172494 matches found
Astra Linux – Vulnerability in glibc
The deprecated compatibility function clntcreate in the sunrpc module of the GNU C Library also known as glibc from versions up to 2.34 copies its hostname argument onto the stack without validating its length. This may lead to a buffer overflow, potentially causing a denial of service or, if the...
Astra Linux – Vulnerability in libuv1
libuv is a multi-platform support library that focuses on asynchronous I/O operations. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its Windows counterpart src/win/getaddrinfo.c truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to generat...
Astra Linux – Vulnerability in liblivemedia
In liveMedia/FramedSource.cpp within Live555, up to version 1.08, an assertion failure can occur, leading to an application exit through multiple SETUP and PLAY commands...
Astra Linux – Vulnerability in libde265
Libde265 v1.0.4 contains a heap buffer overflow in the putweightedpredavg16fallback function, which can be exploited through a specially crafted file...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: libbpf: Use of the OPTSSET macro in bpfxdpquery When the featureFlags and xdpzcmaxsegs fields were added to the libbpf bpfxdpQueryOpts structure, the code that wrote these fields did not use the OPTSSET macro. This causes libbpf ...
Astra Linux – Vulnerability in Chromium, WebKit2GTK
The use of after-free in ANGLE in Google Chrome before version 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerabilities in expat, Firefox, Thunderbird
In libexpat before version 2.7.4, the doContent function does not properly determine the buffer size bufSize, as there is no check for integer overflow during the reallocation of the tag buffer...
Astra Linux – Vulnerability in Firefox and Thunderbird
A compromised web process was able to trigger unauthorized reads and writes in a more privileged process by using manipulated WebGL textures. This vulnerability has been fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4...
Astra Linux – Vulnerability in Firefox
Integer overflow in the JavaScript: Standard Library component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
Astra Linux – Vulnerability in aom
It was discovered that AOM v2.0.1 contains a NULL pointer dereferencing issue, which occurs through the component av1/av1dxiface.c...
Astra Linux – Vulnerability in Chromium
A out-of-bounds read in Skia using Google Chrome before version 146.0.7680.153 allowed a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in pyyaml
A vulnerability was discovered in the PyYAML library in versions prior to 5.3.1. In these versions, the library is susceptible to arbitrary code execution when it processes untrusted YAML files using the fullload method or the FullLoader loader. Applications that use this library to process...
Astra Linux – Vulnerability in CGal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...
Astra Linux – Vulnerability in exempi
The XMP Toolkit SDK version 2021.07 and earlier is affected by a stack-based buffer overflow vulnerability that may lead to arbitrary code execution within the context of the current user. Exploitation requires user interaction—that is, the victim must open a specially crafted file...
ECHO-181B-3174-D33F
Bulletin has no description...
ECHO-BF7F-1067-F2A9
Bulletin has no description...
ECHO-E31B-3EF0-93B2
Bulletin has no description...
ECHO-117A-9A28-6844
Bulletin has no description...
ECHO-C091-93E9-FA66
Bulletin has no description...
ECHO-5859-A1F1-B62C
Bulletin has no description...