Lucene search
K
AstralinuxRecent

18095 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in giflib

Giflib contains a double-free vulnerability, which is caused by a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions necessary to trigger this vulnerability are complex, but it may still occur...

7CVSS5.8AI score0.00144EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in GIMP

GIMP PSP File Parsing: Heap-Based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page ...

7.8CVSS7.6AI score0.00744EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in libheif

libheif is a decoder and encoder for HEIF and AVIF file formats. In versions 1.21.2 and earlier, a crafted 792-byte HEIF sequence file with samplesperchunk=0 in the stsc field could cause an unsigned integer underflow in the Chunk constructor mlastsample = 0 + 0 - 1 = UINT32MAX, causing all sampl...

6.5CVSS5.7AI score0.00301EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in underscore

Underscore.js is a utility-belt library for JavaScript. Prior to version 1.13.8, the .flatten and .isEqual functions used recursion without a depth limit. Under very specific conditions, an attacker could exploit this in a Denial of Service DoS attack by triggering a stack overflow. Untrusted...

8.2CVSS5.9AI score0.00612EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: dm: fixed the unlocked test for dmsuspendedmd. The function dmblkreportzones checks whether the device is suspended using the dmsuspendedmd call. However, this function is called without holding any locks, so the device may be...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Before versions 7.1.2-16 and 6.9.13-41, an overflow on 32-bit systems could cause a crash in the SFW decoder when processing extremely large images. This vulnerability has been fixed in versions 7.1.2-1...

5.7CVSS5.8AI score0.00093EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed the stackmap overflow check in bpfgetstackid Syzkaller reported a KASAN vulnerability related to out-of-bounds write operations in bpfgetstackid, when copying stack trace data. This issue occurs when the perf trace...

5.9AI score0.00157EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in opencolorio

A vulnerability was discovered in AcademySoftwareFoundation OpenColorIO version 2.5.0. This issue affects the ConvertToRegularExpression function in the src/OpenColorIO/FileRules.cpp file. Performing certain manipulations can lead to an out-of-bounds read vulnerability. The attack can be carried...

4.8CVSS5.3AI score0.00165EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Chromium

The use of after-free in videos within Google Chrome before version 147.0.7727.101 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.00334EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, there was an integer underflow issue in the updatereadcachebitmaporder function of FreeRDP’s Core Library. This vulnerability has been fixed in version 3.24.0...

3.1CVSS5.8AI score0.00175EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Qemu

No description...

7.1AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Input: lkkbd – Disabling pending work before freeing the device. The lkkbdinterrupt function schedules the lk-tq queue via schedulework. The work handler lkkbdreinit dereferences the lkkbd structure and its serio/inputdev fields...

7.8CVSS5.7AI score0.00124EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in GIMP

A flaw was discovered in GIMP. There is an integer overflow vulnerability when processing ICO image files, specifically in the icoreadinfo and icoreadicon functions. This issue arises because the size calculation for image buffers can exceed the limit due to a 32-bit integer evaluation, allowing...

6.5CVSS7.4AI score0.00838EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in Chromium

The use of after-free in V8 in Google Chrome before version 147.0.7727.55 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.00303EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ASoC: fslxcvr: Revert to fixing the missing lock in fslxcvrmodeput This revert commits f51424872760 “ASoC: fslxcvr: fix missing lock in fslxcvrmodeput”. The original patch attempted to acquire the card-controlsrwsem lock in...

5.5CVSS5.7AI score0.00091EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in freeipa

A flaw was identified in the FreeIPA API audit; it sends the entire FreeIPA command line to journalctl. As a result, during the FreeIPA installation process, administrative user credentials—including the administrator’s password—are inadvertently leaked into the journal database. In the worst-cas...

5.5CVSS5.6AI score0.00226EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in libpng1.6

LIBPNG is a reference library used in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.6.36 through 1.6.55, there was an out-of-bounds read and write vulnerability in libpng’s ARM/AArch64 Neon-optimized palette expansion path. When...

7.6CVSS6.7AI score0.00585EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in xwayland, xorg-server

A flaw was discovered in the X.Org X server’s validation of XKB key type requests. A local attacker could send a specially crafted request to the X server, leading to a vulnerability where out-of-bounds memory access could occur. This could result in the disclosure of sensitive information or cau...

7.8CVSS5.8AI score0.0025EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in Chromium

In CSS, operations outside the bounds were allowed in Google Chrome before version 146.0.7680.165; this enabled a remote attacker to perform out-of-bounds memory access through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.6AI score0.00454EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in xwayland, xorg-server

A flaw was discovered in the X.Org X server. This “use-after-free” vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence function. An attacker with access to the X11 server can exploit this vulnerability without any user interaction, resulting in a...

7.8CVSS5.8AI score0.00264EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in xwayland, xorg-server

A flaw was discovered in the X.Org X server. This out-of-bounds read vulnerability arises from the XKB geometry processing, specifically within the CheckSetGeom and XkbAddGeomKeyAlias functions. It allows an attacker to read uninitialized or out-of-bounds memory. An attacker with access to the X1...

9.1CVSS6.8AI score0.00489EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in sudo

In Sudo, from version 1.9.17p2 until 3e474c2, a failure in the call of setuid, setgid, or setgroups functions, during a privilege drop before running the mailer, is not considered a fatal error. Such failures may lead to an escalation of privileges...

7.8CVSS7.1AI score0.00173EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in WebML in Google Chrome prior to version 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory through a crafted HTML page. Chromium security severity: High...

4.3CVSS7.2AI score0.00286EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: MIPS: ftrace: Fixed memory corruption when the kernel’s size exceeds 32 bits. Since the commit e424054000878 “MIPS: Tracing: Reducing the overhead of dynamic Function Tracer”, the macro UASMiLAmostly has been used. This macro can...

5.5CVSS6AI score0.00171EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.18 views

Astra Linux – Vulnerability in libssh

A flaw was discovered in libssh, where a malicious SFTP SSH File Transfer Protocol server can exploit this by sending a malformed ‘longname’ field within an SSHFXPNAME message during a file listing operation. This missing null check can lead to reading beyond the allocated memory on the heap. Thi...

3.1CVSS6.6AI score0.00442EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a double-free vulnerability in the functions kerberosAcceptSecurityContext and kerberosInitializeSecurityContextA located in WinPR, winpr/libwinpr/sspi/Kerberos/kerberos.c could cause crashes in any FreeRDP...

5.3CVSS5.8AI score0.00282EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fixed an off-by-one error in the setupnicdevices cleanup process. In setupnicdevices, the initialization loop jumps to the setupnicdevfree label if a failure occurs. The current cleanup loop whilei-- skips the fail...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a crafted image could cause an out-of-bounds heap write within the WaveletDenoiseImage method. When processing a crafted image using the -wavelet-denoise...

5.5CVSS7.1AI score0.00106EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Qemu

An “off-by-one” error was detected in QEMU’s KVM Xen guest support. A malicious guest could exploit this flaw to trigger out-of-bounds heap accesses in the QEMU process through the emulated Xen physdev hypercall interface, resulting in a denial of service or potential memory corruption...

6.5CVSS7.1AI score0.00143EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfSetWindowMinMaxInfo dereferenced a freed xfAppWindow pointer because xfrailgetwindow in xfrailserverminmaxinfo returned an unprotected pointer from the railWindows hash table. This could allow the main...

9.8CVSS5.8AI score0.00599EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.17 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in Compositing in Google Chrome before version 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.00248EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in libsoup2.4

A flaw was discovered in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, resulting in a buffer overread. This can allow an attacker to potentially access sensitive information or cause a denial of service at the application level...

9.1CVSS6.8AI score0.0042EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in Chromium

Insufficient validation of untrusted inputs in navigation in Google Chrome prior to version 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. Chromium security severity: High...

8.8CVSS5.8AI score0.00253EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.1, a global-buffer-overflow issue was observed during FreeRDP’s Base64 decoding process. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char values are treated...

9.1CVSS5.3AI score0.00599EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in libssh

A malicious SCP server can send unexpected commands that may cause the client application to override local files outside of the working directory. This could be exploited to create malicious executable or configuration files, causing the user to execute them with specific consequences. This is t...

6.3CVSS6.4AI score0.00408EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Qemu

A flaw was discovered in QEMU. A specially crafted VMDK image could trigger an out-of-bounds read vulnerability, potentially leading to a 12-byte leak of sensitive information or a denial of service condition DoS...

5.1CVSS7.1AI score0.00114EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Qemu

An integer overflow vulnerability was discovered in the virtio-snd device through PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...

5.5CVSS5.9AI score0.00102EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed an issue where engid could be negative, causing the streamenc regs array to be indexed out of bounds. The variable engid is used directly as an index into the streamenc regs array, which has only 5 elements...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in GraphicsMagick

GraphicsMagick before 8e56520 has a heap-based buffer over-read issue in the ReadJXLImage function, located in coders/jxl.c, related to a call to ImportViewPixelArea...

9.1CVSS5.9AI score0.00315EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in exiv2

Exiv2 is a C++ library and a command-line utility for reading, writing, deleting, and modifying Exif, IPTC, XMP, and ICC image metadata. Prior to version 0.28.8, a buffer overflow vulnerability was discovered. The vulnerability resides in the CRW image parser. This issue has been fixed in version...

8.1CVSS6AI score0.00307EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, a client-side heap buffer overflow occurred in the FreeRDP client’s AVC420/AVC444 YUV-to-RGB conversion process. This issue arose due to a lack of validation of the horizontal bounds of the H.264 metablock...

8.2CVSS6AI score0.00323EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in gpsd

There is an integer underflow vulnerability in the nextstate function in gpsd/packet.c in gpsd versions prior to the commit ffa1d6f40bca0b035fc7f5e563160ebb67199da7. When parsing a NAVCOM packet, the payload length is calculated using lexer-length = sizetc - 4, without checking whether the input...

7.5CVSS5.2AI score0.0047EPSS
Exploits2References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.11 views

Astra Linux – Vulnerability in Chromium

Using WebCodecs with “after free” before version 146.0.7680.178 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00395EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in PDF in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

4.3CVSS6.7AI score0.00159EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in sdl-image1.2

SDLimage is a library for loading images of various formats as SDL surfaces. In the dolayersurface function in src/IMGxcf.c, pixel index values from decoded XCF tile data are used directly as colormap indices without being validated against the colormap size cmnum. A crafted .xcf file with a smal...

7.1CVSS5.8AI score0.00262EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in PDFium in Google Chrome prior to version 147.0.7727.101 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted PDF file. Chromium security severity: High...

8.8CVSS7.9AI score0.00336EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in yuvensurebuffer in libfreerdp/codec/h264.c, h264-width and h264-height were updated before the reallocation loop. If any winpralignedrecalloc call fails, the function returns FALSE, but width/height have...

7.5CVSS6.3AI score0.00265EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in GIMP

A flaw was discovered in GIMP’s PSP Paint Shop Pro file parser. A remote attacker could exploit an integer overflow vulnerability in the readcreatorblock function by providing a specially crafted PSP image file. This vulnerability occurs when a 32-bit length value from the file is used for memory...

5.5CVSS7.2AI score0.00494EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in the persistentcachereadentryv3 function in libfreerdp/cache/persistent.c, persistent-bmpSize was updated before winpralignedrecalloc. If realloc fails, bmpSize is inflated while bmpData points to the old...

7.1CVSS6.2AI score0.001EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.22.0, the ecamencodercompressh264 function relied on server-controlled dimensions and did not validate the source buffer size, resulting in a out-of-bounds read in swsscale. This vulnerability has been fixed in...

9.1CVSS5.5AI score0.00489EPSS
Exploits0References3
Total number of security vulnerabilities18095