Lucene search
K
AstralinuxRecent

18095 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Using “after free” in the Shopping Cart in Google Chrome before version 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption through standard feature user interactions...

8.8CVSS7AI score0.0073EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementations in Extensions in Google Chrome prior to version 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to leak potentially sensitive information through a crafted HTML page...

6.5CVSS6.7AI score0.0054EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in the Background Fetch API in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data through a crafted HTML page...

6.5CVSS6.8AI score0.00767EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Type confusion in V8 in Google Chrome prior to 100.0.4896.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7AI score0.16488EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.12 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in compositing in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

4.3CVSS6.7AI score0.00611EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Wireshark

A NULL pointer exception occurs in the Modbus dissector in Wireshark versions 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17, allowing for denial of service through packet injection or malicious capture files...

7.5CVSS6.8AI score0.03239EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Wireshark

Uncontrolled recursion in the Bluetooth DHT dissector in Wireshark versions 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows for denial of service through packet injection or crafted capture files...

7.5CVSS6.8AI score0.03643EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

A race condition was detected in the Linux kernel’s ebpf verifier between bpfmapupdateelem and bpfmapfreeze, due to a missing lock in the kernel/bpf/syscall.c file. In this flaw, a local user with special privileges capsysadmin or capbpf can modify the frozen mapped address space. This flaw affec...

4.7CVSS6.6AI score0.00186EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in glibc

A flaw was discovered in glibc. A “off-by-one” buffer overflow and underflow in the getcwd function may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and the size passed to getcwd in a setuid program could exploit this flaw t...

7.8CVSS7.7AI score0.0072EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in xorg-server

A flaw was discovered in xorg-x11-server in versions prior to 21.1.2 and prior to 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The greatest threat posed by this vulnerability is related to data confidentiality and integrity, as well as system availability...

7.8CVSS7.1AI score0.00565EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in xorg-server

A flaw was discovered in xorg-x11-server in versions prior to 21.1.2 and prior to 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The greatest threat posed by this vulnerability is related to data confidentiality and integrity, as well as system...

7.8CVSS7.1AI score0.00571EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in xorg-server

A flaw was discovered in xorg-x11-server in versions prior to 21.1.2 and prior to 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The greatest threat posed by this vulnerability is related to data confidentiality and integrity, as well as system availability...

7.8CVSS7.1AI score0.00571EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

A flaw in the Linux kernel’s implementation of the RDMA communication manager listener code allowed an attacker with local access to set up a socket to listen on a high port. This allowed for a memory element to be used after it was freed. With the ability to execute code, a local attacker could...

7.8CVSS6.8AI score0.00296EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Before version 96.0.4664.93, using the "after free" mechanism in the UI of Google Chrome on Linux allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.01237EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

Insufficient data validation in the loader component of Google Chrome prior to version 96.0.4664.93 allowed a remote attacker to leak cross-origin data through a crafted HTML page...

6.5CVSS7AI score0.01265EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Before version 96.0.4664.93, using free after in the window manager in Google Chrome on ChromeOS allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.01237EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: Destroy the cmid before destroying the qp to avoid using it after freeing it. We should always destroy the cmid before destroying the qp to prevent accessing the cma after the qp is destroyed. This can lead to incorrec...

9.8CVSS5.7AI score0.01166EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: blk-cgroup: fixed a UAF vulnerability by acquiring the blkcg lock before destroying the blkg. KASAN reports a use-after-free issue during the fuzz test: 693354.104835...

7.8CVSS6.6AI score0.00256EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mac80211: fixed a use-after-free in CCMP/GCMP RX. When PN checking is performed in mac80211, for fragmentation purposes, we need to copy the PN into the RX struct so that it can be used later for comparison. This is mentioned in...

7.8CVSS5.8AI score0.00242EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: sctp: A buffer overflow vulnerability exists when skbheaderpointer returns NULL in sctprcvootb. We should always check if the return value of skbheaderpointer is NULL before using it. Otherwise, it may lead to a nullptrderef...

5.5CVSS6.2AI score0.00251EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ipack: ipoctal: fixed the stack information leak. The name of the tty driver is also used after registering the driver, and it must specifically not be allocated on the stack to prevent information from leaking into the user spac...

5.5CVSS5.8AI score0.00243EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Qemu

A flaw was discovered in the implementation of the QEMU virtio-fs shared file system daemon virtiofsd. This flaw is strictly related to CVE-2018-13405. A local guest user can create files in directories shared by virtio-fs, with unintended group ownership. This occurs in a scenario where a...

7.8CVSS7.1AI score0.00332EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Before version 98.0.4758.80, using the "After Free" feature in the Thumbnail Tab Strip in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS6.9AI score0.00719EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Scroll in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data through a crafted HTML page...

6.5CVSS6.9AI score0.00839EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Before version 98.0.4758.80, using "After Free" in Google Chrome’s extensions allowed a remote attacker to potentially exploit heap corruption through user interaction...

8.8CVSS7AI score0.0073EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in the Extensions Platform in Google Chrome prior to 98.0.4758.80 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS6.9AI score0.00577EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

Before version 98.0.4758.80, using the "after free" mechanism in Google Chrome’s payments functionality allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7AI score0.007EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in Cast in Google Chrome before version 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific interactions to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7AI score0.007EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Memory access out of bounds in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS6.9AI score0.00953EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c within the Linux kernel. This flaw allows a local attacker with special user privileges CAPSYSADMIN or CAPSYSRAWIO to cause confidentiality issues...

4.9CVSS6.7AI score0.00416EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Redis

It was discovered that Redis, a persistent key-value database, due to a packaging issue, is susceptible to a Lua sandbox escape that is specific to Debian. This could lead to remote code execution...

10CVSS7.8AI score0.9967EPSS
Exploits8References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Blender

An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, potentially allowing an attacker to read sensitive data using a crafted DDS image file. This flaw affects Blender versions prior to 2.83.19, 2.93.8, and 3.1...

5.5CVSS6.1AI score0.01135EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox

Mozilla developers and community members Gabriele Svelto, Sebastian Hengst, Randell Jesup, Luan Herrera, Lars T Hansen, and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 96. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some ...

8.8CVSS7.5AI score0.00521EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Blender

A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker to cause denial of service, memory corruption, or potentially code execution...

7.8CVSS7.2AI score0.0113EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

The use of after free in ANGLE in Google Chrome before version 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.00833EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in the Tab Groups component of Google Chrome prior to version 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and induced specific user interactions to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.5AI score0.00655EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

In the Blink Serial API in Google Chrome, a memory access out of bounds was allowed before version 97.0.4692.71. This allowed a remote attacker to perform a memory read through a crafted HTML page and a virtual serial port driver...

8.1CVSS7.3AI score0.01306EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A heap-based buffer overflow flaw was discovered in the way the legacyparseparam function in the Linux kernel’s Filesystem Context functionality verifies the length of the supplied parameters. A non-privileged user if non-privileged user namespaces are enabled, otherwise requiring CAPSYSADMIN...

8.4CVSS7.3AI score0.25151EPSS
Exploits11References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Storage in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page...

6.5CVSS6.7AI score0.00743EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Before version 97.0.4692.99, using free after Vulkan in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.0075EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in PDFium in Google Chrome prior to version 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.6AI score0.85352EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

Before version 97.0.4692.99, using Bookmarks in Google Chrome allowed a remote attacker to potentially exploit heap corruption by using a crafted HTML page, as long as that attacker could convince a user to engage in certain user interactions...

8.8CVSS7.3AI score0.0075EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in the Task Manager of Google Chrome prior to version 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption through specific user interactions...

8.8CVSS7.5AI score0.00809EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Samba

Samba AD DC includes checks when adding service principal names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks can be bypassed if an account modification re-adds an SPN that was previously present on that account, such as an SPN added...

8.8CVSS6.8AI score0.01301EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Fenced Frames in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page...

6.5CVSS6.9AI score0.00644EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Before version 97.0.4692.99, using free after site isolation in Google Chrome allowed a remote attacker to potentially perform a sandbox escape through a crafted HTML page...

9.6CVSS7.3AI score0.02038EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Before version 97.0.4692.99, using "After Free" in Safe Browsing in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.28196EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

Before version 97.0.4692.99, using Omnibox in Google Chrome allowed a remote attacker to convince the user to engage in specific user interactions, thereby potentially exploiting heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.0075EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

In Google Chrome, the use of "after free" in scheduling before version 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.0075EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in DevTools in Google Chrome prior to version 97.0.4692.99 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted HTML page...

7.8CVSS7.4AI score0.00454EPSS
Exploits0References2
Total number of security vulnerabilities18095