205326 matches found
Astra Linux - уязвимость в webkit2gtk
Multiple memory corruption issues have been resolved through improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6, iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, and watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution...
Astra Linux - уязвимость в firefox
Mozilla developers Bryce Seager van Dyk and the Mozilla Fuzzing Team reported potential vulnerabilities in Firefox 101. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these vulnerabilities could have been exploited to execute arbitrary...
Astra Linux - уязвимость в webkit2gtk
Processing web content may lead to arbitrary code execution. This issue has been fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17, and Safari 17. The issue was addressed through improved memory handling...
Astra Linux - уязвимость в zabbix
An attacker who has the privilege to configure Zabbix items can use the icmpping function, along with additional malicious commands, to execute arbitrary code on the current Zabbix server...
Astra Linux - уязвимость в libx11, libxpm
A vulnerability was discovered in libX11 due to an integer overflow within the XCreateImage function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges...
Astra Linux - уязвимость в tpm2-tss
tpm2-tss is an open-source software implementation of the Trusted Computing Group’s Trusted Platform Module 2 Software Stack TSS2. In versions prior to 4.1.0-rc0, 4.0.1, and 3.2.2-rc1, functions Tss2RCSetHandler and Tss2RCDecode both indexed into layerhandler using an 8-bit layer number. However,...
Astra Linux - уязвимость в glibc
The deprecated compatibility function clntcreate in the sunrpc module of the GNU C Library also known as glibc from versions up to 2.34 copies its hostname argument onto the stack without validating its length. This may lead to a buffer overflow, potentially causing a denial of service or, if the...
Astra Linux - уязвимость в joblib
The joblib package from versions 0 and before 1.2.0 is vulnerable to Arbitrary Code Execution through the predispatch flag in the Parallel class, due to the eval statement...
Astra Linux - уязвимость в ffmpeg5
The Ffmpeg v.N113007-g8d24a28d06 contains a buffer overflow vulnerability that allows a local attacker to execute arbitrary code through libavutil/imgutils.c:353:9 in the imagecopyplane function...
Astra Linux - уязвимость в firefox
Memory safety bugs exist in Firefox 124. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions prior to 125...
Astra Linux - уязвимость в firefox, thunderbird
Mozilla developers reported memory safety bugs in the code shared between Firefox and Thunderbird. Some of these bugs showed signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects...
Astra Linux - уязвимость в openjpeg2
A heap-buffer overflow was discovered in the way openjpeg2 handles certain PNG format files. An attacker could exploit this flaw to cause an application to crash, or in some cases to execute arbitrary code with the permission of the user running such an application...
Astra Linux - уязвимость в firefox
Mozilla developers reported memory safety bugs in Firefox 84. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects versions of Firefox prior to 85...
Astra Linux - уязвимость в opensc
A heap-based buffer overflow vulnerability was discovered in the libopensc OpenPGP driver. A specially crafted USB device or smart card, containing malicious responses to APDUs during the card enrollment process using the pkcs15-init tool, may lead to unauthorized access, potentially resulting in...
Astra Linux - уязвимость в ffmpeg
A heap-use-after-free in the avfreep function in libavutil/mem.c of FFmpeg 4.2 allows attackers to execute arbitrary code...
Astra Linux - уязвимость в webkit2gtk
A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, and tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code...
Astra Linux - уязвимость в grub2
A flaw was discovered in grub2. When performing a symlink lookup, the grub’s UFS module checks the data size of the inode to allocate an internal buffer to read the file content. However, it fails to check whether the data size of the symlink has exceeded its allocated limit. As a result, the...
Astra Linux - уязвимость в exempi
The XMP Toolkit SDK version 2020.1 and earlier is affected by a buffer overflow vulnerability that may lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction, as the victim must open a specially crafted file...
Astra Linux - уязвимость в firefox, thunderbird
Memory safety bugs exist in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox version...
Astra Linux - уязвимость в firefox, thunderbird
Memory safety bugs exist in Firefox 115, Firefox ESR 115.0, and Thunderbird 115.0. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox version...