485990 matches found
Astra Linux – Vulnerability in WebKit2GTK
A memory corruption issue has been resolved through improved state management. This issue is fixed in tvOS 15.5, iOS 15.5, iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, and Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution...
Astra Linux – Vulnerability in bind9
In BIND 9.5.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.11.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of the Supported Preview Edition, as well as release versions 9.17.0 - 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are running an affected version and...
Astra Linux – Vulnerability in Redis
Redis is an in-memory database that persists data on disk. Redis improperly handles the resizing of memory buffers, which can lead to integer overflow, resulting in heap overflow and potential remote code execution. This issue has been fixed in versions 7.0.15 and 7.2.4...
Astra Linux – Vulnerability in exempi
The XMP Toolkit SDK version 2020.1 and earlier is affected by a buffer overflow vulnerability that may lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction, as the victim must open a specially crafted file...
Astra Linux – Vulnerability in libarchive
Libarchive Remote Code Execution Vulnerability...
Astra Linux – Vulnerability in hdf5
HDF5 versions 1.14.3 and earlier contain a buffer overflow vulnerability in H5Olinfodecode, which leads to corruption of the instruction pointer and causes denial of service or potential code execution...
Astra Linux – Vulnerability in ffmpeg, ffmpeg5
The Ffmpeg v.N113007-g8d24a28d06 contains a buffer overflow vulnerability that allows a local attacker to execute arbitrary code through libavfilter/afstereowiden.c:120:69...
Astra Linux – Vulnerability in htmldoc
A flaw was discovered in htmldoc commit 31f7804. A heap buffer overflow in the pdfwritenames function in ps-pdf.cxx may lead to arbitrary code execution and a Denial of Service DoS attack...
Astra Linux – Vulnerability in xorg-server
A use-after-free vulnerability was discovered in the ProcRenderAddGlyphs function of Xorg servers. This issue arises when the AllocateGlyph function is called to store new glyphs sent by the client to the X server. As a result, multiple entries may point to the same non-refcounted glyphs...
Astra Linux – Vulnerability in CGal
There is a code execution vulnerability in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1, specifically in the NefS2/SNCioparser.h file, within the SNCioparser::readsface and storesmboundaryitem functions. A specially crafted, malformed file can lead to an out-of-bounds read and...
Astra Linux – Vulnerability in CGal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted, malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger a...
Astra Linux – Vulnerability in WebKit2GTK
A memory corruption issue has been resolved through improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4, and iPadOS 16.4, as well as iOS 15.7.7 and iPadOS 15.7.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report...
Astra Linux – Vulnerability in cups-filters
CUPS is a standards-based, open-source printing system. cups-browsed includes network printing functionality, which encompasses, but is not limited to, the ability to automatically discover print services and shared printers. cups-browsed binds to INADDRANY:631, allowing it to accept packets from...
Astra Linux – Vulnerability in WebKit2GTK
The issue was resolved through improved memory handling. This issue is fixed in Safari 17.3, iOS 16.7.5, and iPadOS 16.7.5; iOS 17.3, and iPadOS 17.3; macOS Sonoma 14.3; tvOS 17.3; and watchOS 10.3. Processing web content may lead to arbitrary code execution...
Astra Linux – Vulnerability in CGal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...
Astra Linux – Vulnerability in WebKit2GTK
A correctness issue was addressed through improved checks. This issue has been fixed in macOS Sonoma 14, Safari 17, iOS 17, and iPadOS 17. Processing web content may lead to arbitrary code execution...
Astra Linux – Vulnerability in WebKit2GTK
Integer overflow has been addressed through improved input validation. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, tvOS 17.5, and visionOS 1.2. Processing maliciously crafted web content may lead to arbitrary code execution...
Astra Linux – Vulnerability in Firefox, Thunderbird
Memory safety bugs exist in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142, and Thunderbird 142. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability ha...
Astra Linux – Vulnerability in libnbd
A flaw was discovered in libnbd. A malicious actor could exploit this by convincing libnbd to open a specially crafted Uniform Resource Identifier URI. This vulnerability arises because non-standard hostnames starting with ‘-o’ are incorrectly interpreted as arguments for the Secure Shell SSH...
Astra Linux – Vulnerability in Composer
Composer is a dependency manager for PHP. The URLs for Mercurial repositories in the composer.json file at the root level, as well as the source download URLs, are not sanified correctly. Specifically crafted URL values allow code to be executed via the HgDriver if hg/Mercurial is installed on th...