590040 matches found
Astra Linux – Vulnerability in libxstream-java
XStream is a simple library for serializing objects to XML and back again. In affected versions, this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. No users are affected if they follow the recommendation...
Astra Linux – Vulnerability in Linux
JIT compilers in the Linux kernel from version 5.11.12 have incorrect calculations of branch displacements, allowing them to execute arbitrary code within the kernel context. This issue affects the files arch/x86/net/bpfjitcomp.c and arch/x86/net/bpfjitcomp32.c...
Astra Linux – Vulnerability in Firefox
An attacker was able to insert an event handler into a privileged object, allowing arbitrary JavaScript execution in the parent process. Note: This vulnerability only affects Desktop Firefox; mobile versions of Firefox are not affected. This vulnerability applies to Firefox versions earlier than...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel 6.0-rc2. An attacker must first gain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw resides within...
Astra Linux – Vulnerability in SOX
A heap buffer overflow vulnerability was discovered in sox, within the lsxreadbuf function at sox/src/formatsi.c:98:16. This flaw can lead to a denial of service, code execution, or information disclosure...
Astra Linux – Vulnerability in Graphviz
A buffer overflow in the Graphviz Graph Visualization Tools, starting from the commit ID f8b9e035 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service application crash by loading a crafted file into the "lib/common/shapes.c" component...
Astra Linux – Vulnerability in hdf5
There is an out-of-bounds read vulnerability in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially crafted GIF file can lead to code execution. An attacker can provide a malicious file to exploit this vulnerability...
Astra Linux – Vulnerability in WebKit2GTK
The issue was addressed through improved checks. This issue has been fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7...
Astra Linux – Vulnerability in GIMP
GIMP JP2 File Parsing: Heap-Based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page ...
Astra Linux – Vulnerability in htmldoc
A flaw was discovered in htmldoc before version 1.9.12. A heap buffer overflow in the pspdfprepareoutpages function, located in the ps-pdf.cxx file, may allow for the execution of arbitrary code and cause a denial of service attack...
Astra Linux – Vulnerability in Ansible
A flaw was discovered in Ansible Engine, in ansible-engine 2.8.x before 2.8.15, and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation, even when the disablegpgcheck parameter is set to False—which is the default...
Astra Linux – Vulnerability in busybox
A use-after-free in Busybox 1.35-x’s awk applet leads to denial of service and potentially code execution when processing a crafted awk pattern in the copyvar function...
Astra Linux – Vulnerability in hsqldb
Those who use java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL Database to process untrusted input may be vulnerable to a remote code execution attack. By default, it is allowed to call any static method of any Java class in the classpath, resulting in code execution. This issu...
Astra Linux – Vulnerability in xorg-server
A vulnerability was discovered in X.Org. This security flaw arises because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges escalation on systems where the X server is running with privileged access, and may...
Astra Linux – Vulnerability in Axis
UNSUPPORTED WHEN ASSIGNED When integrating Apache Axis 1.x in an application, it might not have been obvious that using “ServiceFactory.getService” could lead to potentially dangerous operations, such as LDAP queries. Passing untrusted input to this API method could expose the application to DoS,...
Astra Linux – Vulnerability in libxstream-java
XStream is a simple library for serializing objects to XML and back again. In affected versions, this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream, if the library is used in versions outside the box with...
Astra Linux – Vulnerability in Inkscape
Inkscape version 0.91 is vulnerable to a out-of-bounds write vulnerability, which may allow an attacker to arbitrarily execute code...
Astra Linux – Vulnerability in CGal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted, malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger a...
Astra Linux – Vulnerability in WebKit2GTK
A out-of-bounds write issue has been addressed through improved bounds checking. This issue is fixed in iOS 15.6.1, iPadOS 15.6.1, macOS Monterey 12.5.1, and Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report indicating that...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
The “Use After Free” vulnerability in the Linux kernel allows for the execution of code in a local environment on Linux, x86, and ARM bluetooth modules. This vulnerability is associated with program files located at https://gitee.com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C...