Lucene search
K
AstralinuxRecent

18095 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Chromium

Insecure security user interfaces during downloads in Google Chrome on Android before version 90.0.4430.93 allowed a remote attacker to perform domain spoofing through a crafted HTML page...

6.5CVSS6.9AI score0.0085EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Flatpak

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Starting from version 0.9.4 and before version 1.10.2, Flatpak has a vulnerability in its “file forwarding” feature, which can be exploited by attackers to gain access to files that would normally...

8.2CVSS7.3AI score0.01546EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in WebKit2GTK

There is a use-after-free vulnerability in the way Webkit’s GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to potential information leaks and further memory corruption. A victim must be tricked into visiting a malicious web page to exploit this...

8.8CVSS6.9AI score0.02913EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Rails

The PostgreSQL adapter in Active Record before versions 6.1.2.1, 6.0.3.5, and 5.2.4.5 is vulnerable to a regular expression denial of service REDoS vulnerability. Carefully crafted inputs can cause the input validation for the money type in the PostgreSQL adapter in Active Record to spend too muc...

7.5CVSS6.7AI score0.04434EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in libuv1

Node.js versions prior to 16.4.1, 14.17.2, and 12.22.2 are vulnerable to an out-of-bounds read when the uvidnatoascii function is used to convert strings to ASCII. The pointer p is read and incremented without checking whether it lies beyond pe, where pe holds a pointer to the end of the buffer...

5.3CVSS6.7AI score0.23132EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Before version 89.0.4389.72, using "After Free" in the Network Internals section of Google Chrome on Linux allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS8AI score0.01414EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

Before version 89.0.4389.72, using the "tab search" function in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.01623EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Leakage of side-channel information during autofill in Google Chrome prior to version 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory through a crafted HTML page...

6.5CVSS7.1AI score0.01603EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in payments in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...

4.3CVSS6.6AI score0.01463EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

The use of "after free" in Blink in Google Chrome before version 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS8.1AI score0.0163EPSS
Exploits2References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file...

8.8CVSS7.3AI score0.01501EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Before version 89.0.4389.114, the out-of-bounds read in IPC in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...

7.4CVSS6.6AI score0.01793EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

In WebUI Settings of Google Chrome before version 89.0.4389.72, an out-of-bounds memory read was allowed, enabling a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chrome security severity: Low...

5.4CVSS6.7AI score0.00443EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Chromium

Before version 90.0.4430.72, using "use after free" in permissions in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...

9.6CVSS7.1AI score0.01686EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Insufficient data validation in V8 in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform out-of-bounds memory access via a crafted HTML page...

8.8CVSS7.7AI score0.1677EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.22 views

Astra Linux – Vulnerability in Chromium

Before version 88.0.4324.96, using the "After Free" feature in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.9AI score0.06825EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Before version 88.0.4324.96, using the "Omnibox" feature in Google Chrome on Linux allowed a remote attacker the possibility of performing a sandbox escape through a crafted HTML page...

9.6CVSS7.1AI score0.0619EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

Before version 88.0.4324.96, using WebSQL in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.2AI score0.06879EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in the File System API of Google Chrome prior to version 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions through a crafted HTML page...

6.5CVSS7.2AI score0.05444EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in the File System API of Google Chrome prior to version 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions through a crafted HTML page...

6.5CVSS7AI score0.05444EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in Blink in Google Chrome prior to version 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS8.1AI score0.06506EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in the File System API of Google Chrome prior to version 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions through a crafted HTML page...

6.5CVSS6.8AI score0.07953EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in the iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation restrictions through a crafted HTML page...

6.5CVSS7.1AI score0.04743EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

A stack buffer overflow in the Data Transfer component of Google Chrome on Linux, prior to version 88.0.4324.182, allowed a remote attacker to perform out-of-bounds memory access through a crafted HTML page...

8.8CVSS8.1AI score0.01468EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in V8 in Google Chrome prior to version 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS8.6AI score0.19815EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in Chromium

Before version 88.0.4324.182, using "Use after free" in Downloads in Google Chrome on Windows allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...

9.6CVSS7.4AI score0.0117EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in TabStrip in Google Chrome prior to version 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS8.1AI score0.01726EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Before version 88.0.4324.182, using the "after free" feature in Google Chrome allowed a remote attacker to potentially perform a sandbox escape through a crafted HTML page...

9.6CVSS7.1AI score0.01139EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in WebAudio in Google Chrome prior to version 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.5AI score0.0191EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in the appcache of Google Chrome prior to version 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory through a crafted HTML page...

6.5CVSS6.9AI score0.01778EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

The incorrect security interface in the Loader component in Google Chrome prior to version 89.0.4389.72 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox URL bar through a crafted HTML page...

6.5CVSS6.8AI score0.01599EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Chromium

Insecurity-related UI in TabStrip and Navigation in Google Chrome on Android prior to version 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox URL bar through a crafted HTML page...

6.5CVSS6.7AI score0.01659EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in htmldoc

A flaw was discovered in htmldoc version 1.9.12. A double-free in the function pspdfexport in ps-pdf.cxx may lead to a write-what-where condition, allowing an attacker to execute arbitrary code and cause a denial of service...

9.8CVSS8.7AI score0.02282EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in htmldoc

A flaw was discovered in htmldoc in v1.9.12 and earlier. A null pointer dereference in fileextension in file.c may allow for the execution of arbitrary code and cause a denial of service attack...

7.8CVSS7.5AI score0.01268EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Using "after free" in DevTools in Google Chrome before version 88.0.4324.96 allowed a local attacker to potentially perform a sandbox escape by using a specially crafted file...

8.6CVSS7.9AI score0.0051EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in the File System API of Google Chrome prior to version 88.0.4324.96 allowed a remote attacker to bypass the file extension policy through a crafted HTML page...

6.5CVSS6.9AI score0.05439EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Chromium

In Google Chrome versions prior to 88.0.4324.96, uninitialized usage in USB devices allowed a local attacker to potentially perform out-of-bound memory access through a USB device...

6.8CVSS6.9AI score0.0076EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox

When a user opened the Web Extensions context menu, the Web Extension could access the post-redirect URL of the clicked element. If the Web Extension did not have the necessary WebRequest permissions for the hosts involved in the redirection, this would constitute a same-origin violation, allowin...

4.3CVSS6AI score0.00329EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in gmp

The GNU Multiple Precision Arithmetic Arithmetic Library GMP version up to 6.2.1 has an integer overflow issue in the mpz/inpraw.c file, which can lead to a buffer overflow due to malicious input. This results in a segmentation fault on 32-bit platforms...

7.5CVSS7.8AI score0.03425EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Samba

All versions of Samba prior to 4.15.5 are vulnerable to a malicious client that can use a server symlink to determine whether a file or directory exists in a part of the server file system that is not exported under the share definition. This attack can only succeed if SMB1 with unix extensions i...

4.3CVSS6.8AI score0.01097EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: Check ctr-cnr to avoid array index out of bounds. cmtpaddconnection adds a CMTP session to a controller and runs a kernel thread to process CMTP. modulegetTHISMODULE; session-task = kthreadruncmtpsession, session,...

7.8CVSS6.1AI score0.00235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in Thunderbird

The olmsessiondescribe function in Matrix libolm before version 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a...

9.8CVSS9AI score0.01921EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In f2fssetxattr in fs/f2fs/xattr.c in the Linux kernel, as of version 5.15.11, there is a potential for out-of-bounds memory access when an inode has an invalid last xattr entry...

7.8CVSS6.3AI score0.00549EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A list management bug in BSS handling in the mac80211 stack of the Linux kernel versions 5.1 through 5.19.x, prior to 5.19.16, could be exploited by local attackers those capable of injecting WLAN frames to corrupt a linked list and, in turn, potentially execute unauthorized code...

5.5CVSS6.7AI score0.00572EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

A stack overflow flaw was discovered in the Linux kernel’s SYSCTL subsystem regarding how a user modifies certain kernel parameters and variables. This flaw allows a local user to crash the system or potentially escalate their privileges on the system...

7.8CVSS6.8AI score0.00428EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

A issue was discovered in the Linux kernel before version 6.0.11. Missing validation of the number of channels in the drivers/net/wireless/microchip/wilc1000/cfg80211.c file in the WILC1000 wireless driver can lead to a heap-based buffer overflow when copying the list of operating channels from...

7.8CVSS6.8AI score0.00329EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

A issue was discovered in the drivers/input/input.c file within the Linux kernel before version 5.17.10. An attacker can cause a denial of service panic if inputsetcapability mishandles situations where an event code falls outside of a bitmap...

5.5CVSS6.5AI score0.00213EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/slabcommon: fixed a possible double-free of kmemcache When running the slubdebug test, the kfence’s “testmemcachetypesafebyrcu” kunit test case caused a use-after-free error: BUG: KASAN: use-after-free in kobjectdel+0x14/0x30...

7.8CVSS6.3AI score0.00217EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix memory leak in qlt24xxhandleabts The commit 8f394da36a36 “scsi: qla2xxx: Drop TARGETSCFLOOKUPLUNFROMTAG” caused the qlt24xxhandleabts function to return early if tcmqla2xxxfindcmdbytag failed to find a command...

4.7CVSS6.1AI score0.00229EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: gpio: mockup: Fixed potential resource leakage when registering a chip. If the creation of a software node fails, the locally allocated string array remains unleased. This issue has been addressed by releasing the resource upon a...

5.5CVSS5.9AI score0.00223EPSS
Exploits0References2
Total number of security vulnerabilities18095