Lucene search
K

1860 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-32882

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in...

7.1CVSS6AI score0.00323EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/21 2:29 a.m.14 views

SUSE CVE-2026-32882

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in libheif/pixelimage.cc. When compositing an overlay image iovl whose child image has a different bit depth for the alpha channel than for the color...

6.1CVSS5.8AI score0.00323EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ovl: fixed null pointer dereferencing in ovlgetaclrcu The processes involved are: P1 P2 pathopenat linkpathwalk maylookup inodepermissionrcu ovlpermission aclpermissioncheck checkacl getcachedaclrcu ovlgetinodeacl realinode =...

6AI score0.00163EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/mxsfb: Disabling the overlay plane in mxsfbplaneoverlayatomicdisable When disabling the overlay plane in mxsfbplaneoverlayatomicupdate, the framebuffer pointer of the overlay plane is NULL. Therefore, dereferencing it would...

5.7AI score0.00192EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in docker.io

Moby is an open-source container framework developed by Docker Inc. It is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby, is commonly referred to as Docker. Swarm Mode, which is...

6.8CVSS7AI score0.0144EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ovl: Use the “buf” flexible array as the destination for memcpy. The “buf” flexible array must be used as the destination for memcpy to avoid false positive run-time warnings caused by the recent FORTIFYSOURCE hardening measures:...

5.5CVSS5.3AI score0.00179EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/omap: fixed the NULL but dereferenced coccicheck error. Fixed the following coccicheck warning: ./drivers/gpu/drm/omapdrm/omapoverlay.c:89:22-25: ERROR: rovl is NULL, but it was dereferenced. The correct value should be ovl-i...

5.5CVSS6.1AI score0.00243EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Issue: ofoverlay: Early call to callchangesetinit When ofoverlayfdtapply fails, the changeset may be partially applied. It is still expected that the caller will call ofoverlayremove to clean up this partial state. However,...

5.7AI score0.00199EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: The fs subsystem requires passing the ATGETATTRNOSEC flag to the getattr interface function. When the vfsgetattrnosec function calls the getattr interface of a file system, the nosec flag should be propagated into this function, ...

5.5CVSS5.9AI score0.00208EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ovl: fixed the warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate - ovlcreatereal: if !err && WARNON!newdentry-d inode The reason is that the cgroup2 filesystem returns from mkdir without...

5.5CVSS6.3AI score0.00235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

A use-after-free flaw was discovered in the Linux kernel’s Ext4 File System, where a user can trigger multiple file operations simultaneously using the overlay FS mechanism. This flaw allows a local user to crash the system or potentially escalate their privileges on the system. Only if patch...

7.8CVSS6.8AI score0.00221EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Through the use of reportValidity and window.open, a plain-text validation message could be displayed on another origin, potentially causing confusion for users and allowing for spoofing attacks. This vulnerability affects Firefox 93, Thunderbird 91.2, and Firefox ESR 91.2...

6.5CVSS6.8AI score0.00531EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux

Local privilege escalation vulnerability in Ubuntu Kernels overlayfs: Ovlcopyupmeta inodedata function skips permission checks when calling ohldosetxattr on Ubuntu kernels...

7.8CVSS7AI score0.08894EPSS
Exploits12References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in xorg-server

A flaw was discovered in the X.Org Server Overlay Window. A use-after-free could lead to local privilege escalation. If a client explicitly destroys the compositor overlay window also known as COW, the Xserver will retain a dangling pointer to that window in the CompScreen structure, which will...

7.8CVSS7.1AI score0.0044EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A flaw was discovered in the Linux kernel, where unauthorized access to the execution of the setuid file with specific capabilities was detected within the OverlayFS subsystem of the Linux kernel. This issue occurs when a user copies a file with capabilities from a nosuid mount to another mount...

7.8CVSS6.8AI score0.0788EPSS
Exploits14References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox

By manipulating the fullscreen feature while opening a data-list, an attacker could overlay a text box over the address bar. This could lead to user confusion and potential spoofing attacks. This vulnerability affects Firefox versions less than 127...

6.1CVSS6.8AI score0.00382EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Due to a sequence of events controlled by the attacker, a JavaScript alert dialog with arbitrary although unstyled contents could be displayed over an uncontrolled web page of the attacker’s choice. This vulnerability affects Firefox 94, Thunderbird 91.3, and Firefox ESR 91.3...

4.3CVSS6.3AI score0.01622EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

A malicious website that could create a popup might resize the popup to overlay the address bar with its own content, causing potential confusion for users or leading to spoofing attacks. This bug only affects Thunderbird for Linux. Other operating systems are unaffected.. This vulnerability...

6.5CVSS6.8AI score0.00744EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ovl: Fixed a NULL pointer dereference issue in the copy-up warning message. This patch addresses a NULL pointer dereference that caused a recently introduced warning message to fail...

5.5CVSS5.9AI score0.00222EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A race condition accessing file objects in the Linux kernel OverlayFS subsystem was identified. This occurs when users renames files using OverlayFS in a specific manner. A local user could exploit this flaw to cause the system to crash...

4.7CVSS6.7AI score0.00216EPSS
Exploits0References2
Rows per page
Query Builder