Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved through improved memory handling. This issue is fixed in Safari 17.5, iOS 17.5, iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, and watchOS 10.5. Processing web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in hdf5

The HDF5 library from version 1.14.3 has memory corruption in the H5Aclose function, which results in the corruption of the instruction pointer. This causes a denial of service or potentially leads to code execution...

Astra Linux – Vulnerability in Git

Git is a distributed revision control system. git log can display commits in an arbitrary format using its --format specifiers. This functionality is also exposed to git archive via the export-subst gitattribute. When processing the padding operators, there is an integer overflow in...

Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved through improved bounds checks. This issue has been fixed in tvOS 15.6, watchOS 8.7, iOS 15.6, and iPadOS 15.6, macOS Monterey 12.5, and Safari 15.6. Processing web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...

Astra Linux – Vulnerability in WebKit2GTK

A type confusion issue was addressed through improved checks. This issue has been fixed in Safari 17.3, iOS 15.8.7 and iPadOS 15.8.7, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, tvOS 17.3, and visionOS 1.0.2. Processing...

Astra Linux – Vulnerability in WebKit2GTK

A logic issue has been resolved through improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, and tvOS 17.1. Processing web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in WebKit2GTK

A logic issue has been resolved through improved restrictions. This issue is fixed in iOS 16.6, iPadOS 16.6, watchOS 9.6, tvOS 16.6, and macOS Ventura 13.5. Processing web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in Firefox

An attacker who could have convinced a user to drag and drop an image into a file system could have manipulated the resulting filename to include an executable extension. By doing so, the attacker could potentially trick the user into executing malicious code. Although very similar, this is a...

Astra Linux – Vulnerability in WebKit2GTK

A out-of-bounds write issue has been addressed through improved input validation. This issue is fixed in iOS 15.6, iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, and Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in bluez

In BlueZ before version 5.55, a double-free error was detected in the gatttool disconnectcb routine from the shared/att.c file. A remote attacker could potentially cause a denial of service or code execution during service discovery, due to the redundant disconnect MGMT event...

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted, malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger a...

Astra Linux – Vulnerability in WebKit2GTK

Multiple memory corruption issues have been resolved through improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6, iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, and watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in WebKit2GTK

A “use-after-free” issue has been addressed through improved memory management. This issue is fixed in iOS 17, iPadOS 17, watchOS 10, and macOS Sonoma 14. Processing web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in Zabbix

The Zabbix Agent 2 smartctl plugin does not properly sanitize the parameters of the smart.disk.get command, allowing an attacker to inject unexpected arguments into the smartctl command. In Zabbix 5.0, this allows for remote code execution...

Astra Linux – Vulnerability in ffmpeg

In FFmpeg versions prior to 5.1.2, the libavcodec/pthreadframe.c file, used in VLC and other products, leaves stale hwaccel state in worker threads. This allows attackers to trigger a use-after-free and execute arbitrary code under certain circumstances e.g., during hardware reinitialization upon...

Astra Linux – Vulnerability in libmysofa

A buffer overflow in the readDataVar function in hdf/dataobject.c within Symonics’ libmysofa 0.5 – 1.1 allows attackers to execute arbitrary code through a crafted SOFA...

Astra Linux – Vulnerability in CGal

There is a code execution vulnerability in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. There is also an oob read vulnerability in NefS2/SNCioparser.h: SNCioParser::readsface sfh-boundaryentryobjects Sloopof. A specially crafted, malformed file can lead to an out-of-bounds re...

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...

Astra Linux – Vulnerability in Chromium

Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...