5546 matches found
Astra Linux - уязвимость в chromium
Insufficient policy enforcement in the Loader component of Google Chrome prior to version 138.0.7204.49 allowed a remote attacker to bypass content security policies through a crafted HTML page. Chromium security severity: Low...
Astra Linux - уязвимость в libstb
stbimage.h also known as the stb image loader version 2.23 has a heap-based buffer overflow issue in stbitgaload, which can lead to information disclosure or denial of service...
Astra Linux - уязвимость в chromium
Before version 91.0.4472.101, using "after free" in the Loader component in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в chromium
Insufficient policy enforcement in the Loader component of Google Chrome prior to version 136.0.7103.113 allowed a remote attacker to leak cross-origin data through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в grub2
A flaw was discovered in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It’s possible to cause the allocation length to overflow with a specially crafted tar file, resulti...
Astra Linux - уязвимость в chromium
Before version 96.0.4664.45, using free after loading in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в chromium
Type confusion in the loader of Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in libstb
stbimage is a single-file library licensed under MIT that is used for processing images. A properly crafted image file may trigger an out-of-bounds memcpy read in stbigifloadnext. This occurs because twoback points to a memory address that is lower than the start of the buffer. This issue could b...
Astra Linux - уязвимость в chromium
The use of “after free” in the Loader component in Google Chrome before version 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в libstb
A issue was discovered in stbstbimage.h versions 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length data. An attacker could potentially cause a denial of service in applications that use stbimage by submitting crafted HDR files...
Astra Linux - уязвимость в chromium
Insufficient data validation in the loader component of Google Chrome prior to version 96.0.4664.93 allowed a remote attacker to leak cross-origin data through a crafted HTML page...
Astra Linux - уязвимость в u-boot
In Das U-Boot through 2022.07-rc5, an integer signedness error and resulting stack-based buffer overflow occur in the “i2c md” command, which allows for the corruption of the return address pointer of the doi2cmd function...
Astra Linux - уязвимость в libstb
stbimage is a single-file library licensed under MIT that is used for processing images. The stbigetn function reads a specified number of bytes from the context usually a file into the specified buffer. If the file stream points to the end of the file, it returns zero. There are two places where...
Astra Linux - уязвимость в blender
An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, potentially allowing an attacker to read sensitive data using a crafted DDS image file. This flaw affects Blender versions prior to 2.83.19, 2.93.8, and 3.1...
Astra Linux - уязвимость в chromium
The use of “after free” in the Loader component in Google Chrome before version 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в libstb
stbimage is a single-file library licensed under MIT that is used for processing images. A properly crafted image file can trigger an attempt by stbiloadgifmainoutofmem to double-free the out variable. This occurs in stbiloadgifmain, because when the layers stride value is zero, the behavior is...
Astra Linux - уязвимость в node-loader-utils
A prototype pollution vulnerability exists in the parseQuery function in parseQuery.js, within the webpack-loader-utils module. This issue affects all versions prior to 1.4.1 and 2.0.3...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed the bug in estreesearch caused by an invalid boot loader inode. We have encountered the following issues: kernel BUG at fs/ext4/extentsstatus.c:203! invalid opcode: 0000 1 PREEMPT SMP CPU: 1 PID: 945 Comm: cat Not...
Astra Linux - уязвимость в gdisk
In the LoadPartitionTable function of gpt.cc, there is a potential out-of-bounds write vulnerability due to a missing bounds check. This could lead to a local escalation of privileges when inserting a malicious USB device, without the need for additional execution privileges. User interaction is...
Astra Linux - уязвимость в linux, linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: corrected incorrect allocation size gcc-14 notes that the allocation using sizeofvoid on 32-bit architectures is insufficient for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In the function...