220632 matches found
Astra Linux – Vulnerability in Apache2
When an HTTP/2 stream is reset by a client via an RST frame, there is a time window during which the memory resources associated with the request are not immediately reclaimed. Instead, the deallocation of these resources is delayed until after the connection is closed. This allows clients to...
Astra Linux – Vulnerability in unbound
Unbound before version 1.9.5 allows for an integer overflow in the size calculation in dnscrypt/dnscrypt.c. NOTE: The vendor denies that this is a vulnerability. Although the code may be vulnerable, an active Unbound installation cannot be exploited remotely or locally...
Astra Linux – Vulnerability in Chromium
The use of “after free” in Media Stream in Google Chrome before version 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Low...
Astra Linux – Vulnerability in Chromium
Type confusion in V8 in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Astra Linux – Vulnerability in Chromium
A single error in V8 in Google Chrome prior to version 141.0.7390.54 allowed a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerability in edk2
EDK2 contains a vulnerability in the BIOS, where a user can cause an Integer Overflow or Wrap-around error through network means. Successful exploitation of this vulnerability may lead to a denial of service...
Astra Linux – Vulnerability in Chromium
In V8, the "out of bounds" reading in Google Chrome before version 91.0.4472.77 allowed a remote attacker to potentially exploit stack corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Before version 95.0.4638.69, using free after signing in in Google Chrome allowed a remote attacker who convinced a user to sign in to Chrome to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in binutils
A flaw has been discovered in GNU Binutils 2.45. The affected function is bfdelfparseehframe in the file bfd/elf-eh-frame.c of the Linker component. Executing certain manipulations can lead to a heap-based buffer overflow. This attack is limited to local executions. The exploit has been published...
Astra Linux – Vulnerability in binutils
A vulnerability was discovered in GNU Binutils 2.45. The affected function is bfdx86elflatesizesections in the file bfd/elfxx-x86.c of the Linker component. This vulnerability leads to out-of-bounds read attacks. The attack must be approached locally. The exploit has been made public and can be...
Astra Linux – Vulnerability in Chromium
The use of “after free” in Compositing in Google Chrome before version 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in the iFrame Sandbox in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Before version 91.0.4472.101, using Autofill in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in SOX
There is a heap-based buffer overflow vulnerability in the sphere.c startread function of the Sound Exchange libsox 14.4.2 version and the main commit 42b3557e. A specially crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to exploit this vulnerability...
Astra Linux – Vulnerability in Chromium
Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Inappropriate implementations of Skia in Google Chrome prior to version 88.0.4324.146 allowed a local attacker to spoof the contents of the Omnibox URL bar through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
The use of Translate in Google Chrome before version 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
The use of after-free in the Serial mechanism in Google Chrome before version 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Redis
Redis is an open-source, in-memory database that persists data on disk. When parsing an incoming Redis Standard Protocol RESP request, Redis allocates memory according to values specified by the user, which determine the number of elements in the multi-bulk header and the size of each element in...
Astra Linux – Vulnerability in openjdk-11
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. The supported versions affected by this vulnerability are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5, and 22.3.1...