172516 matches found
Astra Linux – Vulnerability in pillow
In version 9.0.1, Pillow allows attackers to delete files because spaces in temporary pathnames are mishandled...
Astra Linux – Vulnerability in libssh
A vulnerability was discovered in libssh, where an uninitialized variable exists under certain conditions within the privatekeyfromfile function. This flaw can be exploited if the file specified by the filename does not exist, and it may lead to potential signing failures or heap corruption...
Astra Linux – Vulnerability in Heimdal
Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerable to a denial-of-service vulnerability in Heimdal’s PKI certificate validation library. This vulnerability affects the KDC via PKINIT and kinit via PKINIT, as well as any third-party applications...
Astra Linux – Vulnerability in qtsvg-opensource-src, qt4-x11
In Qt 5.0.0 through 5.15.2, as well as in Qt 6.0.0 through 6.2.1, there is an out-of-bounds write vulnerability in QtPrivate::QCommonArrayOps::growAppend, which is called from QPainterPath::addPath and QPathClipper::intersect...
Astra Linux – Vulnerability in liblivemedia
In liveMedia/FramedSource.cpp within Live555, up to version 1.08, an assertion failure can occur, leading to an application exit through multiple SETUP and PLAY commands...
Astra Linux – Vulnerability in libde265
Libde265 v1.0.4 contains a heap buffer overflow in the putweightedpredavg16fallback function, which can be exploited through a specially crafted file...
Astra Linux – Vulnerability in golang-github-prometheus-client-golang
clientgolang is the instrumentation library for Go applications in Prometheus. The promhttp package within clientgolang provides tools for working with HTTP servers and clients. Prior to version 1.11.1 of clientgolang, HTTP servers were vulnerable to Denial of Service attacks due to unbounded...
Astra Linux – Vulnerability in glibc
The deprecated compatibility function clntcreate in the sunrpc module of the GNU C Library also known as glibc from versions up to 2.34 copies its hostname argument onto the stack without validating its length. This may lead to a buffer overflow, potentially causing a denial of service or, if the...
Astra Linux – Vulnerability in pillow
In imagingcms.c within Pillow, before version 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy...
Astra Linux – Vulnerability in aom
It was discovered that AOM v2.0.1 contains a NULL pointer dereferencing issue, which occurs through the component av1/av1dxiface.c...
Astra Linux – Vulnerability in CGal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...
Astra Linux – Vulnerability in exempi
The XMP Toolkit SDK version 2021.07 and earlier is affected by a stack-based buffer overflow vulnerability that may lead to arbitrary code execution within the context of the current user. Exploitation requires user interaction—that is, the victim must open a specially crafted file...
Astra Linux – Vulnerability in libxstream-java
XStream is a Java library for serializing objects to XML and back again. Before version 1.4.16, XStream had a vulnerability that could allow a remote attacker to execute arbitrary code by manipulating the processed input stream. However, users who followed the recommendations to set up XStream’s...
Astra Linux – Vulnerability in glib2.0
A flaw was discovered in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, resulting in a denial of service or potential code execution through a buffer-underflow in the GVariant parser when processing maliciously crafted input strings...
Astra Linux – Vulnerability in pyyaml
A vulnerability was discovered in the PyYAML library in versions prior to 5.3.1. In these versions, the library is susceptible to arbitrary code execution when it processes untrusted YAML files using the fullload method or the FullLoader loader. Applications that use this library to process...
ECHO-C091-93E9-FA66
Bulletin has no description...
ECHO-E31B-3EF0-93B2
Bulletin has no description...
ECHO-9EE0-9B0A-F95F
Bulletin has no description...
ECHO-0592-6AEE-45D2
Bulletin has no description...
ECHO-181B-3174-D33F
Bulletin has no description...