Astra Linux - уязвимость в firefox

An attacker could read 32 bits of values that were spilled onto the stack in a JIT-compiled function. This vulnerability was fixed in Firefox 137 and Thunderbird 137...

CVE-2025-71109

In the Linux kernel, the following vulnerability has been resolved: MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits Since commit e424054000878 "MIPS: Tracing: Reduce the overhead of dynamic Function Tracer", the macro UASMiLAmostly has been used, and this macro can...

CVE-2025-71109 MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits

In the Linux kernel, the following vulnerability has been resolved: MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits Since commit e424054000878 "MIPS: Tracing: Reduce the overhead of dynamic Function Tracer", the macro UASMiLAmostly has been used, and this macro can...

CVE-2026-22698

RustCrypto: Elliptic Curves is general purpose Elliptic Curve Cryptography ECC support, including types and traits for representing various elliptic curve forms, scalars, points, and public/secret keys composed thereof. In versions 0.14.0-pre.0 and 0.14.0-rc.0, a critical vulnerability exists in...

EUVD-2018-19360

Malware in sbrugna...

UBUNTU-CVE-2025-38433

In the Linux kernel, the following vulnerability has been resolved: riscv: fix runtime constant support for nommu kernels the runtimefixup32 function does not handle the case where val is zero correctly as might occur when patching a nommu kernel and referring to a physical address below the 4GiB...

CVE-2022-49750

In the Linux kernel, the following vulnerability has been resolved: cpufreq: CPPC: Add u64 casts to avoid overflowing The fields of the CPC object are unsigned 32-bits values. To avoid overflows while using CPC's values, add 'u64' casts...

CVE-2022-49659 can: m_can: m_can_{read_fifo,echo_tx_event}(): shift timestamp to full 32 bits

In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanreadfifo,echotxevent: shift timestamp to full 32 bits In commit 1be37d3b0414 "can: mcan: fix periph RX path: use rx-offload to ensure skbs are sent from softirq context" the RX path for peripheral devices was...

CVE-2022-49659

CVE-2022-49659 : In the Linux kernel, the m_can RX path for peripheral CAN frames (read_fifo/echo_tx_event) was fixed by extending the core timestamps from 16 to 32 bits before passing to RX-offload. The patch in commit 1be37d3b0414 shifts 16-bit timestamps to full 32-bit to prevent overflow issu...

CVE-2024-42102 Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again"

In the Linux kernel, the following vulnerability has been resolved: Revert "mm/writeback: fix possible divide-by-zero in wbdirtylimits, again" Patch series "mm: Avoid possible overflows in dirty throttling". Dirty throttling logic assumes dirty limits in page units fit into 32-bits. This patch...

CVE-2021-47366

In the Linux kernel, the following vulnerability has been resolved: afs: Fix corruption in reads at fpos 2G-4G from an OpenAFS server AFS-3 has two data fetch RPC variants, FS.FetchData and FS.FetchData64, and Linux's afs client switches between them when talking to a non-YFS server if the read...

CVE-2024-32883

MCUboot is a secure bootloader for 32-bits microcontrollers. MCUboot uses a TLV tag-length-value structure to represent the meta data associated with an image. The TLVs themselves are divided into two sections, a protected and an unprotected section. The protected TLV entries are included as part...

RHEL 8 : shim (RHSA-2024:1902)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1902 advisory. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments...

RHEL 9 : shim update (Important) (RHSA-2024:1876)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1876 advisory. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments...

RHEL 8 : shim (RHSA-2024:1883)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1883 advisory. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments...

DEBIAN-CVE-2023-30775

A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c...

Weak Encryption

TrustWalletCore contains Weak Encryption implementations. The vulnerability exists in mt19937 seed generation which has only 32 bits of entropy resulting in only 4 billion mnemonics which allows an attacker to brute force the private key...

USN-5617-1: Xen vulnerabilities

It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use th...

Denial Of Service (DoS) Through Integer Overflow

fuse is vulnerable to denial of service DoS through integer overflow. The vulnerability exists in the bitapsearch.js class since patternLen 30 overflows when JS converts values into 32-bits for all bitwise operations, resulting in an application crash...

Linux Kernel 4.4 rtnetlink Stack Memory Disclosure

/ Briefs - CVE-2016-4486 has discovered and reported by Kangjie Lu. - This is local exploit against the CVE-2016-4486. Tested version - Distro : Ubuntu 16.04 - Kernel version : 4.4.0-21-generic - Arch : x8664 Prerequisites - None Goal - Leak kernel stack base address of current process by...