18102 matches found
Astra Linux – Vulnerability in Vim
Use After Free in the GitHub repository vim/vim before version 9.0...
Astra Linux – Vulnerability in Vim
Out-of-bounds read in the GitHub repository for Vim before version 9.0...
Astra Linux – Vulnerability in Vim
Out-of-bounds write in the GitHub repository for Vim/Vim before version 9.0...
Astra Linux – Vulnerability in Vim
Heap-based Buffer Overflow in the GitHub repository for vim/vim before version 9.0...
Astra Linux – Vulnerability in Vim
Integer overflow or wrap-around in the GitHub repository for vim/vim before version 9.0...
Astra Linux – Vulnerability in Vim
Heap-based Buffer Overflow in the GitHub repository for vim/vim before version 9.0...
Astra Linux – Vulnerability in Vim
Out-of-bounds read in the GitHub repository for Vim before version 9.0...
Astra Linux – Vulnerability in Vim
Out-of-bounds read in the GitHub repository for Vim before version 8.2...
Astra Linux – Vulnerability in Vim
Heap-based Buffer Overflow in the GitHub repository for vim/vim before version 8.2...
Astra Linux – Vulnerability in Vim
Buffer over-reading in the GitHub repository vim/vim before version 8.2...
Astra Linux – Vulnerability in Vim
Heap-based Buffer Overflow in the GitHub repository for vim/vim before version 8.2...
Astra Linux – Vulnerability in Vim
Use After Free in the GitHub repository vim/vim before version 8.2.4979...
Astra Linux – Vulnerability in Vim
Out-of-bounds write-up in the GitHub repository’s Vim/Vim version prior to 8.2.4977...
Astra Linux – Vulnerability in Vim
A classic buffer overflow vulnerability in the GitHub repository for vim/vim, prior to version 8.2.4969...
Astra Linux – Vulnerability in Vim
Buffer over-reading in the GitHub repository vim/vim before version 8.2.4974...
Astra Linux – Vulnerability in Vim
Heap-based Buffer Overflow in the GitHub repository vim/vim before version 8.2.4968...
Astra Linux – Vulnerability in Vim
A heap buffer overflow occurred in the vimstrncpy findword function in the GitHub repository vim/vim, prior to version 8.2.4919. This vulnerability could potentially cause software to crash, enable bypassing the protection mechanism, modify memory, and even allow remote execution...
Astra Linux – Vulnerability in Vim
NULL pointer dereferencing in the function vimregexecstring at regexp.c:2733 in the GitHub repository vim/vim, prior to version 8.2.4938. NULL pointer dereferencing in function vimregexecstring at regexp.c:2733 allows attackers to cause a denial of service application crash through crafted inputs...
Astra Linux – Vulnerability in Vim
Buffer over-reading in the findnextquote function in the GitHub repository’s Vim/Vim version prior to 8.2.4925. These vulnerabilities can cause software to crash, modify memory, and may lead to remote execution...
Astra Linux – Vulnerability in Vim
NULL pointer dereferencing in the function vimregexecstring at regexp.c:2729 in the GitHub repository vim/vim, prior to version 8.2.4901. NULL pointer dereferencing in function vimregexecstring at regexp.c:2729 allows attackers to cause a denial of service application crash through crafted inputs...
Astra Linux – Vulnerability in Vim
This issue was used after the “free” keyword in the appendcommand function in the GitHub repository’s Vim/Vim version prior to 8.2.4895. This vulnerability can cause software to crash, as it involves bypassing the protection mechanism, modifying memory, and potentially enabling remote execution...
Astra Linux – Vulnerability in Vim
Heap-based Buffer Overflow; GitHub repository for Vim/Vim before version 8.2...
Astra Linux – Vulnerability in Vim
Heap-based Buffer Overflow in the GitHub repository for vim/vim before version 8.2...
Astra Linux – Vulnerability in Vim
Vim is vulnerable to Heap-based Buffer Overflow attacks...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: usb: ffs: Fix use-after-free for epfile Consider a case where ffsfuncepsdisable is called from ffsfuncdisable as part of the composition switch. At the same time, ffsepfilerelease is called from the user space. ffsepfilerelease...
Astra Linux – Vulnerability in Linux, Linux 5.10
A vulnerability has been discovered in the Linux kernel and is classified as critical. The affected part of the code is the function areacacheget in the file drivers/net/ethernet/netronome/nfp/nfpcore/nfpcppcore.c, belonging to the IPsec component. This vulnerability occurs due to improper memory...
Astra Linux – Vulnerability in libxml2
In libxml2 versions prior to 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer do not check for integer overflows. This can lead to out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software that uses libxml2...
Astra Linux – Vulnerabilities in Firefox, Thunderbird, Expat, LibXMLTok
In xmlparse.c within Expat also known as libexpat, prior to version 2.4.5, attackers could insert namespace-separator characters into namespace URIs...
Astra Linux – Vulnerability in cyrus-sasl2
In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, the plugins/sql.c file does not escape the password used in SQL INSERT or UPDATE statements...
Astra Linux – Vulnerabilities in Firefox, Thunderbird, and Expat
Expat also known as libexpat before version 2.4.4 has an integer overflow in the doProlog function...
Astra Linux – Vulnerabilities in Firefox, Thunderbird, and Expat
The nextScaffoldPart function in xmlparse.c of Expat also known as libexpat, prior to version 2.4.3, has an integer overflow issue...
Astra Linux – Vulnerabilities in Firefox, Thunderbird, and Expat
The defineAttribute function in xmlparse.c of Expat also known as libexpat has an integer overflow before version 2.4.3...
Astra Linux – Vulnerability in openjdk-11
A vulnerability exists in the Oracle Java SE and Oracle GraalVM Enterprise Edition products from Oracle Java SE component: JNDI. The versions affected include Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1, and 22.0.0.2. This easily exploitabl...
Astra Linux – Vulnerability in openjdk-11
Vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: JAXP. The supported versions affected by this vulnerability include Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. This easily...
Astra Linux – Vulnerability in openjdk-11
A vulnerability exists in the Oracle Java SE and Oracle GraalVM Enterprise Edition products from Oracle Java SE component: Hotspot. The versions affected include Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. This easily exploitable...
Astra Linux – Vulnerability in openjdk-11
Vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: ImageIO. The supported versions affected include Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. This easily exploitable vulnerability allows an...
Astra Linux – Vulnerability in OpenSSL
In addition to the crehash shell command injection identified in CVE-2022-1292, further instances where the crehash script fails to properly sanitize shell metacharacters to prevent command injection were discovered during code reviews. When CVE-2022-1292 was fixed, it wasn’t recognized that ther...
Astra Linux – Vulnerability in Linux, Linux 5.10
A flaw was discovered in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability...
Astra Linux – Vulnerability in Linux, Linux 5.10
A use-after-free vulnerability was discovered in the Linux kernel, specifically in the drivers/net/hamradio module. This flaw allows a local attacker with user privileges to cause a denial of service DOS condition when the mkiss or sixpack device is detached, resulting in premature reclamation of...
Astra Linux – Vulnerability in Tiff
In libtiff version 4.3.0, the unchecked dereference of a return value can allow attackers to trigger a denial-of-service attack through a crafted TIF file. For users who compile libtiff from source code, this issue has been fixed in the commit f2b656e2...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Ethernet: Hisilicon: HNS: hnsdsafmisc: A possible array overflow has been fixed in hnsdsafgesrstbyport. The if statement limits the value of port to be less than DSAFGENUM i.e., 8. However, if the value of port is 6 or 7, an arra...
Astra Linux – Vulnerability in Mariadb 10.3
In MariaDB, the getsortbytable function before version 10.6.2 allows an application to crash due to certain uses of the ORDER BY clause...
Astra Linux – Vulnerabilities in Firefox, Thunderbird, Expat, LibXMLTok
In doProlog, within xmlparse.c of the Expat library also known as libexpat, there is an integer overflow issue related to mgroupSize before version 2.4.3...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel before version 5.15.3, fs/quota/quotatree.c does not validate the block number in the quota tree on disk. This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel up to 5.15.2, mwifiexusbrecv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker who can connect a crafted USB device to cause a denial of service skboverpanic...
Astra Linux – Vulnerability in Linux, Linux 5.10
In various setup methods of the USB gadget subsystem, there is a possibility of unauthorized writing due to an incorrect flag check. This could lead to a local escalation of privileges without the need for additional execution privileges. User interaction is not required for exploitation. Product...
Astra Linux – Vulnerability in libarchive
In libarchive versions 3.4.1 through 3.5.1, there is a use-after-free in the copystring function called from douncompressblock and processblock...
Astra Linux – Vulnerability in Redis
Redis is an in-memory database that persists data on disk. A vulnerability exists starting from version 2.2, and is related to out-of-bounds reads and integer overflow leading to buffer overflow. This vulnerability is present in versions 5.0.13, 6.0.15, and 6.2.5. On 32-bit systems, the Redis BIT...
Astra Linux – Vulnerability in Redis
Redis is an open-source, in-memory database that persists data on disk. When parsing an incoming Redis Standard Protocol RESP request, Redis allocates memory according to values specified by the user, which determine the number of elements in the multi-bulk header and the size of each element in...
Astra Linux – Vulnerability in Redis
Redis is an open-source, in-memory database that persists data on disk. In affected versions, specially crafted Lua scripts executed in Redis can cause the heap-based Lua stack to overflow, due to incomplete checks for this condition. This can lead to heap corruption and potentially remote code...