CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

8.8CVSS8.7AI score0.09785EPSS

Astra Linux – Vulnerability in WebKit2GTK

A out-of-bounds write issue has been addressed through improved bounds checking. This issue is fixed in iOS 15.6.1, iPadOS 15.6.1, macOS Monterey 12.5.1, and Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report indicating that...

9.8CVSS6.2AI score0.0057EPSS

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurred in the gdiSurfaceToSurface path of the FreeRDP client due to a mismatch between destination rectangle clamping and the actual copy size. A malicious server can...

7.8CVSS7.2AI score0.00495EPSS

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

The “Use After Free” vulnerability in the Linux kernel allows for the execution of code in a local environment on Linux, x86, and ARM bluetooth modules. This vulnerability is associated with program files located at https://gitee.com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C...

6.5CVSS6.2AI score0.37788EPSS

Astra Linux – Vulnerability in jqueryui

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the altField option from untrusted sources might execute untrusted code. This issue has been fixed in jQuery UI 1.13.0. Any string value passed to the altField option is now treated as a CSS...

Exploits1References1

8.8CVSS8AI score0.1227EPSS

Astra Linux – Vulnerability in WebKit2GTK

A “use-after-free” issue has been addressed through improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6, and iPadOS 15.7.6, Safari 16.5, iOS 16.5, and iPadOS 16.5. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS8.3AI score0.01119EPSS

Astra Linux – Vulnerability in WebKit2GTK

A memory corruption issue has been resolved through improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2, and iPadOS 16.2, as well as watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS7.7AI score0.01545EPSS

Astra Linux – Vulnerability in ffmpeg, ffmpeg5

A buffer overflow vulnerability exists in Ffmpeg v.n6.1-3-g466799d4f5, allowing a local attacker to execute arbitrary code through the ffbwdiffilterintrac function in the libavfilter/bwdifdsp.c:125:5 component...

10CVSS8.9AI score0.02074EPSS

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...

AstraLinux•added 6 days ago•6 views

Astra Linux – Vulnerability in WebKit2GTK

A “use-after-free” issue has been addressed through improved memory management. This issue is fixed in watchOS 10, iOS 17, iPadOS 17, tvOS 17, macOS Sonoma 14, and Safari 17. Processing web content may lead to arbitrary code execution...

9.8CVSS8.5AI score0.01045EPSS

8.8CVSS7.9AI score0.61785EPSS

Astra Linux – Vulnerability in Apache Log4j1.2

The JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration, or when the configuration references an LDAP service to which the attacker has access. The attacker can provide a...

7.5CVSS7.8AI score0.01228EPSS

Astra Linux – Vulnerability in wpa

A vulnerability was discovered in the way p2p/p2ppd.c in wpasupplicant processes P2P Wi-Fi Direct provision discovery requests before version 2.10. This could lead to denial of service or other impacts, potentially including the execution of arbitrary code, if an attacker is within range of the...

AstraLinux•added 6 days ago•9 views

Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved through improved memory handling. This issue is fixed in Safari 17.3, iOS 16.7.5, and iPadOS 16.7.5; iOS 17.3, and iPadOS 17.3; macOS Sonoma 14.3; tvOS 17.3; and watchOS 10.3. Processing web content may lead to arbitrary code execution...

8.8CVSS8.3AI score0.015EPSS

10CVSS8.9AI score0.02186EPSS

Astra Linux – Vulnerability in CGal

8.8CVSS8.1AI score0.00916EPSS

Astra Linux – Vulnerability in WebKit2GTK

A correctness issue was addressed through improved checks. This issue has been fixed in macOS Sonoma 14, Safari 17, iOS 17, and iPadOS 17. Processing web content may lead to arbitrary code execution...

8.8CVSS7.2AI score0.00819EPSS

Astra Linux – Vulnerability in WebKit2GTK

Integer overflow has been addressed through improved input validation. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, tvOS 17.5, and visionOS 1.2. Processing maliciously crafted web content may lead to arbitrary code execution...

AstraLinux•added 6 days ago•6 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 105 and Firefox ESR 102.3. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code...

8.8CVSS7.7AI score0.00712EPSS

10CVSS8.9AI score0.02074EPSS

Astra Linux – Vulnerability in CGal

10CVSS8.9AI score0.02074EPSS

Astra Linux – Vulnerability in CGal

7.8CVSS7.8AI score0.61427EPSS

Astra Linux – Vulnerability in GIMP

GIMP PSD File Parsing: Heap-Based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page ...