16745 matches found
Astra Linux – Vulnerability in Firefox
In canvas rendering, a compromised content process could cause a surface to change unexpectedly, leading to a memory leak in a privileged process. This memory leak could be exploited to perform a sandbox escape if the correct data was leaked. This vulnerability affects Firefox versions earlier th...
Astra Linux – Vulnerability in Ruby-Rack
A sequence injection vulnerability exists in Rack versions 2.0.9.1, 2.1.4.1, and 2.2.3.1. This vulnerability could allow for shell escapes in the Lint and CommonLogger components of Rack...
Astra Linux – Vulnerability in Chromium
Before version 90.0.4430.85, using free in navigation in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...
Astra Linux – Vulnerability in Firefox
Firefox’s HTML parser did not correctly interpret HTML comment tags, leading to inconsistencies with other browsers. This vulnerability could have been exploited to embed user-controlled data within HTML comments on pages. This issue affects Firefox versions prior to 101...
Astra Linux – Vulnerability in Chromium
Using "after free" in DevTools in Google Chrome before version 88.0.4324.96 allowed a local attacker to potentially perform a sandbox escape by using a specially crafted file...
Astra Linux – Vulnerability in Chromium
Before version 87.0.4280.141, using "use after free" in media in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Before version 99.0.4844.51, using the "After Free" feature in the Cast UI in Google Chrome allowed a remote attacker who convinced a user to engage in certain user interactions to potentially perform a sandbox escape through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Potential users of the Speech Recognizer feature in Google Chrome on Android before version 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Before version 88.0.4324.146, using "Use after free" in Payments in Google Chrome on Mac allowed a remote attacker to potentially perform a sandbox escape through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in the Tab Strip component in Google Chrome on Windows, prior to version 88.0.4324.182, allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Integer overflow in Mojo in Google Chrome prior to version 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
In the Indexed DB API in Google Chrome, using use after free before version 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Before version 94.0.4606.61, using "use after free" in Portals within Google Chrome allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...
Astra Linux – Vulnerability in Flatpak
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions before 1.10.9, 1.12.9, 1.14.6, and 1.15.8, a malicious or compromised Flatpak application could execute arbitrary code outside its sandbox. Normally, the --command argument of flatpak...
Astra Linux – Vulnerability in WebKit2GTK
The issue was addressed through improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.8, and iPadOS 15.7.8, Safari 16.5, iOS 16.5, and iPadOS 16.5. A remote attacker may be able to break out of the Web Content sandbox. Apple is aware of a report...
Astra Linux – Vulnerability in Chromium
Before version 89.0.4389.114, the out-of-bounds read in IPC in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Before version 87.0.4280.141, using the "drag and drop" feature in Google Chrome on Linux allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Before version 87.0.4280.141, using Autofill in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...
Astra Linux – Vulnerability in Thunderbird, Firefox
An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages. This bug only affects Thunderbird for Linux. Other operating systems are unaffected.. This vulnerability affects Firefox 108, Firefox ESR 102.6, and...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in the Crashpad component of Google Chrome on Android, prior to version 107.0.5304.106, allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. Chromium security severity: High...