Lucene search
K
AstralinuxMost viewed

18102 matches found

AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.89 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed an integer overflow issue while processing the closetimeo mount option. The user-provided closetimeo mount parameter, of type u32, is intended to have an upper limit. However, before this limit is validated, the value...

5.5CVSS6.3AI score0.00179EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.81 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mfd: ene-kb3930: Fixed a potential NULL pointer dereferencing issue. The “offgpios” variable could potentially be NULL. A missing check was added in the “kb3930probe” function. This is similar to the issue fixed in commit...

5.5CVSS6.3AI score0.00174EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.68 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fixed a race condition that occurred due to concurrent opens during the rename2 operation. In addition to sending the rename request to the server, the rename process also involves closing any deferred closes, waitin...

4.7CVSS6.4AI score0.00101EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.65 views

Astra Linux – Vulnerability in ffmpeg

There is a heap-based Buffer Overflow vulnerability in FFmpeg 4.2, located in the getblockrow function in libavfilter/vfbm3d.c. This vulnerability may lead to memory corruption and other potential issues...

8.8CVSS7.3AI score0.01178EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.50 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Install a stub fence into potential unused fence pointers. When using cpu to update page tables, VM update fences are unused. Instead, install a stub fence into these fence pointers, rather than setting them to NULL...

5.5CVSS6AI score0.00134EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.48 views

Astra Linux – Vulnerability in Parsec

The vulnerability of the defaultoptions and parsecmdline functions in the PARSEC security subsystem is related to improper memory release after their use. Exploiting this vulnerability allows an attacker to cause service failures...

6.2CVSS5.8AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.46 views

Astra Linux – Vulnerability in fly-wm

The vulnerability of the fly-adjust-palette utility in the window graphical manager fly-wm is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...

6.2CVSS5.9AI score
Exploits0References2
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.41 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: spi: fsl-qspi: Use devm function instead of driver remove The driver uses devm APIs to manage clk/irq/resources and register the spi controller. However, the legacy remove function is called first during device detachment, causin...

5.5CVSS6AI score0.00229EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.36 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in Profiles in Google Chrome before version 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.4AI score0.00612EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.35 views

Astra Linux – Vulnerability in Chromium

Before version 92.0.4515.107, using “after free” in DevTools in Google Chrome allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.01233EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2024/11/23 3:4 a.m.35 views

Astra Linux – Vulnerability in Chromium

Type Confusion in V8 in Google Chrome before version 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS6.9AI score0.00597EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.34 views

Astra Linux – Vulnerability in Chromium

In Google Chrome, using "after free" in V8 before version 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.6AI score0.07836EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.34 views

Astra Linux – Vulnerability in Chromium

Before version 101.0.4951.41, using the Browser Switcher in Google Chrome allowed a remote attacker to potentially exploit heap corruption by using a crafted HTML page, as long as that attacker could convince a user to perform certain user interactions...

8.8CVSS6.9AI score0.00764EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.34 views

Astra Linux – Vulnerability in Chromium

In Google Chrome’s spell check feature, before version 91.0.4472.101, an attacker who convinced a user to install a malicious extension could potentially exploit heap corruption through a crafted HTML page...

8.8CVSS8AI score0.00931EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.33 views

Astra Linux – Vulnerability in Chromium

In Google Chrome versions prior to 92.0.4515.159, a data race in WebAudio allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

7.5CVSS6.8AI score0.03874EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.33 views

Astra Linux – Vulnerability in Chromium

Before version 91.0.4472.77, using "Use after free" in Bookmarks in Google Chrome allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS8AI score0.01004EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.33 views

Astra Linux – Vulnerability in Chromium

Before version 88.0.4324.182, using use after free in Web Sockets with Google Chrome on Linux allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.8AI score0.09458EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.32 views

Astra Linux – Vulnerability in Chromium

The use of after-free in Dawn, prior to version 124.0.6367.78, allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

7.5CVSS6.9AI score0.01003EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.32 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nsfs: Permission checks for handling opening have been tightened. Even privileged services should not necessarily be able to access the namespaces of other privileged services, so that they cannot leak information to each other...

8.8CVSS6AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.31 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in the Reading Mode in Google Chrome before version 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through specific UI interactions. Chromium security severity: Medium...

8.8CVSS7.3AI score0.00382EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.31 views

Astra Linux – Vulnerability in Chromium

Before version 106.0.5249.91, using “after free” in Custom Elements in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.4AI score0.00713EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.31 views

Astra Linux – Vulnerability in Chromium

The use of Translate in Google Chrome before version 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.04071EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.31 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in Accessibility in Google Chrome before version 131.0.6778.69 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.7AI score0.00343EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.30 views

Astra Linux – Vulnerability in exempi

The XMP Toolkit SDK version 2021.07 and earlier is affected by a stack-based buffer overflow vulnerability that may lead to arbitrary code execution within the context of the current user. Exploitation requires user interaction—that is, the victim must open a specially crafted file...

9.3CVSS8AI score0.036EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.29 views

Astra Linux – Vulnerability in Chromium

The use of "after free" in Window Dialogs in Google Chrome before version 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS6.9AI score0.00745EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.29 views

Astra Linux – Vulnerability in Chromium

Before version 96.0.4664.45, using free in media in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS8.1AI score0.01362EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.29 views

Astra Linux – Vulnerability in Chromium

Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.04835EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.29 views

Astra Linux – Vulnerability in Chromium

The use of after-free in the Serial mechanism in Google Chrome before version 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.00637EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.27 views

Astra Linux – Vulnerability in astra-safepolicy

The vulnerability of the astra-safepolicy security configuration software is related to the lack of a data security mechanism. Exploiting this vulnerability allows attackers to access confidential data, compromise its integrity, and cause service failures...

8.4CVSS5.9AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.27 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: ntbnetdev: Use devkfreeskbany in interrupt context. TX/RX callback handlers ntbnetdevtxhandler, ntbnetdevrxhandler can be called in interrupt context via the DMA framework after the respective DMA operations are completed...

5.5CVSS5.9AI score0.00149EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.26 views

Astra Linux – Vulnerability in fluidsynth

Fluidsynth-2.4.6 and earlier versions are vulnerable to null pointer dereferencing in the fluidsynthmonopoly.c file, which can occur when loading an invalid MIDI file...

7.5CVSS5.8AI score0.00414EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.25 views

Astra Linux – Vulnerability in Chromium

Before version 103.0.5060.134, using the "after free" method in the Service Worker API in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.4AI score0.17864EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.24 views

Astra Linux – Vulnerability in Zabbix

The Zabbix Agent 2 item key “smart.disk.get” does not sanitize its parameters before passing them to a shell command, which may lead to a vulnerability for remote code execution...

9.8CVSS8.8AI score0.00753EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.24 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cxl/pmem: Fixed race conditions related to nvdimm registration. A loop of the form: c while true; do modprobe cxlpci; modprobe -r cxlpci; done …fails with the following crash message: BUG: Kernel NULL pointer dereference, address...

5.6AI score0.00169EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.24 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mt76: mt7915: fixed the possible NULL pointer dereferencing in mt7915macfillrxvector. Fixed the possible NULL pointer dereferencing in mt7915macfillrxvector if the chip does not support dbdc and the hardware reports bandidx se...

5.5CVSS6.3AI score0.0021EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.24 views

Astra Linux – Vulnerability in Parsec

The vulnerability of the PARSEC security subsystem’s psmac utility is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...

6.2CVSS5.8AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.24 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

6.6AI score0.00037EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.24 views

Astra Linux – Vulnerability in Tomcat9

Path Equivalence: The path ‘file.Name’ Internal Dot leads to remote code execution, information disclosure, and the addition of malicious content to uploaded files via the write-enabled default servlet in Apache Tomcat. This issue affects Apache Tomcat versions as follows: - 11.0.0-M1 through...

10CVSS7.4AI score0.99945EPSS
Exploits47References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.23 views

Astra Linux – Vulnerability in Chromium

Before version 88.0.4324.96, using the "After Free" feature in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.9AI score0.06825EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.23 views

Astra Linux – Vulnerability in Firefox

Parsing an indefinite SEQUENCE within an indefinite GROUP in ASN.1 could result in the parser accepting malformed ASN.1 syntax. This vulnerability affects Firefox versions earlier than 102...

9.8CVSS8.3AI score0.007EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.23 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: fix filter idr initialization The referenced commit moved the idr initialization too early in flchange, which allows concurrent users to access the filter that is still being initialized and is in an inconsiste...

5.2AI score0.00155EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.23 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: iio: accel: bmc150: Fixed an issue with the irq assumption regression. The code in bmc150-accel-core.c unconditionally calls bmc150accelsetinterrupt in the iiobuffersetupops. This occurs, for example, during the runtime PM resume...

6.1AI score0.00176EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.23 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: encx24j600: check error in devmregmapinitencx24j600 devmregmapinit may return error which caused by like out of memory, this will results in null pointer dereference later when reading or writing register: general protection...

2.3CVSS5.8AI score0.00215EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.23 views

Astra Linux – Vulnerability in Vim

Out-of-bounds read in the GitHub repository for Vim before version 9.0...

8CVSS7.1AI score0.0132EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.23 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: jfs: Upper bound check of the tree index in dbAllocAG When calculating the tree index in dbAllocAG, we never check whether we are out of bounds relative to the size of the tree. This could occur in a scenario where the filesystem...

7.8CVSS6.6AI score0.00167EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.23 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: appletalk: Fix use-after-free in AARP proxy probe The AARP proxy‐probe routine aarpproxyprobenetwork sends a probe, releases the aarplock, sleeps, then re-acquires the lock. During that window an expire timer thread...

7.8CVSS6.1AI score0.00151EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.23 views

Astra Linux – Vulnerability in dcmtk

There is an improper array index validation vulnerability in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to exploit this vulnerability...

8.4CVSS6.9AI score0.0061EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.22 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: wan: farsync: Fix use-after-free bugs caused by unfinished tasklets When the FarSync T-series card is being detached, the fstcardinfo is deallocated in fstremoveone. However, the fsttxtask or fstinttask may still be running ...

8.8CVSS5.8AI score0.00387EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.22 views

Astra Linux – Vulnerability in Apache Log4j1.2

Log4j 1.2’s JMSAppender is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide configurations for TopicBindingName and TopicConnectionFactoryBindingName, causing JMSAppender to make JNDI requests that lead to remo...

7.5CVSS7.3AI score0.81147EPSS
Exploits9References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.22 views

Astra Linux – Vulnerability in libtomcrypt

In LibTomCrypt version 1.18.2, the derdecodeutf8string function located in derdecodeutf8string.c does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service such as out-of-bounds reads and crashes or to read information from other...

9.1CVSS6.5AI score0.03195EPSS
Exploits1References2
Total number of security vulnerabilities5000