20522 matches found
Astra Linux - уязвимость в cgal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger an...
Astra Linux - уязвимость в python-django
A issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs e.g., an excessive number of parts to multipart forms could result in too many open files or memory exhaustion, and posed a potential vector for a...
Astra Linux - уязвимость в imagemagick
A NULL pointer dereference flaw was discovered in ImageMagick in versions prior to 7.0.10-31, in the ReadSVGImage function in coders/svg.c. This issue arises from not checking the return value from libxml2’s xmlCreatePushParserCtxt function and directly using that value, resulting in a crash and...
Astra Linux - уязвимость в node-marked
Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression block.def might cause catastrophic backtracking against certain strings, leading to a regular expression denial of service ReDoS attack. Any user who runs untrusted markdown using a vulnerable version of...
Astra Linux - уязвимость в chromium
Inappropriate implementation in the HTML parser in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass XSS protections through a crafted HTML page. Chrome security severity: Medium...
Astra Linux - уязвимость в yaml-cpp
The SingleDocParser::HandleNode function in yaml-cpp also known as LibYaml-C++ 0.5.3 allows remote attackers to cause a denial of service resource consumption and application crash through a crafted YAML file...
Astra Linux - уязвимость в wireshark
The NetScaler file parser crashes in Wireshark versions 4.0.0 to 4.0.5, and 3.6.0 to 3.6.13. This issue allows for denial of service through crafted capture files...
Astra Linux - уязвимость в netcdf
A issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmldecode, when parsing a crafted XML file, performs incorrect memory handling, resulting in a NULL pointer being dereferenced while running strlen on a NULL pointer...
Astra Linux - уязвимость в python-werkzeug
Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug’s multipart form data parser would parse an unlimited number of parts, including file parts. These parts could be small amounts of data, but each part requires CPU time to parse, and may consume more memory...
Astra Linux - уязвимость в cgal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted, malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger a...
Astra Linux - уязвимость в cgal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...
Astra Linux - уязвимость в cgal
Multiple code execution vulnerabilities exist in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of...
Astra Linux - уязвимость в http-parser
Node.js versions before 10.23.1, 12.20.1, 14.15.4, and 15.5.1 allow for two copies of a header field in an HTTP request for example, two Transfer-Encoding header fields. In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling...
Astra Linux - уязвимость в openimageio
There is a heap-out-of-bounds read vulnerability in the RLA format parser of OpenImageIO master-branch-9aeece7a and v2.3.19.0. More specifically, it relates to the handling of run-length encoded byte spans. A malformed RLA file can lead to an out-of-bounds read of heap metadata, potentially...
Astra Linux - уязвимость в libcroco
In libcroco version 0.6.13, there is excessive recursion in the cr parser function cr parserparseanycore in cr-parser.c, resulting in stack consumption...
Astra Linux - уязвимость в cgal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...
Astra Linux - уязвимость в cgal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted, malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger a...
Astra Linux - уязвимость в node-ini
This affects the package ini before version 1.3.6. If an attacker submits a malicious INI file to an application that parses it using ini.parse, they will corrupt the prototype within the application. This can be further exploited depending on the context...
Astra Linux - уязвимость в sqlite3
SQLite 3.30.1 improperly handles certain parser-tree rewrites, related to files expr.c, vdbeaux.c, and window.c. This issue is caused by incorrect error handling in the sqlite3WindowRewrite function...
Astra Linux – Vulnerability in openimageio
A stack-based buffer overflow vulnerability exists in the TGA file format parser of OpenImageIO v2.3.19.0. A specially crafted targa file can lead to out-of-bound read and write operations on the process stack, which can result in arbitrary code execution. An attacker can provide a malicious file...