2475 matches found
Astra Linux - уязвимость в chromium
The use of after-free in Blink in Google Chrome before version 93.0.4577.82 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
Inappropriate implementation in Blink in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
The use of after-free in Media in Google Chrome before version 103.0.5060.53 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
The use of after-free in the UI of Google Chrome before version 102.0.5005.61 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: Medium...
Astra Linux - уязвимость в chromium
Before version 99.0.4844.51, using Accessibility in Google Chrome allowed a remote attacker who convinced a user to perform certain UI gestures to execute arbitrary read/write operations through a crafted HTML page. Chromium security severity: Low...
Astra Linux - уязвимость в chromium
The use of after-free in Base Internals in Google Chrome before version 101.0.4951.41 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
Incorrect verifier pruning in the BPF module of the Linux kernel version 5.4 and above leads to unsafe code paths being incorrectly marked as safe. This results in arbitrary read/writes to kernel memory, lateral privilege escalation, and container escapes...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
Linux Kernel nftables Out-of-bounds Read/Write Vulnerability; nftbyteorder improperly handles the contents of VM registers when CAPNETADMIN is present in any user or network namespace...
Astra Linux - уязвимость в chromium
Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
The use of WebCodecs with “after free” in Google Chrome before version 123.0.6312.86 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
In V8 of Google Chrome, out-of-bounds memory access prior to version 123.0.6312.105 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
Type Confusion in V8 in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to potentially perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iouring/rw: Potential allocated iovec in the cache may be freed after a failure. If a read/write request passes through ioreqrwcleanup, and an allocated iovec is attached to the request but fails to be placed into the rwcache, it...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevents deadlock by changing j1939sockslock to rwlock The following 3 locks may race against each other, causing a deadlock situation in the Syzbot bug report: - j1939sockslock - activesessionlistlock -...
PT-2026-42379
free5GC's SMF UPI management interface lacks auth middleware; unauthenticated topology read/write requests reach handlers in github.com/free5gc/smf...
Linux Distros Unpatched Vulnerability : CVE-2026-34159
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - llama.cpp is an inference of several LLM models in C/C++. Prior to version b8492, the RPC backend's deserializetensor skips all bounds validation when a tensor'...
CVE-2024-36343
CVE-2024-36343 describes improper input validation in the System Management Mode (SMM) communications buffer, enabling a privileged attacker to perform an out-of-bounds read or write in a limited portion of the Top of Memory Segment (TSEG) on AMD platforms. The issue can impact confidentiality an...
CVE-2024-36343
Improper input validation in the System Management Mode SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to a limited section of the Top of Memory Segment TSEG memory region, potentially resulting in loss of confidentiality or integrity...
Improper Access Control
kcp is vulnerable to Improper Access Control. The vulnerability is due to the cache server being exposed without authentication or authorization controls, which allows an attacker to read from and write to the cache server if they can access the root shard...