Archlinux - Page 34 of Archlinux Most Viewed Vulnerabilities List

ArchLinux•added 2017/10/05 12:0 a.m.•27 views

[ASA-201710-8] krb5: multiple issues

Arch Linux Security Advisory ASA-201710-8 ========================================= Severity: High Date : 2017-10-05 CVE-ID : CVE-2017-11368 CVE-2017-11462 Package : krb5 Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-414 Summary ======= The package krb5 before...

9.8CVSS2.4AI score0.05481EPSS

Exploits0References8

ArchLinux•added 2017/09/13 12:0 a.m.•27 views

[ASA-201709-6] flashplugin: arbitrary code execution

Arch Linux Security Advisory ASA-201709-6 ========================================= Severity: Critical Date : 2017-09-13 CVE-ID : CVE-2017-11281 CVE-2017-11282 Package : flashplugin Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-398 Summary ======= The...

9.8CVSS2.5AI score0.34848EPSS

Exploits8References4

ArchLinux•added 2017/07/11 12:0 a.m.•27 views

[ASA-201707-6] lib32-gnutls: denial of service

Arch Linux Security Advisory ASA-201707-6 ========================================= Severity: Medium Date : 2017-07-11 CVE-ID : CVE-2017-7507 Package : lib32-gnutls Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-295 Summary ======= The package lib32-gnutls before...

7.5CVSS1.9AI score0.0341EPSS

ArchLinux•added 2017/06/14 12:0 a.m.•27 views

[ASA-201706-14] flashplugin: arbitrary code execution

Arch Linux Security Advisory ASA-201706-14 ========================================== Severity: Critical Date : 2017-06-14 CVE-ID : CVE-2017-3075 CVE-2017-3076 CVE-2017-3077 CVE-2017-3078 CVE-2017-3079 CVE-2017-3081 CVE-2017-3082 CVE-2017-3083 CVE-2017-3084 Package : flashplugin Type : arbitrary...

10CVSS2AI score0.30886EPSS

Exploits3References11

ArchLinux•added 2017/04/06 12:0 a.m.•27 views

[ASA-201704-2] python-django: multiple issues

Arch Linux Security Advisory ASA-201704-2 ========================================= Severity: Medium Date : 2017-04-06 CVE-ID : CVE-2017-7233 CVE-2017-7234 Package : python-django Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-233 Summary ======= The package...

6.1CVSS0.2AI score0.02384EPSS

Exploits2References4

ArchLinux•added 2017/02/12 12:0 a.m.•27 views

[ASA-201702-11] kdenetwork-kopete: content spoofing

Arch Linux Security Advisory ASA-201702-11 ========================================== Severity: Medium Date : 2017-02-12 CVE-ID : CVE-2017-5593 Package : kdenetwork-kopete Type : content spoofing Remote : Yes Link : https://security.archlinux.org/AVG-173 Summary ======= The package...

5.9CVSS2.2AI score0.00679EPSS

Exploits3References4

ArchLinux•added 2017/01/19 12:0 a.m.•27 views

[ASA-201701-30] powerdns-recursor: multiple issues

Arch Linux Security Advisory ASA-201701-30 ========================================== Severity: Medium Date : 2017-01-19 CVE-ID : CVE-2016-7068 CVE-2016-7073 CVE-2016-7074 Package : powerdns-recursor Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-148 Summary =======...

7.8CVSS1.6AI score0.07294EPSS

Exploits0References7

ArchLinux•added 2017/01/13 12:0 a.m.•27 views

[ASA-201701-20] libvncserver: arbitrary code execution

Arch Linux Security Advisory ASA-201701-20 ========================================== Severity: Critical Date : 2017-01-13 CVE-ID : CVE-2016-9941 CVE-2016-9942 Package : libvncserver Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-124 Summary ======= The...

9.8CVSS4.5AI score0.03732EPSS

ArchLinux•added 2017/01/12 12:0 a.m.•27 views

[ASA-201701-15] bind: denial of service

Arch Linux Security Advisory ASA-201701-15 ========================================== Severity: High Date : 2017-01-12 CVE-ID : CVE-2016-9131 CVE-2016-9147 CVE-2016-9444 CVE-2016-9778 Package : bind Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-132 Summary ======...

7.5CVSS0.5AI score0.40556EPSS

Exploits0References9

ArchLinux•added 2017/01/03 12:0 a.m.•27 views

[ASA-201701-10] lib32-libcurl-compat: multiple issues

Arch Linux Security Advisory ASA-201701-10 ========================================== Severity: Medium Date : 2017-01-03 CVE-ID : CVE-2016-9586 CVE-2016-9594 Package : lib32-libcurl-compat Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-116 Summary ======= The packag...

8.1CVSS0.9AI score0.04999EPSS

ArchLinux•added 2016/08/10 12:0 a.m.•27 views

jq: arbitrary code execution

A heap-based buffer overflow has been found in jq when parsing a JSON-encoded number longer than 256 bytes. The NULL-terminator byte was not allocated when the buffer was resized, causing a off-by-one write...

4.3AI score0.07495EPSS

ArchLinux•added 2016/06/25 12:0 a.m.•27 views

libdwarf: arbitrary code execution

CVE-2016-5027 denial of service Multiple NULL pointer dereference issues in several functions of libdwarf/dwarfleb.c, where leb128length was wrongly assumed non-NULL. - CVE-2016-5028 denial of service NULL pointer dereference issue in printframeinstbytes. - CVE-2016-5029 denial of service NULL...

3.9AI score0.04379EPSS

Exploits17References20

ArchLinux•added 2015/12/25 12:0 a.m.•27 views

mediawiki: multiple issues

CVE-2015-8622: T117899 XSS from wikitext when $wgArticlePath='$1'. Internal review discovered an XSS vector when MediaWiki is configured with a non-standard configuration. - CVE-2015-8624: T119309 User::matchEditToken should use constant-time string comparison. Internal review discovered that...

1.9AI score0.01888EPSS

Exploits0References13

ArchLinux•added 2015/10/23 12:0 a.m.•27 views

drupal: open redirect

The Overlay module in Drupal core displays administrative pages as a layer over the current page using JavaScript, rather than replacing the page in the browser window. The Overlay module does not sufficiently validate URLs prior to displaying their contents, leading to an open redirect...

1.7AI score0.01774EPSS

Exploits0References2

ArchLinux•added 2014/10/24 12:0 a.m.•27 views

ctags: Denial of service

Stefano Zacchiroli discovered a vulnerability in ctags, a tool to build tag file indexes of source code definitions: Certain JavaScript files cause ctags to enter an infinite loop until it runs out of disk space, resulting in denial of service...

5CVSS2AI score0.04276EPSS

Exploits1References4

ArchLinux•added 2025/05/18 12:0 a.m.•26 views

[ASA-202505-7] nodejs-lts-jod: denial of service

Arch Linux Security Advisory ASA-202505-7 ========================================= Severity: High Date : 2025-05-18 CVE-ID : CVE-2025-23165 CVE-2025-23166 Package : nodejs-lts-jod Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-2872 Summary ======= The package...

7.5CVSS7.7AI score0.00763EPSS

ArchLinux•added 2021/09/14 12:0 a.m.•26 views

[ASA-202109-1] hedgedoc: cross-site scripting

Arch Linux Security Advisory ASA-202109-1 ========================================= Severity: High Date : 2021-09-14 CVE-ID : CVE-2021-39175 Package : hedgedoc Type : cross-site scripting Remote : Yes Link : https://security.archlinux.org/AVG-2331 Summary ======= The package hedgedoc before versi...

8.1CVSS2.2AI score0.00602EPSS

ArchLinux•added 2020/04/09 12:0 a.m.•26 views

[ASA-202004-10] wireshark-cli: arbitrary code execution

Arch Linux Security Advisory ASA-202004-10 ========================================== Severity: Critical Date : 2020-04-09 CVE-ID : CVE-2020-11647 Package : wireshark-cli Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1129 Summary ======= The package...

7.5CVSS2.2AI score0.03294EPSS

ArchLinux•added 2020/02/12 12:0 a.m.•26 views

[ASA-202002-8] systemd: privilege escalation

Arch Linux Security Advisory ASA-202002-8 ========================================= Severity: High Date : 2020-02-12 CVE-ID : CVE-2020-1712 Package : systemd Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-1094 Summary ======= The package systemd before version...

7.8CVSS1.7AI score0.0046EPSS

ArchLinux•added 2019/07/06 12:0 a.m.•26 views

[ASA-201907-2] python-django: silent downgrade

Arch Linux Security Advisory ASA-201907-2 ========================================= Severity: High Date : 2019-07-06 CVE-ID : CVE-2019-12781 Package : python-django Type : silent downgrade Remote : Yes Link : https://security.archlinux.org/AVG-1000 Summary ======= The package python-django before...

5.3CVSS1.2AI score0.01697EPSS

ArchLinux•added 2019/06/11 12:0 a.m.•26 views

[ASA-201906-8] vim: arbitrary code execution

Arch Linux Security Advisory ASA-201906-8 ========================================= Severity: High Date : 2019-06-11 CVE-ID : CVE-2019-12735 Package : vim Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-975 Summary ======= The package vim before version...

9.3CVSS3AI score0.19111EPSS

Exploits5References3

ArchLinux•added 2019/04/18 12:0 a.m.•26 views

[ASA-201904-9] dovecot: denial of service

Arch Linux Security Advisory ASA-201904-9 ========================================= Severity: Medium Date : 2019-04-18 CVE-ID : CVE-2019-10691 Package : dovecot Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-950 Summary ======= The package dovecot before version...

7.5CVSS1.3AI score0.028EPSS

ArchLinux•added 2019/02/17 12:0 a.m.•26 views

[ASA-201902-19] cairo: arbitrary code execution

Arch Linux Security Advisory ASA-201902-19 ========================================== Severity: Critical Date : 2019-02-17 CVE-ID : CVE-2018-19876 Package : cairo Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-826 Summary ======= The package cairo before...

6.5CVSS2.1AI score0.01714EPSS

ArchLinux•added 2018/11/22 12:0 a.m.•26 views

[ASA-201811-19] flashplugin: arbitrary code execution

Arch Linux Security Advisory ASA-201811-19 ========================================== Severity: Critical Date : 2018-11-22 CVE-ID : CVE-2018-15981 Package : flashplugin Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-818 Summary ======= The package flashplug...

10CVSS1.8AI score0.11702EPSS

ArchLinux•added 2018/11/20 12:0 a.m.•26 views

[ASA-201811-17] libtiff: multiple issues

Arch Linux Security Advisory ASA-201811-17 ========================================== Severity: High Date : 2018-11-20 CVE-ID : CVE-2017-9935 CVE-2017-11613 CVE-2018-18557 CVE-2018-18661 Package : libtiff Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-790 Summary...

8.8CVSS1.3AI score0.1496EPSS

Exploits5References16

ArchLinux•added 2018/08/10 12:0 a.m.•26 views

[ASA-201808-8] thunderbird: multiple issues

Arch Linux Security Advisory ASA-201808-8 ========================================= Severity: Critical Date : 2018-08-10 CVE-ID : CVE-2018-5156 CVE-2018-5187 CVE-2018-12361 CVE-2018-12367 CVE-2018-12371 Package : thunderbird Type : multiple issues Remote : Yes Link :...

9.8CVSS0.7AI score0.03755EPSS

Exploits1References17

ArchLinux•added 2018/08/03 12:0 a.m.•26 views

[ASA-201808-2] cgit: directory traversal

Arch Linux Security Advisory ASA-201808-2 ========================================= Severity: High Date : 2018-08-03 CVE-ID : CVE-2018-14912 Package : cgit Type : directory traversal Remote : Yes Link : https://security.archlinux.org/AVG-745 Summary ======= The package cgit before version 1.2.1-1...

7.5CVSS1.8AI score0.93188EPSS

Exploits7References5

ArchLinux•added 2018/07/26 12:0 a.m.•26 views

[ASA-201807-16] libextractor: denial of service

Arch Linux Security Advisory ASA-201807-16 ========================================== Severity: Medium Date : 2018-07-26 CVE-ID : CVE-2017-17440 Package : libextractor Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-541 Summary ======= The package libextractor befo...

6.5CVSS2.9AI score0.0236EPSS

Exploits1References4

ArchLinux•added 2018/07/04 12:0 a.m.•26 views

[ASA-201807-2] git-annex: multiple issues

Arch Linux Security Advisory ASA-201807-2 ========================================= Severity: High Date : 2018-07-04 CVE-ID : CVE-2018-10857 CVE-2018-10859 Package : git-annex Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-725 Summary ======= The package git-annex...

7.5CVSS0.5AI score0.01539EPSS

ArchLinux•added 2018/05/16 12:0 a.m.•26 views

[ASA-201805-12] zathura-pdf-mupdf: multiple issues

Arch Linux Security Advisory ASA-201805-12 ========================================== Severity: High Date : 2018-05-16 CVE-ID : CVE-2018-5686 CVE-2018-6187 CVE-2018-6192 CVE-2018-6544 CVE-2018-1000051 Package : zathura-pdf-mupdf Type : multiple issues Remote : Yes Link :...

7.8CVSS3AI score0.01942EPSS

Exploits5References21

ArchLinux•added 2018/04/19 12:0 a.m.•26 views

[ASA-201804-9] xfig: information disclosure

Arch Linux Security Advisory ASA-201804-9 ========================================= Severity: Medium Date : 2018-04-19 CVE-ID : CVE-2017-16899 Package : xfig Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-513 Summary ======= The package xfig before version...

7.1CVSS1AI score0.0135EPSS

ArchLinux•added 2018/03/19 12:0 a.m.•26 views

[ASA-201803-19] libcurl-gnutls: multiple issues

Arch Linux Security Advisory ASA-201803-19 ========================================== Severity: Medium Date : 2018-03-19 CVE-ID : CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122 Package : libcurl-gnutls Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-661 Summary...

9.8CVSS0.6AI score0.12058EPSS

Exploits0References13

ArchLinux•added 2018/01/05 12:0 a.m.•26 views

[ASA-201801-5] mongodb: arbitrary code execution

Arch Linux Security Advisory ASA-201801-5 ========================================= Severity: High Date : 2018-01-05 CVE-ID : CVE-2017-15535 Package : mongodb Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-503 Summary ======= The package mongodb before...

9.1CVSS2.6AI score0.01567EPSS

ArchLinux•added 2017/11/08 12:0 a.m.•26 views

[ASA-201711-16] libextractor: denial of service

Arch Linux Security Advisory ASA-201711-16 ========================================== Severity: Low Date : 2017-11-08 CVE-ID : CVE-2017-15922 Package : libextractor Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-471 Summary ======= The package libextractor before...

5.5CVSS2.2AI score0.01313EPSS

Exploits1References3

ArchLinux•added 2017/11/02 12:0 a.m.•26 views

[ASA-201711-6] curl: information disclosure

Arch Linux Security Advisory ASA-201711-6 ========================================= Severity: Medium Date : 2017-11-02 CVE-ID : CVE-2017-1000257 Package : curl Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-467 Summary ======= The package curl before version...

9.1CVSS9.1AI score0.06224EPSS

ArchLinux•added 2017/10/12 12:0 a.m.•26 views

[ASA-201710-16] go-pie: arbitrary command execution

Arch Linux Security Advisory ASA-201710-16 ========================================== Severity: High Date : 2017-10-12 CVE-ID : CVE-2017-15041 Package : go-pie Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-442 Summary ======= The package go-pie before...

9.8CVSS1.3AI score0.08944EPSS

ArchLinux•added 2017/09/28 12:0 a.m.•26 views

[ASA-201709-22] nvidia: multiple issues

Arch Linux Security Advisory ASA-201709-22 ========================================== Severity: High Date : 2017-09-28 CVE-ID : CVE-2017-6266 CVE-2017-6267 CVE-2017-6272 Package : nvidia Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-418 Summary ======= The package...

7.8CVSS2AI score0.00426EPSS

ArchLinux•added 2017/09/06 12:0 a.m.•26 views

[ASA-201709-2] postgresql: multiple issues

Arch Linux Security Advisory ASA-201709-2 ========================================= Severity: High Date : 2017-09-06 CVE-ID : CVE-2017-7546 CVE-2017-7547 CVE-2017-7548 Package : postgresql Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-381 Summary ======= The packag...

9.8CVSS2AI score0.61566EPSS

Exploits0References8

ArchLinux•added 2017/07/16 12:0 a.m.•26 views

[ASA-201707-16] mosquitto: information disclosure

Arch Linux Security Advisory ASA-201707-16 ========================================== Severity: Medium Date : 2017-07-16 CVE-ID : CVE-2017-9868 Package : mosquitto Type : information disclosure Remote : No Link : https://security.archlinux.org/AVG-353 Summary ======= The package mosquitto before...

5.5CVSS0.6AI score0.00361EPSS

ArchLinux•added 2017/05/22 12:0 a.m.•26 views

[ASA-201705-20] lynis: arbitrary file overwrite

Arch Linux Security Advisory ASA-201705-20 ========================================== Severity: High Date : 2017-05-22 CVE-ID : CVE-2017-8108 Package : lynis Type : arbitrary file overwrite Remote : No Link : https://security.archlinux.org/AVG-278 Summary ======= The package lynis before version...

7.8CVSS0.6AI score0.00426EPSS

ArchLinux•added 2017/05/21 12:0 a.m.•26 views

[ASA-201705-19] fop: xml external entity injection

Arch Linux Security Advisory ASA-201705-19 ========================================== Severity: Medium Date : 2017-05-21 CVE-ID : CVE-2017-5661 Package : fop Type : xml external entity injection Remote : Yes Link : https://security.archlinux.org/AVG-254 Summary ======= The package fop before...

7.9CVSS0.8AI score0.0296EPSS

Exploits1References3

ArchLinux•added 2017/02/17 12:0 a.m.•26 views

[ASA-201702-15] flashplugin: arbitrary code execution

Arch Linux Security Advisory ASA-201702-15 ========================================== Severity: Critical Date : 2017-02-17 CVE-ID : CVE-2017-2982 CVE-2017-2984 CVE-2017-2985 CVE-2017-2987 CVE-2017-2988 CVE-2017-2990 CVE-2017-2991 CVE-2017-2992 CVE-2017-2993 CVE-2017-2994 CVE-2017-2995 CVE-2017-29...

9.3CVSS1.8AI score0.32781EPSS

Exploits7References14

ArchLinux•added 2017/02/03 12:0 a.m.•26 views

[ASA-201702-4] gst-plugins-base-libs: multiple issues

Arch Linux Security Advisory ASA-201702-4 ========================================= Severity: Critical Date : 2017-02-03 CVE-ID : CVE-2017-5837 CVE-2017-5839 CVE-2017-5842 CVE-2017-5844 Package : gst-plugins-base-libs Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1...

7.5CVSS2.4AI score0.0448EPSS

Exploits0References10

ArchLinux•added 2016/05/19 12:0 a.m.•26 views

bugzilla: cross-site scripting

An attacker can craft a malicious summary within a bug report to host malicious javascript code. This code will be served to a user when he or she navigates to the bug's dependency graph...

0.9AI score0.01489EPSS

Exploits0References2

ArchLinux•added 2015/07/03 12:0 a.m.•26 views

wesnoth: information leakage

Wesnoth implements a text preprocessing language that is used in conjunction with its own game scripting language. It also has a built-in Lua interpreter and API. Both the Lua API and the preprocessor make use of the same function filesystem::getwmllocation to resolve file paths so that only...

1.4AI score0.01715EPSS