1854 matches found
[ASA-201805-26] strongswan: denial of service
Arch Linux Security Advisory ASA-201805-26 ========================================== Severity: Low Date : 2018-05-26 CVE-ID : CVE-2018-5388 Package : strongswan Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-710 Summary ======= The package strongswan before versio...
[ASA-201805-25] wireshark-cli: multiple issues
Arch Linux Security Advisory ASA-201805-25 ========================================== Severity: Critical Date : 2018-05-25 CVE-ID : CVE-2018-11354 CVE-2018-11355 CVE-2018-11356 CVE-2018-11357 CVE-2018-11358 CVE-2018-11359 CVE-2018-11360 CVE-2018-11361 CVE-2018-11362 Package : wireshark-cli Type :...
[ASA-201805-13] curl: multiple issues
Arch Linux Security Advisory ASA-201805-13 ========================================== Severity: Critical Date : 2018-05-17 CVE-ID : CVE-2018-1000300 CVE-2018-1000301 Package : curl Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-694 Summary ======= The package curl...
[ASA-201803-10] samba: multiple issues
Arch Linux Security Advisory ASA-201803-10 ========================================== Severity: Critical Date : 2018-03-13 CVE-ID : CVE-2018-1050 CVE-2018-1057 Package : samba Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-651 Summary ======= The package samba befor...
[ASA-201802-1] clamav: multiple issues
Arch Linux Security Advisory ASA-201802-1 ========================================= Severity: Critical Date : 2018-02-09 CVE-ID : CVE-2017-12374 CVE-2017-12375 CVE-2017-12376 CVE-2017-12377 CVE-2017-12378 CVE-2017-12379 CVE-2017-12380 CVE-2017-6418 CVE-2017-6420 Package : clamav Type : multiple...
[ASA-201801-30] mupdf-tools: arbitrary code execution
Arch Linux Security Advisory ASA-201801-30 ========================================== Severity: High Date : 2018-01-30 CVE-ID : CVE-2017-17858 Package : mupdf-tools Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-599 Summary ======= The package mupdf-tools...
[ASA-201801-19] lib32-glibc: privilege escalation
Arch Linux Security Advisory ASA-201801-19 ========================================== Severity: High Date : 2018-01-28 CVE-ID : CVE-2018-1000001 Package : lib32-glibc Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-590 Summary ======= The package lib32-glibc befo...
[ASA-201801-14] nrpe: arbitrary command execution
Arch Linux Security Advisory ASA-201801-14 ========================================== Severity: High Date : 2018-01-18 CVE-ID : CVE-2013-1362 CVE-2014-2913 Package : nrpe Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-587 Summary ======= The package nrpe...
[ASA-201712-10] tor: multiple issues
Arch Linux Security Advisory ASA-201712-10 ========================================== Severity: High Date : 2017-12-16 CVE-ID : CVE-2017-8819 CVE-2017-8820 CVE-2017-8822 CVE-2017-8823 Package : tor Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-539 Summary ======= T...
[ASA-201711-18] postgresql-old-upgrade: multiple issues
Arch Linux Security Advisory ASA-201711-18 ========================================== Severity: Medium Date : 2017-11-10 CVE-ID : CVE-2017-15098 CVE-2017-15099 Package : postgresql-old-upgrade Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-486 Summary ======= The...
[ASA-201710-18] pcre2: denial of service
Arch Linux Security Advisory ASA-201710-18 ========================================== Severity: Medium Date : 2017-10-12 CVE-ID : CVE-2017-7186 Package : pcre2 Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-223 Summary ======= The package pcre2 before version...
[ASA-201710-17] botan: information disclosure
Arch Linux Security Advisory ASA-201710-17 ========================================== Severity: Medium Date : 2017-10-12 CVE-ID : CVE-2017-14737 Package : botan Type : information disclosure Remote : No Link : https://security.archlinux.org/AVG-416 Summary ======= The package botan before version...
[ASA-201710-10] xorg-server: multiple issues
Arch Linux Security Advisory ASA-201710-10 ========================================== Severity: Medium Date : 2017-10-08 CVE-ID : CVE-2017-13721 CVE-2017-13723 Package : xorg-server Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-432 Summary ======= The package...
[ASA-201710-9] lib32-krb5: arbitrary code execution
Arch Linux Security Advisory ASA-201710-9 ========================================= Severity: High Date : 2017-10-05 CVE-ID : CVE-2017-11462 Package : lib32-krb5 Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-415 Summary ======= The package lib32-krb5 befor...
[ASA-201709-14] lib32-libgcrypt: private key recovery
Arch Linux Security Advisory ASA-201709-14 ========================================== Severity: Medium Date : 2017-09-18 CVE-ID : CVE-2017-0379 Package : lib32-libgcrypt Type : private key recovery Remote : No Link : https://security.archlinux.org/AVG-403 Summary ======= The package lib32-libgcry...
[ASA-201709-2] postgresql: multiple issues
Arch Linux Security Advisory ASA-201709-2 ========================================= Severity: High Date : 2017-09-06 CVE-ID : CVE-2017-7546 CVE-2017-7547 CVE-2017-7548 Package : postgresql Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-381 Summary ======= The packag...
[ASA-201706-18] bind: denial of service
Arch Linux Security Advisory ASA-201706-18 ========================================== Severity: Medium Date : 2017-06-15 CVE-ID : CVE-2017-3140 Package : bind Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-301 Summary ======= The package bind before version...
[ASA-201706-14] flashplugin: arbitrary code execution
Arch Linux Security Advisory ASA-201706-14 ========================================== Severity: Critical Date : 2017-06-14 CVE-ID : CVE-2017-3075 CVE-2017-3076 CVE-2017-3077 CVE-2017-3078 CVE-2017-3079 CVE-2017-3081 CVE-2017-3082 CVE-2017-3083 CVE-2017-3084 Package : flashplugin Type : arbitrary...
[ASA-201706-12] gnutls: denial of service
Arch Linux Security Advisory ASA-201706-12 ========================================== Severity: Medium Date : 2017-06-13 CVE-ID : CVE-2017-7507 Package : gnutls Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-294 Summary ======= The package gnutls before version...
[ASA-201706-11] irssi: denial of service
Arch Linux Security Advisory ASA-201706-11 ========================================== Severity: Medium Date : 2017-06-12 CVE-ID : CVE-2017-9468 CVE-2017-9469 Package : irssi Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-293 Summary ======= The package irssi befor...
[ASA-201705-5] libtirpc: denial of service
Arch Linux Security Advisory ASA-201705-5 ========================================= Severity: Medium Date : 2017-05-07 CVE-ID : CVE-2017-8779 Package : libtirpc Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-262 Summary ======= The package libtirpc before version...
[ASA-201705-4] rpcbind: denial of service
Arch Linux Security Advisory ASA-201705-4 ========================================= Severity: Medium Date : 2017-05-07 CVE-ID : CVE-2017-8779 Package : rpcbind Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-261 Summary ======= The package rpcbind before version...
[ASA-201704-7] weechat: denial of service
Arch Linux Security Advisory ASA-201704-7 ========================================= Severity: High Date : 2017-04-23 CVE-ID : CVE-2017-8073 Package : weechat Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-253 Summary ======= The package weechat before version...
[ASA-201704-2] python-django: multiple issues
Arch Linux Security Advisory ASA-201704-2 ========================================= Severity: Medium Date : 2017-04-06 CVE-ID : CVE-2017-7233 CVE-2017-7234 Package : python-django Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-233 Summary ======= The package...
[ASA-201703-14] wordpress: multiple issues
Arch Linux Security Advisory ASA-201703-14 ========================================== Severity: Medium Date : 2017-03-16 CVE-ID : CVE-2017-6814 CVE-2017-6815 CVE-2017-6816 CVE-2017-6817 CVE-2017-6818 CVE-2017-6819 Package : wordpress Type : multiple issues Remote : Yes Link :...
[ASA-201702-6] gst-plugins-ugly: denial of service
Arch Linux Security Advisory ASA-201702-6 ========================================= Severity: Low Date : 2017-02-03 CVE-ID : CVE-2017-5846 CVE-2017-5847 Package : gst-plugins-ugly Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-166 Summary ======= The package...
[ASA-201701-27] webkit2gtk: multiple issues
Arch Linux Security Advisory ASA-201701-27 ========================================== Severity: Critical Date : 2017-01-18 CVE-ID : CVE-2016-7586 CVE-2016-7589 CVE-2016-7592 CVE-2016-7599 CVE-2016-7623 CVE-2016-7632 CVE-2016-7635 CVE-2016-7639 CVE-2016-7641 CVE-2016-7645 CVE-2016-7652 CVE-2016-76...
[ASA-201612-19] samba: multiple issues
Arch Linux Security Advisory ASA-201612-19 ========================================== Severity: Critical Date : 2016-12-22 CVE-ID : CVE-2016-2123 CVE-2016-2125 CVE-2016-2126 Package : samba Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-111 Summary ======= The packa...
[ASA-201610-4] kcoreaddons: insufficient validation
Arch Linux Security Advisory ASA-201610-4 ========================================= Severity: Medium Date : 2016-10-07 CVE-ID : CVE-2016-7966 Package : kcoreaddons Type : insufficient validation Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package kcoreaddons...
lhasa: arbitrary code execution
An exploitable integer underflow exists during calculation size for all headers in decodelevel3header function of Lhasa lha application. Smaller value of headerlen than LEVEL3HEADERLEN 32 cause during subtraction integer underflow and lead later to memory corruption via heap based buffer overflow...
powerdns: denial of service
This bug was found using afl-fuzz in the packet parsing code. This bug, when exploited, causes an assertion error and consequent termination of the the pdnsserver process, causing a denial-of-service...
libunwind: denial of service
CVE-2015-3239 Unspecified Impact: Off-by-one error in the dwarftounwregnum function in include/dwarfi.h in libunwind 1.1 allows local users to have unspecified impact via invalid dwarf opcodes...
powerdns: denial of service
A bug was found in the PowerDNS Authoritative Server DNS packet parsing/generation code, which, when exploited, can cause individual threads disabling service or whole processes allowing a supervisor to restart them to crash with just one or a few query packets...
webkitgtk2: man-in-the-middle
It was found that WebKitGTK+ version performed TLS certificate verification too late, after sending an HTTP request rather than before. This issue allows a man-in-the-middle attack to possibly gain sensitive information...
pgbouncer: denial of service
A remote denial of service vulnerability in checkclientpasswd has been discovered. The issue is triggered if a password packet appears before the startup packet. In such case a null pointer is dereferenced that is leading to application crash...
[ASA-202112-10] gitlab: multiple issues
Arch Linux Security Advisory ASA-202112-10 ========================================== Severity: High Date : 2021-12-11 CVE-ID : CVE-2021-39910 CVE-2021-39915 CVE-2021-39917 CVE-2021-39919 CVE-2021-39931 CVE-2021-39932 CVE-2021-39933 CVE-2021-39934 CVE-2021-39935 CVE-2021-39936 CVE-2021-39937...
[ASA-202007-2] wireshark-cli: denial of service
Arch Linux Security Advisory ASA-202007-2 ========================================= Severity: Low Date : 2020-07-18 CVE-ID : CVE-2020-15466 Package : wireshark-cli Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1198 Summary ======= The package wireshark-cli before...
[ASA-202006-12] chromium: arbitrary code execution
Arch Linux Security Advisory ASA-202006-12 ========================================== Severity: High Date : 2020-06-28 CVE-ID : CVE-2020-6509 Package : chromium Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1192 Summary ======= The package chromium before...
[ASA-202005-9] dovecot: multiple issues
Arch Linux Security Advisory ASA-202005-9 ========================================= Severity: High Date : 2020-05-19 CVE-ID : CVE-2020-10957 CVE-2020-10958 CVE-2020-10967 Package : dovecot Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1162 Summary ======= The packa...
[ASA-202002-8] systemd: privilege escalation
Arch Linux Security Advisory ASA-202002-8 ========================================= Severity: High Date : 2020-02-12 CVE-ID : CVE-2020-1712 Package : systemd Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-1094 Summary ======= The package systemd before version...
[ASA-202001-2] file: arbitrary code execution
Arch Linux Security Advisory ASA-202001-2 ========================================= Severity: High Date : 2020-01-09 CVE-ID : CVE-2019-18218 Package : file Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-1083 Summary ======= The package file before version...
[ASA-201911-5] ghostscript: sandbox escape
Arch Linux Security Advisory ASA-201911-5 ========================================= Severity: High Date : 2019-11-03 CVE-ID : CVE-2019-14811 CVE-2019-14812 CVE-2019-14813 CVE-2019-14817 Package : ghostscript Type : sandbox escape Remote : No Link : https://security.archlinux.org/AVG-1031 Summary...
[ASA-201908-11] firefox: information disclosure
Arch Linux Security Advisory ASA-201908-11 ========================================== Severity: Medium Date : 2019-08-16 CVE-ID : CVE-2019-11733 Package : firefox Type : information disclosure Remote : No Link : https://security.archlinux.org/AVG-1025 Summary ======= The package firefox before...
[ASA-201907-2] python-django: silent downgrade
Arch Linux Security Advisory ASA-201907-2 ========================================= Severity: High Date : 2019-07-06 CVE-ID : CVE-2019-12781 Package : python-django Type : silent downgrade Remote : Yes Link : https://security.archlinux.org/AVG-1000 Summary ======= The package python-django before...
[ASA-201904-9] dovecot: denial of service
Arch Linux Security Advisory ASA-201904-9 ========================================= Severity: Medium Date : 2019-04-18 CVE-ID : CVE-2019-10691 Package : dovecot Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-950 Summary ======= The package dovecot before version...
[ASA-201903-15] imagemagick: arbitrary code execution
Arch Linux Security Advisory ASA-201903-15 ========================================== Severity: Critical Date : 2019-03-28 CVE-ID : CVE-2019-9956 Package : imagemagick Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-931 Summary ======= The package imagemagic...
[ASA-201903-13] powerdns: insufficient validation
Arch Linux Security Advisory ASA-201903-13 ========================================== Severity: High Date : 2019-03-22 CVE-ID : CVE-2019-3871 Package : powerdns Type : insufficient validation Remote : Yes Link : https://security.archlinux.org/AVG-927 Summary ======= The package powerdns before...
[ASA-201902-19] cairo: arbitrary code execution
Arch Linux Security Advisory ASA-201902-19 ========================================== Severity: Critical Date : 2019-02-17 CVE-ID : CVE-2018-19876 Package : cairo Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-826 Summary ======= The package cairo before...
[ASA-201902-4] spice: arbitrary code execution
Arch Linux Security Advisory ASA-201902-4 ========================================= Severity: Critical Date : 2019-02-11 CVE-ID : CVE-2019-3813 Package : spice Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-866 Summary ======= The package spice before versi...
[ASA-201811-17] libtiff: multiple issues
Arch Linux Security Advisory ASA-201811-17 ========================================== Severity: High Date : 2018-11-20 CVE-ID : CVE-2017-9935 CVE-2017-11613 CVE-2018-18557 CVE-2018-18661 Package : libtiff Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-790 Summary...