CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

7.8CVSS7.9AI score0.0198EPSS

Astra Linux – Vulnerability in zsh

In zsh before version 5.8.1, an attacker can gain code execution if they control the command output within the prompt, as demonstrated by using a %F argument. This occurs due to the recursive PROMPTSUBST expansion...

Exploits0References1

7.1CVSS8.1AI score0.00233EPSS

Astra Linux – Vulnerability in Ansible

A flaw was discovered in Ansible Engine, in ansible-engine 2.8.x before 2.8.15, and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation, even when the disablegpgcheck parameter is set to False—which is the default...

7.8CVSS8.1AI score0.03009EPSS

Astra Linux – Vulnerability in exempi

The XMP Toolkit version 2020.1 and earlier versions is affected by a memory corruption vulnerability, which may lead to the execution of arbitrary code within the context of the current user. User interaction is required to exploit this vulnerability...

AstraLinux•added 2026/05/03 11:59 p.m.•8 views

Astra Linux – Vulnerability in WebKit2GTK

Multiple memory corruption issues have been resolved through improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, and Security Update 2021-005 Mojave. Processing maliciously crafted web content may lead to arbitrary code execution...

9.3CVSS7.1AI score0.02087EPSS

Exploits0References1

7.8CVSS6.8AI score0.003EPSS

Astra Linux – Vulnerability in LibreOffice

Improper validation of the array index vulnerability in The Document Foundation LibreOffice’s spreadsheet component allows an attacker to create a spreadsheet document that causes an array index underflow upon loading. In the affected versions of LibreOffice, certain malformed spreadsheet formula...

7.2CVSS7.6AI score0.00873EPSS

Astra Linux – Vulnerability in Zabbix

An attacker who has the privilege to configure Zabbix items can use the icmpping function, along with additional malicious commands, to execute arbitrary code on the current Zabbix server...

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux – Vulnerability in busybox

There is a stack overflow vulnerability in ash.c:6030 in busybox before version 1.35. In the environment of the Internet of Vehicles, this vulnerability can lead to the execution of arbitrary code from commands...

9.8CVSS8AI score0.02979EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux – Vulnerability in Firefox

Due to unexpected data type conversions, a use-after-free might have occurred when interacting with the font cache. We assume that with sufficient effort, this vulnerability could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions earlier than 88...

8.8CVSS7.6AI score0.00816EPSS

8.8CVSS8.4AI score0.01408EPSS

Astra Linux – Vulnerability in WebKit2GTK

There is a use-after-free vulnerability in the MediaRecorder API of Webkit GTK 2.40.5. A specially crafted web page can exploit this vulnerability to cause memory corruption and potentially allow for arbitrary code execution. A user would need to visit a malicious webpage in order to trigger this...

8.8CVSS7.5AI score0.01939EPSS

Astra Linux – Vulnerability in WebKit2GTK

A vulnerability related to out-of-bounds reads has been addressed through improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2, and iPadOS 15.2, as well as watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code executio...

8.8CVSS7.5AI score0.07617EPSS

Astra Linux – Vulnerability in WebKit2GTK

Integer overflow has been addressed through improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2, and iPadOS 15.2, as well as watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution...

Exploits1References2

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux – Vulnerability in WebKit2GTK

A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2, and iPadOS 15.2, as well as watchOS 8.3. Processing maliciously crafted web content may...

8.8CVSS7.5AI score0.01885EPSS

7.5CVSS7.3AI score0.01657EPSS

Astra Linux – Vulnerability in WebKit2GTK

A race condition has been addressed through improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2, and iPadOS 15.2, as well as watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution...

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux – Vulnerability in ffmpeg

A heap-use-after-free in the avfreep function in libavutil/mem.c of FFmpeg 4.2 allows attackers to execute arbitrary code...

8.8CVSS7.1AI score0.01719EPSS

Exploits1References2

AstraLinux•added 2026/05/03 11:59 p.m.•7 views

Astra Linux – Vulnerability in WebKit2GTK

A memory corruption issue has been resolved through improved state management. This issue is fixed in tvOS 15.5, iOS 15.5, iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, and Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS8.1AI score0.00904EPSS

8.8CVSS8AI score0.18569EPSS

Astra Linux – Vulnerability in WebKit2GTK

A type confusion issue has been addressed through improved checks. This issue is fixed in iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS Ventura 13.4.1, and Safari 16.5.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a repor...

8.8CVSS8.1AI score0.00902EPSS

Astra Linux – Vulnerability in WebKit2GTK

This issue has been resolved through improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, Safari 16.3, tvOS 16.3, iOS 16.3, and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution...