953087 matches found
Astra Linux – Vulnerability in GIMP
GIMP XWD File Parsing: Out-of-Bounds Write Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or open a malicious file. The...
Astra Linux – Vulnerability in GIMP
GIMP XWD File Parsing: Out-of-Bounds Write Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or open a malicious file. The...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.1, the NDR array reader in RDPEAR did not perform bounds checking on the number of on-wire elements, and could write beyond the heap buffer allocated from hints, resulting in a heap buffer overflow in...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurred in the RDPGFX ClearCodec decode path, where maliciously crafted residual data caused out-of-bounds writes during color output. A malicious server could trigger a...
Astra Linux – Vulnerability in bluez
BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability, as the target must connect...
Astra Linux – Vulnerability in bind9
BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration that uses BIND’s default settings, the vulnerable code path is not exposed. However, a server can become vulnerable by explicitly setting valid values for the...
Astra Linux – Vulnerability in Chromium
Using "after free" in V8 in Google Chrome before version 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Type confusion in V8 in Google Chrome prior to 117.0.5938.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
The use of after-free in Cast in Google Chrome before version 118.0.5993.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Low...
Astra Linux – Vulnerability in Chromium
The use of Site Isolation in Google Chrome before version 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Critical...
Astra Linux – Vulnerability in Vim
Buffer over-reading in the findnextquote function in the GitHub repository’s Vim/Vim version prior to 8.2.4925. These vulnerabilities can cause software to crash, modify memory, and may lead to remote execution...
Astra Linux – Vulnerability in Vim
This issue was used after the “free” keyword in the appendcommand function in the GitHub repository’s Vim/Vim version prior to 8.2.4895. This vulnerability can cause software to crash, as it involves bypassing the protection mechanism, modifying memory, and potentially enabling remote execution...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
The SUNRPC subsystem in the Linux kernel, up to version 5.17.2, can call the xsxprtfree function before ensuring that the sockets are in the intended state...
Astra Linux – Vulnerability in PostgresSQL 11
A memory disclosure vulnerability was discovered in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with ‘unknown’-type arguments. Handling ‘unknown’-type values from string literals without type designation can reveal bytes,...
Astra Linux – Vulnerability in Squid
Squid is vulnerable to a Denial of Service attack, where a remote attacker can carry out a buffer overflow attack by writing up to 2 MB of arbitrary data into heap memory when Squid is configured to accept HTTP Digest Authentication...
Astra Linux – Vulnerability in Chromium
The use of after-free in Serviceworker in Google Chrome on desktops before version 140.0.7339.127 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Critical...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in V8 in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Ansible
A flaw was discovered in the solariszone module from the Ansible Community modules. When setting the name of a zone on the Solaris host, the zone name is checked by listing the process using the ‘ps’ command on the remote machine. An attacker could exploit this flaw by creating a fake zone name a...
Astra Linux – Vulnerability in Chromium
Using “after free” in DevTools in Google Chrome before version 130.0.6723.58 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted Chrome Extension. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an out-of-bounds memory write via a crafted HTML page. Chromium security severity: High...