Astra Linux - уязвимость в chromium

Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page...

Delete doesn’t mean gone. Here’s how File Shredder fixes that

You have done it a thousand times. Right-click. Delete. Empty Trash. Done. Except it's not done. That file, your tax return, your private photos, that EmbezzlementPlan.doc… it's all still sitting on your drive. Invisible to you, but not to anyone with a $30 recovery tool downloaded from the...

SUSE CVE-2025-40068

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: Fix integer overflow in rununpack The MFT record relative to the file being opened contains its runlist, an array containing information about the file's location on the physical disk. Analysis of all Call Stack paths...

CVE-2025-40068 fs: ntfs3: Fix integer overflow in run_unpack()

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: Fix integer overflow in rununpack The MFT record relative to the file being opened contains its runlist, an array containing information about the file's location on the physical disk. Analysis of all Call Stack paths...

CVE-2025-40068 fs: ntfs3: Fix integer overflow in run_unpack()

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: Fix integer overflow in rununpack The MFT record relative to the file being opened contains its runlist, an array containing information about the file's location on the physical disk. Analysis of all Call Stack paths...

Improper Privilege Management vulnerability in Apache Kafka Client

Apache Kafka Clients are vulnerable to improper privilege management due to the use of ConfigProvider plugins that can read from disk or environment variables. This could allow an attacker to read arbitrary contents of the disk and environment variables, potentially escalating from REST API acces...

Apache Kafka 安全漏洞

Apache Kafka is an open source distributed streaming platform from the Apache Foundation in the United States. The platform is capable of acquiring real-time data for building applications that react in real time to changes in the data stream. An authorization issue vulnerability exists in Apache...

CVE-2024-36027 btrfs: zoned: do not flag ZEROOUT on non-dirty extent buffer

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: do not flag ZEROOUT on non-dirty extent buffer Btrfs clears the content of an extent buffer marked as EXTENTBUFFERZONEDZEROOUT before the bio submission. This mechanism is introduced to prevent a write hole of an...

CVE-2023-5368

On an msdosfs filesystem, the 'truncate' or 'ftruncate' system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather than zero bytes. This may permit a user with write access to files on a msdosfs filesystem to re...

PT-2023-32071 · Msdosfs +1 · Msdosfs +1

Name of the Vulnerable Software and Affected Versions: msdosfs affected versions not specified Description: The issue arises when the 'truncate' or 'ftruncate' system calls are used on an msdosfs filesystem under certain circumstances. Instead of populating the additional space in the file with...

SUSE CVE-2020-6472

Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory or disk via a crafted Chrome Extension...

SUSE CVE-2020-6563

Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page...

SUSE CVE-2020-16027

Insufficient policy enforcement in developer tools in Google Chrome prior to 87.0.4280.66 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from the user's disk via a crafted Chrome Extension...

PT-2022-28196 · Etcd · Etcd

Name of the Vulnerable Software and Affected Versions: etcd affected versions not specified Description: The issue concerns data exposure due to the storage of user credentials in WAL entries on each user authentication. If the WAL log files are not secure, it can potentially expose sensitive...

Linux kernel 信息泄露漏洞

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that originates from a disk/network card front-end data leak...

UBUNTU-CVE-2021-21137

Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page...

CVE-2021-21137

Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page...

Google Chrome 信息泄露漏洞

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A DevTools improperly implemented vulnerability exists in versions of Google Chrome prior to 88.0.4324.96. A remote attacker can obtain potentially sensitive...

DEBIAN-CVE-2020-16027

Insufficient policy enforcement in developer tools in Google Chrome prior to 87.0.4280.66 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from the user's disk via a crafted Chrome Extension...

UBUNTU-CVE-2020-16027

Insufficient policy enforcement in developer tools in Google Chrome prior to 87.0.4280.66 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from the user's disk via a crafted Chrome Extension...