Lucene search
K

1252 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iouring/memmap: The nrpages value is cast to sizet before shifting. If the allocated size exceeds UINTMAX, it is necessary to cast the mr-nrpages value to sizet to prevent an overflow. In practice, this isn’t a major issue, as th...

7.8CVSS5.7AI score0.00141EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Cast UI in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to spoof the browser UI through a crafted HTML page. Chromium security severity: Low...

4.3CVSS6.1AI score0.00415EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

The use of after-free in Cast in Google Chrome before version 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.7AI score0.00313EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Before version 99.0.4844.51, using the "After Free" feature in the Cast UI in Google Chrome allowed a remote attacker who convinced a user to engage in certain user interactions to potentially perform a sandbox escape through a crafted HTML page...

9.6CVSS7.4AI score0.00918EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mlx5: Fixed a leak in skb during fifo resync and push operations. During the ptp resync operation, SKBs were popped from the fifo, but they were never freed either by napiconsume or by devkfreeskbany. Added a call to...

5.4AI score0.00166EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in SQLite3

In SQLite 3.49.0 before 3.49.1, certain argument values passed to sqlite3dbconfig in the C-language API can cause a denial of service application crash. A sznBig multiplication is not cast to a 64-bit integer, which can lead to incorrect memory allocations...

5.6CVSS6.6AI score0.00169EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in Cast in Google Chrome before version 99.0.4844.51 allowed attackers to convince users to install a malicious extension and induce specific user interactions, thereby potentially exploiting heap corruption through a crafted Chrome Extension...

8.8CVSS7.3AI score0.00737EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in imagemagick

There are 4 locations in HistogramCompare in MagickCore/histogram.c where integer overflow is possible during simple mathematical calculations. This occurs with the rgb values and the count value for a color. The patch uses casts to the ssizet type for these calculations, rather than using int...

4.3CVSS6.6AI score0.01163EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

While implementing AudioWorklets, some code may have converted one type to another, resulting in an invalid, dynamic type. This could lead to a potentially exploitable crash. This vulnerability affects Firefox 111, Firefox ESR 102.9, and Thunderbird 102.9...

8.8CVSS7.3AI score0.00702EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fixed possible integer overflows in nilfsfiemap. Since nilfsbmaplookupcontig in nilfsfiemap calculates its result by preparing to process up to maxblocks == INTMAX blocks, the value stored in n may experience an overflow...

5.5CVSS6.2AI score0.00211EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

Before the release of version 100.0.4896.60, using the "after free" mechanism in the Cast UI in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS6.9AI score0.00745EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in Cast in Google Chrome before version 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.01219EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/19 9:38 a.m.7 views

CVE-2026-12014

The following flaw was identified in the Chromium browser: Use after free Cast. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=514742747...

8.3CVSS5.8AI score0.00174EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.19 views

PT-2026-50891

Name of the Vulnerable Software and Affected Versions NI grpc-device versions prior to 2.17.0 Description An unchecked enum cast issue exists in the BeginSidebandStream function. An attacker can trigger invalid enum states and undefined behavior by supplying a specially crafted message containing...

7.1CVSS5.9AI score0.00254EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2026/06/15 2:0 p.m.6 views

Chromium: CVE-2026-12014 Use after free  Cast

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.3CVSS5.2AI score0.00174EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/13 2:28 a.m.10 views

SUSE CVE-2026-12014

Use after free in Cast in Google Chrome prior to 149.0.7827.115 allowed an attacker on the local network segment to potentially perform a sandbox escape via malicious network traffic. Chromium security severity: High...

8.3CVSS5.3AI score0.00174EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/12 12:31 a.m.7 views

EUVD-2026-36335

Use after free in Cast in Google Chrome prior to 149.0.7827.115 allowed an attacker on the local network segment to potentially perform a sandbox escape via malicious network traffic. Chromium security severity: High...

8.3CVSS5.5AI score0.00174EPSS
Exploits0References3
OSV
OSV
added 2026/06/11 10:16 p.m.2 views

DEBIAN-CVE-2026-12014

Use after free in Cast in Google Chrome prior to 149.0.7827.115 allowed an attacker on the local network segment to potentially perform a sandbox escape via malicious network traffic. Chromium security severity: High...

8.3CVSS5.3AI score0.00174EPSS
Exploits0References1
NVD
NVD
added 2026/06/11 10:16 p.m.8 views

CVE-2026-12014

Use after free in Cast in Google Chrome prior to 149.0.7827.115 allowed an attacker on the local network segment to potentially perform a sandbox escape via malicious network traffic. Chromium security severity: High...

8.3CVSS0.00174EPSS
Exploits0References2
CVE
CVE
added 2026/06/11 8:48 p.m.32 views

CVE-2026-12014

CVE-2026-12014 affects Google Chrome’s Cast component. The issue is a use-after-free in Cast that, on devices on the local network, could enable a sandbox escape via crafted network traffic. Chrome mitigations rely on updating to the patched build (149.0.7827.115; Windows/Mac 149.0.7827.114/115; ...

8.3CVSS5.5AI score0.00174EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder