Lucene search
K

52850 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow vulnerability in PDF files in Google Chrome prior to version 118.0.5993.70 allowed a remote attacker who convinced a user to perform certain user interactions to potentially exploit heap corruption through a crafted PDF file. Chromium security severity: Medium...

8.8CVSS7.6AI score0.00867EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

Before version 104.0.5112.79, using "use after free" in the Input component in Google Chrome on the Chrome OS allowed a remote attacker who convinced a user to perform certain user interactions to potentially exploit heap corruption through those interactions...

8.8CVSS7.4AI score0.00763EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In v4l2m2mquerybuf of v4l2-mem2mem.c, there is a possible out-of-bounds write due to improper input validation. This could lead to a local escalation of privileges, as the system requires execution privileges to exploit the vulnerability. User interaction is not required for exploitation. Product...

6.7CVSS6.8AI score0.00155EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Before version 101.0.4951.41, using the "After Free" feature in Google Chrome on a Mac allowed a remote attacker to potentially exploit heap corruption by using a crafted HTML page. This attacker could convince a user to perform certain user interactions, thereby enabling them to exploit the syst...

8.8CVSS7.3AI score0.00903EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in GhostScript

A vulnerability classified as problematic was discovered in GhostPCL 9.55.0. This vulnerability affects the chunkfreeobject function in the gsmchunk.c file. Manipulation with a malicious file can lead to memory corruption. The attack can be initiated remotely, but requires user interaction. The...

7.8CVSS6.1AI score0.00811EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in the Live Caption feature in Google Chrome before version 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption through such interactions. Chromium security severity: Medium...

8.8CVSS7.3AI score0.0083EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Jackson-Databind

FasterXML Jackson-Databind 2.x versions before 2.9.10.8 mishandle the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS...

8.8CVSS7.1AI score0.05018EPSS
Exploits2References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in p7zip

7-Zip SquashFS File Parsing: Out-of-Bounds Write Vulnerability Leading to Remote Code Execution. This vulnerability allows remote attackers to execute arbitrary code on affected 7-Zip installations. User interaction is required to exploit this vulnerability, as the target must visit a malicious...

7.8CVSS7.7AI score0.26887EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux

In various methods of kernel-based drivers, there is a possibility of an out-of-bounds write due to a heap buffer overflow. This could lead to a local escalation of privileges, requiring system execution privileges. User interaction is not required for exploitation. Product: Android Versions:...

6.7CVSS7.1AI score0.00149EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Before version 103.0.5060.134, using free in Views in Google Chrome allowed a remote attacker who convinced a user to engage in certain user interactions to potentially exploit heap corruption through UI interactions...

8.8CVSS7.3AI score0.01029EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in User Education in Google Chrome before version 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted Chrome Extension or specific user interactions...

8.8CVSS7.3AI score0.00498EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. The supported versions affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. This easily exploitable vulnerability allows a low-privilege...

6.8CVSS7.3AI score0.027EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. The supported versions affected by this vulnerability are Java SE: 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. This vulnerability is difficult to exploit...

7.5CVSS6.7AI score0.04008EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux

In memzeroexplicit of compiler-clang.h, there is a possible way to bypass defense in depth due to uninitialized data. This could lead to the disclosure of local information without requiring additional execution privileges. User interaction is not required for exploitation. Product: Android...

5.5CVSS6.2AI score0.0015EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the handling of offloads in ipgre.c, there is a possibility of a page fault due to an invalid memory access. This could lead to the disclosure of local information without the need for additional execution privileges. User interaction is not required for exploitation. Product: Android Versions...

5.5CVSS5.8AI score0.0018EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

The use of after free in Passwords in Google Chrome prior to version 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption through crafted UI interactions. Chromium security severity: High...

8.8CVSS7.3AI score0.00956EPSS
Exploits0References2
CVE
CVE
added 2026/06/18 6:29 a.m.29 views

CVE-2026-28573

CVE-2026-28573 affects Android Wear OS via a Framework component vulnerability described as a local denial of service in AndroidManifest.xml due to a missing permission check. The CVE is characterized as high severity with a CVSSv4 base score of 10.0 (AV:N/AC:L/PR:N/UI:N/S:I:H/CI:H/AI:H; impacts ...

10CVSS5.6AI score0.00138EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/17 6:35 p.m.8 views

EUVD-2026-37555

In Contacts Provider, there is a possible way to access an incoming call's phone number and associated metadata due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

3.3CVSS5.6AI score0.00065EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/17 6:35 p.m.9 views

EUVD-2026-37554

In SettingsLib, there is a possible way to disable system components due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.6AI score0.0008EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/17 6:35 p.m.10 views

EUVD-2025-210216

In multiple locations there is a possible provisioning bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.6AI score0.00084EPSS
Exploits0References2
Rows per page
Query Builder