Astra Linux - уязвимость в thunderbird, firefox

Memory safety bugs exist in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability has be...

Astra Linux - уязвимость в firefox

Memory safety bugs exist in Firefox 136 and Thunderbird 136. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability has been fixed in Firefox 137 and Thunderbird...

Astra Linux - уязвимость в firefox

Memory safety bugs exist in Firefox 139 and Thunderbird 139. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability has been fixed in Firefox 140 and Thunderbird...

Astra Linux - уязвимость в libnbd

A flaw was found in libnbd. A malicious actor could exploit this by convincing libnbd to open a specially crafted Uniform Resource Identifier URI. This vulnerability arises because non-standard hostnames starting with '-o' are incorrectly interpreted as arguments to the Secure Shell SSH process,...

Astra Linux - уязвимость в gdk-pixbuf

There is a flaw in gdk-pixbuf, specifically within the gdkpixbufjpegimageloadincrement function io-jpeg.c, and in glib’s gbase64encodestep function glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing for out-of-bounds...

Astra Linux - уязвимость в logback

In Logback version 1.2.7 and earlier versions, an attacker with the necessary privileges to edit configuration files could create a malicious configuration that allowed the execution of arbitrary code loaded from LDAP servers...

Astra Linux - уязвимость в firefox, thunderbird

Memory safety bugs exist in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability...

Astra Linux - уязвимость в firefox

Memory safety bugs exist in Firefox 135 and Thunderbird 135. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability has been fixed in Firefox 136 and Thunderbird...

Astra Linux - уязвимость в webkit2gtk

Multiple memory corruption issues have been resolved through improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6, iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, and watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution...

Astra Linux - уязвимость в webkit2gtk

Multiple memory corruption issues have been resolved through improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15, and iPadOS 15, as well as iTunes 12.12 for Windows. Processing maliciously crafted web content may lead to arbitrary code...

Astra Linux - уязвимость в linux

It was discovered that the eBPF implementation in the Linux kernel failed to properly track bound information for 32-bit registers when performing division and modulo operations. A local attacker could use this vulnerability to potentially execute arbitrary code...

Astra Linux - уязвимость в zbar

There is a heap-based buffer overflow in the qrreadermatchcenters function of ZBar 0.23.90. specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To exploit this vulnerability, an attacker can digitally input the malicious QR code, or prepare it to be...

Astra Linux - уязвимость в webkit2gtk

The issue was resolved through improved bounds checks. This issue is fixed in Safari 17.5, iOS 17.5, iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, and watchOS 10.5. Processing maliciously crafted web content may lead to arbitrary code execution...

Astra Linux - уязвимость в ghostscript

A issue was discovered in psi/zcolor.c in Artifex Ghostscript prior to version 10.04.0. An unchecked Implementation pointer in the Pattern color space could lead to arbitrary code execution...

Astra Linux - уязвимость в firefox, thunderbird

Memory safety bugs exist in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox...

Astra Linux - уязвимость в webkit2gtk

A memory management issue related to “use after free” operations has been addressed through improved memory management mechanisms. This issue is fixed in iOS 15.5, iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, and watchOS 8.6. Processing maliciously crafted web content may lead to arbitrary code...

Astra Linux - уязвимость в firefox

Memory safety bugs exist in Firefox 123. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions prior to 124...

Astra Linux - уязвимость в firefox

Memory safety bugs exist in Firefox 148.0.2. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability has been fixed in Firefox 148.0.2...

Astra Linux - уязвимость в postgresql-11

A vulnerability was discovered in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the...

Astra Linux - уязвимость в policykit-1

A flaw was discovered in polkit. When processing an XML policy with 32 or more nested elements at depth, an out-of-bounds write vulnerability can be triggered. This issue may lead to a crash or other unexpected behavior, and arbitrary code execution is possible without being detected. To exploit...