CVE-2026-28237

Unrestricted resource allocation in AMD uProf may be exploitable to consume excessive system resources, potentially leading to a loss of availability...

CVE-2025-0044

An out-of-bounds read in power management firmware by a malicious local attacker with low privileges could potentially lead to a partial loss of confidentiality and availability...

CVE-2026-0481

Unrestricted IP address binding in the AMD Device Metrics Exporter ROCm ecosystem could allow a remote attacker to perform unauthorized changes to the GPU configuration, potentially resulting in loss of availability...

CVE-2024-21950

An out of bounds read in the remote management firmware could allow a privileged attacker read a limited section of memory outside of established bounds potentially resulting in loss of confidentiality or availability...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow via the NGReset Message Handler process. An attacker can cause memory corruption and potentially impact confidentiality, integrity, and availability by sending specially crafted messages remotely. Remediation Upgrade...

Astra Linux - уязвимость в openexr

There is a flaw in OpenEXR in versions before 3.0.0-beta. A carefully crafted input file processed by OpenEXR could cause a shift overflow in the FastHufDecoder, potentially leading to issues with the application’s functionality...

Astra Linux - уязвимость в openldap

A flaw was discovered in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, thereby triggering an assertion failure. The greatest threat of this vulnerability is to system availability...

Astra Linux - уязвимость в edk2

EDK2 contains a vulnerability in the HashPeImageByType function. A user can cause an out-of-bounds read when a corrupted data pointer and length are sent via an adjacent network. Successful exploitation of this vulnerability may result in a loss of integrity and/or availability...

Astra Linux - уязвимость в imagemagick

A flaw was discovered in ImageMagick’s MagickCore/statistic.c file. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, resulting in values that are outside the range of type unsigned long. This likely affects the availability of the application, but ...

Astra Linux - уязвимость в python3.7

A flaw was discovered in Python. In algorithms with quadratic time complexity that use non-binary bases, when using int“text”, a system may take 50 milliseconds to parse an int string with 100,000 digits, and 5 seconds for strings with 1,000,000 digits. Functions like float, decimal, int.frombyte...

Astra Linux - уязвимость в grub2

A flaw was discovered in grub2 in versions prior to 2.06. The option parser allows an attacker to overwrite a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The greatest threat from this vulnerability is to data confidentiality and...

Astra Linux - уязвимость в openexr

There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with the application’s functionality and availability...

Astra Linux - уязвимость в imagemagick

A flaw was discovered in ImageMagick within MagickCore/quantum.h. An attacker who submits a crafted file processed by ImageMagick could induce undefined behavior, resulting in values that fall outside the range of types float and unsigned char. This likely leads to a disruption in the application...

Astra Linux - уязвимость в openexr

A flaw was discovered in OpenEXR in versions prior to 3.0.0-beta. A specially crafted input file provided by an attacker, when processed by the Dwa decompression functionality of OpenEXR’s IlmImf library, could lead to a NULL pointer dereferencing error. The most severe consequence of this...

Astra Linux - уязвимость в grub2

A flaw was discovered in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking, allowing a privileged attacker to remove address ranges from memory. This creates an opportunity to circumvent SecureBoot protections after proper analysis of grub’s memory layout. The...

Astra Linux - уязвимость в openexr

There is a flaw in OpenEXR’s rleUncompress functionality in versions prior to 3.0.5. An attacker who can submit a crafted file to an application that uses OpenEXR may exploit this flaw, leading to a out-of-bounds read vulnerability. The most significant risk of this flaw is the impact on the...

CVE-2026-0481

Unrestricted IP address binding in the AMD Device Metrics Exporter ROCm ecosystem could allow a remote attacker to perform unauthorized changes to the GPU configuration, potentially resulting in loss of availability...

CVE-2025-29937

An out of bounds read within the AMD Platform Management Framework PMF could allow an attacker to trigger a read of an arbitrary memory location potentially resulting in loss of availability or confidentiality...

CVE-2026-0481

The AMD Device Metrics Exporter (ROCm ecosystem) is affected by CVE-2026-0481: it allows unrestricted IP address binding, enabling a remote attacker to access the GPU-Agent gRPC server (port 50061 by default) and potentially alter GPU configuration, impacting availability. This is documented in A...

EUVD-2024-19556

An out of bounds read in the remote management firmware could allow a privileged attacker read a limited section of memory outside of established bounds potentially resulting in loss of confidentiality or availability...