Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Type Confusion in V8 in Google Chrome prior to version 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.6AI score0.56192EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in the Browser History component of Google Chrome prior to version 112.0.5615.49 allowed a remote attacker who convinced a user to perform certain UI interactions to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.2AI score0.00975EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow vulnerability in Google Chrome versions prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.2AI score0.01077EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Autofill in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS6.1AI score0.00373EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in dcmtk

The service class user SCU of OFFIS DCMTK all versions prior to 3.6.7 is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could enable remote code execution...

9.8CVSS7.2AI score0.02846EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

The use of after free in Blink in Google Chrome before version 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.5AI score0.00535EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

A issue was discovered in the Linux kernel through version 6.1-rc8. The function dpucrtcatomiccheck in the file drivers/gpu/drm/msm/disp/dpu1/dpucrtc.c lacks a check for the return value of kzalloc. This issue may lead to a NULL Pointer Dereference...

5.5CVSS6.5AI score0.00218EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in UMA in Google Chrome prior to version 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.6AI score0.01118EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Passwords in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially leak cross-origin data through a malicious website...

6.5CVSS6.9AI score0.0075EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Add length check when parsing nlattrs There are three places where qla4xxx parses nlattrs: - qla4xxxsetchapentry - qla4xxxifacesetparam - qla4xxxsysfsddbsetparam Each of these functions converts nlattr to a specifi...

5.5CVSS5.3AI score0.00149EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in openexr

OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf31::LineCompositeTask::execute called from IlmThread31::NullThreadPoolProvider::addTask and IlmThread31::ThreadPool::addGlobalTask. NOTE: db217f2 may be inapplicable...

5.5CVSS7.1AI score0.01772EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.17 views

Astra Linux – Vulnerability in Vim

Integer overflow or wrap-around in the GitHub repository for vim/vim before version 9.0.1532...

7.8CVSS6.7AI score0.00485EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in the Task Manager of Google Chrome prior to version 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption through specific user interactions...

8.8CVSS7.5AI score0.00809EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in xerces-c

An integer overflow exists in xerces-c++ 3.2.3 in the BigFix Platform, allowing remote attackers to gain out-of-bound access through HTTP requests...

8.8CVSS7AI score0.01381EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211 – Fix for queue selection for mesh/OCB interfaces When using iTXQ, the code assumes that there is only one vif queue for broadcast packets, using the BE queue. Allowing non-BE queue marking violates this assumption...

5.5CVSS6.2AI score0.00252EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Qemu

A vulnerability in the lsi53c895a device affects the latest version of QEMU. A DMA-MMIO reentrancy problem may lead to memory corruption issues, such as stack overflow or use-after-free errors...

6CVSS6.7AI score0.00269EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Corrected the incorrect validation of the next buffer length in smb2setea. There are multiple smb2eainfo buffers in the FILEFULLEAINFORMATION request from the client. ksmbd uses the NextEntryOffset of the current...

5.5CVSS6AI score0.00224EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in openimageio

A vulnerability was discovered in OpenImageIO, where a heap buffer overflow exists in the src/gif.imageio/gifinput.cpp file. This flaw allows a remote attacker to send a specially crafted file to the application, triggering a heap-based buffer overflow and potentially causing a system crash,...

7.5CVSS7.5AI score0.0119EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Thunderbird

The OCSP revocation status of certificates was not checked when verifying S/Mime signatures. Emails signed with revoked certificates would be displayed as having a valid signature. Thunderbird versions from 68 to 102.7.0 were affected by this bug. This vulnerability affects Thunderbird versions...

6.5CVSS6.8AI score0.00372EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Wireshark

In Wireshark versions 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This issue was addressed in the plugin plugins/epan/wimax/msgdlmap.c by validating the length field...

7.5CVSS7.1AI score0.0281EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed an issue where inode lists were leaked during backref walking in findparentnodes. During backref walking, when findparentnodes is called, if we are dealing with a data extent and an error occurs while resolving...

5.5CVSS6AI score0.00172EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Before version 115.0.5790.98, using tab groups with free in Google Chrome allowed a remote attacker who convinced a user to perform certain UI interactions to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.4AI score0.00709EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Use memset to avoid memory leaks. Use memset to initialize structs to prevent memory leaks. In l2capecredconnect...

5.5CVSS6.1AI score0.00242EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in glibc

The iconv feature in the GNU C Library also known as glibc or libc6, up to version 2.32, may have a buffer over-read issue when processing invalid multi-byte input sequences in the EUC-KR encoding...

7.1CVSS7AI score0.03538EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iio: light: cm3605: Fixed an error handling path in cm3605probe. The commit in “Fixes” also introduced a new error handling path, which should replace the existing one. Otherwise, some resources may be leaked...

5.5CVSS5.2AI score0.00179EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mapletree: Fixed potential out-of-bounds access in maswrendpiv. Check the write offset’s end bounds before using it as an offset into the pivot array. This prevents possible out-of-bounds access to the pivot array if the write...

5.4AI score0.00175EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in the Sign-In process in Google Chrome before version 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption through profile destruction. Chromium security severity: Medium...

8.8CVSS7.3AI score0.00576EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net:sfc: Fixed issues with non-freezed interrupts in legacy IRQ mode. The SFC driver can be configured using modparam to work with MSI-X, MSI, or legacy IRQ interrupts. In the latter case, the interrupt wasn’t properly released...

5.5CVSS6.2AI score0.00222EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in imagemagick

A flaw was discovered in ImageMagick within MagickCore/quantum.h. An attacker who submits a crafted file processed by ImageMagick could induce undefined behavior, resulting in values that are outside the range of type unsigned char. This likely application availability issues, but it may also cau...

4.3CVSS6.7AI score0.01124EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in OpenSSH

In SSH in OpenSSH before version 9.6, OS command injection could occur if a user name or host name contained shell metacharacters, and this name was referenced by an expansion token in certain situations. For example, a untrusted Git repository might contain a submodule with shell metacharacters ...

6.5CVSS6.4AI score0.19753EPSS
Exploits8References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in libstb

There is a heap-based buffer overflow vulnerability in the comment functionality of stbvorbis.c v1.22. A specially crafted .ogg file can lead to an out-of-bounds write. An attacker can provide a malicious file to exploit this vulnerability...

9.8CVSS8.6AI score0.0141EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in htmldoc

A flaw was discovered in htmldoc version 1.9.12. A heap buffer overflow in the rendertablerow function, located in ps-pdf.cxx, may lead to arbitrary code execution and denial of service...

7.8CVSS8.2AI score0.01138EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/meson: encodercvbs: Fixed a reference count leak in mesonencodercvbsinit. In the function ofgraphgetremotenode, the remote device nodepointer is returned with a incremented reference count. We should use ofnodeput on it after...

5.5CVSS5.4AI score0.002EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Before version 95.0.4638.69, using free after signing in in Google Chrome allowed a remote attacker who convinced a user to sign in to Chrome to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS8.1AI score0.00942EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A heap buffer overflow flaw was discovered in the IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with normal user privileges to overwrite kernel heap objects and may lead to a local privilege escalation attack...

7.8CVSS6.9AI score0.05524EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A issue was discovered in the x86 KVM subsystem of the Linux kernel before version 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVMVCPUPREEMPTED situations...

7.8CVSS6.7AI score0.00323EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.12 views

Astra Linux – Vulnerability found in libsdl1.2, libsdl2, and sdl-image1.2

In SDL Simple DirectMediaLayer, versions from 1.2.15 up to 2.x, and then from 2.0.9 onwards, there is a heap-based buffer over-read issue in the BlitNtoN function within the video/SDLblitN.c file, when it is called from the SDLSoftBlit function in the video/SDLblit.c file...

8.1CVSS6.7AI score0.03299EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in mbedtls

A vulnerability was discovered in Arm Mbed TLS prior to version 2.24.0. An attacker can retrieve a private key for RSA or static Diffie-Hellman through a side-channel attack targeting the generation of base blinding/unblinding values...

4.7CVSS6AI score0.00342EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed a potential memory leak in DMUB hwinit Why When resuming, we perform DMUB hwinit, which allocates memory using dmresume-dmdmubhwinit-dcdmubsrvcreate-kzalloc. This can lead to a memory leak in suspend/resume...

5.5CVSS5.8AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Drivers: Staging: rtl8192eu: Fixed a deadlock in rtwjoinbsseventprehandle. There is a deadlock in rtwjoinbsseventprehandle, as shown below: Thread 1 | Thread 2 | settimer rtwjoinbsseventprehandle | modtimer spinlockbh //1 | Wait...

5.5CVSS5.9AI score0.0016EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fbdev: fbcon: Release the buffer when fbcondosetfont fails. syzbot is reporting a memory leak at fbcondosetfont, for the commit a5a923038d70 “fbdev: fbcon: Properly revert changes when vcresize fails”. It was overlooked that the...

5.5CVSS6.5AI score0.0015EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Mozilla developers and community members reported memory safety bugs in Firefox 93 and Firefox ESR 91.2. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability...

8.8CVSS7.4AI score0.01208EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Mariadb 10.3

MariaDB version 10.5.13 allows a hamaria::extra application to crash due to certain SELECT statements...

5.5CVSS7.1AI score0.00403EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Before version 105.0.5195.52, using PhoneHub in Google Chrome on Chrome OS allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.4AI score0.00492EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux - уязвимость в tomcat9

Improper authorization vulnerability occurs when multiple method constraints define an HTTP method for the same extension in Apache Tomcat. This issue affects Apache Tomcat: versions 11.0.0-M1 through 11.0.21, 10.1.0-M1 through 10.1.54, 9.0.0.M1 through 9.0.117, 8.5.0 through 8.5.100, and 7.0.0...

9.1CVSS5.8AI score0.01136EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Samba

MaxQueryDuration is not honored in Samba AD DC LDAP...

6.5CVSS6.7AI score0.01716EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in Thunderbird

The olmsessiondescribe function in Matrix libolm before version 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a...

9.8CVSS9AI score0.01921EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

A use-after-free flaw was discovered in the addpartition function in the block/partitions/core.c file within the Linux kernel. A local attacker with user privileges could cause a denial of service on the system. The issue arises due to the lack of code cleanup when the deviceadd function fails...

5.5CVSS6.7AI score0.00336EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Error handling in gicpopulateppipartitions was fixed. The function ofgetchildbyname returns a node pointer with a refcount incremented. We should use ofnodeput on it when it is no longer needed. When kcalloc fails...

5.5CVSS6.2AI score0.00273EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mtd: core: added ofnodeget in the dynamic partitions code This fixes the issue with ofnodeput: 1.078910 6 cmdlinepart partitions found on the MTD device gpmi-nand 1.085116 Creating 6 MTD partitions on “gpmi-nand”: 1.090181...

7.8CVSS5.4AI score0.00153EPSS
Exploits0References1
Total number of security vulnerabilities18102