Astra Linux – Vulnerability in ffmpeg

Buffer overflow vulnerability in FFmpeg 4.2, located in the convolutiony10bit section of libavfilter/vfvmafmotion.c, which could allow a remote malicious user to cause a Denial of Service attack...

Astra Linux – Vulnerability in Firefox and Thunderbird

The garbage collector might have been aborted in several states and zones, and GCRuntime::finishCollection might not have been called, resulting in a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5, and Firefox 107...

Astra Linux – Vulnerability in Apache2

When an HTTP/2 stream is reset by a client via an RST frame, there is a time window during which the memory resources associated with the request are not immediately reclaimed. Instead, the deallocation of these resources is delayed until after the connection is closed. This allows clients to...

Astra Linux – Vulnerability in unbound

Unbound before version 1.9.5 allows for an integer overflow in the size calculation in dnscrypt/dnscrypt.c. NOTE: The vendor denies that this is a vulnerability. Although the code may be vulnerable, an active Unbound installation cannot be exploited remotely or locally...

Astra Linux – Vulnerability in Chromium

The use of “after free” in Media Stream in Google Chrome before version 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Low...

Astra Linux – Vulnerability in Chromium

Type confusion in V8 in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Astra Linux – Vulnerability in Chromium

A single error in V8 in Google Chrome prior to version 141.0.7390.54 allowed a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: Medium...

Astra Linux – Vulnerability in edk2

EDK2 contains a vulnerability in the BIOS, where a user can cause an Integer Overflow or Wrap-around error through network means. Successful exploitation of this vulnerability may lead to a denial of service...

Astra Linux – Vulnerability in Chromium

In V8, the "out of bounds" reading in Google Chrome before version 91.0.4472.77 allowed a remote attacker to potentially exploit stack corruption through a crafted HTML page...

Astra Linux – Vulnerability in Chromium

Before version 95.0.4638.69, using free after signing in in Google Chrome allowed a remote attacker who convinced a user to sign in to Chrome to potentially exploit heap corruption through a crafted HTML page...

Astra Linux – Vulnerability in binutils

A flaw has been discovered in GNU Binutils 2.45. The affected function is bfdelfparseehframe in the file bfd/elf-eh-frame.c of the Linker component. Executing certain manipulations can lead to a heap-based buffer overflow. This attack is limited to local executions. The exploit has been published...

Astra Linux – Vulnerability in binutils

A vulnerability was discovered in GNU Binutils 2.45. The affected function is bfdx86elflatesizesections in the file bfd/elfxx-x86.c of the Linker component. This vulnerability leads to out-of-bounds read attacks. The attack must be approached locally. The exploit has been made public and can be...

Astra Linux – Vulnerability in Chromium

The use of “after free” in Compositing in Google Chrome before version 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in the iFrame Sandbox in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions through a crafted HTML page...

Astra Linux – Vulnerability in Chromium

Before version 91.0.4472.101, using Autofill in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

Astra Linux – Vulnerability in SOX

There is a heap-based buffer overflow vulnerability in the sphere.c startread function of the Sound Exchange libsox 14.4.2 version and the main commit 42b3557e. A specially crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to exploit this vulnerability...

Astra Linux – Vulnerability in Chromium

Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Astra Linux – Vulnerability in Chromium

Inappropriate implementations of Skia in Google Chrome prior to version 88.0.4324.146 allowed a local attacker to spoof the contents of the Omnibox URL bar through a crafted HTML page...

Astra Linux – Vulnerability in Chromium

The use of Translate in Google Chrome before version 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

Astra Linux – Vulnerability in Chromium

The use of after-free in the Serial mechanism in Google Chrome before version 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...