486094 matches found
Astra Linux – Vulnerability in gst-plugins-bad1.0
GStreamer H265 Parsing: Stack-Based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors...
Astra Linux – Vulnerability in gst-plugins-bad1.0
GStreamer MXF File Parsing: Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors may vary...
Astra Linux – Vulnerability in gst-plugins-bad1.0
GStreamer MXF File Parsing: Integer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors may va...
Astra Linux – Vulnerability in Git
Git is a version control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted .gitmodules file with submodule URLs that were longer than 1024 characters could be used to exploit a bug in...
Astra Linux – Vulnerability in xorg-server
A flaw was discovered in the Xorg-x11-server. The specific flaw lies in the handling of ProcXkbSetDeviceInfo requests. The issue arises due to the lack of proper validation of the data provided by the user, which can lead to a memory access beyond the allocated buffer’s limit. This flaw allows an...
Astra Linux – Vulnerability in Firefox
Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 108. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects versio...
Astra Linux – Vulnerability in Firefox and Thunderbird
An attacker was able to execute code in the content process by exploiting a use-after-free in Animation timelines. There have been reports of this vulnerability being exploited in real-world scenarios. This vulnerability affects Firefox 131.0.2, Firefox ESR 128.3.1, Firefox ESR 115.16.1,...
Astra Linux – Vulnerability in Chromium
In V8 in Google Chrome, prior to version 139.0.7258.127, it was possible for a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in gst-plugins-good1.0
Integer overflow in the avidemux element within the gstavidemuxinvert function, which allows for a heap overwrite during the parsing of AVI files. There is a potential for arbitrary code execution due to the heap overwrite...
Astra Linux – Vulnerability in WebKit2GTK
A logic issue has been resolved through improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, and tvOS 17.1. Processing web content may lead to arbitrary code execution...
Astra Linux – Vulnerability in Firefox and Thunderbird
Memory safety bugs exist in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox version...
Astra Linux – Vulnerability in Linux 5.10, Linux
A heap-based buffer overflow vulnerability was discovered in the Linux kernel’s LightNVM subsystem. The issue arises from the lack of proper validation of the length of user-supplied data before copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate...
Astra Linux – Vulnerability in Firefox
Memory safety bugs exist in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability has be...
Astra Linux – Vulnerability in glibc
A use-after-free vulnerability introduced in the glibc upstream version 2.14 was identified in the way the tilde expansion was performed. Directory paths that contained a tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a special...
Astra Linux – Vulnerability in Firefox and Thunderbird
Memory safety bugs exist in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146, and Thunderbird 146. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability ha...
Astra Linux – Vulnerability in Firefox and Thunderbird
If an attacker could find a way to trigger a specific code path in SafeRefPtr, it could cause a crash or potentially be used to execute malicious code. This vulnerability affects Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9...
Astra Linux – Vulnerability in gst-plugins-ugly1.0
GStreamer RealMedia Demuxer Out-of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors may var...
Astra Linux – Vulnerability in Wireshark
The TLS protocol dissector heap overflow in Wireshark versions 4.6.0 to 4.6.4 allows for denial of service attacks, and may lead to code execution...
Astra Linux – Vulnerability in sysstat
Sysstat is a set of system performance tools for the Linux operating system. On 32-bit systems, in versions 9.1.16 and later, but before version 12.7.1, the allocatestructures function contained a sizet overflow in the sacommon.c file. The allocatestructures function insufficiently checked the...
Astra Linux – Vulnerability in Chromium
Before version 91.0.4472.77, using "Use after free" in DevTools in Google Chrome allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code through a crafted Chrome Extension. Chromium security severity: Medium...