1854 matches found
[ASA-202107-61] libcurl-compat: multiple issues
Arch Linux Security Advisory ASA-202107-61 ========================================== Severity: Medium Date : 2021-07-21 CVE-ID : CVE-2021-22924 CVE-2021-22925 Package : libcurl-compat Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2196 Summary ======= The package...
[ASA-202107-35] dino: directory traversal
Arch Linux Security Advisory ASA-202107-35 ========================================== Severity: Medium Date : 2021-07-20 CVE-ID : CVE-2021-33896 Package : dino Type : directory traversal Remote : Yes Link : https://security.archlinux.org/AVG-2043 Summary ======= The package dino before version...
[ASA-202107-49] linux-zen: privilege escalation
Arch Linux Security Advisory ASA-202107-49 ========================================== Severity: High Date : 2021-07-21 CVE-ID : CVE-2021-3609 CVE-2021-3612 CVE-2021-33909 Package : linux-zen Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-2182 Summary ======= The...
[ASA-202102-18] python-django: directory traversal
Arch Linux Security Advisory ASA-202102-18 ========================================== Severity: Low Date : 2021-02-07 CVE-ID : CVE-2021-3281 Package : python-django Type : directory traversal Remote : No Link : https://security.archlinux.org/AVG-1518 Summary ======= The package python-django befo...
[ASA-202107-64] lib32-libcurl-gnutls: multiple issues
Arch Linux Security Advisory ASA-202107-64 ========================================== Severity: Medium Date : 2021-07-21 CVE-ID : CVE-2021-22924 CVE-2021-22925 Package : lib32-libcurl-gnutls Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2199 Summary ======= The...
[ASA-202106-23] apache: denial of service
Arch Linux Security Advisory ASA-202106-23 ========================================== Severity: High Date : 2021-06-09 CVE-ID : CVE-2021-31618 Package : apache Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-2041 Summary ======= The package apache before version...
[ASA-202012-8] containerd: privilege escalation
Arch Linux Security Advisory ASA-202012-8 ========================================= Severity: High Date : 2020-12-05 CVE-ID : CVE-2020-15257 Package : containerd Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-1309 Summary ======= The package containerd before...
[ASA-202107-57] systemd: denial of service
Arch Linux Security Advisory ASA-202107-57 ========================================== Severity: Medium Date : 2021-07-21 CVE-ID : CVE-2021-33910 Package : systemd Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-2179 Summary ======= The package systemd before version...
[ASA-202108-5] opera: multiple issues
Arch Linux Security Advisory ASA-202108-5 ========================================= Severity: High Date : 2021-08-10 CVE-ID : CVE-2021-30565 CVE-2021-30566 CVE-2021-30567 CVE-2021-30568 CVE-2021-30569 CVE-2021-30571 CVE-2021-30572 CVE-2021-30573 CVE-2021-30574 CVE-2021-30575 CVE-2021-30576...
[ASA-202101-13] nodejs-lts-dubnium: multiple issues
Arch Linux Security Advisory ASA-202101-13 ========================================== Severity: High Date : 2021-01-12 CVE-ID : CVE-2020-8265 CVE-2020-8287 Package : nodejs-lts-dubnium Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-1403 Summary ======= The package...
[ASA-202012-9] libproxy-webkit: denial of service
Arch Linux Security Advisory ASA-202012-9 ========================================= Severity: Low Date : 2020-12-05 CVE-ID : CVE-2020-25219 Package : libproxy-webkit Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1226 Summary ======= The package libproxy-webkit...
[ASA-202102-7] nextcloud: directory traversal
Arch Linux Security Advisory ASA-202102-7 ========================================= Severity: Medium Date : 2021-02-06 CVE-ID : CVE-2020-36193 Package : nextcloud Type : directory traversal Remote : Yes Link : https://security.archlinux.org/AVG-1464 Summary ======= The package nextcloud before...
[ASA-202012-7] libslirp: information disclosure
Arch Linux Security Advisory ASA-202012-7 ========================================= Severity: Medium Date : 2020-12-05 CVE-ID : CVE-2020-29129 CVE-2020-29130 Package : libslirp Type : information disclosure Remote : No Link : https://security.archlinux.org/AVG-1305 Summary ======= The package...
curl: url request injection
When libcurl sends a request to a server via a HTTP proxy, it copies the entire URL into the request and sends if off. If the given URL contains line feeds and carriage returns those will be sent along to the proxy too, which allows the program to for example send a separate HTTP request injected...
[ASA-202107-51] linux-lts: privilege escalation
Arch Linux Security Advisory ASA-202107-51 ========================================== Severity: High Date : 2021-07-21 CVE-ID : CVE-2021-3609 CVE-2021-3612 CVE-2021-33909 Package : linux-lts Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-2184 Summary ======= The...
[ASA-202107-63] libcurl-gnutls: multiple issues
Arch Linux Security Advisory ASA-202107-63 ========================================== Severity: Medium Date : 2021-07-21 CVE-ID : CVE-2021-22924 CVE-2021-22925 Package : libcurl-gnutls Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2198 Summary ======= The package...
[ASA-202106-39] thefuck: arbitrary file overwrite
Arch Linux Security Advisory ASA-202106-39 ========================================== Severity: Medium Date : 2021-06-15 CVE-ID : CVE-2021-34363 Package : thefuck Type : arbitrary file overwrite Remote : No Link : https://security.archlinux.org/AVG-2062 Summary ======= The package thefuck before...
[ASA-202106-20] inetutils: arbitrary code execution
Arch Linux Security Advisory ASA-202106-20 ========================================== Severity: High Date : 2021-06-09 CVE-ID : CVE-2019-0053 CVE-2020-10188 Package : inetutils Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1003 Summary ======= The package...
[ASA-202101-19] nvidia-utils: multiple issues
Arch Linux Security Advisory ASA-202101-19 ========================================== Severity: High Date : 2021-01-12 CVE-ID : CVE-2021-1052 CVE-2021-1053 CVE-2021-1056 Package : nvidia-utils Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-1417 Summary ======= The...
[ASA-202102-15] php: denial of service
Arch Linux Security Advisory ASA-202102-15 ========================================== Severity: Medium Date : 2021-02-07 CVE-ID : CVE-2021-21702 Package : php Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1531 Summary ======= The package php before version 8.0.2-...
[ASA-202012-11] libproxy-mozjs: denial of service
Arch Linux Security Advisory ASA-202012-11 ========================================== Severity: Low Date : 2020-12-05 CVE-ID : CVE-2020-25219 Package : libproxy-mozjs Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1226 Summary ======= The package libproxy-mozjs...
[ASA-202108-2] nodejs-lts-fermium: arbitrary code execution
Arch Linux Security Advisory ASA-202108-2 ========================================= Severity: High Date : 2021-08-03 CVE-ID : CVE-2021-22930 Package : nodejs-lts-fermium Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-2240 Summary ======= The package...
[ASA-202107-50] linux-hardened: privilege escalation
Arch Linux Security Advisory ASA-202107-50 ========================================== Severity: High Date : 2021-07-21 CVE-ID : CVE-2021-3609 CVE-2021-3612 CVE-2021-33909 Package : linux-hardened Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-2183 Summary ======...
[ASA-202107-54] jre11-openjdk-headless: multiple issues
Arch Linux Security Advisory ASA-202107-54 ========================================== Severity: High Date : 2021-07-21 CVE-ID : CVE-2021-2341 CVE-2021-2369 CVE-2021-2388 Package : jre11-openjdk-headless Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2189 Summary...
[ASA-202107-36] libuv: information disclosure
Arch Linux Security Advisory ASA-202107-36 ========================================== Severity: Medium Date : 2021-07-20 CVE-ID : CVE-2021-22918 Package : libuv Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-2131 Summary ======= The package libuv before versi...
[ASA-202011-27] opensc: arbitrary code execution
Arch Linux Security Advisory ASA-202011-27 ========================================== Severity: Medium Date : 2020-11-26 CVE-ID : CVE-2020-26570 CVE-2020-26571 CVE-2020-26572 Package : opensc Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-1298 Summary ======...
[ASA-202108-1] nodejs: arbitrary code execution
Arch Linux Security Advisory ASA-202108-1 ========================================= Severity: High Date : 2021-08-03 CVE-ID : CVE-2021-22930 Package : nodejs Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-2239 Summary ======= The package nodejs before versi...
[ASA-202107-38] firefox-ublock-origin: denial of service
Arch Linux Security Advisory ASA-202107-38 ========================================== Severity: Medium Date : 2021-07-20 CVE-ID : CVE-2021-36773 Package : firefox-ublock-origin Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-2172 Summary ======= The package...
[ASA-202102-21] privoxy: denial of service
Arch Linux Security Advisory ASA-202102-21 ========================================== Severity: Low Date : 2021-02-07 CVE-ID : CVE-2021-20216 CVE-2021-20217 Package : privoxy Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1524 Summary ======= The package privoxy...
[ASA-202102-19] python-jinja: denial of service
Arch Linux Security Advisory ASA-202102-19 ========================================== Severity: Low Date : 2021-02-07 CVE-ID : CVE-2020-28493 Package : python-jinja Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1523 Summary ======= The package python-jinja before...
[ASA-202107-60] lib32-curl: multiple issues
Arch Linux Security Advisory ASA-202107-60 ========================================== Severity: Medium Date : 2021-07-21 CVE-ID : CVE-2021-22924 CVE-2021-22925 Package : lib32-curl Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2195 Summary ======= The package...
[ASA-202101-9] php: insufficient validation
Arch Linux Security Advisory ASA-202101-9 ========================================= Severity: Medium Date : 2021-01-12 CVE-ID : CVE-2020-7071 Package : php Type : insufficient validation Remote : No Link : https://security.archlinux.org/AVG-1415 Summary ======= The package php before version...
[ASA-202011-26] gitea: insufficient validation
Arch Linux Security Advisory ASA-202011-26 ========================================== Severity: Medium Date : 2020-11-26 CVE-ID : CVE-2020-28991 Package : gitea Type : insufficient validation Remote : Yes Link : https://security.archlinux.org/AVG-1299 Summary ======= The package gitea before...
[ASA-202011-24] neomutt: silent downgrade
Arch Linux Security Advisory ASA-202011-24 ========================================== Severity: High Date : 2020-11-26 CVE-ID : CVE-2020-28896 Package : neomutt Type : silent downgrade Remote : Yes Link : https://security.archlinux.org/AVG-1289 Summary ======= The package neomutt before version...
[ASA-202107-32] nodejs-lts-fermium: multiple issues
Arch Linux Security Advisory ASA-202107-32 ========================================== Severity: High Date : 2021-07-20 CVE-ID : CVE-2021-22918 CVE-2021-23362 CVE-2021-27290 Package : nodejs-lts-fermium Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2127 Summary...
[ASA-202106-44] connman: arbitrary code execution
Arch Linux Security Advisory ASA-202106-44 ========================================== Severity: High Date : 2021-06-16 CVE-ID : CVE-2021-33833 Package : connman Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-2055 Summary ======= The package connman before...
[ASA-202011-17] rclone: private key recovery
Arch Linux Security Advisory ASA-202011-17 ========================================== Severity: Medium Date : 2020-11-19 CVE-ID : CVE-2020-28924 Package : rclone Type : private key recovery Remote : No Link : https://security.archlinux.org/AVG-1286 Summary ======= The package rclone before versio...
[ASA-202011-20] raptor: arbitrary code execution
Arch Linux Security Advisory ASA-202011-20 ========================================== Severity: Medium Date : 2020-11-19 CVE-ID : CVE-2017-18926 CVE-2020-25713 Package : raptor Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-1283 Summary ======= The package...
[ASA-202101-8] mdbook: cross-site scripting
Arch Linux Security Advisory ASA-202101-8 ========================================= Severity: Medium Date : 2021-01-12 CVE-ID : CVE-2020-26297 Package : mdbook Type : cross-site scripting Remote : Yes Link : https://security.archlinux.org/AVG-1399 Summary ======= The package mdbook before version...
[ASA-202101-15] nodejs-lts-fermium: multiple issues
Arch Linux Security Advisory ASA-202101-15 ========================================== Severity: High Date : 2021-01-12 CVE-ID : CVE-2020-8265 CVE-2020-8287 Package : nodejs-lts-fermium Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-1401 Summary ======= The package...
[ASA-202101-4] dovecot: multiple issues
Arch Linux Security Advisory ASA-202101-4 ========================================= Severity: High Date : 2021-01-04 CVE-ID : CVE-2020-24386 CVE-2020-25275 Package : dovecot Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1398 Summary ======= The package dovecot befo...
[ASA-202011-18] c-ares: denial of service
Arch Linux Security Advisory ASA-202011-18 ========================================== Severity: Medium Date : 2020-11-19 CVE-ID : CVE-2020-8277 Package : c-ares Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1280 Summary ======= The package c-ares before version...
[ASA-202107-41] nextcloud-app-mail: information disclosure
Arch Linux Security Advisory ASA-202107-41 ========================================== Severity: Low Date : 2021-07-20 CVE-ID : CVE-2021-32707 Package : nextcloud-app-mail Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-2145 Summary ======= The package...
[ASA-202101-12] python-cairosvg: denial of service
Arch Linux Security Advisory ASA-202101-12 ========================================== Severity: Low Date : 2021-01-12 CVE-ID : CVE-2021-21236 Package : python-cairosvg Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-1412 Summary ======= The package python-cairosvg...
[ASA-202011-29] musl: arbitrary code execution
Arch Linux Security Advisory ASA-202011-29 ========================================== Severity: Medium Date : 2020-11-26 CVE-ID : CVE-2020-28928 Package : musl Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-1287 Summary ======= The package musl before versio...
[ASA-202108-7] gitlab: multiple issues
Arch Linux Security Advisory ASA-202108-7 ========================================= Severity: High Date : 2021-08-10 CVE-ID : CVE-2021-22236 CVE-2021-22237 CVE-2021-22239 CVE-2021-22241 Package : gitlab Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2251 Summary...
[ASA-202107-42] go: denial of service
Arch Linux Security Advisory ASA-202107-42 ========================================== Severity: Low Date : 2021-07-20 CVE-ID : CVE-2021-34558 Package : go Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-2147 Summary ======= The package go before version 2:1.16.6-1 ...
[ASA-202107-34] code: arbitrary code execution
Arch Linux Security Advisory ASA-202107-34 ========================================== Severity: Medium Date : 2021-07-20 CVE-ID : CVE-2021-31211 CVE-2021-31214 Package : code Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1963 Summary ======= The package co...
[ASA-202106-21] gitlab: multiple issues
Arch Linux Security Advisory ASA-202106-21 ========================================== Severity: High Date : 2021-06-09 CVE-ID : CVE-2021-22181 CVE-2021-22213 CVE-2021-22214 CVE-2021-22216 CVE-2021-22217 CVE-2021-22218 CVE-2021-22219 CVE-2021-22220 CVE-2021-22221 Package : gitlab Type : multiple...
[ASA-202011-23] matrix-synapse: denial of service
Arch Linux Security Advisory ASA-202011-23 ========================================== Severity: High Date : 2020-11-26 CVE-ID : CVE-2020-26890 Package : matrix-synapse Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1296 Summary ======= The package matrix-synapse...