20386 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: rxrpc: fixed the RESPONSE authenticator parser OOB read issue. The rxgkverifyauthenticator function copies authlen bytes into a temporary buffer, and then passes p + authlen as the parser limit to rxgkdoverifyauthenticator...
Astra Linux - уязвимость в exiv2
There is a vulnerability in the SEGV method in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of the tiffimageint.cpp file, within Exiv2 0.27-RC3. A crafted input can lead to a remote denial-of-service attack...
Astra Linux - уязвимость в libksba
A vulnerability was discovered in the Libksba library due to an integer overflow within the CRL parser. This vulnerability can be exploited remotely to execute code on the target system by passing specially crafted data to the application, such as a malicious S/MIME attachment...
Astra Linux - уязвимость в cgal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...
Astra Linux - уязвимость в cgal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted, malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger a...
Astra Linux - уязвимость в cgal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger an...
Astra Linux - уязвимость в cgal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger an...
Astra Linux - уязвимость в imagemagick
A NULL pointer dereference flaw was discovered in ImageMagick in versions prior to 7.0.10-31, in the ReadSVGImage function in coders/svg.c. This issue arises from not checking the return value from libxml2’s xmlCreatePushParserCtxt function and directly using that value, resulting in a crash and...
Astra Linux - уязвимость в node-marked
Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression block.def might cause catastrophic backtracking against certain strings, leading to a regular expression denial of service ReDoS attack. Any user who runs untrusted markdown using a vulnerable version of...
Astra Linux - уязвимость в python-django
A issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs e.g., an excessive number of parts to multipart forms could result in too many open files or memory exhaustion, and posed a potential vector for a...
Astra Linux - уязвимость в jruby
A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby, up to 3.2.1. The URI parser improperly handles invalid URLs that contain specific characters. This leads to an increase in the execution time required to parse strings into URI objects. The fixed versions are 0.12.1, 0.11.1...
Astra Linux - уязвимость в yaml-cpp
The SingleDocParser::HandleNode function in yaml-cpp also known as LibYaml-C++ 0.5.3 allows remote attackers to cause a denial of service resource consumption and application crash through a crafted YAML file...
Astra Linux - уязвимость в wireshark
The NetScaler file parser crashes in Wireshark versions 4.0.0 to 4.0.5, and 3.6.0 to 3.6.13. This issue allows for denial of service through crafted capture files...
Astra Linux - уязвимость в libcroco
In libcroco version 0.6.13, there is excessive recursion in the cr parser function cr parserparseanycore in cr-parser.c, resulting in stack consumption...
Astra Linux - уязвимость в netcdf
A issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmldecode, when parsing a crafted XML file, performs incorrect memory handling, resulting in a NULL pointer being dereferenced while running strlen on a NULL pointer...
Astra Linux - уязвимость в openimageio
There is a heap-out-of-bounds read vulnerability in the RLA format parser of OpenImageIO master-branch-9aeece7a and v2.3.19.0. More specifically, it relates to the handling of run-length encoded byte spans. A malformed RLA file can lead to an out-of-bounds read of heap metadata, potentially...
Astra Linux - уязвимость в python-werkzeug
Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug’s multipart form data parser would parse an unlimited number of parts, including file parts. These parts could be small amounts of data, but each part requires CPU time to parse, and may consume more memory...
Astra Linux - уязвимость в cgal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted, malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger a...
Astra Linux - уязвимость в cgal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...
Astra Linux - уязвимость в cgal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted, malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger a...