172174 matches found
Astra Linux – Vulnerability in libgit2
libgit2 is a portable C implementation of the Git core methods, provided as a linkable library with a robust API. It allows for integrating Git functionality into your application. However, using properly crafted inputs to gitindexadd can lead to heap corruption, which may be exploited for...
Astra Linux – Vulnerability in CGal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...
Astra Linux – Vulnerability in CGal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...
Astra Linux – Vulnerability in RustC
In the standard library of Rust before version 1.50.0, readtoend does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow...
Astra Linux – Vulnerability in opensc
OpenSC before version 0.20.0 has a double-free issue in coolkeyfreeprivatedata, because the coolkeyaddobject function in libopensc/card-coolkey.c lacks a uniqueness check...
Astra Linux – Vulnerability in golang-go.crypto
The x/crypto/ssh package in version 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to cause a panic in an SSH server...
Astra Linux – Vulnerabilities in Firefox, Thunderbird, Expat, LibXMLTok
The lookup function in xmlparse.c within Expat also known as libexpat has an integer overflow before version 2.4.3...
Astra Linux – Vulnerability in c-ares
c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and, if using a c-ares version prior to 1.27.0, the /etc/hosts file. If any of these configuration files contains a NULL...
Astra Linux – Vulnerability in libxml2
The vulnerability of the xmlBufSetInputBaseCur function in the Libxml2 library is related to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux – Vulnerability in Nasm
In libnasm.a of Netwide Assembler NASM 2.14.xx, asm/pragma.c allows for a NULL pointer dereferencing in processpragma, searchpragmalist, and nasmsetlimit when "%pragma limit" is mishandled...
Astra Linux – Vulnerability in glibc
The iconv feature in the GNU C Library also known as glibc or libc6, up to version 2.32, may have a buffer over-read issue when processing invalid multi-byte input sequences in the EUC-KR encoding...
Astra Linux – Vulnerability in libwebp
A heap-based buffer overflow was discovered in libwebp in versions prior to 1.0.1 in the ShiftBytes function...
Astra Linux – Vulnerability in Firefox
A use-after-free vulnerability was identified during testing, and it was traced to an outdated Cairo library. Updating the library resolved the issue, and it may have also addressed other unknown security vulnerabilities. This vulnerability affects Firefox versions earlier than 90...
Astra Linux – Vulnerability in libjackson-json-java
A flaw was discovered in the org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities, similar to CVE-2016-3720, also affect the codehaus jackson-mapper-asl libraries, but in different classes...
Astra Linux – Vulnerability in pillow
In versions 8.2.0 and earlier of Pillow, as well as versions 1.1.7 and earlier of PIL Python Imaging Library, an attacker can pass controlled parameters directly into the convert function, thereby triggering a buffer overflow in Convert.c...
Astra Linux – Vulnerability in CGal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger an...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: In the net: mscc: ocelot section, there was an issue where the IFH SRCPORT field in ocelotifhsetbasic was incorrectly set. Packets injected by the CPU should have the SRCPORT field equal to the CPU port module index in the Analyz...
Astra Linux – Vulnerability in CGal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...
Astra Linux – Vulnerability in libuv1
libuv is a multi-platform support library that focuses on asynchronous I/O operations. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its Windows counterpart src/win/getaddrinfo.c truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to generat...
Astra Linux – Vulnerability in c-ares
Buffer overflow vulnerability in c-ares before 1161 through 1170, due to the aresparsesoareply function in aresparsesoareply.c...