953454 matches found
Astra Linux – Vulnerability in xorg-server
A heap buffer overflow flaw was discovered in the DisableDevice function of the X.Org server. This issue may cause an application to crash, or in some cases, lead to remote code execution in SSH X11 forwarding environments...
Astra Linux – Vulnerability in Chromium
In the incorrect security interface in the navigation section of Google Chrome on Android, prior to version 92.0.4515.131, a remote attacker was able to spoof the contents of the Omnibox URL bar through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in the Settings component of Google Chrome prior to version 95.0.4638.54 allowed a remote attacker to interact with Dev Tools, potentially exploiting heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Zabbix
The Zabbix Agent 2 item key “smart.disk.get” does not sanitize its parameters before passing them to a shell command, which may lead to a vulnerability for remote code execution...
Astra Linux – Vulnerability in Redis
Redis is an open-source, in-memory database that persists data on disk. A integer overflow bug in the ziplist data structure used in all versions of Redis can be exploited to corrupt the heap and potentially lead to remote code execution. The vulnerability involves modifying the default ziplist...
Astra Linux – Vulnerability in Chromium
A stack buffer overflow in ANGLE in Google Chrome prior to version 93.0.4577.82 allowed a remote attacker to potentially exploit stack corruption through a crafted HTML page...
Astra Linux – Vulnerability in Poppler
A flaw was discovered in Poppler regarding the way certain PDF files are converted into HTML format. A remote attacker could exploit this flaw by providing a malicious PDF file. When such a file is processed by the ‘pdftohtml’ program, it could cause the application to crash, resulting in a denia...
Astra Linux – Vulnerability in Apache Log4j2
Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI, provided that the attacker has control over the target LDAP server. Thi...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Astra Linux – Vulnerability in Mariadb 10.3
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: FTS. The supported versions affected are 5.7.37 and earlier, as well as 8.0.28 and earlier. This easily exploitable vulnerability allows a highly privileged attacker with network access via multiple protocols to compromi...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fixed the kernel stack leak in ioniccreatecq. struct ioniccqresp resp u32 cqid2; // Offset 0 – PARTIALLY SET see below u8 udmamask; // Offset 8 – SET resp.udmamask = vcq-udmamask u8 rsvd7; // Offset 9 – NEVER SET...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
There are use-after-free vulnerabilities in the net/bluetooth/l2capcore.c files, specifically in the l2capconnect and l2capleconnectreq functions. These vulnerabilities may allow code execution and the leakage of kernel memory remotely via Bluetooth. A remote attacker can execute code that leaks...
Astra Linux – Vulnerabilities in Firefox, Thunderbird, and Chromium
Before version 91.0.4472.101, using the "OUT OF BORD" write function in Google Chrome allowed a remote attacker to potentially perform out-of-bord memory access through a crafted HTML page...
Astra Linux – Vulnerability in libtirpc
In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that used libtirpc, as idle TCP connections were handled improperly. This could lead to an svcrun infinite loop without accepting new connections...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumipip: A memory leak was fixed when changing the remote IPv6 address. The device stores IPv6 addresses that are used for encapsulation in linear memory, which is managed by the driver. Changing the remote address of...
Astra Linux – Vulnerability in htmldoc
In the htmldoc v1.9.11 and earlier versions, a null pointer dereference vulnerability may allow attackers to execute arbitrary code and cause a denial of service through a crafted HTML file...
Astra Linux – Vulnerability in h2database
The org.h2.util.JdbcUtils.getConnection method of the H2 database takes the class name of the driver and the URL of the database as parameters. An attacker may pass in a JNDI driver name and a URL that points to an LDAP or RMI server, allowing for remote code execution. This vulnerability can be...
Astra Linux – Vulnerability in gst-plugins-bad1.0
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors...
Astra Linux – Vulnerability in Chromium
The use of after free in ANGLE in Google Chrome before version 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...