710-26] linux: privilege escalation

Arch Linux Security Advisory ASA-201710-26 ========================================== Severity: High Date : 2017-10-17 CVE-ID : CVE-2017-5123 Package : linux Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-444 Summary ======= The package linux before version...

8.8CVSS1.5AI score0.03714EPSS
Exploits10References4
ArchLinux
ArchLinux
added 2017/10/16 12:0 a.m.34 views

[ASA-201710-20] flashplugin: arbitrary code execution

Arch Linux Security Advisory ASA-201710-20 ========================================== Severity: Critical Date : 2017-10-16 CVE-ID : CVE-2017-11292 Package : flashplugin Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-449 Summary ======= The package flashplug...

8.8CVSS1.3AI score0.12104EPSS
Exploits0References3
ArchLinux
ArchLinux
added 2017/10/16 12:0 a.m.34 views

[ASA-201710-21] lib32-flashplugin: arbitrary code execution

Arch Linux Security Advisory ASA-201710-21 ========================================== Severity: Critical Date : 2017-10-16 CVE-ID : CVE-2017-11292 Package : lib32-flashplugin Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-450 Summary ======= The package...

8.8CVSS1.4AI score0.12104EPSS
Exploits0References3
ArchLinux
ArchLinux
added 2017/09/15 12:0 a.m.34 views

[ASA-201709-9] linux: arbitrary code execution

Arch Linux Security Advisory ASA-201709-9 ========================================= Severity: High Date : 2017-09-15 CVE-ID : CVE-2017-1000251 Package : linux Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-392 Summary ======= The package linux before versio...

8CVSS1.6AI score0.16181EPSS
Exploits12References5
ArchLinux
ArchLinux
added 2017/09/12 12:0 a.m.34 views

[ASA-201709-3] bluez: information disclosure

Arch Linux Security Advisory ASA-201709-3 ========================================= Severity: High Date : 2017-09-12 CVE-ID : CVE-2017-1000250 Package : bluez Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-396 Summary ======= The package bluez before version...

6.5CVSS0.1AI score0.07774EPSS
Exploits3References5
ArchLinux
ArchLinux
added 2017/09/06 12:0 a.m.34 views

[ASA-201709-1] chromium: multiple issues

Arch Linux Security Advisory ASA-201709-1 ========================================= Severity: Critical Date : 2017-09-06 CVE-ID : CVE-2017-5111 CVE-2017-5112 CVE-2017-5113 CVE-2017-5114 CVE-2017-5115 CVE-2017-5116 CVE-2017-5117 CVE-2017-5118 CVE-2017-5119 CVE-2017-5120 Package : chromium Type :...

8.8CVSS0.7AI score0.26331EPSS
Exploits0References22
ArchLinux
ArchLinux
added 2017/07/27 12:0 a.m.34 views

[ASA-201707-29] chromium: multiple issues

Arch Linux Security Advisory ASA-201707-29 ========================================== Severity: Critical Date : 2017-07-27 CVE-ID : CVE-2017-5091 CVE-2017-5092 CVE-2017-5093 CVE-2017-5094 CVE-2017-5095 CVE-2017-5097 CVE-2017-5098 CVE-2017-5099 CVE-2017-5100 CVE-2017-5101 CVE-2017-5102 CVE-2017-51...

8.8CVSS0.5AI score0.15513EPSS
Exploits0References42
ArchLinux
ArchLinux
added 2017/07/11 12:0 a.m.34 views

[ASA-201707-10] flashplugin: multiple issues

Arch Linux Security Advisory ASA-201707-10 ========================================== Severity: Critical Date : 2017-07-11 CVE-ID : CVE-2017-3080 CVE-2017-3099 CVE-2017-3100 Package : flashplugin Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-344 Summary ======= The...

9.3CVSS0.9AI score0.08552EPSS
Exploits0References5
ArchLinux
ArchLinux
added 2017/06/14 12:0 a.m.34 views

[ASA-201706-15] lib32-flashplugin: arbitrary code execution

Arch Linux Security Advisory ASA-201706-15 ========================================== Severity: Critical Date : 2017-06-14 CVE-ID : CVE-2017-3075 CVE-2017-3076 CVE-2017-3077 CVE-2017-3078 CVE-2017-3079 CVE-2017-3081 CVE-2017-3082 CVE-2017-3083 CVE-2017-3084 Package : lib32-flashplugin Type :...

10CVSS2.1AI score0.30886EPSS
Exploits3References11
ArchLinux
ArchLinux
added 2017/05/07 12:0 a.m.34 views

[ASA-201705-3] ghostscript: arbitrary command execution

Arch Linux Security Advisory ASA-201705-3 ========================================= Severity: High Date : 2017-05-07 CVE-ID : CVE-2017-8291 Package : ghostscript Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-256 Summary ======= The package ghostscript...

7.8CVSS2.3AI score0.96968EPSS
Exploits7References3
ArchLinux
ArchLinux
added 2017/04/06 12:0 a.m.34 views

[ASA-201704-1] python2-django: multiple issues

Arch Linux Security Advisory ASA-201704-1 ========================================= Severity: Medium Date : 2017-04-06 CVE-ID : CVE-2017-7233 CVE-2017-7234 Package : python2-django Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-233 Summary ======= The package...

6.1CVSS0.2AI score0.02384EPSS
Exploits2References4
ArchLinux
ArchLinux
added 2017/03/14 12:0 a.m.34 views

[ASA-201703-9] jasper: multiple issues

Arch Linux Security Advisory ASA-201703-9 ========================================= Severity: High Date : 2017-03-14 CVE-ID : CVE-2016-8886 CVE-2016-9591 Package : jasper Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-69 Summary ======= The package jasper before...

7.8CVSS2.1AI score0.0184EPSS
Exploits1References9
ArchLinux
ArchLinux
added 2017/03/03 12:0 a.m.34 views

[ASA-201703-1] curl: insufficient validation

Arch Linux Security Advisory ASA-201703-1 ========================================= Severity: Low Date : 2017-03-03 CVE-ID : CVE-2017-2629 Package : curl Type : insufficient validation Remote : Yes Link : https://security.archlinux.org/AVG-179 Summary ======= The package curl before version...

6.5CVSS0.01391EPSS
Exploits0References3
ArchLinux
ArchLinux
added 2017/01/29 12:0 a.m.34 views

[ASA-201701-40] thunderbird: multiple issues

Arch Linux Security Advisory ASA-201701-40 ========================================== Severity: Critical Date : 2017-01-29 CVE-ID : CVE-2017-5373 CVE-2017-5375 CVE-2017-5376 CVE-2017-5378 CVE-2017-5380 CVE-2017-5383 CVE-2017-5390 CVE-2017-5396 Package : thunderbird Type : multiple issues Remote :...

9.8CVSS0.3AI score0.33199EPSS
Exploits15References28
ArchLinux
ArchLinux
added 2017/01/19 12:0 a.m.34 views

[ASA-201701-29] powerdns: multiple issues

Arch Linux Security Advisory ASA-201701-29 ========================================== Severity: Medium Date : 2017-01-19 CVE-ID : CVE-2016-2120 CVE-2016-7068 CVE-2016-7072 CVE-2016-7073 CVE-2016-7074 Package : powerdns Type : multiple issues Remote : Yes Link :...

7.8CVSS1.3AI score0.07294EPSS
Exploits0References11
ArchLinux
ArchLinux
added 2017/01/15 12:0 a.m.34 views

[ASA-201701-24] nginx-mainline: privilege escalation

Arch Linux Security Advisory ASA-201701-24 ========================================== Severity: High Date : 2017-01-15 CVE-ID : CVE-2016-1247 Package : nginx-mainline Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-139 Summary ======= The package nginx-mainline...

7.8CVSS1.6AI score0.04863EPSS
Exploits6References4
ArchLinux
ArchLinux
added 2016/07/20 12:0 a.m.34 views

bind: denial of service

Although not commonly used, the BIND package contains provisions to allow systems to resolve names using the lightweight resolver protocol, a protocol similar to but distinct from the normal DNS protocols. The lightweight resolver protocol can be used either by running the lwresd utility installe...

4.3CVSS2AI score0.63346EPSS
Exploits0References2
ArchLinux
ArchLinux
added 2016/07/18 12:0 a.m.34 views

lib32-flashplugin: multiple issues

CVE-2016-4175 CVE-2016-4179 CVE-2016-4180 CVE-2016-4181 CVE-2016-4182 CVE-2016-4183 CVE-2016-4184 CVE-2016-4185 CVE-2016-4186 CVE-2016-4187 CVE-2016-4188 CVE-2016-4189 CVE-2016-4190 CVE-2016-4217 CVE-2016-4218 CVE-2016-4219 CVE-2016-4220 CVE-2016-4221 CVE-2016-4233 CVE-2016-4234 CVE-2016-4235...

10CVSS1.1AI score0.36456EPSS
Exploits26References50
ArchLinux
ArchLinux
added 2016/06/10 12:0 a.m.34 views

haproxy: denial of service

A problem has been discovered with the new field "ruledenystatus" into struct httptxn, which is filled only by actions "http-request deny" and "http-request tarpit". It's then used in the deny code path to emit the proper error message, but is used uninitialized when the deny comes from a "reqden...

5CVSS7.8AI score0.4282EPSS
Exploits0References3
ArchLinux
ArchLinux
added 2016/05/06 12:0 a.m.34 views

latex2rtf: arbitrary code execution

A format string vulnerability was found in the CmdKeywords function, where the user-controlled variable 'keywords' is passed as a format argument to vnsprintf, when processing the \keywords command in a TeX file...

4.6AI score0.03556EPSS
Exploits0References2
ArchLinux
ArchLinux
added 2016/03/12 12:0 a.m.34 views

pidgin-otr: arbitrary code execution

The pidgin-otr plugin fixes a heap use after free error. The bug is triggered when a user tries to authenticate a buddy and happens in the function createsmpdialog. This issue is leading to denial of service or possibly remote code execution...

10CVSS3.4AI score0.07032EPSS
Exploits0References4
ArchLinux
ArchLinux
added 2016/02/24 12:0 a.m.34 views

libgcrypt: secret key extraction

A vulnerability was found in a way the ECDH encryption algorithm decrypts data. An attacker with a specialized setup can extract the secret decryption key from a target located in an adjacent room within seconds. This is done by measuring the target's electromagnetic emanations...

1.7AI score0.00429EPSS
Exploits0References3
ArchLinux
ArchLinux
added 2015/12/25 12:0 a.m.34 views

nghttp2: use-after-free

nghttp2 1.6.0 fixes a heap-based use-after-free bug in idle stream handling code, where an idle/closed stream could possibly be destroyed while it was still referenced...

10CVSS9.1AI score0.04073EPSS
Exploits0References4
ArchLinux
ArchLinux
added 2015/10/10 12:0 a.m.34 views

gdk-pixbuf2: multiple issues

CVE-2015-7673 denial of service It has been discovered that under certain circumstances while scaling a tga file a heap memory allocation may fail which is later used and leads to a denial of service. - CVE-2015-7673 heap buffer overflow It has been discovered that under certain circumstances...

6.8CVSS1.8AI score0.05796EPSS
Exploits0References4
ArchLinux
ArchLinux
added 2015/08/16 12:0 a.m.34 views

glibc: denial of service

It was found that the files backend of Name Service Switch NSS did not isolate iteration over an entire database from key-based look-up API calls. An application performing look-ups on a database while iterating over it could enter an infinite loop, leading to a denial of service...

5CVSS2.4AI score0.05609EPSS
Exploits1References3
ArchLinux
ArchLinux
added 2015/04/20 12:0 a.m.34 views

tcpdump: denial of service

A vulnerability was discovered in print-wb.c that is leading to a segmentation fault triggered through feeding into tcpdump a crafted packet, either from a live network interface or from a .pcap file...

8.1AI score0.02284EPSS
Exploits0References2
ArchLinux
ArchLinux
added 2015/03/12 12:0 a.m.34 views

e2fsprogs: arbitrary code execution

If corrupted file system didn't trip over some corruption check, and then the file system was modified via tune2fs or debugfs, such that the superblock was marked dirty and then written out via the closefs path, it's possible that the buffer overrun could be triggered when the file system is...

4.6CVSS2.8AI score0.00596EPSS
Exploits0References3
ArchLinux
ArchLinux
added 2015/02/10 12:0 a.m.34 views

dbus: denial of service

Systemd sends back an ActivationFailure D-Bus signal if the activation fails. However, when it receives these signals, dbus-daemon does not verify that the signal actually came from systemd. A malicious local user could send repeated ActivationFailure signals in the hope that it would "win the...

1.9CVSS2AI score0.00273EPSS
Exploits0References2
ArchLinux
ArchLinux
added 2015/02/06 12:0 a.m.34 views

postgresql: multiple issues

CVE-2014-8161 information leak Some server error messages show the values of columns that violate a constraint, such as a unique constraint. If the user does not have SELECT privilege on all columns of the table, this could mean exposing values that the user should not be able to see. Adjust the...

1.2AI score0.05533EPSS
Exploits0References5
ArchLinux
ArchLinux
added 2014/10/08 12:0 a.m.34 views

rsyslog: remote denial of service

The rsyslog fix shipped in 8.4.1 for an invalid PRI value see ASA-201410-1 was incomplete, as it did not cover cases where PRI values MAXINT. These values caused an integer overflow, resulting in negative values. Sending a syslog message containing an invalid PRI value to a vulnerable rsyslog...

5CVSS4.2AI score0.04585EPSS
Exploits1References2
Total number of security vulnerabilities1854