54246 matches found
Astra Linux - уязвимость в gst-plugins-base1.0
GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors may va...
Astra Linux - уязвимость в expat, firefox, thunderbird
In libexpat before version 2.7.4, the doContent function does not properly determine the buffer size bufSize, as there is no check for integer overflow during the reallocation of the tag buffer...
Astra Linux – Vulnerability in klibc
A issue was discovered in klibc before version 2.0.9. An integer overflow in the cpio command may lead to a NULL pointer dereferencing on 64-bit systems...
Astra Linux - уязвимость в chromium
Integer overflow in the Window Manager in Google Chrome on the Chrome OS and Lacros before version 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to perform an out-of-bounds memory write via crafted UI interactions. Chrome security severity: Hig...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: gpio: gpio-xilinx: Fix integer overflow The current implementation cannot configure more than 32 pins due to an incorrect data type. Therefore, type casting using unsigned long is used to avoid this issue...
Astra Linux - уязвимость в libksba
A vulnerability was discovered in the Libksba library due to an integer overflow within the CRL parser. This vulnerability can be exploited remotely to execute code on the target system by passing specially crafted data to the application, such as a malicious S/MIME attachment...
Astra Linux - уязвимость в sox
A issue was discovered in libsox.a within SoX 14.4.2. In sox-fmt.h, within the startread function, there is an integer overflow in the result of integer addition with a wrap around to 0 passed into the lsxcalloc macro that wraps around to malloc. When a NULL pointer is returned, it is used withou...
Astra Linux - уязвимость в openexr
A flaw was discovered in OpenEXR’s hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp. This flaw allows an attacker who can submit a crafted file processed by OpenEXR to trigger an integer overflow. The greatest threat of this vulnerability is to system availability...
Astra Linux - уязвимость в linux, linux-5.10
An integer overflow or wrap-around vulnerability exists in the OpenEuler kernel on Linux file system modules, allowing for forced integer overflow. This issue affects the OpenEuler kernel, starting from version 4.19.90, up to and including version 4.19.90-2401.3, as well as versions 5.10.0-60.18....
Astra Linux - уязвимость в libstb
It was discovered that stbimage.h v2.27 contains an integer overflow vulnerability through the stbijpegdecodeblockprogdc function. This vulnerability allows attackers to cause a Denial of Service DoS attack through unspecified vectors...
Astra Linux - уязвимость в linux-5.10, linux
A memory leak flaw, along with potential division by zero and integer overflow issues, have been detected in the Linux kernel’s V4L2 and vivid test code functionality. This issue occurs when a user triggers ioctls, such as the VIDIOCSDVTIMINGS ioctl. This could allow a local user to crash the...
Astra Linux - уязвимость в postgresql-11
A flaw was discovered in PostgreSQL that allows authenticated database users to execute arbitrary code through insufficient overflow checks during SQL array value modifications. This issue arises due to an integer overflow during array modifications, where a remote user can trigger the overflow b...
Astra Linux – Vulnerability in libstb
STBVorbis is a single-file library licensed under MIT that processes OGG Vorbis files. A maliciously crafted file may cause memory writes to exceed the allocated heap buffer in startdecoder. The root cause of this issue is a potential integer overflow in sizeofchar f-commentlistlength, which may...
Astra Linux - уязвимость в openexr
There is a flaw in OpenEXR’s deep tile sample size calculations in versions before 3.0.0-beta. An attacker who can submit a crafted file for processing by OpenEXR could trigger an integer overflow, resulting in an out-of-bounds read. The greatest risk of this flaw is to the application’s...
Astra Linux - уязвимость в apache2
If LimitXMLRequestBody is set to allow request bodies larger than 350MB default is 1MB on 32-bit systems, an integer overflow may occur, which can lead to out-of-bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier versions...
Astra Linux - уязвимость в firefox, thunderbird, expat
Expat also known as libexpat before version 2.4.4 has an integer overflow in the doProlog function...
Astra Linux - уязвимость в gst-plugins-good1.0
DOS: Potential heap overwrite during MKV demuxing using BZIP decompression. Integer overflow in the Matroskademux element within the BZIP decompression function can cause a segfault, or it may lead to a heap overwrite, depending on the libc and operating system used. Depending on the libc used an...
Astra Linux - уязвимость в git
Git is a distributed revision control system. The gitattributes command allows for the definition of attributes for certain file paths. These attributes can be defined by adding a .gitattributes file to the repository, which contains a set of file patterns and the attributes that should be applie...
Astra Linux - уязвимость в binutils
The binutils version 2.32 and earlier contains an Integer Overflow vulnerability in objdump, bfdgetdynamicrelocupperbound, and bfdcanonicalizedynamicreloc. This vulnerability can lead to Integer Overflow, which in turn triggers Heap Overflow. Successful exploitation of this vulnerability allows f...
Astra Linux - уязвимость в grub2
A flaw was discovered in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It’s possible to cause the allocation length to overflow with a specially crafted tar file, resulti...