1854 matches found
[ASA-202111-6] grafana: access restriction bypass
Arch Linux Security Advisory ASA-202111-6 ========================================= Severity: Medium Date : 2021-11-18 CVE-ID : CVE-2021-41244 Package : grafana Type : access restriction bypass Remote : Yes Link : https://security.archlinux.org/AVG-2559 Summary ======= The package grafana before...
[ASA-202109-5] element-web: information disclosure
Arch Linux Security Advisory ASA-202109-5 ========================================= Severity: High Date : 2021-09-14 CVE-ID : CVE-2021-40823 Package : element-web Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-2377 Summary ======= The package element-web befo...
[ASA-202010-7] kdeconnect: arbitrary code execution
Arch Linux Security Advisory ASA-202010-7 ========================================= Severity: High Date : 2020-10-18 CVE-ID : CVE-2020-26164 Package : kdeconnect Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1241 Summary ======= The package kdeconnect befo...
[ASA-202009-13] brotli: denial of service
Arch Linux Security Advisory ASA-202009-13 ========================================== Severity: Medium Date : 2020-09-26 CVE-ID : CVE-2020-8927 Package : brotli Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1230 Summary ======= The package brotli before version...
[ASA-202009-3] go: cross-site scripting
Arch Linux Security Advisory ASA-202009-3 ========================================= Severity: Medium Date : 2020-09-03 CVE-ID : CVE-2020-24553 Package : go Type : cross-site scripting Remote : Yes Link : https://security.archlinux.org/AVG-1215 Summary ======= The package go before version 1.15.1-...
[ASA-202009-4] python-django: multiple issues
Arch Linux Security Advisory ASA-202009-4 ========================================= Severity: Medium Date : 2020-09-03 CVE-ID : CVE-2020-24583 CVE-2020-24584 Package : python-django Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1217 Summary ======= The package...
[ASA-202003-13] bluez: access restriction bypass
Arch Linux Security Advisory ASA-202003-13 ========================================== Severity: High Date : 2020-03-19 CVE-ID : CVE-2020-0556 Package : bluez Type : access restriction bypass Remote : Yes Link : https://security.archlinux.org/AVG-1116 Summary ======= The package bluez before versi...
[ASA-202002-13] opensmtpd: arbitrary command execution
Arch Linux Security Advisory ASA-202002-13 ========================================== Severity: Critical Date : 2020-02-29 CVE-ID : CVE-2020-8794 Package : opensmtpd Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-1105 Summary ======= The package opensmtp...
[ASA-202002-6] dovecot: denial of service
Arch Linux Security Advisory ASA-202002-6 ========================================= Severity: Medium Date : 2020-02-12 CVE-ID : CVE-2020-7046 CVE-2020-7957 Package : dovecot Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1097 Summary ======= The package dovecot...
[ASA-202001-7] salt: arbitrary command execution
Arch Linux Security Advisory ASA-202001-7 ========================================= Severity: Medium Date : 2020-01-29 CVE-ID : CVE-2019-17361 Package : salt Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-1087 Summary ======= The package salt before...
[ASA-201911-13] libtiff: denial of service
Arch Linux Security Advisory ASA-201911-13 ========================================== Severity: Medium Date : 2019-11-13 CVE-ID : CVE-2019-6128 CVE-2019-7663 Package : libtiff Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-886 Summary ======= The package libtiff...
[ASA-201910-13] pacman: arbitrary command execution
Arch Linux Security Advisory ASA-201910-13 ========================================== Severity: High Date : 2019-10-23 CVE-ID : CVE-2019-18182 CVE-2019-18183 Package : pacman Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-1049 Summary ======= The package...
[ASA-201909-3] exim: arbitrary command execution
Arch Linux Security Advisory ASA-201909-3 ========================================= Severity: Critical Date : 2019-09-06 CVE-ID : CVE-2019-15846 Package : exim Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-1037 Summary ======= The package exim before...
[ASA-201906-16] dbus: access restriction bypass
Arch Linux Security Advisory ASA-201906-16 ========================================== Severity: High Date : 2019-06-18 CVE-ID : CVE-2019-12749 Package : dbus Type : access restriction bypass Remote : No Link : https://security.archlinux.org/AVG-974 Summary ======= The package dbus before version...
[ASA-201906-10] thunderbird: multiple issues
Arch Linux Security Advisory ASA-201906-10 ========================================== Severity: High Date : 2019-06-14 CVE-ID : CVE-2019-11703 CVE-2019-11704 CVE-2019-11705 CVE-2019-11706 Package : thunderbird Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-980 Summa...
[ASA-201905-17] live-media: multiple issues
Arch Linux Security Advisory ASA-201905-17 ========================================== Severity: Critical Date : 2019-05-31 CVE-ID : CVE-2019-7314 CVE-2019-7733 Package : live-media Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-870 Summary ======= The package...
[ASA-201905-15] lib32-curl: arbitrary code execution
Arch Linux Security Advisory ASA-201905-15 ========================================== Severity: High Date : 2019-05-31 CVE-ID : CVE-2019-5435 CVE-2019-5436 Package : lib32-curl Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-963 Summary ======= The package...
[ASA-201904-4] thunderbird: arbitrary code execution
Arch Linux Security Advisory ASA-201904-4 ========================================= Severity: Critical Date : 2019-04-06 CVE-ID : CVE-2019-9810 CVE-2019-9813 Package : thunderbird Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-947 Summary ======= The packag...
[ASA-201901-13] powerdns-recursor: multiple issues
Arch Linux Security Advisory ASA-201901-13 ========================================== Severity: Medium Date : 2019-01-24 CVE-ID : CVE-2019-3806 CVE-2019-3807 Package : powerdns-recursor Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-856 Summary ======= The package...
[ASA-201901-1] tar: denial of service
Arch Linux Security Advisory ASA-201901-1 ========================================= Severity: Low Date : 2019-01-08 CVE-ID : CVE-2018-20482 Package : tar Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-841 Summary ======= The package tar before version 1.31-1 is...
[ASA-201811-20] webkit2gtk: arbitrary code execution
Arch Linux Security Advisory ASA-201811-20 ========================================== Severity: Critical Date : 2018-11-22 CVE-ID : CVE-2018-4372 Package : webkit2gtk Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-819 Summary ======= The package webkit2gtk...
[ASA-201811-18] lib32-libtiff: multiple issues
Arch Linux Security Advisory ASA-201811-18 ========================================== Severity: High Date : 2018-11-20 CVE-ID : CVE-2017-9935 CVE-2017-11613 CVE-2017-18013 CVE-2018-5784 CVE-2018-7456 CVE-2018-8905 CVE-2018-10779 CVE-2018-10963 CVE-2018-18557 CVE-2018-18661 Package : lib32-libtiff...
[ASA-201811-15] grafana: arbitrary filesystem access
Arch Linux Security Advisory ASA-201811-15 ========================================== Severity: High Date : 2018-11-15 CVE-ID : CVE-2018-19039 Package : grafana Type : arbitrary filesystem access Remote : Yes Link : https://security.archlinux.org/AVG-811 Summary ======= The package grafana before...
[ASA-201807-13] networkmanager-vpnc: privilege escalation
Arch Linux Security Advisory ASA-201807-13 ========================================== Severity: High Date : 2018-07-20 CVE-ID : CVE-2018-10900 Package : networkmanager-vpnc Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-739 Summary ======= The package...
[ASA-201805-23] wireshark-qt: multiple issues
Arch Linux Security Advisory ASA-201805-23 ========================================== Severity: Critical Date : 2018-05-25 CVE-ID : CVE-2018-11354 CVE-2018-11355 CVE-2018-11356 CVE-2018-11357 CVE-2018-11358 CVE-2018-11359 CVE-2018-11360 CVE-2018-11361 CVE-2018-11362 Package : wireshark-qt Type :...
[ASA-201803-17] libcurl-compat: multiple issues
Arch Linux Security Advisory ASA-201803-17 ========================================== Severity: Medium Date : 2018-03-19 CVE-ID : CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122 Package : libcurl-compat Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-655 Summary...
[ASA-201802-2] go: arbitrary code execution
Arch Linux Security Advisory ASA-201802-2 ========================================= Severity: High Date : 2018-02-09 CVE-ID : CVE-2018-6574 Package : go Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-606 Summary ======= The package go before version 1.9.4-1...
[ASA-201801-28] mupdf-gl: arbitrary code execution
Arch Linux Security Advisory ASA-201801-28 ========================================== Severity: High Date : 2018-01-30 CVE-ID : CVE-2017-17858 Package : mupdf-gl Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-599 Summary ======= The package mupdf-gl before...
[ASA-201801-25] lib32-libcurl-gnutls: multiple issues
Arch Linux Security Advisory ASA-201801-25 ========================================== Severity: Medium Date : 2018-01-29 CVE-ID : CVE-2018-1000005 CVE-2018-1000007 Package : lib32-libcurl-gnutls Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-597 Summary ======= The...
[ASA-201710-15] go: arbitrary command execution
Arch Linux Security Advisory ASA-201710-15 ========================================== Severity: High Date : 2017-10-12 CVE-ID : CVE-2017-15041 Package : go Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-442 Summary ======= The package go before version...
[ASA-201710-7] libcurl-compat: multiple issues
Arch Linux Security Advisory ASA-201710-7 ========================================= Severity: Medium Date : 2017-10-05 CVE-ID : CVE-2017-1000099 CVE-2017-1000100 CVE-2017-1000254 Package : libcurl-compat Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-389 Summary...
[ASA-201709-19] chromium: arbitrary code execution
Arch Linux Security Advisory ASA-201709-19 ========================================== Severity: Critical Date : 2017-09-23 CVE-ID : CVE-2017-5121 CVE-2017-5122 Package : chromium Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-411 Summary ======= The package...
[ASA-201708-13] strongswan: denial of service
Arch Linux Security Advisory ASA-201708-13 ========================================== Severity: Low Date : 2017-08-14 CVE-ID : CVE-2017-11185 Package : strongswan Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-382 Summary ======= The package strongswan before...
[ASA-201708-6] git: arbitrary command execution
Arch Linux Security Advisory ASA-201708-6 ========================================= Severity: Critical Date : 2017-08-12 CVE-ID : CVE-2017-1000117 Package : git Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-377 Summary ======= The package git before...
[ASA-201707-21] c-ares: information disclosure
Arch Linux Security Advisory ASA-201707-21 ========================================== Severity: Medium Date : 2017-07-18 CVE-ID : CVE-2017-1000381 Package : c-ares Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-315 Summary ======= The package c-ares before...
[ASA-201706-2] freeradius: authentication bypass
Arch Linux Security Advisory ASA-201706-2 ========================================= Severity: High Date : 2017-06-02 CVE-ID : CVE-2017-9148 Package : freeradius Type : authentication bypass Remote : Yes Link : https://security.archlinux.org/AVG-281 Summary ======= The package freeradius before...
[ASA-201704-8] jenkins: multiple issues
Arch Linux Security Advisory ASA-201704-8 ========================================= Severity: High Date : 2017-04-27 CVE-ID : CVE-2017-1000354 CVE-2017-1000355 CVE-2017-1000356 Package : jenkins Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-255 Summary ======= The...
[ASA-201702-12] gvim: arbitrary code execution
Arch Linux Security Advisory ASA-201702-12 ========================================== Severity: Medium Date : 2017-02-15 CVE-ID : CVE-2017-5953 Package : gvim Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-174 Summary ======= The package gvim before version...
[ASA-201702-8] bind: denial of service
Arch Linux Security Advisory ASA-201702-8 ========================================= Severity: High Date : 2017-02-09 CVE-ID : CVE-2017-3135 Package : bind Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-169 Summary ======= The package bind before version 9.11.0.P3-...
[ASA-201702-3] gst-plugins-good: denial of service
Arch Linux Security Advisory ASA-201702-3 ========================================= Severity: Low Date : 2017-02-03 CVE-ID : CVE-2016-10198 CVE-2016-10199 CVE-2017-5840 CVE-2017-5841 CVE-2017-5845 Package : gst-plugins-good Type : denial of service Remote : Yes Link :...
[ASA-201702-5] gst-plugins-bad: multiple issues
Arch Linux Security Advisory ASA-201702-5 ========================================= Severity: Critical Date : 2017-02-03 CVE-ID : CVE-2017-5843 CVE-2017-5848 Package : gst-plugins-bad Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-165 Summary ======= The package...
[ASA-201701-7] libcurl-compat: multiple issues
Arch Linux Security Advisory ASA-201701-7 ========================================= Severity: Medium Date : 2017-01-03 CVE-ID : CVE-2016-9586 CVE-2016-9594 Package : libcurl-compat Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-113 Summary ======= The package...
[ASA-201609-20] irssi: arbitrary code execution
Arch Linux Security Advisory ASA-201609-20 ========================================== Severity: High Date : 2016-09-22 CVE-ID : CVE-2016-7045 Package : irssi Type : arbitrary code execution Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package irssi before versi...
libndp: man-in-the-middle
Libndp before version 1.6 does properly validate and check the origin of Neighbor Discovery Protocol NDP messages. An attacker on a non-local network can exploit this flaw to advertise a node as a router, which allows them to re-route the traffic through an attacker-controlled node...
pgpdump: denial of service
When pgpdump is run on specially crafted input, a denial of service condition occurs. The program runs with 100% CPU usage for an indefinite amount of time. This can be abused in scenarios where users can supply input to pgpdump, e.g. in http://www.pgpdump.net/...
libtasn1: denial of service
The libtasn1 library, in its 4.7 version, can loop for a long time or indefinitely when it is used to parse DER representations of X.509 certificates, leading to a denial of service. Some of these loops may in addition increase heap or stack usage, leading to more issues...
git: remote code execution
Lal Cellier discovered an integer overflow vulnerability in the pathname function of git...
blueman: privilege escalation
A local privilege escalation vulnerability has been found in the Network::EnableNetwork method of blueman. An unsanitized string is received over DBUS into the dhcphandler parameter and passed to eval, thus allowing arbitrary command execution with the privileges of the user running blueman...
flashplugin: multiple issues
CVE-2015-8045 CVE-2015-8060 CVE-2015-8408 CVE-2015-8416 CVE-2015-8417 CVE-2015-8418 CVE-2015-8419 CVE-2015-8443 CVE-2015-8444 CVE-2015-8047 CVE-2015-8451 CVE-2015-8455 arbitrary code execution Memory corruption vulnerabilities have been discovered that could lead to arbitrary code execution. -...
ppp: denial of service
A buffer overflow has been found in the rcmksid function in plugins/radius/util.c in Paul's PPP Package ppp. When the PID of the pppd process is greater than 65535, the computation of a start accounting message to the RADIUS server will crash the pppd server...