65166 matches found
Astra Linux - уязвимость в libarchive
A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive WARC file that claims to have more than INT64MAX – 4 content bytes. An attacker could create a malicious WARC archive to induce this overflow,...
Astra Linux - уязвимость в chromium
Integer overflow in Codecs in Google Chrome prior to version 146.0.7680.178 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в freerdp2
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. This issue only affects clients. An integer underflow can lead to a Denial of Service DOS vulnerability, for example, an abort due to WINPRASSERT with default compilation flags. When an...
Astra Linux - уязвимость в apache2
If LimitXMLRequestBody is set to allow request bodies larger than 350MB default is 1MB on 32-bit systems, an integer overflow may occur, which can lead to out-of-bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier versions...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: uaccess: A integer overflow has been fixed in the accessok function. On three architectures, the end of a user’s access is checked against the address limit, without considering the possibility of an overflow. Passing a negative...
Astra Linux - уязвимость в libksba
A vulnerability was discovered in the Libksba library due to an integer overflow within the CRL parser. This vulnerability can be exploited remotely to execute code on the target system by passing specially crafted data to the application, such as a malicious S/MIME attachment...
Astra Linux - уязвимость в chromium
Integer overflow in the Layout component in Google Chrome prior to version 129.0.6668.89 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
Integer overflow in V8 in Google Chrome prior to version 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в qemu
A flaw was discovered in the QXL display device emulation in QEMU. An integer overflow in the cursoralloc function can lead to the allocation of a small cursor object, followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QEMU process...
Astra Linux - уязвимость в poppler
The JPXStream::init function in Poppler 0.78.0 and earlier does not check for negative values of stream length, which can lead to an Integer Overflow. This allows an attacker to allocate a large memory chunk on the heap, with the size controlled by them. This issue was demonstrated by pdftocairo...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: crypto: cavium – prevents integer overflow during firmware loading The value of “codelength” comes from the firmware file. If your firmware is untrusted, there’s probably very little you can do to protect yourself. Nevertheless, ...
Astra Linux - уязвимость в openexr
There is a flaw in OpenEXR’s deep tile sample size calculations in versions before 3.0.0-beta. An attacker who can submit a crafted file for processing by OpenEXR could trigger an integer overflow, resulting in an out-of-bounds read. The greatest risk of this flaw is to the application’s...
Astra Linux - уязвимость в sox
A issue was discovered in libsox.a within SoX 14.4.2. In sox-fmt.h, within the startread function, there is an integer overflow in the result of integer addition with a wrap around to 0 passed into the lsxcalloc macro that wraps around to malloc. When a NULL pointer is returned, it is used withou...
Astra Linux - уязвимость в klibc
A issue was discovered in klibc before version 2.0.9. An integer overflow in the cpio command may lead to a NULL pointer dereferencing on 64-bit systems...
Astra Linux - уязвимость в ffmpeg
An integer overflow vulnerability exists in the function filter16roberts in libavfilter/vfconvolution.c in Ffmpeg 4.2.1. Attackers can exploit this vulnerability to cause a Denial of Service or other unspecified impacts...
Astra Linux - уязвимость в binutils
The binutils version 2.32 and earlier contains an Integer Overflow vulnerability in objdump, bfdgetdynamicrelocupperbound, and bfdcanonicalizedynamicreloc. This vulnerability can lead to Integer Overflow, which in turn triggers Heap Overflow. Successful exploitation of this vulnerability allows f...
Astra Linux - уязвимость в postgresql-11
A flaw was discovered in PostgreSQL that allows authenticated database users to execute arbitrary code through insufficient overflow checks during SQL array value modifications. This issue arises due to an integer overflow during array modifications, where a remote user can trigger the overflow b...
Astra Linux - уязвимость в vim
Integer overflow or wrap-around in the GitHub repository for vim/vim before version 9.0...
Astra Linux - уязвимость в mbedtls
Integer Overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2, allows attackers to cause a denial of service DoS via mbedtlsx509setextension...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerabilities have been resolved: tpm: efi: Use a local variable to calculate the final log size When tpmreadlogefi is called multiple times, which occurs when one loads and unloads a TPM2 driver multiple times, the global variable efitpmfinallogsize will...