arch-security  

Messages by Thread

• [ASA-202506-6] python-django: content spoofing Andrea Denisse
• [ASA-202506-5] konsole: arbitrary code execution Andrea Denisse
• [ASA-202506-4] go: multiple issues Andrea Denisse
• [ASA-202506-3] samba: access restriction bypass Andrea Denisse
• [ASA-202506-2] curl: denial of service Andrea Denisse
• [ASA-202506-1] roundcubemail: arbitrary code execution Andrea Denisse
• [ASA-202505-15] ghostscript: information disclosure Andrea Denisse
• [ASA-202505-14] bind: denial of service Andrea Denisse
• [ASA-202505-13] varnish: content spoofing Andrea Denisse
• [ASA-202505-11] freetype2: arbitrary code execution Andrea Denisse
• [ASA-202505-12] go: directory traversal Andrea Denisse
• [ASA-202505-10] python-django: denial of service Andrea Denisse
• [ASA-202505-9] dropbear: arbitrary command execution Andrea Denisse
• [ASA-202505-8] nodejs-lts-iron: multiple issues Andrea Denisse
• [ASA-202505-7] nodejs-lts-jod: denial of service Andrea Denisse
• [ASA-202505-6] nodejs: denial of service Andrea Denisse
• [ASA-202505-5] webkitgtk-6.0: arbitrary code execution Andrea Denisse
• [ASA-202505-4] webkit2gtk-4.1: arbitrary code execution Andrea Denisse
• [ASA-202505-3] webkit2gtk: arbitrary code execution Andrea Denisse
• [ASA-202505-2] wpewebkit: arbitrary code execution Andrea Denisse
• [ASA-202505-1] screen: multiple issues Levente Polyak
• [ASA-202503-1] exim: privilege escalation Levente Polyak
• [ASA-202501-1] rsync: multiple issues Levente Polyak
• [ASA-202410-1] oath-toolkit: privilege escalation Levente Polyak
• [ASA-202407-1] openssh: authentication bypass Levente Polyak
• [ASA-202403-1] xz: arbitrary code execution Santiago Torres-Arias
• ClamAV outdated and susceptible to DOS attack Dirk Räder
• [ASA-202210-4] linux-zen: multiple issues Levente Polyak
• [ASA-202210-3] linux-lts: multiple issues Levente Polyak
• [ASA-202210-2] linux: multiple issues Levente Polyak
• [ASA-202210-1] linux-hardened: multiple issues Levente Polyak
• [ASA-202204-9] python-django: sql injection Levente Polyak via arch-security
• [ASA-202204-8] xz: arbitrary command execution Levente Polyak via arch-security
• [ASA-202204-7] gzip: arbitrary command execution Levente Polyak via arch-security
• [ASA-202204-6] libtiff: multiple issues Levente Polyak via arch-security
• [ASA-202204-5] bind: multiple issues Levente Polyak via arch-security
• [ASA-202204-4] rizin: multiple issues Levente Polyak via arch-security
• [ASA-202204-3] zlib: arbitrary code execution Levente Polyak via arch-security
• [ASA-202204-2] polkit: multiple issues Levente Polyak via arch-security
• [ASA-202204-1] postgresql: man-in-the-middle Levente Polyak via arch-security
• [ASA-202112-12] grafana-agent: information disclosure Jonas Witschel via arch-security
• [ASA-202112-11] grafana: directory traversal Jonas Witschel via arch-security
• [ASA-202112-10] gitlab: multiple issues Jonas Witschel via arch-security
• [ASA-202112-9] thunderbird: multiple issues Jonas Witschel via arch-security
• [ASA-202112-8] firefox: multiple issues Jonas Witschel via arch-security
• [ASA-202112-7] vivaldi: multiple issues Jonas Witschel via arch-security
• [ASA-202112-6] chromium: multiple issues Jonas Witschel via arch-security
• [ASA-202112-5] isync: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202112-4] lib32-nss: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202112-3] nss: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202112-2] opera: multiple issues Jonas Witschel via arch-security
• [ASA-202112-1] vivaldi: multiple issues Jonas Witschel via arch-security
• [ASA-202111-9] chromium: multiple issues Jonas Witschel via arch-security
• [ASA-202111-8] opera: multiple issues Jonas Witschel via arch-security
• [ASA-202111-7] kubectl-ingress-nginx: information disclosure Jonas Witschel via arch-security
• [ASA-202111-6] grafana: access restriction bypass Jonas Witschel via arch-security
• [ASA-202111-5] grafana: cross-site scripting Jonas Witschel via arch-security
• [ASA-202111-4] opera: multiple issues Jonas Witschel via arch-security
• [ASA-202111-3] thunderbird: multiple issues Jonas Witschel via arch-security
• [ASA-202111-2] firefox: multiple issues Jonas Witschel via arch-security
• [ASA-202111-1] jenkins: multiple issues Jonas Witschel via arch-security
• [ASA-202110-12] bind: denial of service Jonas Witschel via arch-security
• [ASA-202110-11] freerdp: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202110-10] wpewebkit: multiple issues Jonas Witschel via arch-security
• [ASA-202110-9] webkit2gtk: multiple issues Jonas Witschel via arch-security
• [ASA-202110-8] opera: multiple issues Jonas Witschel via arch-security
• [ASA-202110-7] chromium: multiple issues Jonas Witschel via arch-security
• [ASA-202110-6] nodejs-lts-erbium: multiple issues Jonas Witschel via arch-security
• [ASA-202110-5] nodejs-lts-fermium: multiple issues Jonas Witschel via arch-security
• [ASA-202110-4] nodejs: url request injection Jonas Witschel via arch-security
• [ASA-202110-3] virtualbox: multiple issues Jonas Witschel via arch-security
• [ASA-202110-2] chromium: multiple issues Jonas Witschel via arch-security
• [ASA-202110-1] apache: directory traversal Jonas Witschel via arch-security
• [ASA-202109-6] chromium: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202109-5] element-web: information disclosure Jonas Witschel via arch-security
• [ASA-202109-4] element-desktop: information disclosure Jonas Witschel via arch-security
• [ASA-202109-3] ghostscript: arbitrary command execution Jonas Witschel via arch-security
• [ASA-202109-2] firefox: multiple issues Jonas Witschel via arch-security
• [ASA-202109-1] hedgedoc: cross-site scripting Jonas Witschel via arch-security
• [ASA-202108-14] firefox: multiple issues Jonas Witschel via arch-security
• [ASA-202108-13] c-ares: insufficient validation Jonas Witschel via arch-security
• [ASA-202108-12] loki: directory traversal Jonas Witschel via arch-security
• [ASA-202108-11] prosody: information disclosure Jonas Witschel via arch-security
• [ASA-202108-10] jupyterlab: cross-site scripting Jonas Witschel via arch-security
• [ASA-202108-9] lynx: information disclosure Jonas Witschel via arch-security
• [ASA-202108-8] fossil: certificate verification bypass Jonas Witschel via arch-security
• [ASA-202108-7] gitlab: multiple issues Jonas Witschel via arch-security
• [ASA-202108-6] vivaldi: multiple issues Jonas Witschel via arch-security
• [ASA-202108-5] opera: multiple issues Jonas Witschel via arch-security
• [ASA-202108-4] chromium: multiple issues Jonas Witschel via arch-security
• [ASA-202108-3] nodejs-lts-erbium: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202108-2] nodejs-lts-fermium: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202108-1] nodejs: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202107-74] vivaldi: multiple issues Jonas Witschel via arch-security
• [ASA-202107-73] powerdns: denial of service Jonas Witschel via arch-security
• [ASA-202107-72] 389-ds-base: multiple issues Jonas Witschel via arch-security
• [ASA-202107-71] geckodriver: cross-site request forgery Jonas Witschel via arch-security
• [ASA-202107-70] containerd: directory traversal Jonas Witschel via arch-security
• [ASA-202107-69] consul: multiple issues Jonas Witschel via arch-security
• [ASA-202107-68] wpewebkit: multiple issues Jonas Witschel via arch-security
• [ASA-202107-67] webkit2gtk: multiple issues Jonas Witschel via arch-security
• [ASA-202107-66] jre-openjdk: multiple issues Jonas Witschel via arch-security
• [ASA-202107-65] jre-openjdk-headless: multiple issues Jonas Witschel via arch-security
• [ASA-202107-64] lib32-libcurl-gnutls: multiple issues Jonas Witschel via arch-security
• [ASA-202107-63] libcurl-gnutls: multiple issues Jonas Witschel via arch-security
• [ASA-202107-62] lib32-libcurl-compat: multiple issues Jonas Witschel via arch-security
• [ASA-202107-61] libcurl-compat: multiple issues Jonas Witschel via arch-security
• [ASA-202107-60] lib32-curl: multiple issues Jonas Witschel via arch-security
• [ASA-202107-59] curl: multiple issues Jonas Witschel via arch-security
• [ASA-202107-58] nvidia-utils: multiple issues Jonas Witschel via arch-security
• [ASA-202107-57] systemd: denial of service Jonas Witschel via arch-security
• [ASA-202107-56] impacket: directory traversal Jonas Witschel via arch-security
• [ASA-202107-55] libpano13: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202107-54] jre11-openjdk-headless: multiple issues Jonas Witschel via arch-security
• [ASA-202107-53] jdk11-openjdk: multiple issues Jonas Witschel via arch-security
• [ASA-202107-52] virtualbox: multiple issues Jonas Witschel via arch-security
• [ASA-202107-51] linux-lts: privilege escalation Jonas Witschel via arch-security
• [ASA-202107-50] linux-hardened: privilege escalation Jonas Witschel via arch-security
• [ASA-202107-49] linux-zen: privilege escalation Jonas Witschel via arch-security
• [ASA-202107-48] linux: privilege escalation Jonas Witschel via arch-security
• [ASA-202107-47] chromium: multiple issues Jonas Witschel via arch-security
• [ASA-202107-46] opera: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202107-45] telegram-desktop: content spoofing Jonas Witschel via arch-security
• [ASA-202107-44] wireshark-cli: denial of service Jonas Witschel via arch-security
• [ASA-202107-43] ant: denial of service Jonas Witschel via arch-security
• [ASA-202107-42] go: denial of service Jonas Witschel via arch-security
• [ASA-202107-41] nextcloud-app-mail: information disclosure Jonas Witschel via arch-security
• [ASA-202107-40] openvswitch: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202107-39] racket: sandbox escape Jonas Witschel via arch-security
• [ASA-202107-38] firefox-ublock-origin: denial of service Jonas Witschel via arch-security
• [ASA-202107-37] putty: content spoofing Jonas Witschel via arch-security
• [ASA-202107-36] libuv: information disclosure Jonas Witschel via arch-security
• [ASA-202107-35] dino: directory traversal Jonas Witschel via arch-security
• [ASA-202107-34] code: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202107-33] nodejs-lts-erbium: multiple issues Jonas Witschel via arch-security
• [ASA-202107-32] nodejs-lts-fermium: multiple issues Jonas Witschel via arch-security
• [ASA-202107-31] vivaldi: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202107-30] chromium: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202107-29] systemd: denial of service Jonas Witschel via arch-security
• [ASA-202107-28] varnish: url request injection Jonas Witschel via arch-security
• [ASA-202107-27] mbedtls: information disclosure Jonas Witschel via arch-security
• [ASA-202107-26] python-pillow: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202107-25] ruby2.6: multiple issues Jonas Witschel via arch-security
• [ASA-202107-24] ruby2.7: multiple issues Jonas Witschel via arch-security
• [ASA-202107-23] ruby: multiple issues Jonas Witschel via arch-security
• [ASA-202107-22] nextcloud: multiple issues Jonas Witschel via arch-security
• [ASA-202107-21] thunderbird: multiple issues Jonas Witschel via arch-security
• [ASA-202107-20] firefox: multiple issues Jonas Witschel via arch-security
• [ASA-202107-19] ruby-addressable: denial of service Jonas Witschel via arch-security
• [ASA-202107-18] gitlab: multiple issues Jonas Witschel via arch-security
• [ASA-202107-17] rabbitmq: cross-site scripting Jonas Witschel via arch-security
• [ASA-202107-16] php7: multiple issues Jonas Witschel via arch-security
• [ASA-202107-15] php: multiple issues Jonas Witschel via arch-security
• [ASA-202107-14] openexr: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202107-13] nodejs: multiple issues Jonas Witschel via arch-security
• [ASA-202107-12] spice: multiple issues Jonas Witschel via arch-security
• [ASA-202107-11] python-django: insufficient validation Jelle van der Waa via arch-security
• [ASA-202107-10] mruby: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202107-9] libtpms: information disclosure Jonas Witschel via arch-security
• [ASA-202107-8] puppet: privilege escalation Jonas Witschel via arch-security
• [ASA-202107-7] mediawiki: access restriction bypass Jonas Witschel via arch-security
• [ASA-202107-6] python-fastapi: cross-site request forgery Jonas Witschel via arch-security
• [ASA-202107-5] jenkins: multiple issues Jonas Witschel via arch-security
• [ASA-202107-4] opera: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202107-3] istio: information disclosure Jonas Witschel via arch-security
• [ASA-202107-2] electron11: multiple issues Jonas Witschel via arch-security
• [ASA-202107-1] electron12: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202106-57] pigeonhole: denial of service Jonas Witschel via arch-security
• [ASA-202106-56] dovecot: information disclosure Jonas Witschel via arch-security
• [ASA-202106-55] tpm2-tools: man-in-the-middle Jonas Witschel via arch-security
• [ASA-202106-54] exiv2: multiple issues Jonas Witschel via arch-security
• [ASA-202106-53] keycloak: certificate verification bypass Jonas Witschel via arch-security
• [ASA-202106-52] helm: information disclosure Jonas Witschel via arch-security
• [ASA-202106-51] matrix-appservice-irc: insufficient validation Jonas Witschel via arch-security
• [ASA-202106-50] tor: denial of service Jonas Witschel via arch-security
• [ASA-202106-49] libslirp: information disclosure Jonas Witschel via arch-security
• [ASA-202106-48] nginx-mainline: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202106-47] vivaldi: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202106-46] chromium: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202106-45] opera: multiple issues Jonas Witschel via arch-security
• [ASA-202106-44] connman: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202106-43] grub: multiple issues Jonas Witschel via arch-security
• [ASA-202106-42] go: multiple issues Jonas Witschel via arch-security
• [ASA-202106-41] python-django: multiple issues Santiago Torres-Arias via arch-security
• [ASA-202106-40] radare2: denial of service Santiago Torres-Arias via arch-security
• [ASA-202106-39] thefuck: arbitrary file overwrite Santiago Torres-Arias via arch-security
• [ASA-202106-38] aspnet-runtime-3.1: denial of service Santiago Torres-Arias via arch-security
• [ASA-202106-37] aspnet-runtime: denial of service Santiago Torres-Arias via arch-security
• [ASA-202106-36] nginx: arbitrary code execution Santiago Torres-Arias via arch-security
• [ASA-202106-35] drupal: cross-site scripting Santiago Torres-Arias via arch-security
• [ASA-202106-34] intel-ucode: multiple issues Santiago Torres-Arias via arch-security
• [ASA-202106-33] opera: multiple issues Santiago Torres-Arias via arch-security
• [ASA-202106-32] vivaldi: multiple issues Santiago Torres-Arias via arch-security
• [ASA-202106-31] chromium: multiple issues Santiago Torres-Arias via arch-security
• [ASA-202106-30] wireshark-cli: denial of service Jonas Witschel via arch-security
• [ASA-202106-29] kube-apiserver: insufficient validation Jonas Witschel via arch-security
• [ASA-202106-28] nettle: denial of service Jonas Witschel via arch-security
• [ASA-202106-27] isync: arbitrary code execution Jonas Witschel via arch-security
• [ASA-202106-26] python-websockets: private key recovery Jonas Witschel via arch-security
• [ASA-202106-25] python-urllib3: denial of service Jonas Witschel via arch-security

• Earlier messages