Astra Linux - уязвимость в webkit2gtk

The issue was resolved through improved checks. This issue has been fixed in tvOS 17, Safari 17, watchOS 10, iOS 17, and iPadOS 17, as well as macOS Sonoma 14. Processing web content may lead to arbitrary code execution...

Astra Linux - уязвимость в webkit2gtk

A “use-after-free” issue has been addressed through improved memory management. This issue is fixed in watchOS 10, iOS 17, iPadOS 17, tvOS 17, macOS Sonoma 14, and Safari 17. Processing web content may lead to arbitrary code execution...

Astra Linux - уязвимость в webkit2gtk

A type confusion issue has been addressed through improved checks. This issue is fixed in iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS Ventura 13.4.1, and Safari 16.5.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a repor...

Astra Linux - уязвимость в webkit2gtk

The issue was addressed through improved checks. This issue has been fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7...

Astra Linux - уязвимость в webkit2gtk

A memory corruption issue has been resolved through improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4, and iPadOS 16.4, as well as iOS 15.7.7 and iPadOS 15.7.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report...

Astra Linux - уязвимость в zbar

There is a heap-based buffer overflow in the qrreadermatchcenters function of ZBar 0.23.90. specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To exploit this vulnerability, an attacker can digitally input the malicious QR code, or prepare it to be...

Astra Linux - уязвимость в webkit2gtk

Integer overflow has been addressed through improved input validation. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, tvOS 17.5, and visionOS 1.2. Processing maliciously crafted web content may lead to arbitrary code execution...

Astra Linux - уязвимость в firefox

Memory safety bugs exist in Firefox 123. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions prior to 124...

Astra Linux - уязвимость в firefox

Mozilla developers Bryce Seager van Dyk and the Mozilla Fuzzing Team reported potential vulnerabilities in Firefox 101. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these vulnerabilities could have been exploited to execute arbitrary...

Astra Linux - уязвимость в zabbix

An attacker who has the privilege to configure Zabbix items can use the icmpping function, along with additional malicious commands, to execute arbitrary code on the current Zabbix server...

Astra Linux - уязвимость в pillow

In Pillow’s PIL.ImageMath.eval before version 9.0.0, it was possible to evaluate arbitrary expressions, including those that used the Python exec method. A lambda expression could also be used...

Astra Linux - уязвимость в firefox

Mozilla developers reported memory safety bugs in Firefox 86. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects versions of Firefox prior to 87...

Astra Linux - уязвимость в glibc

The deprecated compatibility function clntcreate in the sunrpc module of the GNU C Library also known as glibc from versions up to 2.34 copies its hostname argument onto the stack without validating its length. This may lead to a buffer overflow, potentially causing a denial of service or, if the...

Astra Linux - уязвимость в exempi

The XMP Toolkit SDK version 2020.1 and earlier is affected by a buffer overflow vulnerability that may lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction, as the victim must open a specially crafted file...

Astra Linux - уязвимость в firefox, thunderbird

Mozilla developers reported memory safety bugs in the code shared between Firefox and Thunderbird. Some of these bugs showed signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects...

Astra Linux - уязвимость в webkit2gtk

The issue was resolved through improved memory handling. This issue is fixed in iOS 16.6, iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, and watchOS 9.6. Processing web content may lead to arbitrary code execution...

Astra Linux - уязвимость в firefox, thunderbird

Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This...

Astra Linux - уязвимость в joblib

The joblib package from versions 0 and before 1.2.0 is vulnerable to Arbitrary Code Execution through the predispatch flag in the Parallel class, due to the eval statement...

Astra Linux - уязвимость в webkit2gtk

A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, and tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code...

Astra Linux - уязвимость в openimageio

There are multiple memory corruption vulnerabilities in the IFFOutput alignment padding functionality of the OpenImageIO Project, specifically in OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger...