1854 matches found
[ASA-201803-19] libcurl-gnutls: multiple issues
Arch Linux Security Advisory ASA-201803-19 ========================================== Severity: Medium Date : 2018-03-19 CVE-ID : CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122 Package : libcurl-gnutls Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-661 Summary...
[ASA-201801-32] dnsmasq: insufficient validation
Arch Linux Security Advisory ASA-201801-32 ========================================== Severity: Medium Date : 2018-01-30 CVE-ID : CVE-2017-15107 Package : dnsmasq Type : insufficient validation Remote : Yes Link : https://security.archlinux.org/AVG-592 Summary ======= The package dnsmasq before...
[ASA-201801-12] irssi: denial of service
Arch Linux Security Advisory ASA-201801-12 ========================================== Severity: Medium Date : 2018-01-16 CVE-ID : CVE-2018-5205 CVE-2018-5206 CVE-2018-5207 CVE-2018-5208 Package : irssi Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-575 Summary...
[ASA-201710-4] lib32-libcurl-gnutls: multiple issues
Arch Linux Security Advisory ASA-201710-4 ========================================= Severity: Medium Date : 2017-10-05 CVE-ID : CVE-2017-1000099 CVE-2017-1000100 CVE-2017-1000254 Package : lib32-libcurl-gnutls Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-386 Summa...
[ASA-201709-22] nvidia: multiple issues
Arch Linux Security Advisory ASA-201709-22 ========================================== Severity: High Date : 2017-09-28 CVE-ID : CVE-2017-6266 CVE-2017-6267 CVE-2017-6272 Package : nvidia Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-418 Summary ======= The package...
[ASA-201709-6] flashplugin: arbitrary code execution
Arch Linux Security Advisory ASA-201709-6 ========================================= Severity: Critical Date : 2017-09-13 CVE-ID : CVE-2017-11281 CVE-2017-11282 Package : flashplugin Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-398 Summary ======= The...
[ASA-201707-16] mosquitto: information disclosure
Arch Linux Security Advisory ASA-201707-16 ========================================== Severity: Medium Date : 2017-07-16 CVE-ID : CVE-2017-9868 Package : mosquitto Type : information disclosure Remote : No Link : https://security.archlinux.org/AVG-353 Summary ======= The package mosquitto before...
[ASA-201707-14] evince: arbitrary command execution
Arch Linux Security Advisory ASA-201707-14 ========================================== Severity: Critical Date : 2017-07-14 CVE-ID : CVE-2017-1000083 Package : evince Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-348 Summary ======= The package evince...
[ASA-201707-6] lib32-gnutls: denial of service
Arch Linux Security Advisory ASA-201707-6 ========================================= Severity: Medium Date : 2017-07-11 CVE-ID : CVE-2017-7507 Package : lib32-gnutls Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-295 Summary ======= The package lib32-gnutls before...
[ASA-201706-14] flashplugin: arbitrary code execution
Arch Linux Security Advisory ASA-201706-14 ========================================== Severity: Critical Date : 2017-06-14 CVE-ID : CVE-2017-3075 CVE-2017-3076 CVE-2017-3077 CVE-2017-3078 CVE-2017-3079 CVE-2017-3081 CVE-2017-3082 CVE-2017-3083 CVE-2017-3084 Package : flashplugin Type : arbitrary...
[ASA-201705-20] lynis: arbitrary file overwrite
Arch Linux Security Advisory ASA-201705-20 ========================================== Severity: High Date : 2017-05-22 CVE-ID : CVE-2017-8108 Package : lynis Type : arbitrary file overwrite Remote : No Link : https://security.archlinux.org/AVG-278 Summary ======= The package lynis before version...
[ASA-201703-16] mbedtls: arbitrary code execution
Arch Linux Security Advisory ASA-201703-16 ========================================== Severity: Critical Date : 2017-03-20 CVE-ID : CVE-2017-2784 Package : mbedtls Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-198 Summary ======= The package mbedtls before...
[ASA-201702-11] kdenetwork-kopete: content spoofing
Arch Linux Security Advisory ASA-201702-11 ========================================== Severity: Medium Date : 2017-02-12 CVE-ID : CVE-2017-5593 Package : kdenetwork-kopete Type : content spoofing Remote : Yes Link : https://security.archlinux.org/AVG-173 Summary ======= The package...
[ASA-201701-20] libvncserver: arbitrary code execution
Arch Linux Security Advisory ASA-201701-20 ========================================== Severity: Critical Date : 2017-01-13 CVE-ID : CVE-2016-9941 CVE-2016-9942 Package : libvncserver Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-124 Summary ======= The...
[ASA-201701-10] lib32-libcurl-compat: multiple issues
Arch Linux Security Advisory ASA-201701-10 ========================================== Severity: Medium Date : 2017-01-03 CVE-ID : CVE-2016-9586 CVE-2016-9594 Package : lib32-libcurl-compat Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-116 Summary ======= The packag...
gnutls: arbitrary file overwrite
Setuid programs using GnuTLS could potentially allow an attacker to overwrite and corrupt arbitrary files in the filesystem. This issue was introduced in GnuTLS 3.4.12 with the GNUTLSKEYLOGFILE environment variable handling via getenv and fixed in GnuTLS 3.4.13 by switching to securegetenv where...
bugzilla: cross-site scripting
An attacker can craft a malicious summary within a bug report to host malicious javascript code. This code will be served to a user when he or she navigates to the bug's dependency graph...
pgbouncer: denial of service
A remote denial of service vulnerability in checkclientpasswd has been discovered. The issue is triggered if a password packet appears before the startup packet. In such case a null pointer is dereferenced that is leading to application crash...
icecast: information leak
It was reported that Icecast could possibly leak the contents of on-connect scripts to clients, which may contain sensitive information. If on-connect/on-disconnect scripts are used, file descriptors of the server process remain open and could be written to or read from. Most pressing STDIN,...
[ASA-202505-8] nodejs-lts-iron: multiple issues
Arch Linux Security Advisory ASA-202505-8 ========================================= Severity: High Date : 2025-05-18 CVE-ID : CVE-2025-23165 CVE-2025-23166 CVE-2025-23167 Package : nodejs-lts-iron Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2873 Summary ======= T...
[ASA-202505-7] nodejs-lts-jod: denial of service
Arch Linux Security Advisory ASA-202505-7 ========================================= Severity: High Date : 2025-05-18 CVE-ID : CVE-2025-23165 CVE-2025-23166 Package : nodejs-lts-jod Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-2872 Summary ======= The package...
[ASA-202109-1] hedgedoc: cross-site scripting
Arch Linux Security Advisory ASA-202109-1 ========================================= Severity: High Date : 2021-09-14 CVE-ID : CVE-2021-39175 Package : hedgedoc Type : cross-site scripting Remote : Yes Link : https://security.archlinux.org/AVG-2331 Summary ======= The package hedgedoc before versi...
[ASA-202009-1] opendmarc: denial of service
Arch Linux Security Advisory ASA-202009-1 ========================================= Severity: Medium Date : 2020-09-01 CVE-ID : CVE-2020-12460 Package : opendmarc Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1208 Summary ======= The package opendmarc before...
[ASA-202007-5] mbedtls: private key recovery
Arch Linux Security Advisory ASA-202007-5 ========================================= Severity: Medium Date : 2020-07-31 CVE-ID : CVE-2020-10932 Package : mbedtls Type : private key recovery Remote : No Link : https://security.archlinux.org/AVG-1141 Summary ======= The package mbedtls before versio...
[ASA-202005-4] a2ps: multiple issues
Arch Linux Security Advisory ASA-202005-4 ========================================= Severity: High Date : 2020-05-06 CVE-ID : CVE-2014-0466 CVE-2015-8107 Package : a2ps Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-1150 Summary ======= The package a2ps before versio...
[ASA-202004-10] wireshark-cli: arbitrary code execution
Arch Linux Security Advisory ASA-202004-10 ========================================== Severity: Critical Date : 2020-04-09 CVE-ID : CVE-2020-11647 Package : wireshark-cli Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1129 Summary ======= The package...
[ASA-202002-8] systemd: privilege escalation
Arch Linux Security Advisory ASA-202002-8 ========================================= Severity: High Date : 2020-02-12 CVE-ID : CVE-2020-1712 Package : systemd Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-1094 Summary ======= The package systemd before version...
[ASA-202001-2] file: arbitrary code execution
Arch Linux Security Advisory ASA-202001-2 ========================================= Severity: High Date : 2020-01-09 CVE-ID : CVE-2019-18218 Package : file Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-1083 Summary ======= The package file before version...
[ASA-201907-2] python-django: silent downgrade
Arch Linux Security Advisory ASA-201907-2 ========================================= Severity: High Date : 2019-07-06 CVE-ID : CVE-2019-12781 Package : python-django Type : silent downgrade Remote : Yes Link : https://security.archlinux.org/AVG-1000 Summary ======= The package python-django before...
[ASA-201905-5] tcpreplay: multiple issues
Arch Linux Security Advisory ASA-201905-5 ========================================= Severity: High Date : 2019-05-06 CVE-ID : CVE-2019-8376 CVE-2019-8377 CVE-2019-8381 Package : tcpreplay Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-902 Summary ======= The package...
[ASA-201811-17] libtiff: multiple issues
Arch Linux Security Advisory ASA-201811-17 ========================================== Severity: High Date : 2018-11-20 CVE-ID : CVE-2017-9935 CVE-2017-11613 CVE-2018-18557 CVE-2018-18661 Package : libtiff Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-790 Summary...
[ASA-201808-2] cgit: directory traversal
Arch Linux Security Advisory ASA-201808-2 ========================================= Severity: High Date : 2018-08-03 CVE-ID : CVE-2018-14912 Package : cgit Type : directory traversal Remote : Yes Link : https://security.archlinux.org/AVG-745 Summary ======= The package cgit before version 1.2.1-1...
[ASA-201807-2] git-annex: multiple issues
Arch Linux Security Advisory ASA-201807-2 ========================================= Severity: High Date : 2018-07-04 CVE-ID : CVE-2018-10857 CVE-2018-10859 Package : git-annex Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-725 Summary ======= The package git-annex...
[ASA-201806-13] qutebrowser: cross-site scripting
Arch Linux Security Advisory ASA-201806-13 ========================================== Severity: Medium Date : 2018-06-26 CVE-ID : CVE-2018-1000559 Package : qutebrowser Type : cross-site scripting Remote : Yes Link : https://security.archlinux.org/AVG-724 Summary ======= The package qutebrowser...
[ASA-201806-5] firefox: arbitrary code execution
Arch Linux Security Advisory ASA-201806-5 ========================================= Severity: High Date : 2018-06-08 CVE-ID : CVE-2018-6126 Package : firefox Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-715 Summary ======= The package firefox before versi...
[ASA-201805-20] bind: denial of service
Arch Linux Security Advisory ASA-201805-20 ========================================== Severity: Medium Date : 2018-05-20 CVE-ID : CVE-2018-5736 CVE-2018-5737 Package : bind Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-706 Summary ======= The package bind before...
[ASA-201804-5] zsh: arbitrary code execution
Arch Linux Security Advisory ASA-201804-5 ========================================= Severity: High Date : 2018-04-11 CVE-ID : CVE-2018-1100 Package : zsh Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-669 Summary ======= The package zsh before version 5.5-1 ...
[ASA-201803-3] dhclient: denial of service
Arch Linux Security Advisory ASA-201803-3 ========================================= Severity: High Date : 2018-03-05 CVE-ID : CVE-2018-5732 Package : dhclient Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-648 Summary ======= The package dhclient before version...
[ASA-201802-10] strongswan: denial of service
Arch Linux Security Advisory ASA-201802-10 ========================================== Severity: Medium Date : 2018-02-21 CVE-ID : CVE-2018-6459 Package : strongswan Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-625 Summary ======= The package strongswan before...
[ASA-201802-4] plasma-workspace: arbitrary command execution
Arch Linux Security Advisory ASA-201802-4 ========================================= Severity: High Date : 2018-02-09 CVE-ID : CVE-2018-6791 Package : plasma-workspace Type : arbitrary command execution Remote : No Link : https://security.archlinux.org/AVG-607 Summary ======= The package...
[ASA-201801-15] perl-xml-libxml: arbitrary code execution
Arch Linux Security Advisory ASA-201801-15 ========================================== Severity: High Date : 2018-01-18 CVE-ID : CVE-2017-10672 Package : perl-xml-libxml Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-501 Summary ======= The package...
[ASA-201801-5] mongodb: arbitrary code execution
Arch Linux Security Advisory ASA-201801-5 ========================================= Severity: High Date : 2018-01-05 CVE-ID : CVE-2017-15535 Package : mongodb Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-503 Summary ======= The package mongodb before...
[ASA-201711-38] lib32-libcurl-compat: multiple issues
Arch Linux Security Advisory ASA-201711-38 ========================================== Severity: High Date : 2017-11-30 CVE-ID : CVE-2017-8816 CVE-2017-8817 CVE-2017-8818 Package : lib32-libcurl-compat Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-522 Summary ======...
[ASA-201710-33] apr-util: denial of service
Arch Linux Security Advisory ASA-201710-33 ========================================== Severity: Low Date : 2017-10-27 CVE-ID : CVE-2017-12618 Package : apr-util Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-468 Summary ======= The package apr-util before version...
[ASA-201710-16] go-pie: arbitrary command execution
Arch Linux Security Advisory ASA-201710-16 ========================================== Severity: High Date : 2017-10-12 CVE-ID : CVE-2017-15041 Package : go-pie Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-442 Summary ======= The package go-pie before...
[ASA-201710-8] krb5: multiple issues
Arch Linux Security Advisory ASA-201710-8 ========================================= Severity: High Date : 2017-10-05 CVE-ID : CVE-2017-11368 CVE-2017-11462 Package : krb5 Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-414 Summary ======= The package krb5 before...
[ASA-201705-12] kauth: privilege escalation
Arch Linux Security Advisory ASA-201705-12 ========================================== Severity: High Date : 2017-05-10 CVE-ID : CVE-2017-8422 Package : kauth Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-269 Summary ======= The package kauth before version...
[ASA-201702-15] flashplugin: arbitrary code execution
Arch Linux Security Advisory ASA-201702-15 ========================================== Severity: Critical Date : 2017-02-17 CVE-ID : CVE-2017-2982 CVE-2017-2984 CVE-2017-2985 CVE-2017-2987 CVE-2017-2988 CVE-2017-2990 CVE-2017-2991 CVE-2017-2992 CVE-2017-2993 CVE-2017-2994 CVE-2017-2995 CVE-2017-29...
[ASA-201702-16] lib32-flashplugin: arbitrary code execution
Arch Linux Security Advisory ASA-201702-16 ========================================== Severity: Critical Date : 2017-02-17 CVE-ID : CVE-2017-2982 CVE-2017-2984 CVE-2017-2985 CVE-2017-2987 CVE-2017-2988 CVE-2017-2990 CVE-2017-2991 CVE-2017-2992 CVE-2017-2993 CVE-2017-2994 CVE-2017-2995 CVE-2017-29...
[ASA-201701-30] powerdns-recursor: multiple issues
Arch Linux Security Advisory ASA-201701-30 ========================================== Severity: Medium Date : 2017-01-19 CVE-ID : CVE-2016-7068 CVE-2016-7073 CVE-2016-7074 Package : powerdns-recursor Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-148 Summary =======...