205796 matches found
Astra Linux – Vulnerability in WebKit2GTK
A out-of-bounds write issue has been addressed through improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7, and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, and tvOS 16. Processing maliciously crafted web content may lead to arbitrary code...
Astra Linux – Vulnerability in Firefox, Thunderbird
Mozilla developer Nika Layzell and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 103 and Firefox ESR 102.1. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code...
Astra Linux – Vulnerability in zsh
In zsh before version 5.8.1, an attacker can gain code execution if they control the command output within the prompt, as demonstrated by using a %F argument. This occurs due to the recursive PROMPTSUBST expansion...
Astra Linux – Vulnerability in Ruby 2.5
In RDoc 3.11 through 6.x, as distributed with Ruby up to 3.0.1, it was possible to execute arbitrary code using | and tags within a filename...
Astra Linux – Vulnerability in Firefox and Thunderbird
Memory safety bugs exist in Firefox 113, Firefox ESR 102.11, and Thunderbird 102.12. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox ESR...
Astra Linux – Vulnerability in Firefox and Thunderbird
Memory safety bugs exist in Firefox 110 and Firefox ESR 102.8. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions less than 111,...
Astra Linux – Vulnerability in Firefox
Mozilla developers and community members Lukas Bernhard, Gabriele Svelto, Randell Jesup, and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 107. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been...
Astra Linux – Vulnerability in gst-plugins-good1.0
Integer overflow in the avidemux element within the gstavidemuxinvert function, which allows for a heap overwrite during the parsing of AVI files. There is a potential for arbitrary code execution due to the heap overwrite...
Astra Linux – Vulnerability in glibc
The deprecated compatibility function svcunixcreate in the sunrpc module of the GNU C Library aka glibc from version 2.34 onwards copies the path argument onto the stack without validating its length. This may lead to a buffer overflow, potentially causing a denial of service or, if the applicati...
Astra Linux – Vulnerability in pillow
In Pillow’s PIL.ImageMath.eval before version 9.0.0, it was possible to evaluate arbitrary expressions, including those that used the Python exec method. A lambda expression could also be used...
Astra Linux – Vulnerability in glibc
The deprecated compatibility function clntcreate in the sunrpc module of the GNU C Library also known as glibc from versions up to 2.34 copies its hostname argument onto the stack without validating its length. This may lead to a buffer overflow, potentially causing a denial of service or, if the...
Astra Linux – Vulnerability in Firefox and Thunderbird
Mozilla developers reported memory safety bugs in Firefox 85 and Firefox ESR 78.7. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox version...
Astra Linux – Vulnerability in ffmpeg5
FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger the use of a parameter with a negative size in the avsamplessetsilence function in the libavutil/samplefmt.c:260:9 component...
Astra Linux – Vulnerability in WebKit2GTK
The issue was resolved through improved memory handling. This issue is fixed in Safari 17.5, iOS 17.5, iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, and watchOS 10.5. Processing web content may lead to arbitrary code execution...
Astra Linux – Vulnerability in Git
Git is a distributed revision control system. git log can display commits in an arbitrary format using its --format specifiers. This functionality is also exposed to git archive via the export-subst gitattribute. When processing the padding operators, there is an integer overflow in...
Astra Linux – Vulnerability in WebKit2GTK
A “use-after-free” issue has been addressed through improved memory management. This issue is fixed in iOS 17, iPadOS 17, watchOS 10, and macOS Sonoma 14. Processing web content may lead to arbitrary code execution...
Arbitrary Code Injection
Overview lfx is a lfx is a command-line tool for running Langflow workflows. It provides two main commands: serve and run. Affected versions of this package are vulnerable to Arbitrary Code Injection via the eval function in the LambdaFilterComponent component. An attacker can execute arbitrary...
Binutils: binutils: arbitrary code execution via malformed xcoff object file processing
...
FreeBSD : Mozilla -- Memory safety bugs (e4a08820-470d-11f1-be75-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e4a08820-470d-11f1-be75-b42e991fc52e advisory. https://bugzilla.mozilla.org/buglist.cgi?bugid=2028537%2C2029911%2C2031121%2C2033602 reports: Memory...
MiracleLinux 9 : python3.12-3.12.12-4.el9_7.3 (AXSA:2026-519:12)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-519:12 advisory. python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules CVE-2026-6100 python: cpython: Python:...