Lucene search
K
AstralinuxRecent

18102 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in libde265

Libde265 v1.0.4 contains a global buffer overflow in the decodeCABACbit function, which can be exploited through a specially crafted file...

6.5CVSS6.9AI score0.01492EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in f2fs-tools

There is an exploitable code execution vulnerability in the multi-device functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can lead to information overwriting, resulting in code execution. An attacker can provide a malicious file to trigger this vulnerability...

8.2CVSS7.4AI score0.02097EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allows Heap-based Buffer Overflows because it mishandles the "-F’.‘” syntax on the command line. This may allow privilege escalation from any user to root. This issue occurs due to the incorrect interpretation of negative sizes in the strncpy function...

7.8CVSS7.7AI score0.00393EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in libde265

Libde265 v1.0.4 contains a heap buffer overflow in the mcchroma function, which can be exploited through a specially crafted file...

6.5CVSS6.9AI score0.01547EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in libde265

Libde265 v1.0.4 contains a heap buffer overflow in the ffhevcputunweightedpred8sse function, which can be exploited through a specially crafted file...

8.8CVSS7.6AI score0.01814EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in libde265

Libde265 v1.0.4 contains a heap buffer overflow in the putqpel00fallback16 function, which can be exploited through a specially crafted file...

6.5CVSS6.9AI score0.01057EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in fig2dev

Fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c...

5.5CVSS6.7AI score0.01078EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allowed integer overflow to lead to a buffer overflow in the receiveaddrecipient function, through an email message with fifty million recipients. NOTE: Remote exploitation might be difficult due to resource consumption...

9.8CVSS8.1AI score0.36649EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 has an improper restriction on write operations within the bounds of a memory buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands...

9.8CVSS7.6AI score0.03017EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 has an improper initialization issue that can lead to recursive stack consumption or other consequences. This occurs because the use of certain getc functions is handled incorrectly when a client uses BDAT instead of DATA...

7.5CVSS7.6AI score0.61664EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allowed Use After Free in smtpreset in certain situations that might be common in builds using OpenSSL...

9.8CVSS7.7AI score0.5675EPSS
Exploits3References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp – Fix use-after-free on error path In the error path of sevtsminitlocked, the code dereferes t after it has been freed with kfree. The prerr statement attempts to access t-tioen and t-tioinitdone after the memory has...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: target: file: Use kzallocflex for aiocmd The targetcorefile does not initialize the aiocmd-iocb for the kiwritestream. When the writecommand fdexecuterwaio is executed, we may receive an invalid value for kiwritestream,...

7.5CVSS6.3AI score0.00358EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in COOP in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data through a crafted HTML page...

6.5CVSS6.6AI score0.00763EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Golang-1.19

Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/TLS clients, as well as servers that have Config.ClientAuth set to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default...

5.9CVSS6.8AI score0.00667EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: appletbkbd: fixed a “slab-use-after-free” bug in appletbkbdprobe. In the probe function appletbkbdprobe, an instance of “struct appletbkbd kbd” is allocated using devmkzalloc to store touch-bar keyboard-related data. Later, ...

7.8CVSS5.6AI score0.00144EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in ANGLE in Google Chrome prior to version 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.2AI score0.01EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-6.1, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables – Failure to set the dormant flag on the hook register We need to set the dormant flag again if we fail to register the hooks. During memory pressure, hook registration may fail, resulting in a table being...

5.5CVSS5.3AI score0.00227EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in hdf5

A vulnerability classified as problematic was discovered in HDF5 1.14.6. This vulnerability affects the function H5FSsinfoserializenodecb in the file src/H5FScache.c. The exploitation of this vulnerability leads to a heap-based buffer overflow. Local access is required to carry out this attack. T...

5.5CVSS5AI score0.00215EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in node-cipher-base

There is a vulnerability in improper input validation in the cipher-base module, which allows for manipulation of input data. This issue affects cipher-base version 1.0.4...

9.1CVSS7.2AI score0.0047EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.5AI score0.00234EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in opensc

A vulnerability was discovered in OpenSC. This security flaw causes a buffer overflow vulnerability in the cardoshaveverifyrcpackage function. An attacker can provide a smart card package with malformed ASN1 data. The cardoshaveverifyrcpackage function scans the ASN1 buffer for two tags, but the...

7.1CVSS7.1AI score0.00295EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Firefox and Thunderbird

The JIT compiler generated incorrect code for arguments in certain cases. This led to potential use-after-free errors during garbage collection. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...

7.8CVSS7.2AI score0.00243EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

Type Confusion in WebAssembly in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.1CVSS7.5AI score0.19883EPSS
Exploits5References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in PostgresSQL 11

When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries during the initial establishment of a connection, despite the use of SSL certificate verification and encryption...

8.1CVSS7.2AI score0.01901EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in xorg-server

A out-of-bounds write flaw was discovered in the xorg-x11-server. This issue arises due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c, and in the RRChangeOutputProperty function in randr/rrproperty.c...

7.8CVSS6.9AI score0.0062EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in the Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy through a crafted HTML page. Chromium security severity: Medium...

6.5CVSS6.6AI score0.00617EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Chromium

Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.2AI score0.45912EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in xorg-server

A flaw was discovered in xorg-server. Changing the actions of XKB buttons, such as moving between the touchpad and the mouse, can lead to out-of-bounds memory reads and writes. This may allow for local privilege escalation or potential remote code execution, especially in cases where X11 forwardi...

7.8CVSS6.9AI score0.01587EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: A out-of-bounds read occurred in smb2sesssetup. ksmbd does not consider the case where smb2sesssetup is part of a compound request. If this is the second payload of the compound request, an OOB Out-of-Bounds read issue...

7.1CVSS6.5AI score0.02838EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially execute arbitrary code via a malicious file. Chromium security severity: Medium...

8.8CVSS7.3AI score0.0128EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

The inappropriate implementation of Fullscreen in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions through a crafted Chrome Extension. Chromium security severity: Medium...

6.5CVSS6.6AI score0.00635EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in pcre2

A out-of-bounds read vulnerability was discovered in the PCRE2 library, specifically in the getrecursedatalength function of the pcre2jitcompile.c file. This issue affects recursions in JIT-compiled regular expressions due to duplicate data transfers...

9.1CVSS6.7AI score0.02574EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in openexr

There is a flaw in OpenEXR’s deep tile sample size calculations in versions before 3.0.0-beta. An attacker who can submit a crafted file for processing by OpenEXR could trigger an integer overflow, resulting in an out-of-bounds read. The greatest risk of this flaw is to the application’s...

5.5CVSS6.8AI score0.0096EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Before version 101.0.4951.41, using free after in the Ozone browser extension in Google Chrome allowed a remote attacker to potentially exploit heap corruption by running a Wayland test...

7.5CVSS6.9AI score0.00947EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Before version 101.0.4951.41, using free after Vulkan in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.00895EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially allow the extension to escape the sandbox via a crafted HTML page...

9.6CVSS7.3AI score0.00894EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Before version 96.0.4664.93, using free after in the window manager in Google Chrome on ChromeOS allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.01237EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Before version 103.0.5060.134, using free after in the Guest View in Google Chrome allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.00733EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in the Tab Strip component in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.4CVSS5.9AI score0.00366EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox

A vulnerability was identified in Thunderbird, where XPath parsing could trigger undefined behavior due to the lack of null checks during attribute access. This could lead to out-of-bounds read access and, potentially, memory corruption. This vulnerability has been fixed in Firefox 138, Firefox E...

4.8CVSS6.7AI score0.00264EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in dcmtk

A vulnerability has been discovered in DCMTK 3.6.9. It has been classified as critical. This vulnerability affects unknown code within the dcmjpls JPEG-LS Decoder component. The vulnerability leads to memory corruption. The attack can be initiated remotely. The exploit has been made public and ma...

7.5CVSS6.3AI score0.00391EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in libssh

A flaw was discovered in libssh’s handling of key exchange KEX processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during these rekey operations, which can gradually exhaust system memory. This issue can lead to crashes on the client side, especially...

3.1CVSS6.2AI score0.00375EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in exiv2

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An inefficient algorithm quadratic complexity was found in Exiv2 versions v0.27.3 and earlier. This inefficient algorithm occurs when Exiv2 is used to write metadata into a...

5.5CVSS6.5AI score0.01174EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Memory safety bugs exist in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox...

8.8CVSS7.1AI score0.00536EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

A clickjacking vulnerability could have been exploited to trick users into revealing their saved payment card details to a malicious page. This vulnerability has been fixed in Firefox 139, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11...

5.4CVSS6.5AI score0.00227EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in zvbi

A critical vulnerability was discovered in libzvbi up to version 0.2.43. This vulnerability affects the vbisearchnew function in the src/search.c file. Manipulation of the patlen argument leads to integer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public...

7.5CVSS7AI score0.00562EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in Navigation in Google Chrome before version 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted Chrome Extension. Chromium security severity: High...

8.8CVSS7.7AI score0.00335EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in the Fonts component of Google Chrome prior to version 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.6AI score0.00566EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in the 389-DS-base

A flaw was discovered in 389-ds-base. A specially crafted LDAP query may potentially cause a failure on the directory server, resulting in a denial of service...

7.5CVSS6.9AI score0.01256EPSS
Exploits0References2
Total number of security vulnerabilities18102