1854 matches found
keepassx: information disclosure
It was found that XML export function creates hidden XML file containing user passwords in plaintext without warning, when the export is canceled, which may go unnoticed by the user. In this case the password database was exported as the file .xml in the current working directory often $HOME or t...
grep: denial of service
The bmexectrans function in kwset.c allows local users to cause a denial of service out-of-bounds heap read and crash via crafted input when using the -F option. grep's read buffer is often filled to its full size, except when reading the final buffer of a file. In that case, the number of bytes...
[ASA-202506-9] sslh: denial of service
Arch Linux Security Advisory ASA-202506-9 ========================================= Severity: Medium Date : 2025-06-21 CVE-ID : CVE-2025-46807 Package : sslh Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-2902 Summary ======= The package sslh before version 2.2.4-...
[ASA-202505-11] freetype2: arbitrary code execution
Arch Linux Security Advisory ASA-202505-11 ========================================== Severity: High Date : 2025-05-19 CVE-ID : CVE-2025-27363 Package : freetype2 Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-2877 Summary ======= The package freetype2 befo...
[ASA-202009-2] ark: arbitrary filesystem access
Arch Linux Security Advisory ASA-202009-2 ========================================= Severity: High Date : 2020-09-03 CVE-ID : CVE-2020-24654 Package : ark Type : arbitrary filesystem access Remote : No Link : https://security.archlinux.org/AVG-1216 Summary ======= The package ark before version...
[ASA-201908-14] gettext: arbitrary code execution
Arch Linux Security Advisory ASA-201908-14 ========================================== Severity: High Date : 2019-08-24 CVE-ID : CVE-2018-18751 Package : gettext Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-885 Summary ======= The package gettext before...
[ASA-201903-7] pacman: arbitrary code execution
Arch Linux Security Advisory ASA-201903-7 ========================================= Severity: High Date : 2019-03-11 CVE-ID : CVE-2019-9686 Package : pacman Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-921 Summary ======= The package pacman before version...
[ASA-201901-6] python-django: content spoofing
Arch Linux Security Advisory ASA-201901-6 ========================================= Severity: Medium Date : 2019-01-11 CVE-ID : CVE-2019-3498 Package : python-django Type : content spoofing Remote : Yes Link : https://security.archlinux.org/AVG-839 Summary ======= The package python-django before...
[ASA-201809-3] zsh: insufficient validation
Arch Linux Security Advisory ASA-201809-3 ========================================= Severity: Low Date : 2018-09-24 CVE-ID : CVE-2018-0502 CVE-2018-13259 Package : zsh Type : insufficient validation Remote : No Link : https://security.archlinux.org/AVG-764 Summary ======= The package zsh before...
[ASA-201803-24] bchunk: denial of service
Arch Linux Security Advisory ASA-201803-24 ========================================== Severity: Medium Date : 2018-03-25 CVE-ID : CVE-2017-15953 CVE-2017-15954 CVE-2017-15955 Package : bchunk Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-475 Summary ======= The...
[ASA-201802-13] lib32-wavpack: arbitrary code execution
Arch Linux Security Advisory ASA-201802-13 ========================================== Severity: High Date : 2018-02-23 CVE-ID : CVE-2018-6767 CVE-2018-7253 CVE-2018-7254 Package : lib32-wavpack Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-634 Summary...
[ASA-201802-12] wavpack: arbitrary code execution
Arch Linux Security Advisory ASA-201802-12 ========================================== Severity: High Date : 2018-02-23 CVE-ID : CVE-2018-6767 CVE-2018-7253 CVE-2018-7254 Package : wavpack Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-631 Summary ======= Th...
[ASA-201710-13] flyspray: cross-site scripting
Arch Linux Security Advisory ASA-201710-13 ========================================== Severity: High Date : 2017-10-10 CVE-ID : CVE-2017-15213 CVE-2017-15214 Package : flyspray Type : cross-site scripting Remote : Yes Link : https://security.archlinux.org/AVG-439 Summary ======= The package...
[ASA-201709-13] libgcrypt: private key recovery
Arch Linux Security Advisory ASA-201709-13 ========================================== Severity: Medium Date : 2017-09-18 CVE-ID : CVE-2017-0379 Package : libgcrypt Type : private key recovery Remote : No Link : https://security.archlinux.org/AVG-402 Summary ======= The package libgcrypt before...
[ASA-201708-12] spice: arbitrary code execution
Arch Linux Security Advisory ASA-201708-12 ========================================== Severity: High Date : 2017-08-14 CVE-ID : CVE-2017-7506 Package : spice Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-349 Summary ======= The package spice before version...
[ASA-201612-21] openfire: multiple issues
Arch Linux Security Advisory ASA-201612-21 ========================================== Severity: High Date : 2016-12-23 CVE-ID : CVE-2015-6972 CVE-2015-6973 CVE-2015-7707 Package : openfire Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-15 Summary ======= The package...
[ASA-201904-1] evolution: content spoofing
Arch Linux Security Advisory ASA-201904-1 ========================================= Severity: High Date : 2019-04-02 CVE-ID : CVE-2018-15587 Package : evolution Type : content spoofing Remote : Yes Link : https://security.archlinux.org/AVG-889 Summary ======= The package evolution before version...
[ASA-201802-11] phpmyadmin: cross-site scripting
Arch Linux Security Advisory ASA-201802-11 ========================================== Severity: Medium Date : 2018-02-23 CVE-ID : CVE-2018-7260 Package : phpmyadmin Type : cross-site scripting Remote : Yes Link : https://security.archlinux.org/AVG-630 Summary ======= The package phpmyadmin before...
[ASA-201712-2] cacti: multiple issues
Arch Linux Security Advisory ASA-201712-2 ========================================= Severity: High Date : 2017-12-02 CVE-ID : CVE-2017-16641 CVE-2017-16660 CVE-2017-16661 CVE-2017-16785 Package : cacti Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-537 Summary =====...
[ASA-201711-40] shadowsocks-libev: arbitrary command execution
Arch Linux Security Advisory ASA-201711-40 ========================================== Severity: High Date : 2017-11-30 CVE-ID : CVE-2017-15924 Package : shadowsocks-libev Type : arbitrary command execution Remote : No Link : https://security.archlinux.org/AVG-474 Summary ======= The package...
python2-pyamf: XML external entity injection
PyAMF suffers from insufficient AMF input payload sanitization which results in the XML parser not preventing the processing of XML external entities XXE. A specially crafted AMF payload, containing malicious references to XML external entities, can be used to trigger denial of service DoS...
[ASA-202506-8] erlang: arbitrary file overwrite
Arch Linux Security Advisory ASA-202506-8 ========================================= Severity: Medium Date : 2025-06-19 CVE-ID : CVE-2025-4748 Package : erlang Type : arbitrary file overwrite Remote : No Link : https://security.archlinux.org/AVG-2900 Summary ======= The package erlang before versi...
[ASA-201807-3] qutebrowser: arbitrary code execution
Arch Linux Security Advisory ASA-201807-3 ========================================= Severity: Critical Date : 2018-07-11 CVE-ID : CVE-2018-10895 Package : qutebrowser Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-735 Summary ======= The package qutebrowser...
[ASA-201803-8] calibre: arbitrary command execution
Arch Linux Security Advisory ASA-201803-8 ========================================= Severity: High Date : 2018-03-11 CVE-ID : CVE-2018-7889 Package : calibre Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-650 Summary ======= The package calibre before...
[ASA-201609-17] lib32-jansson: denial of service
Arch Linux Security Advisory ASA-201609-17 ========================================== Severity: Medium Date : 2016-09-20 CVE-ID : CVE-2016-4425 Package : lib32-jansson Type : denial of service Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package lib32-jansson...
nodejs: denial of service
A vulnerability has been discovered in the HTTP pipeline handling that is leading to an application crash. This problem is caused by out-of-order responses being sent to the client within a single pipelined connection...
[ASA-202506-3] samba: access restriction bypass
Arch Linux Security Advisory ASA-202506-3 ========================================= Severity: Low Date : 2025-06-06 CVE-ID : CVE-2025-0620 Package : samba Type : access restriction bypass Remote : Yes Link : https://security.archlinux.org/AVG-2892 Summary ======= The package samba before version...
[ASA-202505-15] ghostscript: information disclosure
Arch Linux Security Advisory ASA-202505-15 ========================================== Severity: Low Date : 2025-05-24 CVE-ID : CVE-2025-48708 Package : ghostscript Type : information disclosure Remote : No Link : https://security.archlinux.org/AVG-2883 Summary ======= The package ghostscript befo...
[ASA-202011-4] matrix-synapse: cross-site scripting
Arch Linux Security Advisory ASA-202011-4 ========================================= Severity: High Date : 2020-11-03 CVE-ID : CVE-2020-26891 Package : matrix-synapse Type : cross-site scripting Remote : Yes Link : https://security.archlinux.org/AVG-1252 Summary ======= The package matrix-synapse...
[ASA-201908-22] jenkins: multiple issues
Arch Linux Security Advisory ASA-201908-22 ========================================== Severity: Medium Date : 2019-08-30 CVE-ID : CVE-2019-10383 CVE-2019-10384 Package : jenkins Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1030 Summary ======= The package jenkins...
[ASA-201802-14] unixodbc: arbitrary code execution
Arch Linux Security Advisory ASA-201802-14 ========================================== Severity: High Date : 2018-02-23 CVE-ID : CVE-2018-7409 Package : unixodbc Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-627 Summary ======= The package unixodbc before...
[ASA-201711-24] couchdb: multiple issues
Arch Linux Security Advisory ASA-201711-24 ========================================== Severity: High Date : 2017-11-16 CVE-ID : CVE-2017-12635 CVE-2017-12636 Package : couchdb Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-495 Summary ======= The package couchdb...
[ASA-201708-4] varnish: denial of service
Arch Linux Security Advisory ASA-201708-4 ========================================= Severity: High Date : 2017-08-10 CVE-ID : CVE-2017-12425 Package : varnish Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-374 Summary ======= The package varnish before version...
[ASA-201707-24] rkhunter: arbitrary code execution
Arch Linux Security Advisory ASA-201707-24 ========================================== Severity: High Date : 2017-07-18 CVE-ID : CVE-2017-7480 Package : rkhunter Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-334 Summary ======= The package rkhunter before...
[ASA-201706-29] tcpreplay: arbitrary code execution
Arch Linux Security Advisory ASA-201706-29 ========================================== Severity: High Date : 2017-06-23 CVE-ID : CVE-2017-6429 Package : tcpreplay Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-211 Summary ======= The package tcpreplay before...
[ASA-201701-18] ark: arbitrary command execution
Arch Linux Security Advisory ASA-201701-18 ========================================== Severity: High Date : 2017-01-13 CVE-ID : CVE-2017-5330 Package : ark Type : arbitrary command execution Remote : No Link : https://security.archlinux.org/AVG-130 Summary ======= The package ark before version...
[ASA-202506-7] libxml2: denial of service
Arch Linux Security Advisory ASA-202506-7 ========================================= Severity: High Date : 2025-06-18 CVE-ID : CVE-2025-6021 Package : libxml2 Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-2899 Summary ======= The package libxml2 before version...
[ASA-202506-6] python-django: content spoofing
Arch Linux Security Advisory ASA-202506-6 ========================================= Severity: Low Date : 2025-06-12 CVE-ID : CVE-2025-48432 Package : python-django Type : content spoofing Remote : Yes Link : https://security.archlinux.org/AVG-2894 Summary ======= The package python-django before...
[ASA-201905-1] munin: arbitrary file overwrite
Arch Linux Security Advisory ASA-201905-1 ========================================= Severity: High Date : 2019-05-06 CVE-ID : CVE-2017-6188 Package : munin Type : arbitrary file overwrite Remote : Yes Link : https://security.archlinux.org/AVG-953 Summary ======= The package munin before version...
[ASA-201908-6] chromium: arbitrary code execution
Arch Linux Security Advisory ASA-201908-6 ========================================= Severity: High Date : 2019-08-10 CVE-ID : CVE-2019-5867 CVE-2019-5868 Package : chromium Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1018 Summary ======= The package...
[ASA-201805-19] libofx: denial of service
Arch Linux Security Advisory ASA-201805-19 ========================================== Severity: Medium Date : 2018-05-20 CVE-ID : CVE-2017-14731 Package : libofx Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-536 Summary ======= The package libofx before version...
[ASA-201709-16] ettercap: multiple issues
Arch Linux Security Advisory ASA-201709-16 ========================================== Severity: High Date : 2017-09-18 CVE-ID : CVE-2017-6430 CVE-2017-8366 Package : ettercap Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-212 Summary ======= The package ettercap befo...
[ASA-201706-26] pcmanfm: denial of service
Arch Linux Security Advisory ASA-201706-26 ========================================== Severity: Medium Date : 2017-06-22 CVE-ID : CVE-2017-8934 Package : pcmanfm Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-274 Summary ======= The package pcmanfm before version...
[ASA-202506-2] curl: denial of service
Arch Linux Security Advisory ASA-202506-2 ========================================= Severity: Low Date : 2025-06-05 CVE-ID : CVE-2025-5399 Package : curl Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-2895 Summary ======= The package curl before version 8.14.1-1 i...
[ASA-202505-14] bind: denial of service
Arch Linux Security Advisory ASA-202505-14 ========================================== Severity: High Date : 2025-05-21 CVE-ID : CVE-2025-40775 Package : bind Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-2881 Summary ======= The package bind before version 9.20.9...
[ASA-202505-13] varnish: content spoofing
Arch Linux Security Advisory ASA-202505-13 ========================================== Severity: High Date : 2025-05-20 CVE-ID : CVE-2025-47905 Package : varnish Type : content spoofing Remote : Yes Link : https://security.archlinux.org/AVG-2879 Summary ======= The package varnish before version...
[ASA-201902-22] msmtp: certificate verification bypass
Arch Linux Security Advisory ASA-201902-22 ========================================== Severity: High Date : 2019-02-17 CVE-ID : CVE-2019-8337 Package : msmtp Type : certificate verification bypass Remote : Yes Link : https://security.archlinux.org/AVG-905 Summary ======= The package msmtp before...
[ASA-201706-24] lxterminal-gtk3: access restriction bypass
Arch Linux Security Advisory ASA-201706-24 ========================================== Severity: Medium Date : 2017-06-22 CVE-ID : CVE-2016-10369 Package : lxterminal-gtk3 Type : access restriction bypass Remote : No Link : https://security.archlinux.org/AVG-264 Summary ======= The package...
imagemagick: multiple issues
Numerous vulnerabilities, including but not limited to buffer overflow, out-of-bound read, double-free and user-after-free have been fixed in imagemagick 6.9.0.2 and 6.9.0.3...
[ASA-201807-15] wesnoth: arbitrary code execution
Arch Linux Security Advisory ASA-201807-15 ========================================== Severity: High Date : 2018-07-25 CVE-ID : CVE-2018-1999023 Package : wesnoth Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-741 Summary ======= The package wesnoth before...