1252 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iouring/memmap: The nrpages value is cast to sizet before shifting. If the allocated size exceeds UINTMAX, it is necessary to cast the mr-nrpages value to sizet to prevent an overflow. In practice, this isn’t a major issue, as th...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in Cast UI in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to spoof the browser UI through a crafted HTML page. Chromium security severity: Low...
Astra Linux – Vulnerability in Chromium
The use of after-free in Cast in Google Chrome before version 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
Before version 99.0.4844.51, using the "After Free" feature in the Cast UI in Google Chrome allowed a remote attacker who convinced a user to engage in certain user interactions to potentially perform a sandbox escape through a crafted HTML page...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mlx5: Fixed a leak in skb during fifo resync and push operations. During the ptp resync operation, SKBs were popped from the fifo, but they were never freed either by napiconsume or by devkfreeskbany. Added a call to...
Astra Linux – Vulnerability in SQLite3
In SQLite 3.49.0 before 3.49.1, certain argument values passed to sqlite3dbconfig in the C-language API can cause a denial of service application crash. A sznBig multiplication is not cast to a 64-bit integer, which can lead to incorrect memory allocations...
Astra Linux – Vulnerability in Chromium
The use of “after free” in Cast in Google Chrome before version 99.0.4844.51 allowed attackers to convince users to install a malicious extension and induce specific user interactions, thereby potentially exploiting heap corruption through a crafted Chrome Extension...
Astra Linux – Vulnerability in imagemagick
There are 4 locations in HistogramCompare in MagickCore/histogram.c where integer overflow is possible during simple mathematical calculations. This occurs with the rgb values and the count value for a color. The patch uses casts to the ssizet type for these calculations, rather than using int...
Astra Linux – Vulnerability in Firefox and Thunderbird
While implementing AudioWorklets, some code may have converted one type to another, resulting in an invalid, dynamic type. This could lead to a potentially exploitable crash. This vulnerability affects Firefox 111, Firefox ESR 102.9, and Thunderbird 102.9...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fixed possible integer overflows in nilfsfiemap. Since nilfsbmaplookupcontig in nilfsfiemap calculates its result by preparing to process up to maxblocks == INTMAX blocks, the value stored in n may experience an overflow...
Astra Linux – Vulnerability in Chromium
Before the release of version 100.0.4896.60, using the "after free" mechanism in the Cast UI in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
The use of “after free” in Cast in Google Chrome before version 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
CVE-2026-12014
The following flaw was identified in the Chromium browser: Use after free Cast. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=514742747...
PT-2026-50891
Name of the Vulnerable Software and Affected Versions NI grpc-device versions prior to 2.17.0 Description An unchecked enum cast issue exists in the BeginSidebandStream function. An attacker can trigger invalid enum states and undefined behavior by supplying a specially crafted message containing...
Chromium: CVE-2026-12014 Use after free Cast
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
SUSE CVE-2026-12014
Use after free in Cast in Google Chrome prior to 149.0.7827.115 allowed an attacker on the local network segment to potentially perform a sandbox escape via malicious network traffic. Chromium security severity: High...
EUVD-2026-36335
Use after free in Cast in Google Chrome prior to 149.0.7827.115 allowed an attacker on the local network segment to potentially perform a sandbox escape via malicious network traffic. Chromium security severity: High...
DEBIAN-CVE-2026-12014
Use after free in Cast in Google Chrome prior to 149.0.7827.115 allowed an attacker on the local network segment to potentially perform a sandbox escape via malicious network traffic. Chromium security severity: High...
CVE-2026-12014
Use after free in Cast in Google Chrome prior to 149.0.7827.115 allowed an attacker on the local network segment to potentially perform a sandbox escape via malicious network traffic. Chromium security severity: High...
CVE-2026-12014
CVE-2026-12014 affects Google Chrome’s Cast component. The issue is a use-after-free in Cast that, on devices on the local network, could enable a sandbox escape via crafted network traffic. Chrome mitigations rely on updating to the patched build (149.0.7827.115; Windows/Mac 149.0.7827.114/115; ...