Astra Linux - уязвимость в apt

The vulnerability of the PackageFromTask function in the software for installing, updating, and deleting Apt software packages is related to reading data beyond the allowable buffer size. Exploiting this vulnerability allows an attacker to cause service failures...

Astra Linux - уязвимость в ffmpeg5

When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, decompress and decode it into the buffer td-rlerawdata of size rlerawsize a...

Astra Linux - уязвимость в qtbase-opensource-src

A issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read issue due to a crafted reply from a DNS server...

Astra Linux - уязвимость в libsoup2.4

A flaw was discovered in libsoup. The libsoup appendparamquoted function may contain an overflow bug, which can lead to a buffer under-read...

Astra Linux - уязвимость в apache2

Apache HTTP Server 2.4.53 and earlier may return incorrect lengths when applications call r:wsread, causing the buffer to point past the end of the storage allocated for it...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fixed an issue where the buffer was overread in rxgkdoverifyauthenticator. Fixed rxgkdoverifyauthenticator to check the buffer size before checking the nonce...

Astra Linux - уязвимость в libslirp

In slirp.c within libslirp up to version 4.3.1, there is an issue with buffer over-reading. This occurs because the code attempts to read a certain amount of header data, even if that amount exceeds the total packet length...

Astra Linux - уязвимость в fly-wm

The vulnerability of the fly-adjust-palette utility in the window graphical manager fly-wm is related to reading data beyond the allowed buffer size. Exploiting this vulnerability allows an attacker to cause a service failure...

Astra Linux - уязвимость в opencv

In OpenCV 3.3.1, there is an issue of buffer over-reading based on a heap structure in the function cv::HdrDecoder::checkSignature in the modules/imgcodecs/src/grfmthdr.cpp...

Astra Linux - уязвимость в gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. A OOB-read vulnerability has been discovered in gstwavparsecuechunk within gstwavparse.c. The vulnerability occurs due to a discrepancy between the size of the data buffer and the size value provided to the function. Thi...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

A flaw was discovered in the parsing of extended attributes in the kernel’s ksmbd module. The issue arises due to the lack of proper validation of user-provided data, which can lead to data being read beyond the end of an allocated buffer. An attacker can exploit this vulnerability to disclose...

Astra Linux - уязвимость в redis

Redis is an open-source, in-memory database that persists data on disk. When using the Redis Lua Debugger, users can send malformed requests, causing the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support 3.2 or...

Astra Linux - уязвимость в linux-5.10, linux

A out-of-bounds read vulnerability was discovered in the SR-IPv6 implementation within the Linux kernel. The flaw arises from the processing of seg6 attributes. The issue stems from the improper validation of user-provided data, which can lead to reading data beyond the bounds of an allocated...

Astra Linux - уязвимость в squid

A buffer overflow was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers were vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations were sent to a...

Astra Linux - уязвимость в vim

Buffer over-reading in the GitHub repository vim/vim before version 8.2...

Astra Linux - уязвимость в libxml2

The GNOME project’s libxml2 v2.9.10 has a global buffer over-read vulnerability in the xmlEncodeEntitiesInternal function within libxml2/entities.c. This issue has been fixed in the commit numbered 50f06b3e...

EUVD-2026-31011

Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token decoder where a 32-bit signed counter is not checked for overflow, allowing a malicious sender to trigger an overflow that causes the receiver process to read and return data from outside the intended...

ROS-20260520-73-0049

A vulnerability in the WebCodecs component of the Google Chrome web browser is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data or cause a denial of service via a specially crafted HTML...

CVE-2026-33642 Kitty has a Heap Buffer Over-Read/Write via Integer Overflow in compose_rectangles Bounds Check

Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handlecomposecommand function in kitty/graphics.c performs bounds validation on composition offsets using unsigned 32-bit arithmetic that is subject to integer wrapping, potentially leading to Heap Buffer...

CVE-2026-33642 Kitty has a Heap Buffer Over-Read/Write via Integer Overflow in compose_rectangles Bounds Check

Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handlecomposecommand function in kitty/graphics.c performs bounds validation on composition offsets using unsigned 32-bit arithmetic that is subject to integer wrapping, potentially leading to Heap Buffer...