Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
ArchlinuxMost viewed
RecentMost viewed

1854 matches found

ArchLinux
ArchLinux•added 2020/09/26 12:0 a.m.•30 views

[ASA-202009-13] brotli: denial of service

Arch Linux Security Advisory ASA-202009-13 ========================================== Severity: Medium Date : 2020-09-26 CVE-ID : CVE-2020-8927 Package : brotli Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1230 Summary ======= The package brotli before version...

6.5CVSS1.4AI score0.03243EPSS
Exploits0References4
ArchLinux
ArchLinux•added 2020/06/28 12:0 a.m.•30 views

[ASA-202006-14] imagemagick: information disclosure

Arch Linux Security Advisory ASA-202006-14 ========================================== Severity: Medium Date : 2020-06-28 CVE-ID : CVE-2020-13902 Package : imagemagick Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-1181 Summary ======= The package imagemagick...

7.1CVSS1.1AI score0.00965EPSS
Exploits0References5
ArchLinux
ArchLinux•added 2020/03/19 12:0 a.m.•30 views

[ASA-202003-13] bluez: access restriction bypass

Arch Linux Security Advisory ASA-202003-13 ========================================== Severity: High Date : 2020-03-19 CVE-ID : CVE-2020-0556 Package : bluez Type : access restriction bypass Remote : Yes Link : https://security.archlinux.org/AVG-1116 Summary ======= The package bluez before versi...

7.1CVSS1.9AI score0.01033EPSS
Exploits0References9
ArchLinux
ArchLinux•added 2020/03/08 12:0 a.m.•30 views

[ASA-202003-4] golang-golang-x-crypto: denial of service

Arch Linux Security Advisory ASA-202003-4 ========================================= Severity: Medium Date : 2020-03-08 CVE-ID : CVE-2020-9283 Package : golang-golang-x-crypto Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1109 Summary ======= The package...

7.5CVSS2.2AI score0.20891EPSS
Exploits6References9
ArchLinux
ArchLinux•added 2019/10/23 12:0 a.m.•30 views

[ASA-201910-13] pacman: arbitrary command execution

Arch Linux Security Advisory ASA-201910-13 ========================================== Severity: High Date : 2019-10-23 CVE-ID : CVE-2019-18182 CVE-2019-18183 Package : pacman Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-1049 Summary ======= The package...

9.8CVSS2.2AI score0.03672EPSS
Exploits2References7
ArchLinux
ArchLinux•added 2019/09/06 12:0 a.m.•30 views

[ASA-201909-3] exim: arbitrary command execution

Arch Linux Security Advisory ASA-201909-3 ========================================= Severity: Critical Date : 2019-09-06 CVE-ID : CVE-2019-15846 Package : exim Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-1037 Summary ======= The package exim before...

10CVSS2.8AI score0.35736EPSS
Exploits3References3
ArchLinux
ArchLinux•added 2019/07/17 12:0 a.m.•30 views

[ASA-201907-5] squid: arbitrary code execution

Arch Linux Security Advisory ASA-201907-5 ========================================= Severity: Critical Date : 2019-07-17 CVE-ID : CVE-2019-12527 Package : squid Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1004 Summary ======= The package squid before...

8.8CVSS2.9AI score0.51473EPSS
Exploits0References4
ArchLinux
ArchLinux•added 2019/06/18 12:0 a.m.•30 views

[ASA-201906-16] dbus: access restriction bypass

Arch Linux Security Advisory ASA-201906-16 ========================================== Severity: High Date : 2019-06-18 CVE-ID : CVE-2019-12749 Package : dbus Type : access restriction bypass Remote : No Link : https://security.archlinux.org/AVG-974 Summary ======= The package dbus before version...

7.1CVSS0.9AI score0.00555EPSS
Exploits0References5
ArchLinux
ArchLinux•added 2019/05/31 12:0 a.m.•30 views

[ASA-201905-11] libcurl-compat: arbitrary code execution

Arch Linux Security Advisory ASA-201905-11 ========================================== Severity: High Date : 2019-05-31 CVE-ID : CVE-2019-5436 Package : libcurl-compat Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-959 Summary ======= The package...

7.8CVSS1.1AI score0.49739EPSS
Exploits1References4
ArchLinux
ArchLinux•added 2019/03/23 12:0 a.m.•30 views

[ASA-201903-14] firefox: arbitrary code execution

Arch Linux Security Advisory ASA-201903-14 ========================================== Severity: Critical Date : 2019-03-23 CVE-ID : CVE-2019-9810 CVE-2019-9813 Package : firefox Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-930 Summary ======= The package...

8.8CVSS1.1AI score0.29514EPSS
Exploits13References8
ArchLinux
ArchLinux•added 2019/02/21 12:0 a.m.•30 views

[ASA-201902-24] systemd: denial of service

Arch Linux Security Advisory ASA-201902-24 ========================================== Severity: High Date : 2019-02-21 CVE-ID : CVE-2019-6454 Package : systemd Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-906 Summary ======= The package systemd before version...

5.5CVSS0.5AI score0.02035EPSS
Exploits1References8
ArchLinux
ArchLinux•added 2019/01/24 12:0 a.m.•30 views

[ASA-201901-12] matrix-synapse: private key recovery

Arch Linux Security Advisory ASA-201901-12 ========================================== Severity: High Date : 2019-01-24 CVE-ID : CVE-2019-5885 Package : matrix-synapse Type : private key recovery Remote : No Link : https://security.archlinux.org/AVG-846 Summary ======= The package matrix-synapse...

7.5CVSS1.3AI score0.02418EPSS
Exploits0References3
ArchLinux
ArchLinux•added 2019/01/24 12:0 a.m.•30 views

[ASA-201901-13] powerdns-recursor: multiple issues

Arch Linux Security Advisory ASA-201901-13 ========================================== Severity: Medium Date : 2019-01-24 CVE-ID : CVE-2019-3806 CVE-2019-3807 Package : powerdns-recursor Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-856 Summary ======= The package...

9.8CVSS1.1AI score0.0146EPSS
Exploits0References4
ArchLinux
ArchLinux•added 2019/01/08 12:0 a.m.•30 views

[ASA-201901-4] systemd: multiple issues

Arch Linux Security Advisory ASA-201901-4 ========================================= Severity: Medium Date : 2019-01-08 CVE-ID : CVE-2018-6954 CVE-2018-16866 Package : systemd Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-615 Summary ======= The package systemd befor...

7.8CVSS0.4AI score0.01051EPSS
Exploits3References9
ArchLinux
ArchLinux•added 2018/11/20 12:0 a.m.•30 views

[ASA-201811-18] lib32-libtiff: multiple issues

Arch Linux Security Advisory ASA-201811-18 ========================================== Severity: High Date : 2018-11-20 CVE-ID : CVE-2017-9935 CVE-2017-11613 CVE-2017-18013 CVE-2018-5784 CVE-2018-7456 CVE-2018-8905 CVE-2018-10779 CVE-2018-10963 CVE-2018-18557 CVE-2018-18661 Package : lib32-libtiff...

8.8CVSS2.2AI score0.1496EPSS
Exploits11References33
ArchLinux
ArchLinux•added 2018/11/06 12:0 a.m.•30 views

[ASA-201811-9] lib32-curl: arbitrary code execution

Arch Linux Security Advisory ASA-201811-9 ========================================= Severity: High Date : 2018-11-06 CVE-ID : CVE-2018-16839 CVE-2018-16840 Package : lib32-curl Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-796 Summary ======= The package...

9.8CVSS1AI score0.0583EPSS
Exploits0References7
ArchLinux
ArchLinux•added 2018/10/01 12:0 a.m.•30 views

[ASA-201810-3] libxml2: denial of service

Arch Linux Security Advisory ASA-201810-3 ========================================= Severity: Medium Date : 2018-10-01 CVE-ID : CVE-2018-9251 Package : libxml2 Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-672 Summary ======= The package libxml2 before version...

5.3CVSS2.2AI score0.0244EPSS
Exploits1References4
ArchLinux
ArchLinux•added 2018/07/20 12:0 a.m.•30 views

[ASA-201807-13] networkmanager-vpnc: privilege escalation

Arch Linux Security Advisory ASA-201807-13 ========================================== Severity: High Date : 2018-07-20 CVE-ID : CVE-2018-10900 Package : networkmanager-vpnc Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-739 Summary ======= The package...

8.8CVSS2.9AI score0.05059EPSS
Exploits7References5
ArchLinux
ArchLinux•added 2018/05/25 12:0 a.m.•30 views

[ASA-201805-22] wireshark-gtk: multiple issues

Arch Linux Security Advisory ASA-201805-22 ========================================== Severity: Critical Date : 2018-05-25 CVE-ID : CVE-2018-11354 CVE-2018-11355 CVE-2018-11356 CVE-2018-11357 CVE-2018-11358 CVE-2018-11359 CVE-2018-11360 CVE-2018-11361 CVE-2018-11362 Package : wireshark-gtk Type :...

7.5CVSS1.4AI score0.0348EPSS
Exploits0References28
ArchLinux
ArchLinux•added 2018/05/10 12:0 a.m.•30 views

[ASA-201805-6] libmupdf: multiple issues

Arch Linux Security Advisory ASA-201805-6 ========================================= Severity: High Date : 2018-05-10 CVE-ID : CVE-2018-5686 CVE-2018-6187 CVE-2018-6192 CVE-2018-6544 CVE-2018-1000051 Package : libmupdf Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-6...

7.8CVSS3.2AI score0.01942EPSS
Exploits5References21
ArchLinux
ArchLinux•added 2018/05/10 12:0 a.m.•30 views

[ASA-201805-8] llpp: multiple issues

Arch Linux Security Advisory ASA-201805-8 ========================================= Severity: High Date : 2018-05-10 CVE-ID : CVE-2018-5686 CVE-2018-6187 CVE-2018-6192 CVE-2018-6544 CVE-2018-1000051 Package : llpp Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-690...

7.8CVSS2.9AI score0.01942EPSS
Exploits5References21
ArchLinux
ArchLinux•added 2018/03/19 12:0 a.m.•30 views

[ASA-201803-18] lib32-libcurl-compat: multiple issues

Arch Linux Security Advisory ASA-201803-18 ========================================== Severity: Medium Date : 2018-03-19 CVE-ID : CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122 Package : lib32-libcurl-compat Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-660...

9.8CVSS0.6AI score0.12058EPSS
Exploits0References13
ArchLinux
ArchLinux•added 2018/03/06 12:0 a.m.•30 views

[ASA-201803-7] dovecot: multiple issues

Arch Linux Security Advisory ASA-201803-7 ========================================= Severity: High Date : 2018-03-06 CVE-ID : CVE-2017-14461 CVE-2017-15130 CVE-2017-15132 Package : dovecot Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-645 Summary ======= The packag...

7.5CVSS0.3AI score0.17572EPSS
Exploits0References15
ArchLinux
ArchLinux•added 2018/02/09 12:0 a.m.•30 views

[ASA-201802-1] clamav: multiple issues

Arch Linux Security Advisory ASA-201802-1 ========================================= Severity: Critical Date : 2018-02-09 CVE-ID : CVE-2017-12374 CVE-2017-12375 CVE-2017-12376 CVE-2017-12377 CVE-2017-12378 CVE-2017-12379 CVE-2017-12380 CVE-2017-6418 CVE-2017-6420 Package : clamav Type : multiple...

10CVSS3.9AI score0.12779EPSS
Exploits7References32
ArchLinux
ArchLinux•added 2018/01/29 12:0 a.m.•30 views

[ASA-201801-23] libcurl-compat: multiple issues

Arch Linux Security Advisory ASA-201801-23 ========================================== Severity: Medium Date : 2018-01-29 CVE-ID : CVE-2018-1000005 CVE-2018-1000007 Package : libcurl-compat Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-595 Summary ======= The packag...

9.8CVSS9.3AI score0.08031EPSS
Exploits0References7
ArchLinux
ArchLinux•added 2017/12/13 12:0 a.m.•30 views

[ASA-201712-7] quagga: denial of service

Arch Linux Security Advisory ASA-201712-7 ========================================= Severity: Medium Date : 2017-12-13 CVE-ID : CVE-2017-16227 Package : quagga Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-481 Summary ======= The package quagga before version...

7.5CVSS1AI score0.1879EPSS
Exploits0References6
ArchLinux
ArchLinux•added 2017/10/22 12:0 a.m.•30 views

[ASA-201710-30] irssi: multiple issues

Arch Linux Security Advisory ASA-201710-30 ========================================== Severity: High Date : 2017-10-22 CVE-ID : CVE-2017-15227 CVE-2017-15228 CVE-2017-15721 CVE-2017-15722 CVE-2017-15723 Package : irssi Type : multiple issues Remote : Yes Link :...

7.5CVSS1.4AI score0.02371EPSS
Exploits0References13
ArchLinux
ArchLinux•added 2017/09/13 12:0 a.m.•30 views

[ASA-201709-7] lib32-flashplugin: arbitrary code execution

Arch Linux Security Advisory ASA-201709-7 ========================================= Severity: Critical Date : 2017-09-13 CVE-ID : CVE-2017-11281 CVE-2017-11282 Package : lib32-flashplugin Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-399 Summary ======= Th...

9.8CVSS2.7AI score0.34848EPSS
Exploits8References4
ArchLinux
ArchLinux•added 2017/08/14 12:0 a.m.•30 views

[ASA-201708-11] xorg-server: multiple issues

Arch Linux Security Advisory ASA-201708-11 ========================================== Severity: High Date : 2017-08-14 CVE-ID : CVE-2017-10971 CVE-2017-10972 Package : xorg-server Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-341 Summary ======= The package...

8.8CVSS2.4AI score0.03877EPSS
Exploits0References8
ArchLinux
ArchLinux•added 2017/07/27 12:0 a.m.•30 views

[ASA-201707-29] chromium: multiple issues

Arch Linux Security Advisory ASA-201707-29 ========================================== Severity: Critical Date : 2017-07-27 CVE-ID : CVE-2017-5091 CVE-2017-5092 CVE-2017-5093 CVE-2017-5094 CVE-2017-5095 CVE-2017-5097 CVE-2017-5098 CVE-2017-5099 CVE-2017-5100 CVE-2017-5101 CVE-2017-5102 CVE-2017-51...

8.8CVSS0.5AI score0.15513EPSS
Exploits0References42
ArchLinux
ArchLinux•added 2017/07/11 12:0 a.m.•30 views

[ASA-201707-10] flashplugin: multiple issues

Arch Linux Security Advisory ASA-201707-10 ========================================== Severity: Critical Date : 2017-07-11 CVE-ID : CVE-2017-3080 CVE-2017-3099 CVE-2017-3100 Package : flashplugin Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-344 Summary ======= The...

9.3CVSS0.9AI score0.08552EPSS
Exploits0References5
ArchLinux
ArchLinux•added 2017/07/04 12:0 a.m.•30 views

[ASA-201707-3] bind: access restriction bypass

Arch Linux Security Advisory ASA-201707-3 ========================================= Severity: High Date : 2017-07-04 CVE-ID : CVE-2017-3142 CVE-2017-3143 Package : bind Type : access restriction bypass Remote : Yes Link : https://security.archlinux.org/AVG-335 Summary ======= The package bind...

7.5CVSS2.7AI score0.18221EPSS
Exploits1References5
ArchLinux
ArchLinux•added 2017/07/04 12:0 a.m.•30 views

[ASA-201707-5] systemd: denial of service

Arch Linux Security Advisory ASA-201707-5 ========================================= Severity: Medium Date : 2017-07-04 CVE-ID : CVE-2017-9217 Package : systemd Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-337 Summary ======= The package systemd before version...

7.5CVSS3.3AI score0.15422EPSS
Exploits0References4
ArchLinux
ArchLinux•added 2017/06/28 12:0 a.m.•30 views

[ASA-201706-35] libnl: privilege escalation

Arch Linux Security Advisory ASA-201706-35 ========================================== Severity: Medium Date : 2017-06-28 CVE-ID : CVE-2017-0553 Package : libnl Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-292 Summary ======= The package libnl before version...

7.6CVSS2AI score0.01959EPSS
Exploits0References3
ArchLinux
ArchLinux•added 2017/05/03 12:0 a.m.•30 views

[ASA-201705-2] chromium: arbitrary code execution

Arch Linux Security Advisory ASA-201705-2 ========================================= Severity: High Date : 2017-05-03 CVE-ID : CVE-2017-5068 Package : chromium Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-260 Summary ======= The package chromium before...

7.5CVSS2.5AI score0.01019EPSS
Exploits0References3
ArchLinux
ArchLinux•added 2017/04/29 12:0 a.m.•30 views

[ASA-201704-11] bind: denial of service

Arch Linux Security Advisory ASA-201704-11 ========================================== Severity: High Date : 2017-04-29 CVE-ID : CVE-2017-3136 CVE-2017-3137 CVE-2017-3138 Package : bind Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-239 Summary ======= The package...

7.5CVSS1.2AI score0.11093EPSS
Exploits0References7
ArchLinux
ArchLinux•added 2017/04/20 12:0 a.m.•30 views

[ASA-201704-5] chromium: multiple issues

Arch Linux Security Advisory ASA-201704-5 ========================================= Severity: Critical Date : 2017-04-20 CVE-ID : CVE-2017-5057 CVE-2017-5058 CVE-2017-5059 CVE-2017-5060 CVE-2017-5061 CVE-2017-5062 CVE-2017-5063 CVE-2017-5064 CVE-2017-5065 CVE-2017-5066 CVE-2017-5067 CVE-2017-5069...

8.8CVSS0.6AI score0.03362EPSS
Exploits1References26
ArchLinux
ArchLinux•added 2017/03/21 12:0 a.m.•30 views

[ASA-201703-18] libpurple: arbitrary code execution

Arch Linux Security Advisory ASA-201703-18 ========================================== Severity: High Date : 2017-03-21 CVE-ID : CVE-2017-2640 Package : libpurple Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-226 Summary ======= The package libpurple before...

9.8CVSS1.6AI score0.06258EPSS
Exploits0References5
ArchLinux
ArchLinux•added 2017/03/15 12:0 a.m.•30 views

[ASA-201703-11] flashplugin: multiple issues

Arch Linux Security Advisory ASA-201703-11 ========================================== Severity: Critical Date : 2017-03-15 CVE-ID : CVE-2017-2997 CVE-2017-2998 CVE-2017-2999 CVE-2017-3000 CVE-2017-3001 CVE-2017-3002 CVE-2017-3003 Package : flashplugin Type : multiple issues Remote : Yes Link :...

9.3CVSS1.2AI score0.08428EPSS
Exploits1References9
ArchLinux
ArchLinux•added 2017/03/14 12:0 a.m.•30 views

[ASA-201703-9] jasper: multiple issues

Arch Linux Security Advisory ASA-201703-9 ========================================= Severity: High Date : 2017-03-14 CVE-ID : CVE-2016-8886 CVE-2016-9591 Package : jasper Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-69 Summary ======= The package jasper before...

7.8CVSS2.1AI score0.0184EPSS
Exploits1References9
ArchLinux
ArchLinux•added 2017/01/03 12:0 a.m.•30 views

[ASA-201701-9] lib32-curl: multiple issues

Arch Linux Security Advisory ASA-201701-9 ========================================= Severity: Medium Date : 2017-01-03 CVE-ID : CVE-2016-9586 CVE-2016-9594 Package : lib32-curl Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-115 Summary ======= The package lib32-curl...

8.1CVSS0.9AI score0.04999EPSS
Exploits0References6
ArchLinux
ArchLinux•added 2017/01/02 12:0 a.m.•30 views

[ASA-201701-6] lib32-libpng12: denial of service

Arch Linux Security Advisory ASA-201701-6 ========================================= Severity: Low Date : 2017-01-02 CVE-ID : CVE-2016-10087 Package : lib32-libpng12 Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-121 Summary ======= The package lib32-libpng12 befor...

7.5CVSS1.9AI score0.05517EPSS
Exploits0References3
ArchLinux
ArchLinux•added 2016/09/26 12:0 a.m.•30 views

[ASA-201609-25] gnutls: certificate verification bypass

Arch Linux Security Advisory ASA-201609-25 ========================================== Severity: Medium Date : 2016-09-26 CVE-ID : CVE-2016-7444 Package : gnutls Type : certificate verification bypass Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package gnutls...

7.5CVSS0.7AI score0.02437EPSS
Exploits0References4
ArchLinux
ArchLinux•added 2016/09/22 12:0 a.m.•30 views

[ASA-201609-20] irssi: arbitrary code execution

Arch Linux Security Advisory ASA-201609-20 ========================================== Severity: High Date : 2016-09-22 CVE-ID : CVE-2016-7045 Package : irssi Type : arbitrary code execution Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package irssi before versi...

7.5CVSS1.8AI score0.04707EPSS
Exploits1References4
ArchLinux
ArchLinux•added 2015/09/25 12:0 a.m.•30 views

rpcbind: denial of service

A use-after-free vulnerability has been found in rpcbind, leading to memory corruption then crash in the svcdodestroy function while trying to free a corrupted xprt-xpnetid pointer...

5CVSS3AI score0.06408EPSS
Exploits0References3
ArchLinux
ArchLinux•added 2015/03/31 12:0 a.m.•30 views

musl: arbitrary code execution

A stack-based buffer overflow has been found in musl libc's ipv6 address literal parsing code. Programs which call the inetpton or getaddrinfo function with AFINET6 or AFUNSPEC and untrusted address strings are affected. Successful exploitation yields control of the return address. Having enabled...

9.6AI score0.02188EPSS
Exploits0References2
ArchLinux
ArchLinux•added 2015/03/20 12:0 a.m.•30 views

xerces-c: denial of service

CVE-2015-0252 denial of service The Xerces-C XML parser mishandles certain kinds of malformed input documents, resulting in a segmentation fault during a parse operation. The bug does not appear to allow for remote code execution, but is a denial of service attack that in many applications may...

5CVSS5.9AI score0.39916EPSS
Exploits4References3
ArchLinux
ArchLinux•added 2014/11/10 12:0 a.m.•30 views

kdebase-workspace: local privilege escalation

KDE workspace configuration module for setting the date and time has a helper program which runs as root for performing actions. This is secured with polkit. This helper takes the name of the ntp utility to run as an argument. This allows a hacker to run any arbitrary command as root under the...

7.2CVSS2.5AI score0.00388EPSS
Exploits0References4
ArchLinux
ArchLinux•added 2014/11/09 12:0 a.m.•30 views

konversation: denial of service

Konversation's Blowfish ECB encryption support assumes incoming blocks to be the expected 12 bytes. The lack of a sanity-check for the actual size can cause a denial of service and an information leak to the local user...

5CVSS3.4AI score0.0355EPSS
Exploits0References4
ArchLinux
ArchLinux•added 2014/11/03 12:0 a.m.•30 views

aircrack-ng: multiple vulnerabilities

Nick Sampanis discovered the following vulnerabilities: - CVE-2014-8321 code execution and privilege escalation A stack overflow at airodump-ng gpstracker which may lead to code execution and privilege escalation. - CVE-2014-8322 remote code execution A length parameter inconsistency at aireplay...

5.3CVSS4.4AI score0.23925EPSS
Exploits3References9
Total number of security vulnerabilities1854