Lucene search
K
AstralinuxRecent

18095 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.1, a memory access violation occurred in irpthreadfunc because the IRP was freed by irp-Complete, and then accessed again during the error handling path. This vulnerability has been fixed in version 3.20.1...

9.8CVSS5.3AI score0.00453EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Chromium

In Google Chrome, policy bypass in LocalNetworkAccess before version 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions through a crafted HTML page. Chromium security severity: Medium...

6.5CVSS6.6AI score0.00217EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in passwords in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.8AI score0.00219EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Chromium

The use of after-free in Blink in Google Chrome before version 147.0.7727.55 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.00303EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.11 views

Astra Linux – Vulnerability in wpa

In Hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker who has successfully bootstrapped public keys with another entity using PKEX in the past will be able to subvert future bootstrapping attempts by passively observing the public keys. By...

6.5CVSS6.8AI score0.00338EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: scsi: imm: Fixed a use-after-free bug caused by unfinished delayed work. The delayed work item “immtq” is initialized in immattach and scheduled for processing via immqueuecommand. When the IMM parallel port SCSI host adapter is...

6AI score0.00171EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, there was a heap buffer over-read vulnerability in the MAP image decoder when processing specially crafted MAP files, which could potentially lead to crashes or...

9.1CVSS7.3AI score0.0037EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in qBittTorrent

All versions of the qBittorrent client up to 4.5.5 use default credentials when the web user interface is enabled. Administrators are not forced to change the default credentials. As of 4.5.5, this issue has not been fixed. A remote attacker can use the default credentials to authenticate and...

9.8CVSS6AI score0.00908EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Chromium

Insufficient validation of untrusted input in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. Chromium security severity: Low...

8.1CVSS7.3AI score0.00194EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfclipboardformatequal read the freed lastSentFormats memory because xfclipboardformatsfree called from the cliprdr channel thread during auto-reconnect freed the array. Meanwhile, the X11 event thread...

9.8CVSS7.3AI score0.00567EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Chromium

The use of uninitialized variables in WebCodecs in Google Chrome prior to version 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory through a crafted HTML page. Chromium security severity: Medium...

6.5CVSS6.9AI score0.00258EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00543EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.12 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in WebAudio in Google Chrome prior to version 146.0.7680.153 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...

8.8CVSS6.4AI score0.00415EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed inconsistencies in e4b bitmap reports An inconsistency issue with the bitmap was observed during stress tests under mixed huge-page workloads. Ext4 reported multiple e4b bitmap check failures, such as:...

7.8CVSS5.8AI score0.00099EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Firefox

DoS attack in the XML component. This vulnerability has been fixed in Firefox 149 and Thunderbird 149...

7.5CVSS5.7AI score0.0053EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: - In the net subsystem, use dstdevrcu in sksetupcaps. - Use RCU to protect accesses to dst-dev from sksetupcaps and skdstgsomaxsize. - Also use dstdevrcu in ip6dstmtumaybeforward and ipdstmtumaybeforward. - ip4dsthoplimit can...

6.1AI score0.0017EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: drm, fbcon, vgaswitcheroo: Avoid race conditions in the fbcon setup process. Protect the vgaswitcherooclientfbset function with a console lock. This prevents out-of-band OOB access in the fbconremapall function. Without holdin...

6AI score0.00171EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Fixed out-of-bounds access during read/writing of sysfs attributes. Some f2fs sysfs attributes suffer from out-of-bounds memory access and incorrect handling of integer values whose size is not 4 bytes. Example: vm: echo...

7.1CVSS5.8AI score0.00156EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: Platform/x86: classmate-laptop – Added NULL pointer checks where necessary. In several places within the Classmate laptop driver, code that uses the accel object may execute before its address is stored in the driver’s data...

5.5CVSS5.8AI score0.00193EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fixed a use-after-free in the iomap inline data write path The inline data buffer head dibh is prematurely released in gfs2iomapbegin via releasemetapath, while iomap-inlinedata still points to dibh-bdata. This causes a...

7.8CVSS6.4AI score0.0031EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: In the net: atm code, there was a crash that occurred due to an unvalidated vcc pointer in sigdsend. A reproducer for this issue is available at 1. The ATM send path sendmsg - vccsendmsg - sigdsend reads the vcc pointer from...

5.5CVSS6AI score0.00125EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: “core: fix leak on early registration failure” A recent commit fixed a resource leak that occurs during early registration failures. However, for some reason, the first error path was left out; this still causes resources...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fixed a NULLptrderef issue in ishtpbusremoveallclients. During a warm reset process, the cl-device pointer may become NULL if the reset occurs while clients are still being enumerated. Accessing...

5.5CVSS5.7AI score0.00155EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.12 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: vhost: The bound check for the vdpa group has been moved to vhostvdpa. Duplication has been eliminated by consolidating these changes. This reduces the possibility that a parent driver may miss these checks. Additionally, we...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.14 views

Astra Linux – Vulnerability in dcmtk

A vulnerability was identified in DCMTK up to version 3.6.9. This affects an unknown function in the library dcmimage/include/dcmtk/dcmimage/diybrpxt.h of the component dcm2img. Such manipulation leads to memory corruption. Local access is required to exploit this attack. The name of the patch is...

7.8CVSS5.6AI score0.00158EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an extremely large image profile could result in a heap overflow when encoding a PNG image. This vulnerability has been fixed in versions 7.1.2-16 and 6.9.13-41...

7.8CVSS7.1AI score0.00123EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in curl

When performing TLS-related transfers using reused easy or multi-handles, and altering the CURLSSLOPTNOPARTIALCHAIN option, libcurl may accidentally reuse a CA store cached in memory, where the partial chain option is reversed. This goes against the user’s wishes and expectations. As a result,...

5.3CVSS6.9AI score0.00679EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in PostgresSQL-15

Lack of authorization in the PostgreSQL CREATE STATISTICS command allows a table owner to perform denial of service against other users who also attempt to execute CREATE STATISTICS commands within the same schema. A subsequent execution of the CREATE STATISTICS command with the same name, by a...

3.1CVSS6AI score0.00201EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Corrected the allocation size for bytes controls The size of the data behind scontrol-ipccontroldata for bytes controls is as follows: 1 sizeofstruct sofipc4controldata + // kernel-only struct 2...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in Chromium

Integer overflow in Fonts in Google Chrome prior to version 146.0.7680.165 allowed a remote attacker to perform an out-of-bounds memory write through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.4AI score0.0034EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in GIMP

GIMP XWD File Parsing: Out-of-Bounds Write Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or open a malicious file. The...

7.8CVSS7.5AI score0.00566EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Before versions 7.1.2-15 and 6.9.13-40, a NULL pointer dereference in the ClonePixelCacheRepository function allowed a remote attacker to cause a denial of service by providing a crafted image file,...

7.5CVSS7.3AI score0.00429EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: clk: qcom: gfx3d: added a “parent” field to the “parent request map”. After committing d228ece36345 “clk: divider: removed roundrate in favor of determinerate”, the function determining the GFX3D clock rate became unstable. Th...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: pinctrl: A single issue was addressed: fixing the refcount leak in pcsadd gpiofunc. The function ofparsephandlewithargs returns a devicenode pointer whose refcount is incremented in gpiospec.np. The loop iterates through all...

5.5CVSS5.8AI score0.00156EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in hdf5

The HDF5 library from version 1.14.3 has a heap-based buffer overflow issue in the H5Tconvstructopt function within H5Tconv.c...

8.8CVSS7.4AI score0.0092EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Chromium

The incorrect security UI in Fullscreen in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6.7AI score0.00191EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: Fixed the dsc eDP issue Why It is necessary to add a function hook check before using the function...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: kexec: deriving the entry from the purgatory symbol The kexecloadpurgatory function derives image-start by locating eentry within an SHFEXECINSTR section. If the purgatory object contains multiple executable sections with...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in mapserver

MapServer is a system for developing web-based GIS applications. Starting from version 4.2 and before version 8.6.1, a heap-buffer-overflow write in MapServer’s SLD Styled Layer Descriptor parser allowed a remote, unauthenticated attacker to crash the MapServer process by sending a crafted SLD...

7.5CVSS5.7AI score0.00865EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: kcm: Fix zero-frag skb in fraglist on partial sendmsg error Syzkaller reported a warning in kcmwritemsgs when processing a message with a zero-fragment skb in the fraglist. When kcmsendmsg fills MAXSKBFRAGS fragments in the curre...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: A memory leak was fixed in amdgpurasinit. When amdgpunbiorasswinit fails in amdgpurasinit, the function returns directly without freeing the allocated con structure, resulting in a memory leak. This issue was fixed by...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in Thunderbird

When a user explicitly requested Thunderbird to decrypt an inline OpenPGP message that was embedded in a text section of an email, which was formatted and styled using HTML and CSS, the decrypted contents were displayed in a context where the CSS styles from the outer messages remained active. If...

4.3CVSS6.9AI score0.00159EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.11 views

Astra Linux – Vulnerability in Chromium

Before version 146.0.7680.178, using WebCodecs in Google Chrome allowed a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS5.8AI score0.00248EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in ANGLE in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.8AI score0.002EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.13 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: regmap: maple: A failure to properly manage the allocation of an entry in masstoregfp leads to a memory leak. The function regcachemaplewrite allocates a new block called “entry” to merge adjacent ranges, and then stores it using...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: md-cluster: fixed NULL pointer dereference in processmetadataupdate The function processmetadataupdate blindly dereferences the ‘thread’ pointer acquired via rcudereferenceprotected within the waitevent macro. While the code...

5.5CVSS5.9AI score0.00116EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix the initialization of the spitransfer struct Make sure that the spitransfer struct is cleared to zero before use...

8.4CVSS5.7AI score0.00132EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.13 views

Astra Linux – Vulnerability in Chromium

Using “after free” in WebGPU within Google Chrome before version 146.0.7680.165 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.00397EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in giflib

Giflib contains a double-free vulnerability, which is caused by a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions necessary to trigger this vulnerability are complex, but it may still occur...

7CVSS5.8AI score0.00144EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in GIMP

GIMP PSP File Parsing: Heap-Based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page ...

7.8CVSS7.6AI score0.00744EPSS
Exploits0References3
Total number of security vulnerabilities18095