Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in gmp

The GNU Multiple Precision Arithmetic Arithmetic Library GMP version up to 6.2.1 has an integer overflow issue in the mpz/inpraw.c file, which can lead to a buffer overflow due to malicious input. This results in a segmentation fault on 32-bit platforms...

7.5CVSS7.8AI score0.03425EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.19 views

Astra Linux – Vulnerability in Wireshark

Large loops in multiple protocol dissectors in Wireshark versions 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture files...

6.5CVSS6.8AI score0.02411EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in libgsf

There is an integer overflow vulnerability in the Compound Document Binary File format parser of the GNOME Project G Structured File Library libgsf version v1.14.52. A specially crafted file can lead to an integer overflow when processing the directory from the file, allowing an out-of-bounds ind...

8.4CVSS6.7AI score0.00403EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in emacs

In Emacs versions before 29.3, LaTeX preview is enabled by default for e-mail attachments...

2.8CVSS5.9AI score0.00471EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Avoid out-of-bounds access when parsing CPC data If the NumEntries field in the CPC return packet is less than 2, do not attempt to access the “Revision” element of that packet, because it may not be present at that...

7.1CVSS6AI score0.00264EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allowed execution with unnecessary privileges. The -oP option is available to the exim user, and it could lead to a denial of service, as files owned by root could be overwritten...

6.1CVSS7.8AI score0.0094EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allows exposure of file descriptors to an unintended control sphere, because rdainterpret uses a privileged pipe without the closeonexec flag...

7.8CVSS7.6AI score0.00395EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in libde265

Libde265 v1.0.4 contains a heap buffer overflow in the putweightedbipred16fallback function, which can be exploited through a specially crafted file...

6.5CVSS6.9AI score0.01438EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in libde265

Libde265 v1.0.4 contains a heap buffer overflow vulnerability in the putepel16fallback function, which can be exploited through a specially crafted file...

6.5CVSS6.9AI score0.01096EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allowed execution with unnecessary privileges. Since Exim operates as root in the spool directory owned by a non-root user, an attacker could write to the /var/spool/exim4/input spool header file. A crafted recipient address in that file could indirectly lead to command...

7.8CVSS7.9AI score0.00404EPSS
Exploits3References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in f2fs-tools

There is an exploitable information disclosure vulnerability in the initnodemanager functionality of F2fs-Tools F2fs.Fsck 1.12 and 1.13. A specially crafted filesystem can be used to disclose information. An attacker can provide a malicious file to trigger this vulnerability...

5.5CVSS6AI score0.01514EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel version up to 6.1.9, there is a use-after-free issue in the bigbenremove function within the drivers/hid/hid-bigbenff.c file, caused by a crafted USB device. This issue arises because the LED controllers remain registered for an excessively long period of time...

4.6CVSS6.3AI score0.00794EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in fluidsynth

Fluidsynth is a software synthesizer based on the SoundFont 2 specifications. A use after free violation was discovered in fluidsynth, which can be triggered when loading an invalid SoundFont file...

7.2CVSS6.3AI score0.00939EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Chromium

Before version 103.0.5060.53, using the "after free" mechanism in Core in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.01312EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allowed execution with unnecessary privileges. Since Exim operates as root in the log directory which is owned by a non-root user, a symlink or hard link attack could allow overwriting of critical root-owned files anywhere in the filesystem...

7.8CVSS7.5AI score0.00526EPSS
Exploits3References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 has an improper neutralization of line delimiters. Local users can alter the behavior of root processes because a recipient address may contain a newline character...

7.8CVSS7.6AI score0.00376EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Mariadb 10.3

MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected MariaDB installations. Authentication is required to exploit this vulnerability. The specific flaw resides in the processing o...

7.8CVSS7.4AI score0.00689EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Vim

NULL pointer dereferencing in the GitHub repository for vim/vim before version 8.2.4959...

6.6CVSS6.7AI score0.00523EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Vim

“Buffer over-reading” in the grabfilename function in the GitHub repository’s Vim/Vim version prior to 8.2.4956. This vulnerability could cause the software to crash, lead to memory modifications, and may allow for remote execution...

7.8CVSS6.7AI score0.02122EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in libde265

Libde265 v1.0.4 contains a global buffer overflow in the decodeCABACbit function, which can be exploited through a specially crafted file...

6.5CVSS6.9AI score0.01492EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in f2fs-tools

There is an exploitable code execution vulnerability in the multi-device functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can lead to information overwriting, resulting in code execution. An attacker can provide a malicious file to trigger this vulnerability...

8.2CVSS7.4AI score0.02097EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allows Heap-based Buffer Overflows because it mishandles the "-F’.‘” syntax on the command line. This may allow privilege escalation from any user to root. This issue occurs due to the incorrect interpretation of negative sizes in the strncpy function...

7.8CVSS7.7AI score0.00393EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in libde265

Libde265 v1.0.4 contains a heap buffer overflow in the mcchroma function, which can be exploited through a specially crafted file...

6.5CVSS6.9AI score0.01547EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in libde265

Libde265 v1.0.4 contains a heap buffer overflow in the mcluma function, which can be exploited through a specially crafted file...

6.5CVSS6.9AI score0.01096EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in libde265

Libde265 v1.0.4 contains a heap buffer overflow in the ffhevcputunweightedpred8sse function, which can be exploited through a specially crafted file...

8.8CVSS7.6AI score0.01814EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in libde265

Libde265 v1.0.4 contains a heap buffer overflow in the putqpel00fallback16 function, which can be exploited through a specially crafted file...

6.5CVSS6.9AI score0.01057EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in fig2dev

Fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c...

5.5CVSS6.7AI score0.01078EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allowed integer overflow to lead to a buffer overflow in the receiveaddrecipient function, through an email message with fifty million recipients. NOTE: Remote exploitation might be difficult due to resource consumption...

9.8CVSS8.1AI score0.36649EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 has an improper restriction on write operations within the bounds of a memory buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands...

9.8CVSS7.6AI score0.03017EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 has an improper initialization issue that can lead to recursive stack consumption or other consequences. This occurs because the use of certain getc functions is handled incorrectly when a client uses BDAT instead of DATA...

7.5CVSS7.6AI score0.61664EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allowed Use After Free in smtpreset in certain situations that might be common in builds using OpenSSL...

9.8CVSS7.7AI score0.5675EPSS
Exploits3References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp – Fix use-after-free on error path In the error path of sevtsminitlocked, the code dereferes t after it has been freed with kfree. The prerr statement attempts to access t-tioen and t-tioinitdone after the memory has...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: target: file: Use kzallocflex for aiocmd The targetcorefile does not initialize the aiocmd-iocb for the kiwritestream. When the writecommand fdexecuterwaio is executed, we may receive an invalid value for kiwritestream,...

7.5CVSS6.3AI score0.00358EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in COOP in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data through a crafted HTML page...

6.5CVSS6.6AI score0.00763EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Golang-1.19

Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/TLS clients, as well as servers that have Config.ClientAuth set to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default...

5.9CVSS6.8AI score0.00667EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in SQLite3

A flaw was discovered in SQLite’s SELECT query functionality src/select.c. This flaw allows an attacker who is capable of executing SQL queries locally on the SQLite database to cause a denial of service or potentially lead to code execution by triggering a use-after-free. The most significant...

5.5CVSS7.3AI score0.00496EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: appletbkbd: fixed a “slab-use-after-free” bug in appletbkbdprobe. In the probe function appletbkbdprobe, an instance of “struct appletbkbd kbd” is allocated using devmkzalloc to store touch-bar keyboard-related data. Later, ...

7.8CVSS5.6AI score0.00144EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in ANGLE in Google Chrome prior to version 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.2AI score0.01EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Thunderbird, Firefox

By confusing the browser, the fullscreen notification could have been delayed or suppressed, leading to potential user confusion or spoofing attacks. This vulnerability affects Firefox versions earlier than 108...

4.3CVSS6.2AI score0.00699EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in libvirt

A flaw was discovered in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, leading to a race condition and a denial of service when attempting to lock the same object from another thread. This issue could cause clients connecting to the read-only socket ...

6.5CVSS6.6AI score0.00621EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-6.1, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables – Failure to set the dormant flag on the hook register We need to set the dormant flag again if we fail to register the hooks. During memory pressure, hook registration may fail, resulting in a table being...

5.5CVSS5.3AI score0.00227EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in hdf5

A vulnerability classified as problematic was discovered in HDF5 1.14.6. This vulnerability affects the function H5FSsinfoserializenodecb in the file src/H5FScache.c. The exploitation of this vulnerability leads to a heap-based buffer overflow. Local access is required to carry out this attack. T...

5.5CVSS5AI score0.00215EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in node-cipher-base

There is a vulnerability in improper input validation in the cipher-base module, which allows for manipulation of input data. This issue affects cipher-base version 1.0.4...

9.1CVSS7.2AI score0.0047EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.5AI score0.00234EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in opensc

A vulnerability was discovered in OpenSC. This security flaw causes a buffer overflow vulnerability in the cardoshaveverifyrcpackage function. An attacker can provide a smart card package with malformed ASN1 data. The cardoshaveverifyrcpackage function scans the ASN1 buffer for two tags, but the...

7.1CVSS7.1AI score0.00295EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Firefox and Thunderbird

If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files are not properly deleted when the window is closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11...

4.3CVSS6.7AI score0.00488EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Firefox and Thunderbird

The JIT compiler generated incorrect code for arguments in certain cases. This led to potential use-after-free errors during garbage collection. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...

7.8CVSS7.2AI score0.00243EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

Type Confusion in WebAssembly in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.1CVSS7.5AI score0.19883EPSS
Exploits5References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Firefox

Memory safety bugs exist in Firefox 122. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects versions of Firefox prior to 123...

8.1CVSS7.6AI score0.00558EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in PostgresSQL 11

When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries during the initial establishment of a connection, despite the use of SSL certificate verification and encryption...

8.1CVSS7.2AI score0.01901EPSS
Exploits0References2
Total number of security vulnerabilities18102