Lucene search
K
AstralinuxRecent

18095 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in pillow

A issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

7.5CVSS6.8AI score0.02372EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in libssh

A flaw was discovered in the libssh API function sshscpnew, in versions prior to 0.9.3 and prior to 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a path provided by the user, is executed on the server side. If the library is used in a way that allows user...

9.3CVSS6.8AI score0.0316EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in openssl1.0

There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...

5.3CVSS6.6AI score0.14298EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in openssl1.0

In situations where an attacker receives automated notifications of the success or failure of a decryption attempt, an attacker can recover the CMS/PKCS7 transport encryption key after sending a very large number of messages to be decrypted. They can also decrypt any RSA-encrypted message encrypt...

4.3CVSS6.6AI score0.03838EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Waitress

In Waitress version 1.4.0, if a proxy server is used in front of Waitress, an attacker may send an invalid request that bypasses the front-end and is parsed differently by Waitress. This could lead to HTTP request smuggling. Specifically, requests containing special whitespace characters in the...

8.2CVSS6.3AI score0.02587EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.12 views

Astra Linux – Vulnerability in SQLite3

SQLite 3.32.2 has a use-after-free issue in the resetAccumulator function in select.c, because the re-write of the parse tree for window functions occurs too late...

7.5CVSS6.9AI score0.04447EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Samba

A flaw was discovered in the way samba handled file and directory permissions. A authenticated user could exploit this flaw to gain access to certain file and directory information that would otherwise be unavailable to the attacker...

4.3CVSS6.3AI score0.01521EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in libvncserver

A issue was discovered in LibVNCServer before version 0.9.13. An improperly closed TCP connection causes an infinite loop in the libvncclient/sockets.c file...

7.5CVSS8AI score0.02756EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Qemu

In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, which can lead to a NULL pointer dereferencing...

2.3CVSS6.3AI score0.00425EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Qemu

QEMU 4.2.0 has a use-after-free issue in hw/net/e1000ecore.c, as a user of the guest OS can trigger an e1000e packet with the data’s address set to the e1000e’s MMIO address...

3.3CVSS6.4AI score0.00437EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in glibc

A use-after-free vulnerability introduced in the glibc upstream version 2.14 was identified in the way the tilde expansion was performed. Directory paths that contained a tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a special...

7CVSS7.1AI score0.00535EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in openssl1.0

The Raccoon attack exploits a flaw in the TLS specification, which allows an attacker to calculate the pre-master secret in connections that use a Diffie-Hellman DH-based ciphersuite. In such cases, the attacker can eavesdrop on all encrypted communications sent over that TLS connection. The atta...

4.3CVSS6.6AI score0.04803EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.17 views

Astra Linux – Vulnerability in PostgresSQL 11

A vulnerability was discovered in PostgreSQL 12.2, allowing attackers to cause a denial of service by repeatedly sending SIGHUP signals. NOTE: This claim is disputed by the vendor, as untrusted users are unable to send SIGHUP signals; such signals can only be sent by a PostgreSQL superuser, a use...

4.4CVSS6.3AI score0.00361EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in openssl1.0

The X.509 GENERALNAME type is a generic type used to represent various types of names. One of these name types is known as EDIPARTYNAME. OpenSSL provides a function called GENERALNAMEcmp, which compares different instances of a GENERALNAME to determine whether they are equal. This function behave...

5.9CVSS6.6AI score0.06968EPSS
Exploits3References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Jackson-Databind

A flaw was discovered in FasterXML Jackson Databind; it does not properly secure entity expansion. This flaw exposes the system to XML external entity XXE attacks. The most significant threat from this vulnerability is data integrity...

7.5CVSS6.8AI score0.17611EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Heimdal

All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11, and 4.11.x before 4.11.3 have a issue where the S4U MS-SFU Kerberos delegation model includes a feature that allows a subset of clients to be opt-out from constrained delegation in either S4U2Self or regular Kerberos authentication...

6.4CVSS6.3AI score0.02783EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerabilities have been resolved: USB: usbfs: Do not issue a WARN message regarding excessively large memory allocations Syzbot discovered that the kernel generates a WARN message if the user attempts to perform a bulk transfer using usbfs with a buffer that i...

5.5CVSS6.8AI score0.00235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in openjpeg2

OpenJPEG version 2.3.1 has a heap-based buffer overflow issue in the opjt1clbldecodeprocessor function in openjp2/t1.c, due to the lack of validation for the opjj2kupdateimagedimensions function...

7.5CVSS7.1AI score0.04932EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Wireshark

In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. This issue was addressed in epan/dissectors/packet-btatt.c by validating opcodes...

6.5CVSS6.7AI score0.01457EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in nss

When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; this resulted in the leakage of partial information regarding the nonce used during signature generation. Given an electro-magnetic trace from several generations of signatures, the private key could...

5.3CVSS6.7AI score0.01449EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in node-y18n

The package y18n before versions 3.2.2, 4.0.1, and 5.0.5 is vulnerable to Prototype Pollution...

9.8CVSS6.7AI score0.69062EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in ruby-websocket-extensions

The websocket-extensions Ruby module before version 0.1.5 allowed Denial of Service DoS attacks through Regex backtracking. The extension parser could take quadratic time when parsing a header containing an unclosed string parameter value whose content was a repeated two-byte sequence of a...

7.5CVSS7.1AI score0.04404EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in curl

A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port. In this way, the malicious server can potentially enable curl to extract information about services that would otherwise be private and undisclosed. This could...

4.3CVSS6.6AI score0.03851EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in openjpeg2

In OpenJPEG 2.3.1 through 2020-01-28, opjt1clbldecodeprocessor in openjp2/t1.c has a heap-based buffer overflow in the qmfbid==1 case. This is a different issue than CVE-2020-6851...

8.8CVSS7.1AI score0.03624EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Intel Microcode

The improper removal of sensitive information before storage or transfer in some IntelR processors may allow an authenticated user to potentially enable information disclosure via local access...

5.5CVSS6.4AI score0.00438EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Intel Microcode

A observable discrepancy in the RAPL interface of certain Intel processors may allow a privileged user to potentially enable information disclosure through local access...

5.5CVSS6.6AI score0.00414EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Intel Microcode

Improper isolation of shared resources in some IntelR processors may allow an authenticated user to potentially enable information disclosure via local access...

5.5CVSS6.4AI score0.0051EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Wireshark

In Wireshark versions 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This issue was addressed in the plugin plugins/epan/wimax/msgdlmap.c by validating the length field...

7.5CVSS7.1AI score0.0281EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Wireshark

In Wireshark versions 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This issue was addressed in the epan/dissectors/packet-eap.c file by using more careful sscanf parsing...

7.5CVSS7.1AI score0.03109EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Xen

Observable discrepancies in response times of some Intel processors may allow authorized users to potentially disclose information through local access...

6.5CVSS6.5AI score0.00372EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in wpa

In p2pcopyclientinfo of p2p.c, there is a potential out-of-bounds write vulnerability due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, without the need for additional execution privileges. User interaction is not...

7.9CVSS7.7AI score0.04707EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux

In the pfkeydump of afkey.c, there is a potential out-of-bounds read due to a missing bounds check. This could lead to the disclosure of local information within the kernel, which requires System execution privileges. User interaction is not required for exploitation. Product: Android. Versions:...

4.9CVSS6.8AI score0.00201EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fixed dtlaccesslock to use a rwsemaphore instead of a rwsemaphore. The dtlaccesslock needs to be a rwsemaphore, a sleeping lock, because the code calls kmalloc while holding it, which can cause a sleep condition...

5.5CVSS6.3AI score0.00203EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: Release the next-hop information upon device removal The CI is experiencing some non-periodic hangs during device removal in the pmtu.sh self-test: unregisternetdevice: Waiting for vethA-R1 to become available. Usage cou...

5.5CVSS6.5AI score0.00203EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/sched: netem: account for backlog updates from child qdisc Generally, the qlen of any classful qdisc should reflect the number of packets held by the qdisc itself and all its children. In the case of netem, qlen only accounts...

5.5CVSS6.1AI score0.00258EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: The quota: flush quotareleasework upon quota writeback issue has been addressed. One of the paths for quota writeback is called from freezesuper, syncfilesystem, ext4syncfs, and dquotwritebackdquots. Since we currently do not...

5.5CVSS6.2AI score0.00207EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.22 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

6.7AI score0.00037EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/smc: Check the return value of sockrecvmsg when draining CLC data. When receiving a CLC message, the field fieldlength in smcclcmsghdr indicates the length of the message that should be received from the network. This value...

7.5CVSS6.2AI score0.00737EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: fixed a memory leak in tcpconnrequest. If inetcskreqskqueuehashadd returns false, tcpconnrequest will return without freeing the dst memory, which was allocated in afops-routereq. Here is the stack trace for the issue:...

5.5CVSS6.2AI score0.00217EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in WebKit2GTK

A vulnerability related to out-of-bounds writes operations has been addressed through improved checks to prevent unauthorized actions. This issue is fixed in Safari 18.3.1, iOS 15.8.4, and iPadOS 15.8.4; iOS 16.7.11 and iPadOS 16.7.11; iOS 18.3.2 and iPadOS 18.3.2; iPadOS 17.7.6; macOS Sequoia...

10CVSS8AI score0.0424EPSS
Exploits4References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in xwayland, xorg-server

A use-after-free flaw was discovered in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested. Eventually, the SyncInitTrigger function is called. If one of these changes causes an error, the function...

7.8CVSS7.1AI score0.00359EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15, and Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: avoid race conditions between device unregistration and ethl operations. The following error may occur if a device is unregistered while its channel count is being modified: DEBUGLOCKSWARNONlock-magic != lock WARNING: CPU: 3...

7.4CVSS6.2AI score0.00158EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Erlang

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, OTP-26.2.5.10, and OTP-25.3.2.19, a maliciously formed KEX init message could result in high memory usage. The implementation does not verify the RFC specified limits on the length of algorithm nam...

7.5CVSS7.2AI score0.00436EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in Chromium

Insufficient data validation in the QR scanner in Google Chrome on iOS prior to version 90.0.4430.72 allowed an attacker who displayed a QR code to perform domain spoofing using a specially crafted QR code...

6.5CVSS7AI score0.01398EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in the Network component of Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially access local UDP ports through a crafted HTML page...

6.5CVSS6.8AI score0.01905EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementations of navigation functions in Google Chrome on iOS before version 90.0.4430.72 allowed a remote attacker to leak cross-origin data through a crafted HTML page...

6.5CVSS6.9AI score0.01018EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Insufficient validation of untrusted input in Mojo in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page...

6.5CVSS6.8AI score0.01569EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.7AI score0.70435EPSS
Exploits6References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file...

5.5CVSS6.6AI score0.01336EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in extensions in Google Chrome prior to 90.0.4430.93 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions through a crafted Chrome Extension...

4.3CVSS6.5AI score0.01063EPSS
Exploits0References1
Total number of security vulnerabilities18095