Astra Linux - уязвимость в chromium

A heap buffer overflow in ANGLE in Google Chrome prior to version 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в ghostscript

A buffer overflow vulnerability was discovered in base/gdevdevn.c:1973 within devnpcxwriterle in ghostscript. This issue may allow a local attacker to cause a denial of service by generating a malicious PDF file for a DEVN device using gs...

Astra Linux - уязвимость в aom

It was discovered that AOM v2.0.1 contains a global buffer overflow issue through the component av1/encoder/partitionsearch.h...

Astra Linux - уязвимость в ghostscript

In Artifex Ghostscript version 10.01.0, there is a buffer overflow that may lead to corruption of data within the PostScript interpreter, specifically in the bcp/sbcp.c file. This issue affects functions such as BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled just...

Astra Linux - уязвимость в gimp

GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow attacks. Through a specially crafted XCF file, the program will allocate a large amount of memory, leading to insufficient memory resources or the program crashing...

Astra Linux - уязвимость в libraw

Buffer overflow vulnerability in LibRaw Linux/unix v0.20.0 allows attackers to escalate privileges through the LibRawbufferdatastream::getschar, int function in /src/libraw/src/librawdatastream.cpp...

Astra Linux - уязвимость в libstb

A issue was discovered in stbstbimage.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting them to RGBA format. This led to a buffer overflow when the result was re-interpreted as a 16-bit buffer. An attacker could potentially use stbimage to crash a service, o...

Astra Linux - уязвимость в webkit2gtk

A buffer overflow issue has been addressed through improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1, iPadOS 15.1, watchOS 8.1, and tvOS 15.1. Processing maliciously crafted web content may lead to arbitrary code execution...

Astra Linux - уязвимость в faad2

There is a stack-based buffer overflow in the third instance of the calculategain function in libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impacts, as the SM array is mishandled...

Astra Linux - уязвимость в imagemagick

A heap-based buffer overflow vulnerability was discovered in the ImageMagick package, which can cause the application to crash...

Astra Linux - уязвимость в ffmpeg, ffmpeg5

FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size-param bug at libavcodec/mpegvideoenc.c:1216:21 in loadinputpicture in FFmpeg7.0...

Astra Linux - уязвимость в libde265

It was discovered that Libde265 v1.0.14 contains a global buffer overflow vulnerability in the readcodingunit function at slice.cc...

Astra Linux - уязвимость в firefox, thunderbird

In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash, which could have led to a sandbox escape. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...

Astra Linux - уязвимость в php7.3

In PHP versions 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8, when loading PHAR files, insufficient length checking may lead to a stack buffer overflow, potentially causing memory corruption or Remote Code Execution RCE...

Astra Linux - уязвимость в vim

A vulnerability was discovered in Vim and is classified as problematic. The issue affects the qfupdatebuffer function in the quickfix.c file of the autocmd Handler component. This manipulation leads to memory corruption after the function is called. The attack can be launched remotely. Upgrading ...

Astra Linux - уязвимость в xrdp

xrdp is an open-source project that provides a graphical login interface for accessing remote machines using the Microsoft Remote Desktop Protocol RDP. Version 0.9.21 and earlier of xrdp contains a buffer overflow in the xrdploginwndcreate function. There are no known solutions to this issue. Use...

Astra Linux - уязвимость в vim

Heap-based Buffer Overflow in the GitHub repository for vim/vim before version 8.2...

Astra Linux - уязвимость в shadow

A flaw was discovered in shadow-utils. When requesting a new password, shadow-utils asks for the password twice. If the password is incorrect on the second attempt, shadow-utils fails in clearing the buffer used to store the first entry. This may allow an attacker with sufficient access to retrie...

Astra Linux - уязвимость в qemu

A flaw was discovered in the QEMU-built-in VNC server during the processing of ClientCutText messages. A incorrect exit condition may lead to an infinite loop when inflating a zlib buffer controlled by an attacker in the inflatebuffer function. This could allow a remotely authenticated client, wh...

Astra Linux - уязвимость в openconnect

OpenConnect 8.09 has a buffer overflow issue, which can lead to a denial of service application crash or potentially cause unspecified other problems, due to the use of crafted certificate data in the getcertname function within gnutls.c...