Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 584
Alerts This Week
Warning Icon 1 584

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 25 articles for you...
198

Arch Linux: 201904-8 Critical: Flashplugin Code Execution Risks

The package flashplugin before version 32.0.0.171-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure. . Arch Linux Security Advisory ASA-201904-8 ======================================== Severity: Critical Date : 2019-04-12 CVE-ID : CVE-2019-7096 CVE-2019-7108 Package : flashplugin Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-949 Summary ====== The package flashplugin before version 32.0.0.171-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure. Resolution ========= Upgrade to 32.0.0.171-1. # pacman -Syu "flashplugin> =32.0.0.171-1" The problems have been fixed upstream in version 32.0.0.171. Workaround ========= None. Description ========== - CVE-2019-7096 (arbitrary code execution) An arbitrary code execution issue has been found in Adobe Flash Player before 32.0.0.171. - CVE-2019-7108 (information disclosure) An out-of-bounds read has been found in Adobe Flash Player before 32.0.0.171. Impact ===== A remote attacker can execute arbitrary code on the affected host. References ========= https://security.archlinux.org/CVE-2019-7096 https://security.archlinux.org/CVE-2019-7108 . Debian Security Notice DSA-2019-1234 tackles severe flaws in libpng affecting various components.. Arch Linux, Flashplugin Security, Critical Threat, Remote Attack, Flashplayer Issues. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Apr 24, 2019 Critical ArchLinux
198

Arch Linux: ASA-201811-19 Critical: Flashplugin Arbitrary Code Execution

The package flashplugin before version 31.0.0.153-1 is vulnerable to arbitrary code execution. . Arch Linux Security Advisory ASA-201811-19 ========================================= Severity: Critical Date : 2018-11-22 CVE-ID : CVE-2018-15981 Package : flashplugin Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-818 Summary ====== The package flashplugin before version 31.0.0.153-1 is vulnerable to arbitrary code execution. Resolution ========= Upgrade to 31.0.0.153-1. # pacman -Syu "flashplugin> =31.0.0.153-1" The problem has been fixed upstream in version 31.0.0.153. Workaround ========= None. Description ========== A type confusion vulnerability has been found in Adobe Flash Player versions prior to 31.0.0.153. Impact ===== A remote attacker can execute arbitrary code via a crafted Flash file. References ========= https://security.archlinux.org/CVE-2018-15981 . Arch Linux Security Advisory ASA-202312-05: Urgent update for libpng addressing potential memory corruption vulnerability.. Flash Plugin Update, Arch Linux Advisory, Security Updates. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Nov 23, 2018 Critical ArchLinux
198

Arch Linux: 201806-7 Critical Advisory on Flashplugin Remote Threats

The package flashplugin before version 30.0.0.113-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure. . Arch Linux Security Advisory ASA-201806-7 ======================================== Severity: Critical Date : 2018-06-09 CVE-ID : CVE-2018-4945 CVE-2018-5000 CVE-2018-5001 CVE-2018-5002 Package : flashplugin Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-716 Summary ====== The package flashplugin before version 30.0.0.113-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure. Resolution ========= Upgrade to 30.0.0.113-1. # pacman -Syu "flashplugin> =30.0.0.113-1" The problems have been fixed upstream in version 30.0.0.113. Workaround ========= None. Description ========== - CVE-2018-4945 (arbitrary code execution) A type confusion issue has been found in Adobe Flash Player before 30.0.0.113, leading to arbitrary code execution. - CVE-2018-5000 (information disclosure) An integer overflow issue has been found in Adobe Flash Player before 30.0.0.113, leading to information disclosure. - CVE-2018-5001 (information disclosure) An out-of-bounds read has been found in Adobe Flash Player before 30.0.0.113, leading to information disclosure. - CVE-2018-5002 (arbitrary code execution) A stack-based buffer overflow has been found in Adobe Flash Player before 30.0.0.113, leading to arbitrary code execution. Impact ===== A remote attacker can access sensitive information or execute arbitrary code via a crafted Flash file. References ========= https://security.archlinux.org/CVE-2018-4945 https://security.archlinux.org/CVE-2018-5000 https://security.archlinux.org/CVE-2018-5001 https://security.archlinux.org/CVE-2018-5002 . The Debian Security Announcement DSA-2019-123 outlines severe vulnerabilities in the OpenSSL package that could lead to unauthorized data access.. Arch Linux, Flash Plugin, Critical Issues, RemoteAccess, Code Execution. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 10, 2018 Critical ArchLinux
198

Arch Linux: ASA-201711-21 Critical: Flashplugin Arbitrary Code Execution

The package flashplugin before version 27.0.0.187-1 is vulnerable to arbitrary code execution. . Arch Linux Security Advisory ASA-201711-21 ========================================= Severity: Critical Date : 2017-11-15 CVE-ID : CVE-2017-11213 CVE-2017-11215 CVE-2017-11225 CVE-2017-3112 CVE-2017-3114 Package : flashplugin Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-492 Summary ====== The package flashplugin before version 27.0.0.187-1 is vulnerable to arbitrary code execution. Resolution ========= Upgrade to 27.0.0.187-1. # pacman -Syu "flashplugin> =27.0.0.187-1" The problems have been fixed upstream in version 27.0.0.187. Workaround ========= None. Description ========== - CVE-2017-11213 (arbitrary code execution) An out-of-bounds access vulnerability has been discovered in flashplugin before 27.0.0.187 leading to arbitrary code execution when playing a specially crafted SWF file. - CVE-2017-11215 (arbitrary code execution) An use after free vulnerability has been discovered in flashplugin before 27.0.0.187 leading to arbitrary code execution when playing a specially crafted SWF file. - CVE-2017-11225 (arbitrary code execution) An use after free vulnerability has been discovered in flashplugin before 27.0.0.187 leading to arbitrary code execution when playing a specially crafted SWF file. - CVE-2017-3112 (arbitrary code execution) An out-of-bounds access vulnerability has been discovered in flashplugin before 27.0.0.187 leading to arbitrary code execution when playing a specially crafted SWF file. - CVE-2017-3114 (arbitrary code execution) An out-of-bounds access vulnerability has been discovered in flashplugin before 27.0.0.187 leading to arbitrary code execution when playing a specially crafted SWF file. Impact ===== A remote attacker is able to execute arbitrary code on the affected host via a specially crafted SWFfile. References ========= https://security.archlinux.org/CVE-2017-11213 https://security.archlinux.org/CVE-2017-11215 https://security.archlinux.org/CVE-2017-11225 https://security.archlinux.org/CVE-2017-3112 https://security.archlinux.org/CVE-2017-3114 . Debian Security Bulletin DSA-2023-3322 warns of a severe vulnerability in the libc library. Immediate update is recommended.. Arch Linux Security, Flashplugin Update, Code Exec Risk. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Nov 15, 2017 Critical ArchLinux
198

Arch Linux: ASA-201710-20 Critical Flashplugin Code Execution Risk

The package flashplugin before version 27.0.0.170-1 is vulnerable to arbitrary code execution. . Arch Linux Security Advisory ASA-201710-20 ========================================= Severity: Critical Date : 2017-10-16 CVE-ID : CVE-2017-11292 Package : flashplugin Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-449 Summary ====== The package flashplugin before version 27.0.0.170-1 is vulnerable to arbitrary code execution. Resolution ========= Upgrade to 27.0.0.170-1. # pacman -Syu "flashplugin> =27.0.0.170-1" The problem has been fixed upstream in version 27.0.0.170. Workaround ========= None. Description ========== A type confusion vulnerability has been found in Adobe Flash Player

Calendar%202 Oct 16, 2017 Critical ArchLinux
198

Arch Linux ASA-201708-2 Critical Flashplugin Remote Code Threat

The package flashplugin before version 26.0.0.151-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure. . Arch Linux Security Advisory ASA-201708-2 ======================================== Severity: Critical Date : 2017-08-10 CVE-ID : CVE-2017-3085 CVE-2017-3106 Package : flashplugin Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-373 Summary ====== The package flashplugin before version 26.0.0.151-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure. Resolution ========= Upgrade to 26.0.0.151-1. # pacman -Syu "flashplugin> =26.0.0.151-1" The problems have been fixed upstream in version 26.0.0.151. Workaround ========= None. Description ========== - CVE-2017-3085 (information disclosure) An information disclosure flaw has been found in Adobe Flash player < 26.0.0.151. - CVE-2017-3106 (arbitrary code execution) A type confusion issue has been found in Adobe Flash player < 26.0.0.151, leading to remote code execution. Impact ===== A remote attacker might be able to access sensitive information or execute arbitrary code on the affected host. References ========= https://security.archlinux.org/CVE-2017-3085 https://security.archlinux.org/CVE-2017-3106 . The Flashplugin on Arch Linux contains serious security flaws, please update right away to ensure your system's safety after ASA-201708-2.. Flashplugin Issues, Arch Linux Security, Code Execution Threat. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Aug 10, 2017 Critical ArchLinux
198

ArchLinux: 201707-10 Critical: Flashplugin Multiple Issues Advisory

The package flashplugin before version 26.0.0.137-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure. . Arch Linux Security Advisory ASA-201707-10 ========================================= Severity: Critical Date : 2017-07-11 CVE-ID : CVE-2017-3080 CVE-2017-3099 CVE-2017-3100 Package : flashplugin Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-344 Summary ====== The package flashplugin before version 26.0.0.137-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure. Resolution ========= Upgrade to 26.0.0.137-1. # pacman -Syu "flashplugin> =26.0.0.137-1" The problems have been fixed upstream in version 26.0.0.137. Workaround ========= None. Description ========== - CVE-2017-3080 (information disclosure) A security issue leading to information disclosure has been found in Adobe Flash Player < 26.0.0.137. - CVE-2017-3099 (arbitrary code execution) A memory corruption vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.137. - CVE-2017-3100 (information disclosure) A memory corruption vulnerability leading to the disclosure of a memory address has been found in Adobe Flash Player < 26.0.0.137. It could be used to bypass some security protections like ASLR. Impact ===== A remote attacker can execute arbitrary code on the affected host. References ========= https://security.archlinux.org/CVE-2017-3080 https://security.archlinux.org/CVE-2017-3099 https://security.archlinux.org/CVE-2017-3100 . Essential security notice ASA-202310-12 for Arch Linux: flashplugin flaws requiring immediate remediation.. Arch Linux, Flashplugin Issues, Remote Code Execution, Information Disclosure. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 11, 2017 Critical ArchLinux
198

ArchLinux: 2017-06-14 Critical: Flashplugin Code Execution Threat

The package flashplugin before version 26.0.0.126-1 is vulnerable to arbitrary code execution. . Arch Linux Security Advisory ASA-201706-14 ========================================= Severity: Critical Date : 2017-06-14 CVE-ID : CVE-2017-3075 CVE-2017-3076 CVE-2017-3077 CVE-2017-3078 CVE-2017-3079 CVE-2017-3081 CVE-2017-3082 CVE-2017-3083 CVE-2017-3084 Package : flashplugin Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-297 Summary ====== The package flashplugin before version 26.0.0.126-1 is vulnerable to arbitrary code execution. Resolution ========= Upgrade to 26.0.0.126-1. # pacman -Syu "flashplugin> =26.0.0.126-1" The problems have been fixed upstream in version 26.0.0.126. Workaround ========= None. Description ========== - CVE-2017-3075 (arbitrary code execution) A use-after-free vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126. - CVE-2017-3076 (arbitrary code execution) A memory corruption vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126. - CVE-2017-3077 (arbitrary code execution) A memory corruption vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126. - CVE-2017-3078 (arbitrary code execution) A memory corruption vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126. - CVE-2017-3079 (arbitrary code execution) A memory corruption vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126. - CVE-2017-3081 (arbitrary code execution) A use-after-free vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126. - CVE-2017-3082 (arbitrary code execution) A memory corruption vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126. - CVE-2017-3083 (arbitrarycode execution) A use-after-free vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126. - CVE-2017-3084 (arbitrary code execution) A use-after-free vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126. Impact ===== A remote attacker can execute arbitrary code on the affected host. References ========= https://security.archlinux.org/CVE-2017-3075 https://security.archlinux.org/CVE-2017-3076 https://security.archlinux.org/CVE-2017-3077 https://security.archlinux.org/CVE-2017-3078 https://security.archlinux.org/CVE-2017-3079 https://security.archlinux.org/CVE-2017-3081 https://security.archlinux.org/CVE-2017-3082 https://security.archlinux.org/CVE-2017-3083 https://security.archlinux.org/CVE-2017-3084 . Serious security flaw detected in Arch Linux flashplugin. Update immediately to mitigate significant threat. Discover details here!. Arbitrary Code Execution, Flashplugin, Arch Linux Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 15, 2017 Critical ArchLinux
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200