205786 matches found
Astra Linux - уязвимость в webkit2gtk
This issue has been addressed through improved enforcement of iframe sandbox rules. This issue is fixed in Safari 17. An attacker with JavaScript execution may be able to execute arbitrary code...
Astra Linux - уязвимость в exempi
The XMP Toolkit SDK version 2021.07 and earlier is affected by a stack-based buffer overflow vulnerability that may lead to arbitrary code execution within the context of the current user. Exploitation requires user interaction—that is, the victim must open a specially crafted file...
Astra Linux - уязвимость в webkit2gtk
The issue was resolved through improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2, and iPadOS 17.2, as well as tvOS 17.2. Processing web content may lead to arbitrary code execution...
Astra Linux - уязвимость в webkit2gtk
A “use-after-free” issue has been addressed through improved memory management. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17, and Safari 17. Processing web content may lead to arbitrary code execution...
Astra Linux - уязвимость в postgresql-11
A flaw was discovered in PostgreSQL that allows authenticated database users to execute arbitrary code through insufficient overflow checks during SQL array value modifications. This issue arises due to an integer overflow during array modifications, where a remote user can trigger the overflow b...
Astra Linux - уязвимость в firefox
Memory safety bugs exist in Firefox 119. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions prior to 120...
Astra Linux - уязвимость в firefox
Memory safety bugs exist in Firefox 120. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions prior to 121...
Astra Linux - уязвимость в firefox, thunderbird
Memory safety bugs exist in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox version...
Astra Linux - уязвимость в firefox
Memory safety bugs exist in Firefox 123. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions prior to 124...
Astra Linux - уязвимость в webkit2gtk
The issue was resolved through improved memory handling. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, and watchOS 10.5. Processing web content may lead to arbitrary code execution...
Astra Linux - уязвимость в gimp
A flaw was discovered in GIMP. A integer overflow vulnerability exists in the GIMP “Despeckle” plug-in. The issue arises due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel imgbpp. This can lead to insufficient memory allocation and subsequent...
Astra Linux - уязвимость в linux-5.10, linux
A flaw was discovered in the udmabuf device driver of the Linux kernel. The specific flaw resides within a fault handler. The issue arises due to the lack of proper validation of user-supplied data, which can lead to a memory access beyond the end of an array. An attacker can exploit this...
Astra Linux - уязвимость в firefox, thunderbird
Memory safety bugs exist in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox...
Astra Linux - уязвимость в firefox, thunderbird
Memory safety bugs exist in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox...
Astra Linux - уязвимость в firefox
Mozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup reported memory safety bugs in Firefox 97. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This...
Astra Linux - уязвимость в emacs
In elisp-mode.el of GNU Emacs prior to version 30.1, a user who chooses to invoke elisp-completion-at-point for code completion on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion, allowing attackers to execute arbitrary code. This unsafe expansion also occurs if a user...
Astra Linux - уязвимость в busybox
Busybox contains a vulnerability related to SSL certificate validation. This vulnerability exists in the “busybox wget” applet, and it can lead to the execution of arbitrary code. This vulnerability appears to be exploitable by simply downloading any file over an HTTPS connection using “busybox...
Astra Linux - уязвимость в qemu
A reentrancy issue was discovered in the NVM Express Controller NVME emulation in QEMU. This CVE is similar to CVE-2021-3750. Just like in that case, when the reentrancy trigger the reset function nvmectrlreset, data structures will be freed, leading to a use-after-free vulnerability. A malicious...
Astra Linux - уязвимость в firefox
Memory safety bugs exist in Firefox 111. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Andro...
Astra Linux - уязвимость в webkit2gtk
A type confusion issue has been resolved through improved state handling. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4, and iPadOS 14.4, as well as Safari 14.0.3. Processing maliciously crafted web...