5807 matches found
KLA91019 Multiple vulnerabilities in Apache HTTP Server
Multiple vulnerabilities were found in Apache HTTP Server. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, bypass security restrictions, execute arbitrary code, inject malicious code, gain privileges. Below is a complete list of...
Astra Linux – Vulnerability in gst-plugins-good1.0
In GStreamer through 1.26.1, the isomp4 plugin’s qtdemuxparsetrak function may read past the end of a heap buffer while parsing an MP4 file, potentially leading to information disclosure...
Astra Linux – Vulnerability in Vim
“Buffer over-reading” in the grabfilename function in the GitHub repository’s Vim/Vim version prior to 8.2.4956. This vulnerability could cause the software to crash, lead to memory modifications, and may allow for remote execution...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
A out-of-bounds read vulnerability was discovered in the SR-IPv6 implementation within the Linux kernel. The flaw arises from the processing of seg6 attributes. The issue stems from the improper validation of user-provided data, which can lead to reading data beyond the bounds of an allocated...
Astra Linux - уязвимость в freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a buffer overread could occur in the freerdpimagecopyfromicondata function libfreerdp/codec/color.c, due to malicious RDP window icon TSICONINFO data. This bug could be exploited over the network when a clie...
Astra Linux – Vulnerability in libstb
stbimage.h also known as the stb image loader version 2.23 has a heap-based buffer overflow issue in stbitgaload, which can lead to information disclosure or denial of service...
Astra Linux – Vulnerability found in libsdl1.2, libsdl2, and sdl-image1.2
In SDL Simple DirectMediaLayer, versions from 1.2.15 up to 2.x, and then from 2.0.9 onwards, there is a heap-based buffer over-read issue in the BlitNtoN function within the video/SDLblitN.c file, when it is called from the SDLSoftBlit function in the video/SDLblit.c file...
Astra Linux – Vulnerability in Squid
A buffer overflow was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers were vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations were sent to a...
Astra Linux – Vulnerability in qtbase-opensource-src
A issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read issue due to a crafted reply from a DNS server...
Astra Linux - уязвимость в libsoup2.4
A flaw was discovered in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, resulting in a buffer overread. This can allow an attacker to potentially access sensitive information or cause a denial of service at the application level...
Astra Linux – Vulnerability in pillow
In the path.c file of Pillow, before version 9.0.0, there was an issue where the pathgetbbox function had a buffer over-reading during the initialization of ImagePath.Path...
Astra Linux – Vulnerability in gst-plugins-good1.0
GStreamer is a library for constructing graphs of media-handling components. A OOB-read vulnerability has been discovered in the parseds64 function within gstwavparse.c. The parseds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, resulting...
Astra Linux – Vulnerability in aspell
The libaspell.a module in GNU Aspell prior to version 0.60.8 has a stack-based buffer overflow issue in the common::unescape function within common/getdata.cpp, caused by an isolated \ character...
Astra Linux – Vulnerability in pillow
In Pillow before 8.1.0, PcxDecode has a buffer over-reading issue when decoding a crafted PCX file, because the user-supplied stride value is trusted for buffer calculations...
Astra Linux – Vulnerability in Memcached
In memcached 1.5.16, when UNIX sockets are used, there is a stack-based buffer over-read issue in the conntostr function in memcached.c...
Astra Linux – Vulnerability in aspell
The libaspell.a file in GNU Aspell before version 0.60.8 has a buffer overflow issue for strings that end with a single '\0' byte. This issue occurs when the encoding is set to ucs-2 or ucs-4 outside of the application, as indicated by the ASPELLCONF environment variable...
Astra Linux – Vulnerability in binutils
A heap-based buffer overflow issue was discovered in the secmergehashlookup function in merge.c within the Binary File Descriptor BFD library also known as libbfd, as part of the GNU Binutils 2.31. This issue arises due to bfdaddmergesection improperly handling section merges when the size is not...
Astra Linux – Vulnerability in Ruby 2.5
There is a buffer over-read issue in Ruby before version 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. This issue occurs during the conversion from strings to floats, including in methods like KernelFloat and Stringtof...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid potential buffer over-reading in parseapplysbmountoptions. Unlike other strings in the ext4 superblock, we rely on tune2fs to ensure that smountopts is terminated with NUL. We need to make parseapplysbmountoptions mor...
Astra Linux – Vulnerability in OpenCV
In OpenCV 3.3.1, there is an issue of buffer over-reading based on a heap structure in the function cv::HdrDecoder::checkSignature in the modules/imgcodecs/src/grfmthdr.cpp...