120496 matches found
Astra Linux - уязвимость в webkit2gtk
The issue was addressed through improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, and watchOS 9.6. Processing web content may lead to arbitrary code execution...
Astra Linux - уязвимость в webkit2gtk
A “use-after-free” issue has been addressed through improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6, and iPadOS 15.7.6, Safari 16.5, iOS 16.5, and iPadOS 16.5. Processing maliciously crafted web content may lead to arbitrary code execution...
Astra Linux - уязвимость в firefox, thunderbird
Memory safety bugs exist in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox version...
Astra Linux - уязвимость в linux-5.10, linux
A use-after-free in the mac80211 stack, during the parsing of a multi-BSSID element in the Linux kernel versions 5.2 through 5.19.x before 5.19.16, could be exploited by attackers who have access to injecting WLAN frames. This exploitation could lead to kernel crashes and potentially allow them t...
Astra Linux - уязвимость в webkit2gtk
A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4, and iPadOS 15.4, as well as tvOS 15.4. Processing maliciously crafted web content may...
Astra Linux - уязвимость в webkit2gtk
This issue has been resolved through improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, Safari 16.3, tvOS 16.3, iOS 16.3, and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution...
Astra Linux - уязвимость в firefox
Mozilla developers reported memory safety bugs in Firefox 92. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions prior to 93...
Astra Linux - уязвимость в webkit2gtk
The issue has been addressed through improved checks. This issue is fixed in iOS 16.6, iPadOS 16.6, Safari 16.5.2, tvOS 16.6, macOS Ventura 13.5, and watchOS 9.6. Processing web content may lead to arbitrary code execution. Apple is aware of a report indicating that this issue may have been...
Astra Linux - уязвимость в webkit2gtk
A “use-after-free” issue has been addressed through improved memory management. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17, and Safari 17. Processing web content may lead to arbitrary code execution...
Astra Linux - уязвимость в busybox
There is a stack overflow vulnerability in ash.c:6030 in busybox before version 1.35. In the environment of the Internet of Vehicles, this vulnerability can lead to the execution of arbitrary code from commands...
Astra Linux - уязвимость в webkit2gtk
A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in iOS 15.3, iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, and macOS Monterey 12.2. Processing maliciously crafted web content may lead to...
Astra Linux - уязвимость в exempi
The XMP Toolkit SDK version 2020.1 and earlier is affected by an improper input validation vulnerability, which may lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction, as the victim must open a specially crafted file...
Astra Linux - уязвимость в webkit2gtk
The issue was resolved through improved bounds checks. This issue has been fixed in tvOS 15.6, watchOS 8.7, iOS 15.6, and iPadOS 15.6, macOS Monterey 12.5, and Safari 15.6. Processing web content may lead to arbitrary code execution...
Astra Linux - уязвимость в zsh
In zsh before version 5.8.1, an attacker can gain code execution if they control the command output within the prompt, as demonstrated by using a %F argument. This occurs due to the recursive PROMPTSUBST expansion...
Astra Linux - уязвимость в thunderbird, firefox
Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs in Thunderbird 102.5. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute...
Astra Linux - уязвимость в grub2
There is a use-after-free vulnerability in the grubcmdchainloader function. The chainloader command is used to boot up operating systems that do not support multiboot and do not have direct support from GRUB2. When executing chainloader more than once, a use-after-free vulnerability is triggered...
Astra Linux - уязвимость в git
Git is a distributed revision control system. git log can display commits in an arbitrary format using its --format specifiers. This functionality is also exposed to git archive via the export-subst gitattribute. When processing the padding operators, there is an integer overflow in...
Astra Linux - уязвимость в firefox
Due to unexpected data type conversions, a use-after-free might have occurred when interacting with the font cache. We assume that with sufficient effort, this vulnerability could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions earlier than 88...
Astra Linux - уязвимость в firefox, thunderbird
Mozilla developers reported memory safety bugs in Firefox 85 and Firefox ESR 78.7. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox version...
Astra Linux - уязвимость в logback
In Logback version 1.2.7 and earlier versions, an attacker with the necessary privileges to edit configuration files could create a malicious configuration that allowed the execution of arbitrary code loaded from LDAP servers...