CVE-2026-53915

CVE-2026-53915 : In JetBrains GoLand prior to 2026.1.3, remote code execution is possible through untrusted project configuration. According to CVSS 3.1 data, the vulnerability has a base score of 7.1 (HIGH) with network attack vector, no privileges required, user interaction required, and both c...

Astra Linux – Vulnerability in faad2

A issue was discovered in faad2 before 2.10.0. A heap-buffer-overflow exists in the stszin function located in mp4read.c. This allows an attacker to cause code execution...

Astra Linux – Vulnerability in gst-plugins-ugly1.0

GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors may...

Astra Linux – Vulnerability in faad2

A issue was discovered in faad2 through 2.10.0. A stack-buffer-overflow exists in the function ftypin located in mp4read.c. This allows an attacker to cause code execution...

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...

Astra Linux – Vulnerability in Linux

JIT compilers in the Linux kernel from version 5.11.12 have incorrect calculations of branch displacements, allowing them to execute arbitrary code within the kernel context. This issue affects the files arch/x86/net/bpfjitcomp.c and arch/x86/net/bpfjitcomp32.c...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel 6.0-rc2. An attacker must first gain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw resides within...

Astra Linux – Vulnerability in SOX

A heap buffer overflow vulnerability was discovered in sox, within the lsxreadbuf function at sox/src/formatsi.c:98:16. This flaw can lead to a denial of service, code execution, or information disclosure...

Astra Linux – Vulnerability in Graphviz

A buffer overflow in the Graphviz Graph Visualization Tools, starting from the commit ID f8b9e035 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service application crash by loading a crafted file into the "lib/common/shapes.c" component...

Astra Linux – Vulnerability in hdf5

There is an out-of-bounds read vulnerability in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially crafted GIF file can lead to code execution. An attacker can provide a malicious file to exploit this vulnerability...

Astra Linux – Vulnerability in WebKit2GTK

The issue was addressed through improved checks. This issue has been fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7...

Astra Linux – Vulnerability in GIMP

GIMP JP2 File Parsing: Heap-Based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page ...

Astra Linux – Vulnerability in busybox

A use-after-free in Busybox 1.35-x’s awk applet leads to denial of service and potentially code execution when processing a crafted awk pattern in the copyvar function...

Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved through improved checks. This issue has been fixed in tvOS 17, Safari 17, watchOS 10, iOS 17, and iPadOS 17, as well as macOS Sonoma 14. Processing web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in hsqldb

Those who use java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL Database to process untrusted input may be vulnerable to a remote code execution attack. By default, it is allowed to call any static method of any Java class in the classpath, resulting in code execution. This issu...

Astra Linux – Vulnerability in Axis

UNSUPPORTED WHEN ASSIGNED When integrating Apache Axis 1.x in an application, it might not have been obvious that using “ServiceFactory.getService” could lead to potentially dangerous operations, such as LDAP queries. Passing untrusted input to this API method could expose the application to DoS,...

Astra Linux – Vulnerability in Inkscape

Inkscape version 0.91 is vulnerable to a out-of-bounds write vulnerability, which may allow an attacker to arbitrarily execute code...

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted, malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger a...

Astra Linux – Vulnerability in WebKit2GTK

A out-of-bounds write issue has been addressed through improved bounds checking. This issue is fixed in iOS 15.6.1, iPadOS 15.6.1, macOS Monterey 12.5.1, and Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report indicating that...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

The “Use After Free” vulnerability in the Linux kernel allows for the execution of code in a local environment on Linux, x86, and ARM bluetooth modules. This vulnerability is associated with program files located at https://gitee.com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C...