Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in htmldoc

A flaw was discovered in htmldoc in version 1.9.12. A heap buffer overflow in pspdfpreparepage, located in ps-pdf.cxx, may allow for the execution of arbitrary code and cause a denial of service attack...

7.8CVSS8AI score0.00923EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.21 views

Astra Linux – Vulnerability in Xen

Potential speculative code storage bypasses exist in all supported CPU products. Combined with software vulnerabilities related to speculative execution of overwritten instructions, this could lead to incorrect speculation and potentially cause data leakage...

5.5CVSS5.9AI score0.00328EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Before version 91.0.4472.77, using free after in WebRTC in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted SCTP packet...

8.8CVSS8.1AI score0.01102EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in SQLite3

SQLite 3.30.1 improperly handles pExpr-y.pTab, as demonstrated in the TKCOLUMN case within sqlite3ExprCodeTarget in expr.c...

5.9CVSS6.8AI score0.02538EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementations of WebAuthentication in Google Chrome prior to version 96.0.4664.45 allowed a remote attacker to leak cross-origin data through a crafted HTML page...

6.5CVSS6.6AI score0.00856EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Firefox and Thunderbird

The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame. This vulnerability affects Firefox 94, Thunderbird 91.3, and Firefox ESR 91.3...

10CVSS8.2AI score0.0383EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in WebKit2GTK

Integer overflow has been addressed through improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2, and iPadOS 15.2, as well as watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS7.5AI score0.07617EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in RustC

In the standard library of Rust before version 1.52.0, a double-free error can occur in the Vec::fromiter function if the process of freeing the element causes a panic...

9.8CVSS8.2AI score0.0289EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in pillow

In Pillow before 8.1.2, attackers can cause a denial of service due to excessive memory consumption. This occurs because the reported size of the contained image is not properly checked for an ICNS container. As a result, a memory allocation attempt can be quite large...

7.5CVSS6.8AI score0.04851EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in pillow

In Pillow before 8.1.2, attackers can cause a denial of service due to excessive memory consumption. This occurs because the reported size of the contained image is not properly checked for an ICO container. As a result, a memory allocation attempt can be quite large...

7.5CVSS6.8AI score0.03071EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in krb5

In kdc/kdcpreauthec.c of the Key Distribution Center KDC in MIT Kerberos 5 also known as krb5, before versions 1.18.4 and 1.19.x, and before version 1.19.2, remote attackers could exploit a vulnerability that led to a NULL pointer dereferencing and a crash of the daemon. This occurs because the...

7.5CVSS6.9AI score0.10276EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Raptor2

A malformed input file can lead to a segfault due to an out of bounds array access in raptorxmlwriterstartelementcommon...

6.5CVSS6.4AI score0.02143EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Qemu

A reachable assertion issue was detected in the USB EHCI emulation code of QEMU. This issue can occur during the processing of USB requests due to improper handling of the DMA memory map. A malicious privileged user within the guest environment may exploit this flaw to send invalid USB requests,...

3.2CVSS6.8AI score0.00357EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in node-getobject

A vulnerability in the prototype pollution mechanism in the 'getobject' version 0.1.0 allows an attacker to cause a denial of service and may lead to remote code execution...

9.8CVSS7.4AI score0.04031EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Qemu

In QEMU 5.1.0, the ideatapicmdreplyend variable in hw/ide/atapi.c allows out-of-bounds read access, as the buffer index is not validated...

3.9CVSS6.5AI score0.00369EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Jackson-Databind

FasterXML Jackson-Databind 2.x versions before 2.9.10.8 mishandle the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS...

8.8CVSS7.1AI score0.05018EPSS
Exploits2References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in DjVuLibre

In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error resource exhaustion caused by an infinite loop in GBitmap::readrleraw by creating a corrupted image file, which is related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp...

5.5CVSS5.4AI score0.01707EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in GraphicsMagick

GraphicsMagick version 1.3.35 has a heap-based buffer overflow in the ReadMNGImage function in the coders/png.c file...

7.5CVSS7.3AI score0.02853EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Samba

A null pointer dereference flaw was detected in Samba’s Winbind service in versions prior to 4.11.15, before 4.12.9, and before 4.13.1. A local user could exploit this flaw to crash the Winbind service, resulting in a denial of service...

5.5CVSS6.4AI score0.00613EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Qemu

In QEMU versions up to 5.0.0, an assertion failure can occur during network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could exploit this flaw to terminate the QEMU process on the host, resulting in a denial-of-service condition in...

3.8CVSS6.5AI score0.00377EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in binutils

There is a memory leak issue in the Binary File Descriptor BFD library also known as libbfd within the GNU Binutils 2.34, specifically in the bfdhashlookup function. This issue can lead to a denial of service attack through a specially crafted file...

5.5CVSS6.4AI score0.01046EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in zziplib

The infinite loop in zziplib v0.13.69 allows remote attackers to cause a denial of service by using the return value “zzipfileread” in the function “unzzipcatfile”...

3.3CVSS5.7AI score0.00745EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in PostgresSQL 11

A man-in-the-middle attacker can inject false responses to the client’s first few queries, despite the use of SSL certificate verification and encryption...

5.9CVSS6.4AI score0.01501EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: tipc: skblinearize the head skb when reassembling msgs It’s not a good idea to append the frag skb to a skb’s fraglist if the fraglist already contains skbs from elsewhere. For example, this frag skb was created by pskbcopy, wher...

5.5CVSS6.2AI score0.00232EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

In the Network Config UI of the Google Chrome browser on ChromeOS, incorrect security interfaces existed prior to version 90.0.4430.72. This allowed remote attackers to potentially compromise Wi-Fi connection security through a malicious wireless access point...

6.5CVSS6.8AI score0.01809EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in navigations in Google Chrome prior to 89.0.4389.72 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page...

6.5CVSS7.2AI score0.01874EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Before version 90.0.4430.72, using extensions in Google Chrome allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape through a crafted Chrome Extension...

8.6CVSS7.7AI score0.01022EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Using “after free” in Blink in Google Chrome before version 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.2AI score0.01754EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

Using "after free" in Blink in Google Chrome before version 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.01353EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Chromium

Before version 88.0.4324.96, using Blink with a "after free" mechanism allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.8AI score0.0701EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Insufficient data validation in the File System API of Google Chrome prior to version 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions through a crafted HTML page...

6.5CVSS6.7AI score0.09966EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape through a crafted Chrome Extension...

9.6CVSS8AI score0.23406EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in downloads within Google Chrome prior to 88.0.4324.96 allowed an attacker who convinced a user to download files to bypass navigation restrictions through a crafted HTML page...

6.5CVSS6.9AI score0.03036EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in Extensions in Google Chrome prior to version 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted Google Chrome Extension...

8.8CVSS8.4AI score0.0082EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

Before version 89.0.4389.72, using free after in WebRTC in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.8AI score0.01376EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in node-hosted-git-info

Packages that use hosted-git-info before version 3.0.8 are vulnerable to Regular Expression Denial of Service ReDoS attacks due to the regular expression shortcutMatch in the fromUrl function in index.js. The affected regular expressions have a polynomial worst-case time complexity...

5.3CVSS6.9AI score0.03612EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A use-after-free exists in the drivers/tee/teeshm.c file within the TEE subsystem of the Linux kernel, as of version 5.15.11. This issue arises due to a race condition during the teeshmgetfromid function, when attempting to free a shared memory object...

7CVSS6.4AI score0.00694EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved through improved bounds checks. This issue has been fixed in tvOS 15.6, watchOS 8.7, iOS 15.6, and iPadOS 15.6, macOS Monterey 12.5, and Safari 15.6. Processing web content may lead to arbitrary code execution...

8.8CVSS8.6AI score0.03213EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Set scmnd-result only when scmnd is not NULL. This change fixes the following kernel NULL pointer dereference, which is occasionally reproduced by blktests srp/007. Bug: Kernel NULL pointer dereference, address:...

5.5CVSS6.1AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10, Linux

The mm/rmap.c file in the Linux kernel before version 5.19.7 contains a use-after-free issue related to the double reuse of the leaf anonvma structure...

5.5CVSS6.7AI score0.00971EPSS
Exploits3References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: Video: fbdev: smscufx: Fixed null-ptr-deref in ufxusbprobe I received a report of a null-ptr-deref issue: Bug: NULL pointer dereferencing in the kernel; address: 0000000000000000 … RIP: 0010:fbDestroyModelist+0x38/0x100 … Call...

5.5CVSS6.2AI score0.00244EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel before version 4.8, the usbparseendpoint function in drivers/usb/core/config.c did not validate the wMaxPacketSize field of an endpoint descriptor. NOTE: This vulnerability only affects products that are no longer supported by the supplier...

8.4CVSS6.2AI score0.00238EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in unbound

Unbound before version 1.9.5 allows for an integer overflow in the regional allocator through regionalalloc. NOTE: The vendor denies that this is a vulnerability. Although the code may be vulnerable, an ongoing Unbound installation cannot be exploited remotely or locally...

9.8CVSS8.3AI score0.02179EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rt4801: Fixed a NULL pointer dereferencing issue when priv-enablegpios is NULL. devmgpiodgetarrayoptional may return NULL if no GPIO was assigned...

5.5CVSS5.3AI score0.00222EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail out from dwc3gadgetexit if dwc-gadget is NULL. There exists a possible scenario in which dwc3gadgetinit may fail: during the switch between peripheral and host modes in dwc3setmode, and if a pending gadget...

5.5CVSS5.8AI score0.00222EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: i2c: Fixed a potential use after free The adap structure should only be freed after we have finished using it. This patch simply moves the putdevice function slightly to avoid the potential issue after freeing the structure. wsa:...

7.8CVSS6.1AI score0.00378EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

The checkaluop function in kernel/bpf/verifier.c in the Linux kernel, as of v5.16-rc5, did not properly update the bounds when handling the mov32 instruction. This issue allows local users to obtain potentially sensitive address information, also known as a “pointer leak.”...

5.5CVSS6.5AI score0.00416EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in edk2

The example of an encrypted private key in EDK2, located in the IpSecDxe.efi, may pose potential security risks...

7.5CVSS7AI score0.01106EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in GhostScript

A heap-based buffer overwrite vulnerability was discovered in the lp8000printpage function of GhostScript, located in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a specially crafted PDF file, triggering a heap buffer overflow that could lead to memory corruption...

7.1CVSS7.4AI score0.00437EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in WebKit2GTK

An information disclosure issue was resolved by removing the vulnerable code. This issue has been fixed in macOS Monterey 12.5. A website may be able to track the websites a user visited in Safari’s private browsing mode...

5.3CVSS6.9AI score0.00418EPSS
Exploits0References1
Total number of security vulnerabilities18102