75448 matches found
Astra Linux - уязвимость в guava-libraries
There is a vulnerability related to the creation of temporary directories in all versions of Guava. An attacker with access to the system can potentially access data stored in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir. By default, on Unix-like systems...
Astra Linux - уязвимость в chromium
Insufficient validation of untrusted input in the “File” feature in Google Chrome on Android prior to version 103.0.5060.134 allowed an attacker who convinced a user to install a malicious app to obtain potentially sensitive information from internal file directories via a crafted HTML page...
Astra Linux - уязвимость в wpa
In p2pcopyclientinfo of p2p.c, there is a potential out-of-bounds write vulnerability due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, without the need for additional execution privileges. User interaction is not...
Astra Linux – Vulnerability in Chromium
Insecurity-related UI in TabStrip and Navigation in Google Chrome on Android prior to version 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox URL bar through a crafted HTML page...
Astra Linux - уязвимость в chromium
Insecure security user interfaces in payment-related functions of Google Chrome on Android before version 91.0.4472.77 allowed a remote attacker to perform domain spoofing through a crafted HTML page...
Astra Linux - уязвимость в chromium
Insufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious application to obtain potentially sensitive information via a crafted HTML page...
Astra Linux - уязвимость в chromium
In versions of Google Chrome on Android prior to 101.0.4951.41, the security interface in the Downloads section allowed a remote attacker to spoof the APK download dialog box through a crafted HTML page...
Astra Linux - уязвимость в chromium
Inappropriate implementation in the Fullscreen API in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...
Astra Linux - уязвимость в chromium
A heap buffer overflow vulnerability existed in the Downloads feature of Google Chrome on Android, prior to version 104.0.5112.101. This vulnerability allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в chromium
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to version 104.0.5112.101 allowed a remote attacker to arbitrarily browse to a malicious website via a crafted HTML page...
Astra Linux - уязвимость в linux-5.10, linux
In binder.c, there is a potential way to corrupt memory due to a use after free. This could lead to a local escalation of privileges without the need for additional execution privileges. User interaction is not required for exploitation. Product: Android Versions: Android kernel Android ID:...
Astra Linux - уязвимость в chromium
Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 106.0.5249.119 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
A heap buffer overflow in the Crashpad component of Google Chrome on Android, prior to version 107.0.5304.106, allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в gdisk
In the LoadPartitionTable function of gpt.cc, there is a potential out-of-bounds write vulnerability due to a missing bounds check. This could lead to a local escalation of privileges when inserting a malicious USB device, without the need for additional execution privileges. User interaction is...
Astra Linux - уязвимость в gdisk
In the ReadLogicalParts function of basicmbr.cc, there is a potential out-of-bounds write vulnerability due to a missing bounds check. This could lead to a local privilege escalation without the need for additional execution privileges. User interaction is not required for exploitation. Product:...
Astra Linux - уязвимость в firefox
Under certain circumstances, calling the bind function might result in an incorrect realm being set. This could create a vulnerability related to JavaScript-implemented sandboxes, such as SES. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...
Astra Linux - уязвимость в firefox
Memory safety bugs exist in Firefox 111. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Andro...
Astra Linux - уязвимость в nss
When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; this resulted in the leakage of partial information regarding the nonce used during signature generation. Given an electro-magnetic trace from several generations of signatures, the private key could...
Astra Linux - уязвимость в nss
During ECDSA signature generation, padding is applied in the nonce to ensure that constant-time scalar multiplication is removed. However, this results in variable-time execution that depends on secret data. This vulnerability affects Firefox versions less than 80, as well as Firefox for Android...
Astra Linux - уязвимость в flac
In FLACbitreaderreadricesignedblock of bitreader.c, there is a potential out-of-bounds read due to a heap buffer overflow. This could lead to remote information disclosure without requiring additional execution privileges. User interaction is required for exploitation. Product: Android. Versions:...