2528 matches found
Astra Linux – Vulnerability in Chromium
The use of after-free in Media in Google Chrome before version 103.0.5060.53 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in net-snmp
Net-SNMP provides various tools related to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials could exploit an improper input validation vulnerability when setting malformed OIDs in both the master agent and subagent simultaneously. Version 5.9.2...
Astra Linux – Vulnerability in Chromium
Type Confusion in V8 in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to potentially perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
In V8 of Google Chrome, out-of-bounds memory access prior to version 123.0.6312.105 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in WebKit2GTK
The issue was addressed through improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, and watchOS 10.5. An attacker with arbitrary read and write capabilities may be able to bypass Pointer Authentication...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: fs/aio: Restricted kiocbsetcancelfn to I/O submitted via libaio. If kiocbsetcancelfn is called for I/O submitted via iouring, the following kernel warning appears: WARNING: CPU: 3 PID: 368 at fs/aio.c:598 kiocbsetcancelfn+0x9c/0x...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fixed a potential out-of-bounds issue related to read/write operations via C45 clause 45 of the mdiobus interface. When using publicly available tools like ‘mdio-tools’ to read/write data from/to network interfaces v...
Astra Linux – Vulnerability in Chromium
The use of after-free in Base Internals in Google Chrome before version 101.0.4951.41 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Ceph
A flaw was discovered in OpenStack Manilla that manages Ceph File systems’ shares. This flaw allows the owner to read/write any share or entire file system. The vulnerability stems from a bug in the “volumes” plugin of the Ceph Manager. This allows attackers to compromise the confidentiality and...
Astra Linux – Vulnerability in Chromium
Before version 99.0.4844.51, using Accessibility in Google Chrome allowed a remote attacker who convinced a user to perform certain UI gestures to execute arbitrary read/write operations through a crafted HTML page. Chromium security severity: Low...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in Blink in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
The use of after-free in the UI of Google Chrome before version 102.0.5005.61 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
The use of after free in Blink in Google Chrome before version 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Qemu
A flaw was discovered in qemu. A host privilege escalation issue was identified in the virtio-fs shared file system daemon, where a privileged guest user is able to create a device-specific special file in the shared directory and use it to gain read/write access to host devices...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
Incorrect verifier pruning in the BPF module of the Linux kernel version 5.4 and above leads to unsafe code paths being incorrectly marked as safe. This results in arbitrary read/writes to kernel memory, lateral privilege escalation, and container escapes...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iouring/rw: Potential allocated iovec in the cache may be freed after a failure. If a read/write request passes through ioreqrwcleanup, and an allocated iovec is attached to the request but fails to be placed into the rwcache, it...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: 9p/transfd: Always use ONONBLOCK for read/write operations. The syzbot report indicates that tasks become hung at p9fdclose, due to p9muxpollstop. This occurs because p9connDestroy fails to interrupt kernelread/kernelwrite that...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...
Astra Linux – Vulnerability in Chromium
In Tint, reading and writing outside the allowed boundaries in Google Chrome on a Mac before version 145.0.7632.116 allowed a remote attacker to perform out-of-bounds memory access through a crafted HTML page. Chromium security severity: High...