75470 matches found
CVE-2026-9123
Heap buffer overflow in Chromecast in Google Chrome on Android, Linux, ChromeOS prior to 148.0.7778.179 allowed a local attacker to execute arbitrary code inside a sandbox via malicious network traffic. Chromium security severity: Medium...
Exploit for Incorrect Implementation of Authentication Algorithm in Google Android
ADB TLS Auth Bypass Exploit CVE-2026-0073 An automated netw...
Astra Linux - уязвимость в chromium
A heap buffer overflow vulnerability existed in the Downloads feature of Google Chrome on Android, prior to version 104.0.5112.101. This vulnerability allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в guava-libraries
There is a vulnerability related to the creation of temporary directories in all versions of Guava. An attacker with access to the system can potentially access data stored in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir. By default, on Unix-like systems...
Astra Linux - уязвимость в chromium
Insufficient validation of untrusted input in the “File” feature in Google Chrome on Android prior to version 103.0.5060.134 allowed an attacker who convinced a user to install a malicious app to obtain potentially sensitive information from internal file directories via a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Insecurity-related UI in TabStrip and Navigation in Google Chrome on Android prior to version 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox URL bar through a crafted HTML page...
Astra Linux - уязвимость в chromium
Insecure security user interfaces in payment-related functions of Google Chrome on Android before version 91.0.4472.77 allowed a remote attacker to perform domain spoofing through a crafted HTML page...
Astra Linux - уязвимость в chromium
Insufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious application to obtain potentially sensitive information via a crafted HTML page...
Astra Linux - уязвимость в chromium
In versions of Google Chrome on Android prior to 101.0.4951.41, the security interface in the Downloads section allowed a remote attacker to spoof the APK download dialog box through a crafted HTML page...
Astra Linux - уязвимость в chromium
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to version 104.0.5112.101 allowed a remote attacker to arbitrarily browse to a malicious website via a crafted HTML page...
Astra Linux - уязвимость в linux-5.10, linux
In binder.c, there is a potential way to corrupt memory due to a use after free. This could lead to a local escalation of privileges without the need for additional execution privileges. User interaction is not required for exploitation. Product: Android Versions: Android kernel Android ID:...
Astra Linux - уязвимость в chromium
Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 106.0.5249.119 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в gdisk
In the ReadLogicalParts function of basicmbr.cc, there is a potential out-of-bounds write vulnerability due to a missing bounds check. This could lead to a local privilege escalation without the need for additional execution privileges. User interaction is not required for exploitation. Product:...
Astra Linux - уязвимость в flac
In streamencoder.c, there is a potential out-of-bounds write due to a missing bounds check. This could lead to exposure of local information without requiring additional execution privileges. User interaction is not required for exploitation. Product: Android Versions: Android-11 Android ID:...
Astra Linux - уязвимость в nss
When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; this resulted in the leakage of partial information regarding the nonce used during signature generation. Given an electro-magnetic trace from several generations of signatures, the private key could...
Astra Linux - уязвимость в gdisk
In the LoadPartitionTable function of gpt.cc, there is a potential out-of-bounds write vulnerability due to a missing bounds check. This could lead to a local escalation of privileges when inserting a malicious USB device, without the need for additional execution privileges. User interaction is...
Astra Linux - уязвимость в wpa
In p2pcopyclientinfo of p2p.c, there is a potential out-of-bounds write vulnerability due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, without the need for additional execution privileges. User interaction is not...
Astra Linux - уязвимость в firefox
Memory safety bugs exist in Firefox 111. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Andro...
Astra Linux - уязвимость в flac
In FLACbitreaderreadricesignedblock of bitreader.c, there is a potential out-of-bounds read due to a heap buffer overflow. This could lead to remote information disclosure without requiring additional execution privileges. User interaction is required for exploitation. Product: Android. Versions:...
Astra Linux - уязвимость в nss
During ECDSA signature generation, padding is applied in the nonce to ensure that constant-time scalar multiplication is removed. However, this results in variable-time execution that depends on secret data. This vulnerability affects Firefox versions less than 80, as well as Firefox for Android...