CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

3.3CVSS6.6AI score0.00964EPSS

Astra Linux - уязвимость в guava-libraries

There is a vulnerability related to the creation of temporary directories in all versions of Guava. An attacker with access to the system can potentially access data stored in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir. By default, on Unix-like systems...

7.5CVSS7.2AI score0.00682EPSS

Astra Linux - уязвимость в thunderbird

The encrypted subject of an email message may be incorrectly and permanently assigned to another arbitrary email message in Thunderbird’s local cache. As a result, when replying to the contaminated email message, the user may accidentally expose the confidential subject to a third party. While th...

7.1CVSS5.8AI score0.00145EPSS

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Firmware: csdsp: Fixed an out-of-bounds memory read access in KUnit tests ctlcache. The KASAN reported an out-of-bounds access in the function csdspctlcacheinitmultipleoffsets. The code used mockcoefftemplate.lengthbytes 4 bytes...

7.3CVSS6.7AI score0.01075EPSS

Astra Linux - уязвимость в glibc

The Name Service Cache Daemon’s nscd netgroup cache uses xmalloc or xrealloc, and these functions may terminate the process due to a memory allocation failure, resulting in a denial of service for clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability ...

6.8CVSS6.7AI score0.0325EPSS

Astra Linux - уязвимость в bind9

BIND 9.11.0 - 9.11.36 9.12.0 - 9.16.26 9.17.0 - 9.18.0 BIND supports the following preview editions: 9.11.4-S1 - 9.11.36-S1 9.16.8-S1 - 9.16.26-S1 Versions of BIND 9 that are earlier than those shown—going back to 9.1.0, including the supported preview editions—are also believed to be affected, b...

8.8CVSS7.5AI score0.01423EPSS

Astra Linux - уязвимость в chromium

A heap buffer overflow in BFCache in Google Chrome prior to version 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в chromium

The use of BFCache in Google Chrome before version 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7AI score0.00777EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в gnupg1

Libgcrypt before version 1.7.8 is vulnerable to a cache-side-channel attack that can lead to a complete failure of the RSA-1024 algorithm. This attack occurs when the left-to-right method is used for computing the sliding-window expansion. It is believed that the same attack also works on the...

6.8CVSS6.9AI score0.03885EPSS

5.5CVSS5.8AI score0.00247EPSS

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: dax: Make sure that inodes are flushed before destroying the cache. A bug can be triggered by executing the following command: $ modprobe ndpmem && modprobe -r ndpmem The following error messages were recorded: 10.060014 BUG...

5.5CVSS6AI score0.00236EPSS

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Split the initial and dynamic conditions for extentcache. Let’s allocate the extentcache tree without dynamic conditions to avoid a panic caused by a missing condition, as shown below. Create a file with a compressed fla...

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/vmwgfx: Fixed the lifetime of the bo cursor memory. Cleanup operations can be performed while the atomic update is still active. This means that the memory acquired during the atomic update does not need to be invalidated ...

5.5CVSS6.5AI score0.00227EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/filemap: Skip the creation of a PMD-sized page cache if necessary. On ARM64, HPAGEPMDORDER is 13 when the base page size is 64KB. The PMD-sized page cache cannot be supported by xarray, as indicated by the following error...

5.5CVSS6.1AI score0.00288EPSS

5.5CVSS6.5AI score0.00213EPSS

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm/shmem: Disabling the PMD-sized page cache if needed For shmem files, it’s possible that the PMD-sized page cache cannot be supported by xarray. For example, a 512MB page cache on ARM64 when the base page size is 64KB cannot...

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в firefox

Under certain circumstances, the offline cache of a ServiceWorker may have been leaked to the file system when using private browsing mode. This vulnerability affects Firefox versions earlier than 111...

4.3CVSS6.1AI score0.00456EPSS

6.5CVSS6.8AI score0.01044EPSS

Astra Linux - уязвимость в chromium

The incorrect security UI in BFCache in Google Chrome prior to version 116.0.5845.179 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: High...

9.8CVSS7.3AI score0.00382EPSS

Astra Linux - уязвимость в firefox

The fetch API and navigation incorrectly shared the same cache. The cache key did not include the optional headers that fetch might contain. Under the correct circumstances, an attacker could have been able to corrupt the local browser cache by using a fetch response controlled by these additiona...

7.8CVSS6.3AI score0.00398EPSS

Astra Linux - уязвимость в linux, linux-5.10

A vulnerability has been discovered in the Linux kernel and is classified as critical. The affected part of the code is the function areacacheget in the file drivers/net/ethernet/netronome/nfp/nfpcore/nfpcppcore.c, belonging to the IPsec component. This vulnerability occurs due to improper memory...