Astra Linux - уязвимость в tinyxml

In the TiXmlDeclaration::Parse method in tinyxmlparser.cpp within TinyXML, up to version 2.6.2, there is a potentially exploitable assertion which can lead to application exit. This issue occurs when a malicious XML document is used, where a null character \0 is placed after a whitespace...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/sync: Cleanup of partially initialized sync objects occurs during parse failures. The function xesyncentryparse can allocate references such as syncobjs, fences, chain fences, or user fences before encountering subsequent...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mcb: mcb-parse: fixed an error in handling chameleonparsegdd If mcbdeviceregister returns an error in chameleonparsegdd, the reference count of the bus and device names is exposed. This issue is addressed by calling putdevice to...

Astra Linux - уязвимость в python-django, python2.7

Packages containing “python/cpython” from versions 0 and earlier, including 3.6.13, 3.7.0 and earlier than 3.7.10, 3.8.0 and earlier than 3.8.8, 3.9.0 and earlier than 3.9.2, are vulnerable to Web Cache Poisoning via “urllib.parse.parseqsl” and “urllib.parse.parseqs”. This vulnerability occurs du...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ath10k: Error handling in ath10ksetupmsaresources has been fixed. The devicenode pointer is returned by ofparsephandle, with the refcount incremented. We should use ofnodeput on it after that operation. This function only call...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fixed an out-of-bounds access in parseintegerlimit. When configuring osnoisecpus using the write system call, the following KASAN exception may occur: BUG: KASAN: Out-of-bounds access in...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: A potential dereference issue with RCU resources has been fixed in the wilcparsejoinbssparam function. In the wilcparsejoinbssparam function, the TSF field of the ies structure is accessed after the RCU read-side...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerabilities have been resolved: smb: client: fixed potential OOBs in smb2ParseContexts Validated offsets and lengths before dereferencing and creating contexts in smb2ParseContexts. This fixes the following OOPs when accessing invalid create contexts from th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: samples/landlock: Fixed the memory leak in pathlist. Clang static analysis reports this error. sandboxer.c:134:8: Warning: Potential memory leak pointed to by ‘pathlist’. ret = 0; ^ pathlist is allocated in parsepath, but never...

Astra Linux - уязвимость в libsoup2.4

A flaw was discovered in libsoup, where the soupheadersparserequest function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: HID: usbhid: Eliminated a recurring out-of-bounds error in usbhidparse. Updated the struct hiddescriptor to better reflect the mandatory and optional parts of the HID descriptor according to the USB HID 1.11 specification. Not...

Astra Linux - уязвимость в htmldoc

A flaw was discovered in htmldoc in v1.9.12 and earlier versions. A stack buffer overflow in the parsetable function in ps-pdf.cxx may allow for the execution of arbitrary code and cause a denial of service attack...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021619)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021619 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: Prevent bad count for tracingcpumaskwrite If a large count is provided, it will trigger ...

PT-2026-42227

TeleJSON prior to 6.0.0 contains a DOM-based cross-site scripting vulnerability in the parse function that allows attackers to execute arbitrary JavaScript by delivering a crafted JSON payload containing a malicious constructor-name property value. The custom reviver passes the constructor name...

jq: out-of-bounds read in jv_parse_sized() on error formatting for non-NUL-terminated buffers

A flaw was found in jq, a command line JSON processor, specifically in the libjq API. Parsing a malformed JSON input from a non-NUL-terminated buffer using the jvparsesized function can cause an out-of-bounds read, resulting in an application crash and a possible memory disclosure within the erro...

GHSA-73JC-5MRQ-PRW7 SQLFluff: Uncontrolled Resource Consumption in SQLFluff Parser

Impact In deployments where untrusted users can provide SQL queries to be linted, an untrusted user can submit a malicious long query to any application using the parser to trigger a Denial of Service through resource exhaustion. Patches Versions 4.2.0 and up contain a configurable parse node...

golang: net/url: Memory exhaustion in query parameter parsing in net/url

A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...

OPENSUSE-SU-2026:20771-1 Security update for perl-YAML-Syck

This update for perl-YAML-Syck fixes the following issues: Changes in perl-YAML-Syck: - updated to 1.450.0 1.45 Bug Fixes - Fix: use syckbase64free to fix Windows "Free to wrong pool" crash in base64 encode/decode buffers; also plugs a memory leak PR 189 - Fix: clear type tag on blessed scalar...

freerdp: FreeRDP has a Heap-buffer-overflow in audio_formats_free

A heap buffer overflow has been discovered in FreeRDP. audinserverrecvformats frees an incorrect number of audio formats on parse failure i + i, leading to out-of-bounds access in audioformatsfree...

golang: net/url: Memory exhaustion in query parameter parsing in net/url

A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...