Sandbox property and method bypass via object-destructuring assignment

More info at https://symfony.com/cve-2026-46639...

firefox: thunderbird: Spoofing issue in the DOM: Core & HTML component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in the DOM: Core & HTML component...

CVE-2026-6566

The Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 4.2.0. This is due to insufficient object-level authorization in the image deletion REST flow where the permission callback for...

Astra Linux - уязвимость в mariadb-10.3

MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected MariaDB installations. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: The netlink notifier might race to release objects. The commit release path is invoked via callrcu, and it runs without locking to release the objects after the rcu grace period. The netlink notifier handler...

Astra Linux - уязвимость в openssl

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF, or TS without a message size limit may experience...

Astra Linux - уязвимость в chromium

Inappropriate implementation in Accessibility in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/i915/vma: Fixed a UAF issue during destruction that could lead to a race condition. Object debugging tools occasionally reported illegal attempts to free an i915 VMA object when parking a GT that was believed to be idle...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Binder: A check for offset alignment was added in bindergetobject. The commit 6d98eb95b450 “Binder: avoid potential data leakage when copying txn” introduced changes to the way binder objects are copied. As a result, an offset...

Astra Linux – Vulnerability in Firefox and Thunderbird

An attacker could have caused a use-after-free by forcing a text reflow in an SVG object, resulting in a potentially exploitable crash. This vulnerability affects Firefox 98, Firefox ESR 91.7, and Thunderbird 91.7...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: If the queue update fails, do not reserve bo. The error handling path should unreserve bo and then return a failure message. Selected from the commit c24afed7de9ecce341825d8ab55a43a254348b33...

Astra Linux - уязвимость в chromium

Inappropriate implementation in V8 in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в binutils

A issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. The simpleobjectelfmatch function in simple-object-elf.c does not check for a zero value of shstrndx, resulting in an integer overflow and a heap-based buffer overflow...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu/amdgpucs: fixed the reference count leak of a dmafence object. This issue occurs in an error path within amdgpucsfencetohandleioctl. When info-in.what falls under the default case, the function simply returns...

Astra Linux - уязвимость в chromium

The object lifecycle issue in V8 of Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit object corruption through a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Drivers: hv: vmbus – Fixed a memory leak in vmbusaddchannelkobj. kobjectinitandadd takes a reference even when it fails. According to the documentation for kobjectinitandadd: If this function returns an error, kobjectput must ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/panthor: Fixed a UAF in the panthorgemcreatewithhandle function’s debugfs code. The object may already be gone after the drmgemobjectput call. Generally, the object should be fully constructed before calling...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cachefiles: The issue of incorrect dentry refcount in cachefilescull has been fixed. The patch mentioned below changed cachefilesburyobject to expect 2 references to the ‘rep’ dentry. Three of the caller functions were changed to...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/nouveau: Avoid a use-after-free when BO init fails. nouveauboinit is backed by ttmboinit and passes its return value back to the caller. In case of failures, ttmboinit invokes the provided destructor, which should...

Astra Linux - уязвимость в linux-6.1, linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Fixed a potential data race in nftobjtypeget. The function nftunregisterobj can occur concurrently with nftobjtypeget. There is no protection when iterating over the nftablesobjects list in nftobjtypeget...