Lucene search
K
AstralinuxRecent

18095 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allowed execution with unnecessary privileges. Since Exim operates as root in the spool directory owned by a non-root user, an attacker could write to the /var/spool/exim4/input spool header file. A crafted recipient address in that file could indirectly lead to command...

7.8CVSS7.9AI score0.00407EPSS
Exploits3References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allows out-of-bounds write-ups, because the main function, while having setuid root, copies the current working directory pathname into a buffer that is too small on some common platforms...

7.8CVSS7.3AI score0.00417EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow, because getstdinput allows unbounded reads that are accompanied by unbounded increases in a certain size variable. NOTE: Exploitation may be impractical due to the execution time required to cause an overflow multiple days...

7.8CVSS7.9AI score0.00468EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allowed a heap-based buffer overflow in queuerun, through two sender options: -R and -S. This could lead to privilege escalation from exim to root...

7.8CVSS7.2AI score0.00397EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allowed Use After Free in smtpreset in certain situations that might be common in builds using OpenSSL...

9.8CVSS7.7AI score0.55834EPSS
Exploits3References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 has an improper neutralization of line delimiters. An authenticated remote SMTP client can insert newline characters into a spool file which indirectly leads to remote code execution as root via the AUTH= parameter in the MAIL FROM command...

9CVSS7.6AI score0.0406EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Wireshark

In Wireshark versions 3.2.0 to 3.2.7, the GQUIC dissector could crash. This issue was addressed in the epan/dissectors/packet-gquic.c file by correcting the implementation of offset advancement...

7.5CVSS7.1AI score0.02041EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux

The vgacon subsystem in the Linux kernel before version 5.8.10 mishandles software scrollback operations. There is an out-of-bounds read in vgaconscrolldelta, also known as CID-973c096f6a85...

5.9CVSS6.7AI score0.00519EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Before version 87.0.4280.88, using extensions in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

9.3CVSS8.1AI score0.0124EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

6.5CVSS7.1AI score0.99595EPSS
Exploits14References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Ansible

A flaw was discovered in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then select a new destination path on the controller node. All versions under 2.7.x, 2.8.x, and 2.9.x branches are believed to be vulnerable...

4.6CVSS6.7AI score0.00487EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Ansible

A flaw was discovered in Ansible Engine, affecting versions 2.7.x before 2.7.17, 2.8.x before 2.8.11, and 2.9.x before 2.9.7. It also affects Ansible Tower in versions 3.4.5 and 3.5.5, as well as 3.6.3, when the ldapattr and ldapentry community modules are used. This issue exposes the LDAP bind...

5CVSS6.7AI score0.00406EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in ffmpeg

A buffer overflow vulnerability exists in FFmpeg 4.1 through apngdoinverseblend in libavcodec/pngenc.c, which could allow a remote malicious user to cause a Denial of Service attack...

7.5CVSS6.9AI score0.02051EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in ffmpeg

A buffer overflow vulnerability exists in FFmpeg 4.2, specifically in the builddiffmap function within libavfilter/vffieldmatch.c. This vulnerability could allow a remote malicious user to cause a Denial of Service attack...

6.5CVSS6.8AI score0.01504EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux

A vulnerability was discovered in the Linux kernel, where a reference count leak in the llcpsockconnect function causes a use-after-free condition, which may lead to privilege escalation...

7.8CVSS6.3AI score0.00511EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Ceph

A flaw was discovered in Ceph versions prior to 16.y.z, where Ceph stores mgr module passwords in plain text. This can be identified by searching the mgr logs using Grafana and the dashboard, as the passwords are visible...

4.4CVSS6.1AI score0.00269EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Wireshark

A crash occurred in the USB HID protocol dissector, and possibly in other dissectors in Wireshark versions 3.4.0, 3.2.0 to 3.2.8. This issue allows for denial of service through packet injection or with crafted capture files...

5.3CVSS6.8AI score0.02589EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.18 views

Astra Linux – Vulnerability in Wireshark

A memory leak in the Kafka protocol dissector in Wireshark versions 3.4.0 and 3.2.0 to 3.2.8 allows for denial of service through packet injection or malicious capture files...

5.3CVSS6.6AI score0.02965EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in opensc

The Oberthur smart card software driver in OpenSC before version 0.21.0-rc1 has a heap-based buffer overflow in the scoberthurreadfile function...

5.5CVSS6.9AI score0.00398EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in ffmpeg

There is a heap-based Buffer Overflow vulnerability in FFmpeg 4.2, located in libavfilter/vfcolorconstancy.c, specifically in the slicegetderivative function within fadegetderivative. This vulnerability may lead to memory corruption and other potential issues...

8.8CVSS7.3AI score0.01499EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in ffmpeg

There is a heap-based buffer overflow vulnerability in FFmpeg 4.2, located in the file libavfilter/vfw3fdif.c, within the filter16complexlow module. This vulnerability may lead to memory corruption and other potential issues...

8.8CVSS6.9AI score0.01673EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in ffmpeg

There is a heap-based Buffer Overflow vulnerability in FFmpeg 4.2, located in the file libavfilter/afafade.c within crossfadesamplesfltp. This vulnerability may lead to memory corruption and other potential issues...

8.8CVSS6.9AI score0.01172EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Intel Microcode

Incomplete cleanup in some IntelR VT-d products may allow an authenticated user to potentially enable escalation of privileges via local access...

8.8CVSS6.8AI score0.00352EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Intel Microcode

Observable timing discrepancies in some Intel processors may allow an authenticated user to potentially enable information disclosure through local access...

3.3CVSS6.4AI score0.00383EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in Intel Microcode

A domain-bypass transient execution vulnerability in some Intel AtomR processors may allow an authenticated user to potentially enable information disclosure through local access...

6.5CVSS6.8AI score0.00472EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP does not require that the A-MSDU flag in the plaintext QoS header field be authenticated. Against devices that support receiving non-SSP A-MSDU frames which is mandatory as part of...

3.5CVSS7AI score0.03537EPSS
Exploits2References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux

A NULL pointer dereference flaw was discovered in the Linux kernel’s GPU Nouveau driver functionality in versions prior to 5.12-rc1. This flaw allows a local user to crash the system. The flaw occurs when the user calls ioctl DRMIOCTLNOUVEAUCHANNELALLOC...

4.9CVSS6.4AI score0.00366EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in xmlgraphics-commons

Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users...

8.2CVSS7.2AI score0.0665EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in nss

When converting coordinates from projective to affine, the modular inversion was not performed in constant time, allowing for a timing-based side channel attack. This vulnerability affects Firefox versions less than 80, as well as Firefox for Android versions less than 80...

4.7CVSS6.7AI score0.00268EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in sane-backends

A heap buffer overflow in SANE backends before version 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, known as GHSL-2020-080...

8.8CVSS7.8AI score0.03044EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in WebKit2GTK

There is a code execution vulnerability in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page may lead to a use after free issue...

8.8CVSS8.3AI score0.01792EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Ansible

A flaw in log output neutralization was discovered in Ansible when using the uri module. This flaw exposes sensitive data to content and JSON output. It allows attackers to access logs or outputs of executed tasks, thereby enabling them to read keys used in playbooks from other users within the u...

5.5CVSS6.8AI score0.00568EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux

A issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check authenticity of fragmented TKIP frames. An adversary can exploit this vulnerability to inject and possibly decrypt packets in WPA or WPA2 networks th...

6.5CVSS6.9AI score0.03072EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux, BlueZ

In the Bluetooth Core Specification 2.1 through 5.2, Bluetooth LE and BR/EDR secure pairing mechanisms may allow a nearby man-in-the-middle attacker to identify the Passkey used during pairing in the Passkey authentication procedure by reflecting the public key and the authentication evidence of...

4.3CVSS6.9AI score0.00872EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in Apache2

Apache HTTP Server versions 2.4.41 to 2.4.46 with modproxyhttp can become unstable when processing specially crafted requests that use both Content-Length and Transfer-Encoding headers. This can lead to a denial of service attack...

7.5CVSS7.1AI score0.49089EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in openjpeg2

In OpenJPEG version 2.3.1, the jp2/opjdecompress.c file contains a use-after-free issue. This issue can occur if there is a mix of valid and invalid files in a directory that is processed by the decompressor. It is also possible for a double free to occur. This issue is related to calling...

6.5CVSS7.2AI score0.02595EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in OpenVPN

OpenVPN 2.5.1 and earlier versions allow remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication. This can potentially lead to further information leaks...

7.5CVSS7.2AI score0.05107EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in libhibernate3-java

A flaw was discovered in Hibernate-core in versions prior to and including 5.4.23.Final. An SQL injection occurs in the implementation of the JPA Criteria API; this allows unsanitized literals to be used in SQL comments within queries. This flaw could enable attackers to access unauthorized...

7.4CVSS7.1AI score0.02907EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.14 views

Astra Linux – Vulnerability in nss

A flaw was discovered in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, resulting in a denial of service for servers compiled with the NSS library. The greatest threat posed by this vulnerability is related to system...

7.5CVSS7.4AI score0.03854EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: bpflocalstorage: Always use bpfmemalloc in PREEMPTRT. In PREEMPTRT, kmallocGFPATOMIC is still not safe in non-preemptible contexts. Therefore, bpfmemalloc must be used in PREEMPTRT. This patch aims to enforce the use of...

5.5CVSS6.1AI score0.0013EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: For the clk subsystem, in the qcom module’s dispcc-sm6350 function, the parentmap property was added for clocks where it is missing. If a clkrcg2 has a parent, it should also have the parentmap property defined. Otherwise, a NULL...

5.5CVSS6.2AI score0.00167EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: clk: mmp2: The pmgenpdinit function is called only after genpd.name is set. Setting the name of the struct device associated with genpd using devsetname occurs within pmgenpdinit. If this value remains NULL, problems may arise...

5.5CVSS6.2AI score0.00164EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Mariadb 10.3

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. The supported versions affected are 8.0.40 and earlier, 8.4.3 and earlier, and 9.1.0 and earlier. This easily exploitable vulnerability allows a high-privilege attacker with network access via multiple protocols to...

4.9CVSS6.6AI score0.01236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: block, bfq: fixed the UAF in wakerbfqq after bfqsplitbfqq Our syzkaller report identifies the following UAF for v6.6: BUG: KASAN: slab-use-after-free in bfqinitrq+0x175d/0x17a0 block/bfq-iosched.c:6958 A size 8 read at address...

7.8CVSS6.4AI score0.00206EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: zram: Fixed the potential UAF Use-after-Free issue related to the zram table. If zrammetaalloc fails early, it frees the allocated zram-table without setting it to NULL. This could potentially allow zrammetafree to access the...

7.8CVSS6.4AI score0.00212EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: OpenVSwitch: fixed the issue where locking occurred when trying to unregister a netdev with a carrier. The commit in the “fixes” tag attempted to fix this issue through the following sequence of calls: dooutput → ovsvportsend →...

5.5CVSS6.1AI score0.002EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: pktgen: Avoid out-of-bounds access in getimixentries Passing a sufficient amount of imix entries leads to invalid access to the pktdev-imixentries array due to incorrect boundary checks. UBSAN: Array-index out-of-bounds in...

7.8CVSS6.5AI score0.00208EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: storvsc: Added ratelimit warnings to prevent VM denial of service. If there is a persistent error with the hypervisor, the SCSI warnings related to failed I/O can overwhelm the kernel log and cause the CPU utilization to...

5.5CVSS6.4AI score0.00202EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/rose: integer overflows can occur when using rosesetsockopt with potentially excessively large arguments, along with additional values being applied to them. To mitigate this issue, perform the following actions as a minimum...

5.5CVSS6.2AI score0.00213EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Handling of errors returned by nilfspreparechunk The patch series “nilfs2: Fix issues with rename operations” addresses these issues. This series corrects BUGON check failures reported by syzbot during rename operation...

5.5CVSS6.5AI score0.00192EPSS
Exploits0References2
Total number of security vulnerabilities18095