5093 matches found
Astra Linux – Vulnerability in imagemagick
A flaw was discovered in ImageMagick’s coders, specifically in the webp.c file. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, including division by zero in mathematics. The most significant threat of this vulnerability is the impact on system...
Astra Linux – Vulnerability in udisks2
A vulnerability has been discovered in udisks2. This flaw allows an attacker to submit a specially crafted image file/USB, resulting in kernel panic. The greatest threat posed by this vulnerability is to system availability...
Astra Linux – Vulnerability in Linux
A out-of-bounds memory write flaw was discovered in the listdevices function within drivers/md/dm-ioctl.c in the Multi-device driver module of the Linux kernel before version 5.12. A bound check failure allows an attacker with special user CAPSYSADMIN privileges to gain access to out-of-bounds...
Astra Linux – Vulnerability in imagemagick
A divide-by-zero flaw was discovered in ImageMagick versions 6.9.11-57 and 7.0.10-57, located in the gem.c file. This flaw allows an attacker to submit a crafted file processed by ImageMagick, causing undefined behavior due to a division by zero. The greatest threat of this vulnerability is to...
Astra Linux – Vulnerability in openjpeg2
A flaw was discovered in OpenJPEG’s encoder, specifically in the opjdwtcalcexplicitstepsizes function. This flaw allows an attacker who can provide crafted inputs for the decomposition levels to cause a buffer overflow. The greatest threat of this vulnerability is to system availability...
Astra Linux – Vulnerability in tar
A flaw was discovered in the src/list.c file of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The greatest threat posed by this vulnerability is to system availability...
Astra Linux – Vulnerability in libwebp
A flaw was discovered in libwebp in versions prior to 1.0.1. A heap-based buffer overflow is possible in the function WebPDecodeRGBInto due to an invalid check for buffer size. The greatest threat from this vulnerability is related to data confidentiality and integrity, as well as system...
Astra Linux – Vulnerability in Ceph
An authentication flaw was discovered in Ceph versions prior to 14.2.20. When the monitor processes CEPHXGETAUTHSESSIONKEY requests, it does not sanitize otherkeys, allowing for key reuse. An attacker who can request a globalid can exploit the ability of any user to request a globalid that has...
Astra Linux – Vulnerability in PostgresSQL 11
A flaw was discovered in PostgreSQL versions prior to 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20, and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, ther...
Astra Linux – Vulnerability in openexr
A flaw was discovered in OpenEXR’s TiledInputFile functionality. This flaw allows an attacker who can submit a crafted single-part non-image file to have it processed by OpenEXR, resulting in a floating-point exception error. The greatest threat posed by this vulnerability is to system availabili...
Astra Linux – Vulnerability in openexr
A flaw was discovered in OpenEXR’s B44Compressor. This flaw allows an attacker who can submit a crafted file to have it processed by OpenEXR, thereby exhausting all memory available to the application. The greatest threat of this vulnerability is to system availability...
Astra Linux – Vulnerability in openexr
A flaw was discovered in OpenEXR’s multipart input file functionality. A crafted multipart input file containing no actual parts can lead to a NULL pointer dereferencing issue. The greatest threat of this vulnerability is to system availability...
Astra Linux – Vulnerability in xorg-server
A flaw was discovered in xorg-x11-server in versions prior to 21.1.2 and prior to 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The greatest threat posed by this vulnerability is related to data confidentiality and integrity, as well as system availability...
Astra Linux – Vulnerability in imagemagick
A flaw was discovered in ImageMagick, specifically in the MagickCore/visual-effects.c file. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, including division by zero in mathematics. The greatest threat of this vulnerability is to system...
Astra Linux – Vulnerability in xorg-server
A flaw was discovered in xorg-x11-server in versions prior to 21.1.2 and prior to 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The greatest threat posed by this vulnerability is related to data confidentiality and integrity, as well as system availability...
Astra Linux – Vulnerability in xorg-server
A flaw was discovered in xorg-x11-server in versions prior to 21.1.2 and prior to 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The greatest threat posed by this vulnerability is related to data confidentiality and integrity, as well as system...
Astra Linux – Vulnerability in Nettle
A flaw was discovered in Nettle versions prior to 3.7.2. In these versions, several Nettle signature verification functions—GOST DSA, EDDSA, and ECDSA—result in the Elliptic Curve Cryptography point ECC’s multiply function being called with out-of-range scalers. This may lead to incorrect results...
CVE-2026-54057
A flaw was found in Kitty, a cross-platform GPU-based terminal. An input sanitization vulnerability in Kitty's OSC 21 color-control query reply allows an attacker to inject controlled bytes, including newlines, directly into the shell's input. This could enable an attacker to execute arbitrary co...
CVE-2026-28237
Unrestricted resource allocation in AMD uProf may be exploitable to consume excessive system resources, potentially leading to a loss of availability...
Huawei HarmonyOS 资源管理错误漏洞
Huawei HarmonyOS is a distributed operating system developed independently by Huawei. It primarily offers seamless collaboration across devices, intelligent experiences in various scenarios, and security features. Huawei HarmonyOS has a denial-of-service vulnerability. This vulnerability stems fr...