1854 matches found
[ASA-201908-20] irssi: arbitrary code execution
Arch Linux Security Advisory ASA-201908-20 ========================================== Severity: High Date : 2019-08-29 CVE-ID : CVE-2019-15717 Package : irssi Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1028 Summary ======= The package irssi before versi...
[ASA-201908-1] chromium: multiple issues
Arch Linux Security Advisory ASA-201908-1 ========================================= Severity: High Date : 2019-08-02 CVE-ID : CVE-2019-5850 CVE-2019-5851 CVE-2019-5852 CVE-2019-5853 CVE-2019-5854 CVE-2019-5855 CVE-2019-5856 CVE-2019-5857 CVE-2019-5858 CVE-2019-5859 CVE-2019-5860 CVE-2019-5861...
[ASA-201906-11] chromium: arbitrary code execution
Arch Linux Security Advisory ASA-201906-11 ========================================== Severity: High Date : 2019-06-14 CVE-ID : CVE-2019-5842 Package : chromium Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-981 Summary ======= The package chromium before...
[ASA-201903-14] firefox: arbitrary code execution
Arch Linux Security Advisory ASA-201903-14 ========================================== Severity: Critical Date : 2019-03-23 CVE-ID : CVE-2019-9810 CVE-2019-9813 Package : firefox Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-930 Summary ======= The package...
[ASA-201902-24] systemd: denial of service
Arch Linux Security Advisory ASA-201902-24 ========================================== Severity: High Date : 2019-02-21 CVE-ID : CVE-2019-6454 Package : systemd Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-906 Summary ======= The package systemd before version...
[ASA-201901-12] matrix-synapse: private key recovery
Arch Linux Security Advisory ASA-201901-12 ========================================== Severity: High Date : 2019-01-24 CVE-ID : CVE-2019-5885 Package : matrix-synapse Type : private key recovery Remote : No Link : https://security.archlinux.org/AVG-846 Summary ======= The package matrix-synapse...
[ASA-201901-4] systemd: multiple issues
Arch Linux Security Advisory ASA-201901-4 ========================================= Severity: Medium Date : 2019-01-08 CVE-ID : CVE-2018-6954 CVE-2018-16866 Package : systemd Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-615 Summary ======= The package systemd befor...
[ASA-201810-3] libxml2: denial of service
Arch Linux Security Advisory ASA-201810-3 ========================================= Severity: Medium Date : 2018-10-01 CVE-ID : CVE-2018-9251 Package : libxml2 Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-672 Summary ======= The package libxml2 before version...
[ASA-201806-11] pass: arbitrary code execution
Arch Linux Security Advisory ASA-201806-11 ========================================== Severity: High Date : 2018-06-19 CVE-ID : CVE-2018-12356 Package : pass Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-720 Summary ======= The package pass before version...
[ASA-201805-6] libmupdf: multiple issues
Arch Linux Security Advisory ASA-201805-6 ========================================= Severity: High Date : 2018-05-10 CVE-ID : CVE-2018-5686 CVE-2018-6187 CVE-2018-6192 CVE-2018-6544 CVE-2018-1000051 Package : libmupdf Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-6...
[ASA-201805-3] freetype2: denial of service
Arch Linux Security Advisory ASA-201805-3 ========================================= Severity: Low Date : 2018-05-09 CVE-ID : CVE-2018-6942 Package : freetype2 Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-613 Summary ======= The package freetype2 before version...
[ASA-201803-18] lib32-libcurl-compat: multiple issues
Arch Linux Security Advisory ASA-201803-18 ========================================== Severity: Medium Date : 2018-03-19 CVE-ID : CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122 Package : lib32-libcurl-compat Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-660...
[ASA-201801-23] libcurl-compat: multiple issues
Arch Linux Security Advisory ASA-201801-23 ========================================== Severity: Medium Date : 2018-01-29 CVE-ID : CVE-2018-1000005 CVE-2018-1000007 Package : libcurl-compat Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-595 Summary ======= The packag...
[ASA-201711-7] lib32-curl: information disclosure
Arch Linux Security Advisory ASA-201711-7 ========================================= Severity: Medium Date : 2017-11-02 CVE-ID : CVE-2017-1000257 Package : lib32-curl Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-466 Summary ======= The package lib32-curl...
[ASA-201709-7] lib32-flashplugin: arbitrary code execution
Arch Linux Security Advisory ASA-201709-7 ========================================= Severity: Critical Date : 2017-09-13 CVE-ID : CVE-2017-11281 CVE-2017-11282 Package : lib32-flashplugin Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-399 Summary ======= Th...
[ASA-201708-11] xorg-server: multiple issues
Arch Linux Security Advisory ASA-201708-11 ========================================== Severity: High Date : 2017-08-14 CVE-ID : CVE-2017-10971 CVE-2017-10972 Package : xorg-server Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-341 Summary ======= The package...
[ASA-201706-35] libnl: privilege escalation
Arch Linux Security Advisory ASA-201706-35 ========================================== Severity: Medium Date : 2017-06-28 CVE-ID : CVE-2017-0553 Package : libnl Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-292 Summary ======= The package libnl before version...
[ASA-201705-24] postgresql-libs: man-in-the-middle
Arch Linux Security Advisory ASA-201705-24 ========================================== Severity: High Date : 2017-05-30 CVE-ID : CVE-2017-7485 Package : postgresql-libs Type : man-in-the-middle Remote : Yes Link : https://security.archlinux.org/AVG-280 Summary ======= The package postgresql-libs...
[ASA-201705-11] smb4k: privilege escalation
Arch Linux Security Advisory ASA-201705-11 ========================================== Severity: High Date : 2017-05-10 CVE-ID : CVE-2017-8849 Package : smb4k Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-268 Summary ======= The package smb4k before version...
[ASA-201704-5] chromium: multiple issues
Arch Linux Security Advisory ASA-201704-5 ========================================= Severity: Critical Date : 2017-04-20 CVE-ID : CVE-2017-5057 CVE-2017-5058 CVE-2017-5059 CVE-2017-5060 CVE-2017-5061 CVE-2017-5062 CVE-2017-5063 CVE-2017-5064 CVE-2017-5065 CVE-2017-5066 CVE-2017-5067 CVE-2017-5069...
[ASA-201703-15] firefox: arbitrary code execution
Arch Linux Security Advisory ASA-201703-15 ========================================== Severity: High Date : 2017-03-18 CVE-ID : CVE-2017-5428 Package : firefox Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-219 Summary ======= The package firefox before...
[ASA-201702-19] bzip2: denial of service
Arch Linux Security Advisory ASA-201702-19 ========================================== Severity: Low Date : 2017-02-22 CVE-ID : CVE-2016-3189 Package : bzip2 Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-4 Summary ======= The package bzip2 before version 1.0.6-6 is...
[ASA-201701-17] lib32-flashplugin: multiple issues
Arch Linux Security Advisory ASA-201701-17 ========================================== Severity: Critical Date : 2017-01-12 CVE-ID : CVE-2017-2925 CVE-2017-2926 CVE-2017-2927 CVE-2017-2928 CVE-2017-2930 CVE-2017-2931 CVE-2017-2932 CVE-2017-2933 CVE-2017-2934 CVE-2017-2935 CVE-2017-2936 CVE-2017-29...
[ASA-201701-6] lib32-libpng12: denial of service
Arch Linux Security Advisory ASA-201701-6 ========================================= Severity: Low Date : 2017-01-02 CVE-ID : CVE-2016-10087 Package : lib32-libpng12 Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-121 Summary ======= The package lib32-libpng12 befor...
[ASA-201610-5] messagelib: multiple issues
Arch Linux Security Advisory ASA-201610-5 ========================================= Severity: Medium Date : 2016-10-07 CVE-ID : CVE-2016-7967 CVE-2016-7968 Package : messagelib Type : multiple issues Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package messagel...
[ASA-201610-2] systemd: denial of service
Arch Linux Security Advisory ASA-201610-2 ========================================= Severity: High Date : 2016-10-04 CVE-ID : CVE-2016-7795 Package : systemd Type : denial of service Remote : No Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package systemd before version 231...
libdwarf: arbitrary code execution
CVE-2016-5027 denial of service Multiple NULL pointer dereference issues in several functions of libdwarf/dwarfleb.c, where leb128length was wrongly assumed non-NULL. - CVE-2016-5028 denial of service NULL pointer dereference issue in printframeinstbytes. - CVE-2016-5029 denial of service NULL...
imlib2: multiple issues
CVE-2011-5326 denial of service Kevin Ryde discovered that attempting to draw a 2x1 radi ellipse results in a floating point exception. - CVE-2016-3993 information leakage Yuriy M. Kaminskiy discovered that drawing using coordinates from an untrusted source could lead to an out-of-bound memory...
vorbis-tools: denial of service
Buffer overflow in the aiffopen function in oggenc/audio.c allows local attackers to cause a denial of service crash via a crafted AIFF file...
musl: arbitrary code execution
A stack-based buffer overflow has been found in musl libc's ipv6 address literal parsing code. Programs which call the inetpton or getaddrinfo function with AFINET6 or AFUNSPEC and untrusted address strings are affected. Successful exploitation yields control of the return address. Having enabled...
xerces-c: denial of service
CVE-2015-0252 denial of service The Xerces-C XML parser mishandles certain kinds of malformed input documents, resulting in a segmentation fault during a parse operation. The bug does not appear to allow for remote code execution, but is a denial of service attack that in many applications may...
tinyproxy: denial of service
It was discovered that a remote attacker is able to cause a denial of service CPU and memory consumption via 1 a large number of headers or 2 a large number of forged headers that predictably trigger hash collisions...
samba: privilege elevation
Samba's Active Directory Domain Controller AD DC allows the administrator to delegate creation of user or computer accounts to specific users or groups. Samba's AD DC did not implement the additional required check on the UFSERVERTRUSTACCOUNT bit in the userAccountControl attributes. Most Samba...
antiword: buffer overflow
The program antiword is suffering from a buffer overflow within atPPSlist.szName that may lead to denial of service or arbitrary code execution...
flac: arbitrary code execution
A stack overflow and a heap overflow condition have been found in libFLAC when parsing a maliciously crafted .flac file, which may result in arbitrary code execution...
ejabberd: circumvention of encryption
It was discovered that ejabberd does not enforce the starttlsrequired setting when compression is used, which causes clients to unexpectedly establish connections without encryption...
ctags: Denial of service
Stefano Zacchiroli discovered a vulnerability in ctags, a tool to build tag file indexes of source code definitions: Certain JavaScript files cause ctags to enter an infinite loop until it runs out of disk space, resulting in denial of service...
[ASA-202004-15] chromium: arbitrary code execution
Arch Linux Security Advisory ASA-202004-15 ========================================== Severity: Critical Date : 2020-04-16 CVE-ID : CVE-2020-6457 Package : chromium Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1134 Summary ======= The package chromium...
[ASA-202001-6] opensmtpd: arbitrary command execution
Arch Linux Security Advisory ASA-202001-6 ========================================= Severity: Critical Date : 2020-01-29 CVE-ID : CVE-2020-7247 Package : opensmtpd Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-1090 Summary ======= The package opensmtpd...
[ASA-201908-10] subversion: denial of service
Arch Linux Security Advisory ASA-201908-10 ========================================== Severity: High Date : 2019-08-16 CVE-ID : CVE-2018-11782 CVE-2019-0203 Package : subversion Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1016 Summary ======= The package...
[ASA-201905-11] libcurl-compat: arbitrary code execution
Arch Linux Security Advisory ASA-201905-11 ========================================== Severity: High Date : 2019-05-31 CVE-ID : CVE-2019-5436 Package : libcurl-compat Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-959 Summary ======= The package...
[ASA-201905-4] linux-zen: arbitrary code execution
Arch Linux Security Advisory ASA-201905-4 ========================================= Severity: High Date : 2019-05-06 CVE-ID : CVE-2019-11683 Package : linux-zen Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-957 Summary ======= The package linux-zen before...
[ASA-201902-14] python-django: denial of service
Arch Linux Security Advisory ASA-201902-14 ========================================== Severity: Medium Date : 2019-02-12 CVE-ID : CVE-2019-6975 Package : python-django Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-881 Summary ======= The package python-django...
[ASA-201902-15] python2-django: denial of service
Arch Linux Security Advisory ASA-201902-15 ========================================== Severity: Medium Date : 2019-02-12 CVE-ID : CVE-2019-6975 Package : python2-django Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-882 Summary ======= The package python2-django...
[ASA-201901-9] systemd: arbitrary code execution
Arch Linux Security Advisory ASA-201901-9 ========================================= Severity: High Date : 2019-01-12 CVE-ID : CVE-2018-16864 CVE-2018-16865 Package : systemd Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-845 Summary ======= The package syste...
[ASA-201811-19] flashplugin: arbitrary code execution
Arch Linux Security Advisory ASA-201811-19 ========================================== Severity: Critical Date : 2018-11-22 CVE-ID : CVE-2018-15981 Package : flashplugin Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-818 Summary ======= The package flashplug...
[ASA-201811-13] powerdns-recursor: denial of service
Arch Linux Security Advisory ASA-201811-13 ========================================== Severity: Medium Date : 2018-11-12 CVE-ID : CVE-2018-10851 CVE-2018-14626 CVE-2018-14644 Package : powerdns-recursor Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-805 Summary...
[ASA-201808-8] thunderbird: multiple issues
Arch Linux Security Advisory ASA-201808-8 ========================================= Severity: Critical Date : 2018-08-10 CVE-ID : CVE-2018-5156 CVE-2018-5187 CVE-2018-12361 CVE-2018-12367 CVE-2018-12371 Package : thunderbird Type : multiple issues Remote : Yes Link :...
[ASA-201806-6] p7zip: arbitrary code execution
Arch Linux Security Advisory ASA-201806-6 ========================================= Severity: Critical Date : 2018-06-09 CVE-ID : CVE-2018-10115 Package : p7zip Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-714 Summary ======= The package p7zip before...
[ASA-201805-26] strongswan: denial of service
Arch Linux Security Advisory ASA-201805-26 ========================================== Severity: Low Date : 2018-05-26 CVE-ID : CVE-2018-5388 Package : strongswan Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-710 Summary ======= The package strongswan before versio...