Lucene search
K

253191 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in WebKit2GTK

A use-after-free vulnerability exists in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before version 2.36.8, allowing attackers to execute code remotely...

8.8CVSS7.9AI score0.00974EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in Redis

Redis is an in-memory database that persists data on disk. A specially crafted XAUTOCLAIM command on a stream key in a specific state may lead to a heap overflow, and potentially remote code execution. This issue affects versions on the 7.x branch prior to 7.0.4. The patch is released in version...

8.8CVSS5.8AI score0.02383EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in FLAC

A buffer overflow vulnerability exists in the function bitwritergrow in FLAC before version 1.4.0, allowing remote attackers to execute arbitrary code through crafted inputs to the encoder...

7.8CVSS8.4AI score0.00749EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in WebKit2GTK

A use-after-free vulnerability exists in WebCore::RenderLayer::addChild in WebKitGTK before version 2.36.8, allowing attackers to execute code remotely...

8.8CVSS7.9AI score0.01053EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.20 views

Astra Linux – Vulnerability in Apache Log4j1.2

In Log4j 1.2, the JMSAppender component is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide configurations for TopicBindingName and TopicConnectionFactoryBindingName, causing the JMSAppender to make JNDI reques...

7.5CVSS7.3AI score0.81147EPSS
Exploits9References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in xorg-server

A flaw was discovered in xorg-server. Changing the actions of XKB buttons, such as moving between the touchpad and the mouse, can lead to out-of-bounds memory reads and writes. This may allow for local privilege escalation or potential remote code execution, especially in cases where X11 forwardi...

7.8CVSS6.9AI score0.01587EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in exim4

Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected Exim installations. Authentication is not required to exploit this vulnerability. The specific flaw lies in the handling of NTLM...

9.8CVSS9.2AI score0.03158EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in libxstream-java

XStream is a Java library for serializing objects to XML and back again. Before version 1.4.16, XStream had a vulnerability that could allow a remote attacker to execute arbitrary code by manipulating the processed input stream. However, users who followed the recommendations to set up XStream’s...

9.8CVSS7.2AI score0.15234EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

The WebGL DrawElementsInstanced method was vulnerable to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

8.8CVSS8.1AI score0.20472EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in Python 2.7

In Python 3.x through 3.9.1, there is a buffer overflow issue in the PyCArgrepr function within ctypes/callproc.c. This issue may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input. This was demonstrated by the use of the argument...

9.8CVSS7.6AI score0.23293EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in libxstream-java

XStream is a Java library for serializing objects to XML and back again. In XStream before version 1.4.16, there was a vulnerability that could allow a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. However, users who followed the...

9.1CVSS7AI score0.82136EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux

The mwifiexcmd80211adhocstart function in the drivers/net/wireless/marvell/mwifiex/join.c file within the Linux kernel, as of version 5.10.4, may allow remote attackers to execute arbitrary code by using a long SSID value, also known as CID-5c455c5ab332...

8.8CVSS7.1AI score0.02209EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in libjpeg-turbo

All versions of Libjpeg-turbo have a stack-based buffer overflow in the “transform” component. A remote attacker can send a malformed JPEG file to the service, causing arbitrary code execution or denial of service for the target service...

8.8CVSS7.8AI score0.02728EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in GIMP

GIMP PSP File Parsing: An Off-by-One Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or open a malicio...

7.8CVSS7.8AI score0.56404EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in gst-plugins-base1.0

GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors may va...

7.8CVSS7.8AI score0.01565EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Redis

It was discovered that Redis, a persistent key-value database, due to a packaging issue, is susceptible to a Lua sandbox escape that is specific to Debian. This could lead to remote code execution...

10CVSS7.8AI score0.9967EPSS
Exploits8References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in xorg-server

A vulnerability was discovered in X.Org. This security flaw arises because the XkbCopyNames function left a dangling pointer pointing to freed memory, allowing for out-of-bounds memory access during subsequent XkbGetKbdByName requests. This issue can lead to local privileges escalation on systems...

7.8CVSS7.7AI score0.00958EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in glibc

There exists an exploitable signed comparison vulnerability in the ARMv7 memcpy implementation of GNU glibc 2.30.9000. Calling memcpy on ARMv7 targets that utilize the GNU glibc implementation with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attack...

8.1CVSS7.7AI score0.05223EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in libgit2

A issue was discovered in libgit2 before versions 0.28.4 and 0.9x before version 0.99.0. path.c improperly handles equivalent filenames that exist due to NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352...

9.8CVSS9.1AI score0.0511EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in hsqldb

Those who use java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL Database to process untrusted input may be vulnerable to a remote code execution attack. By default, it is allowed to call any static method of any Java class in the classpath, resulting in code execution. This issu...

9.8CVSS8AI score0.03519EPSS
Exploits1References2
Rows per page
Query Builder