172491 matches found
Astra Linux – Vulnerability in alsa-lib
Versions of alsa-lib from 1.2.2 up to and including 1.2.15.2, prior to the release of 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder. The tplgdecodecontrolmixer1 function reads the numchannels field from untrusted .tplg data and uses it as a loop bound without...
Astra Linux – Vulnerability in Node-Elliptic
The verify function in lib/elliptic/eddsa/index.js within the Elliptic package, as of version 6.5.6 for Node.js, omits the validation of the condition “sig.S.gtesig.eddsa.curve.n || sig.S.isNeg”...
Astra Linux – Vulnerability in libde265
It was discovered that Libde265 v1.0.8 contains a heap-buffer-overflow vulnerability through the ffhevcputweightedpredavg8sse instruction in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack using a crafted video file...
Astra Linux – Vulnerability in node-moment
moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Versions of moment that were affected use an inefficient parsing algorithm. Specifically, the string-to-date parsing method used by moment more precisely, the rfc2822 parsing method, which is used by...
Astra Linux – Vulnerability in cjson
In cJSON before version 1.7.18, parsestring has a heap-based buffer over-read issue, occurring through "1":1, without any trailing newline characters when cJSONParseWithLength is called...
Astra Linux – Vulnerability in cjson
In versions of cJSON 1.5.0 through 1.7.18, the decodearrayindexfrompointer function in cJSONUtils.c allows for out-of-bounds access. This enables remote attackers to bypass array bounds checking and access restricted data through malformed JSON pointer strings containing alphanumeric characters...
Astra Linux – Vulnerability in glibc
NSCD: Stack-based buffer overflow in netgroup cache If the fixed-size cache of the Name Service Cache Daemon nscd is exhausted due to client requests, then a subsequent client request for netgroup data may lead to a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cach...
Astra Linux – Vulnerability in Dbus
A issue was discovered in D-Bus before 1.12.24, 1.13.x, and 1.14.x, before 1.14.4, and 1.15.x, before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format...
Astra Linux – Vulnerability in hdf5
There is an out-of-bounds read vulnerability in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially crafted GIF file can lead to code execution. An attacker can provide a malicious file to exploit this vulnerability...
Astra Linux – Vulnerability in ICU
A stack buffer overflow was detected in the International components for Unicode ICU. While running the genrb binary, the ‘subtag’ structure exceeded its limit at the SRBRoot::addTag function. This issue may lead to memory corruption and the execution of arbitrary local code...
Astra Linux – Vulnerability in libxmp
Libxmp through version 4.6.2 has a stack-based buffer overflow in the depackpha function in the loaders/prowizard/pha.c file, due to a malformed Pha format tracker module in a .mod file...
Astra Linux – Vulnerability in Raptor2
In the Raptor RDF Syntax Library version 2.0.16, there was a heap-based buffer overflow issue during the parsing of triples using the nquads parser in the raptorntriplesparseterminternal function...
Astra Linux – Vulnerability in cjson
It has been discovered that cJSON v1.7.16 contains a segmentation violation due to the use of the cJSONSetValuestring function in the cJSON.c file...
Astra Linux – Vulnerability in yaml-cpp
The Scanner::EnsureTokensInQueue function in yaml-cpp also known as LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash through a crafted YAML file...
Astra Linux – Vulnerability in opensc
Buffer overflow issues were identified in Opensc before version 0.22.0 in various locations, which could potentially cause programs using the library to crash...
Astra Linux – Vulnerability in yaml-cpp
The SingleDocParser::HandleFlowMap function in yaml-cpp also known as LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service resource consumption and application crash through a crafted YAML file...
Astra Linux – Vulnerability in Redis
Redis is an open-source, in-memory database that persists data on disk. A authenticated user can use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. This issue exists in all versions of Redis that support L...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: fixed an uninitialized flag for AV/C deferred transactions. AV/C deferred transactions were supported at commit 00a7bb81c20f “ALSA: firewire-lib: add support for deferred transactions”. However, the ‘deferrabl...
Astra Linux – Vulnerability in Tiff
A vulnerability has been identified in LibTIFF 4.7.0. This affects the function main of the tiffcrop.c file in the tiffcrop component. Performing certain manipulations may lead to memory corruption. This attack can only be executed locally. The exploit has been made available to the public, and i...
Astra Linux – Vulnerability in CGal
There is a code execution vulnerability in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. There is also an oob read vulnerability in NefS2/SNCioparser.h, specifically in the function SNCioParser::readsloop and slh-twin. An attacker can provide malicious input to trigger this...