Lucene search
K
AstralinuxRecent

18095 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in Blink in Google Chrome prior to version 101.0.4951.41 allowed a remote attacker who convinced a user to perform certain UI gestures to potentially execute a sandbox escape through a crafted HTML page. Chromium security severity: High...

9.6CVSS7.7AI score0.00615EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation of Omnibox in Google Chrome prior to version 99.0.4844.51 allowed an attacker with privileged network access to perform a man-in-the-middle attack through malicious network traffic. Chromium security severity: Low...

3.1CVSS5.8AI score0.00238EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Firefox

A use-after-free crash could occur on macOS if a Firefox update was applied to a heavily utilized system. This could lead to a exploitable crash. This vulnerability affects Firefox versions earlier than 122...

6.5CVSS6.8AI score0.00419EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in libxml2

Possible cross-site scripting vulnerability in libxml after commit 960f0e2...

6.1CVSS6.5AI score0.00764EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in libcroco

The crtknzrparsecomment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service memory allocation error through a crafted CSS file...

6.5CVSS6.7AI score0.03844EPSS
Exploits4References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Thunderbird

Unexpected data returned from the Safe Browsing API could lead to memory corruption and potentially exploitable crashes. This vulnerability affects Thunderbird 102.10 and Firefox ESR 102.10...

6.5CVSS6.6AI score0.00644EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in PostgresSQL 11

Row security policies ignore changes to user IDs after inline operations. PostgreSQL may allow incorrect policies to be applied in certain cases where role-specific policies are used, and where a given query is planned to be executed under one role and then executed under another role. This...

5.4CVSS6.6AI score0.00694EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in WebKit2GTK

A “use-after-free” issue has been addressed through improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, as well as macOS Ventura 13.3. Processing web content may lead to arbitrary code execution...

8.8CVSS6.9AI score0.00822EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: gfs2: Always check the inode size of inline inodes. Check whether the inode size of inline inodes is within the allowed range when reading inodes from the disk gfs2dinodein. This prevents on-disk corruption. The two checks in...

5.5CVSS5.8AI score0.00193EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Wireshark

Due to a failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and earlier, under an unusual configuration, is susceptible to a heap-based buffer overflow, and potentially code execution within the context of the process running Wireshark...

6.5CVSS7.3AI score0.02008EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Thunderbird

If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way, Thunderbird repeatedly attempts to process and display the message. This could cause Thunderbird’s user interface to lock up and no longer respond to the user’s actions. An attacker could send a crafted message with this...

6.5CVSS6.1AI score0.0049EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: - tcp: tcpmakesynack can now be called from process context. - tcprtxsynack can now be called in process context, as explained in 0a375c822497 "tcp: tcprtxsynack can be called from process context". - tcprtxsynack may call...

5.5CVSS6.3AI score0.00155EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nfc: fdp: added a null check for devmkmallocarray in fdpncii2creaddeviceproperties. devmkmallocarray may fail, and fwvsccfg may be null, causing an out-of-bounds write in devicepropertyreadu8array later...

5.5CVSS5.5AI score0.00155EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15, and Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ravb: Fixed the use-after-free issue in ravbtxtimeoutwork. The ravbstop function should call cancelworksync. Otherwise, ravbtxtimeoutwork may use the freed private data after ravbremove is called, as follows: CPU0 CPU1...

7.8CVSS5.7AI score0.00242EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Proper initialization of the struct pn533outarg structure. The struct pn533outarg, which serves as a temporary context for outurb, is not initialized properly. Its uninitialized ‘phy’ field can be dereferenced in erro...

5.5CVSS5.5AI score0.00166EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in exempi

The XMP Toolkit SDK version 2020.1 and earlier is affected by an improper input validation vulnerability, which may lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction, as the victim must open a specially crafted file...

9.3CVSS7.9AI score0.02716EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in exempi

The XMP Toolkit SDK version 2020.1 and earlier is affected by a buffer overflow vulnerability that may lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction, as the victim must open a specially crafted file...

9.3CVSS7.9AI score0.05399EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in exempi

The XMP Toolkit SDK version 2021.07 and earlier is affected by a stack-based buffer overflow vulnerability that may lead to arbitrary code execution within the context of the current user. Exploitation requires user interaction—that is, the victim must open a specially crafted file...

9.3CVSS8.3AI score0.036EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in exempi

The XMP Toolkit SDK version 2021.07 and earlier is affected by a stack-based buffer overflow vulnerability that may lead to arbitrary code execution within the context of the current user. Exploitation requires user interaction—that is, the victim must open a specially crafted file...

9.3CVSS7.9AI score0.036EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: tunnels: Annotations were added for lockless accesses to dev-neededheadroom. IP tunnels can apparently update dev-neededheadroom during their xmit path. This patch addresses issues related to three types of tunnels xmit, ...

5.5CVSS6.3AI score0.00166EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Ceph

A privilege escalation flaw was discovered in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root through a crash dump, thereby exposing privileged information...

7.8CVSS7.1AI score0.00327EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: dm-integrity: A memory leak was fixed when rechecking the data. The memory allocated for the “checksums” pointer will be leaked if the data is rechecked after a checksum failure because the associated kfree operation will not occ...

5.5CVSS5.9AI score0.00222EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed a NULL pointer derefrence in f2fssubmitpagewrite BUG: NULL pointer derefrence in the kernel; address: 0000000000000014 RIP: 0010:f2fssubmitpagewrite+0x6cf/0x780 f2fs Call Trace: ? show regs+0x6e/0x80 ? die+0x29/0x70 ?...

5.5CVSS5.8AI score0.00222EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: nfs: fixed a panic that occurred when nfs4fflayoutprepareds failed. We have observed the following panics in production: BUG: NULL pointer dereferencing in the kernel, address: 0000000000000065 PGD: 2f485f067; P4D: 2f485f067;...

5.5CVSS6AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: hns3: Fix for kernel crash when 1588 messages are received on HIP08 devices HIP08 devices do not register as ptp devices. As a result, hdev-ptp is NULL. However, the hardware can receive 1588 messages and set the HNS3RXDTSVL...

5.5CVSS6AI score0.00228EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmicglinkaltmode: fixed the use-after-free issue related to the DRM bridge. A recent DRM implementation that claimed to simplify support for “transparent bridges” and handling probe deferments ironically exposed a...

5.5CVSS5.2AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Create the debugfs ttmresourcemanager entry only if needed The driver creates /sys/kernel/debug/dri/0/mobttm even when the corresponding ttmresourcemanager is not allocated. This leads to a crash when trying to read...

5.5CVSS6.2AI score0.00227EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fixed a NULL pointer dereferencing issue when getting the power limit. Since the initialization of powerplaytable is skipped under the sriov case, we check and set default lower and upper OD values if powerplaytabl...

5.5CVSS5.8AI score0.00243EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in libstb

It was discovered that STB v2.27 contains an integer shift of invalid size in the component stbijpegdecodeblockprogac...

8.8CVSS7.8AI score0.01557EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in the 389-DS-base

A flaw was discovered in 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can access a NULL pointer dereferencing using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is associated with an incomple...

6.5CVSS6.7AI score0.01238EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.15

A buffer overflow vulnerability was discovered in the Linux kernel’s Intel iSMT SMBus host controller driver, particularly in its handling of the I2CSMBUSBLOCKPROCCALL case using the ioctl I2CSMBUS function. This flaw could allow a local user to cause the system to crash...

5.5CVSS7AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in ffmpeg

A issue was discovered in the FFmpeg package, where vp3decodeframe in libavcodec/vp3.c lacks a check on the return value of avmalloc. This leads to a null pointer dereferencing, which affects functionality...

7.5CVSS6.8AI score0.0142EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Intel Microcode

Incorrect default permissions in some memory controller configurations for certain IntelR XeonR processors when using IntelR Software Guard Extensions may allow a privileged user to potentially enable privilege escalation through local access...

7.2CVSS6.8AI score0.00213EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

The rpmsgprobe function in the drivers/rpmsg/virtiorpmsgbus.c file in the Linux kernel, prior to version 5.18.4, contains a double-free issue...

5.5CVSS6.7AI score0.00327EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in libsdl1.2

It was discovered that SDL v1.2 contains a use-after-free issue due to the XFree function in the file /src/video/x11/SDLx11yuv.c...

7.5CVSS7.2AI score0.00969EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.15

A vulnerability, classified as problematic, has been identified in the Linux kernel. This issue affects the functions unixsockdestructor/unixreleasesock in the file net/unix/afunix.c of the BPF component. The manipulation leading to this issue results in a memory leak. It is recommended that a...

5.5CVSS6AI score0.0026EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

A vulnerability, classified as problematic, was discovered in the Linux kernel. This vulnerability affects the tcpgetsockopt/tcpsetsockopt functions of the TCP Handler component. Manipulation of these functions can lead to a race condition. It is recommended that a patch be applied to address thi...

7.1CVSS5.9AI score0.00344EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.15

A vulnerability has been identified in the Linux kernel and is classified as problematic. This vulnerability affects the function inet6streamops/inet6dgramops of the IPv6 Handler component. The vulnerability causes a race condition. It is recommended that a patch be applied to address this issue...

6.4CVSS5.4AI score0.00301EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in xorg-server

A vulnerability was discovered in X.Org. This issue arises due to a dangling pointer in DeepCopyPointerClasses, which can be exploited by ProcXkbSetDeviceInfo and ProcXkbGetDeviceInfo to read from and write to freed memory. This can lead to local privilege escalation on systems where the X server...

7.8CVSS7.6AI score0.00899EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in PHP 7.3

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16, and 8.2.X before 8.2.3, the passwordverify function may accept some invalid Blowfish hashes as valid. If such invalid hashes end up in the password database, it may allow an application to accept any password for that entry as valid...

8.1CVSS6.5AI score0.00944EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In bindervmaclose of binder.c, there is a potential exploit after the free function call due to improper locking. This could lead to a local escalation of privileges without the need for additional execution privileges. User interaction is not required for this exploitation. Product: Android...

7.8CVSS6.4AI score0.0018EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in sudo

In Sudo before 1.9.12p2, the sudoedit also known as -e feature improperly handles additional arguments passed in the user-provided environment variables SUDOEDITOR, VISUAL, and EDITOR. This allows a local attacker to append arbitrary entries to the list of files to process. This can lead to...

7.8CVSS7.5AI score0.55367EPSS
Exploits20References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Git

Git is a revision control system. By using a specially crafted repository, Git versions prior to 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 could be tricked into using its local clone optimization, even when using a non-local transport. Although Git will...

5.5CVSS6.7AI score0.0071EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in WebKit2GTK

A type confusion issue has been addressed through improved checks. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, and Safari. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that...

8.8CVSS8.7AI score0.09426EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in imagemagick

In ImageMagick, there is a value of the type 'unsigned int' that is outside the representable range in MagickCore/quantum-private.h. This flaw affects ImageMagick versions prior to 7.0.9-0...

4.3CVSS6.5AI score0.01362EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in imagemagick

In ImageMagick versions before 7.0.9-0, there are values that are outside the representable range for the 'float' type, located in MagickCore/quantize.c...

4.3CVSS6.5AI score0.01056EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in imagemagick

Due to a missing check for the 0 value of replaceextent, it is possible for the offset p to overflow in SubstituteString, potentially affecting application availability. This issue can be triggered by an input file crafted with ImageMagick. The flaw affects ImageMagick versions prior to 7.0.8-68...

5.5CVSS6.8AI score0.01133EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in libstb

Buffer overflow vulnerability in the function stbiextendreceive in stbimage.h in stb 2.26, caused by a crafted JPEG file...

7.8CVSS7.1AI score0.01334EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in imagemagick

A flaw was discovered in ImageMagick versions prior to 7.0.11. In versions before 7.0.11, a division by zero in the sRGBTransformImage function within MagickCore/colorspace.c could lead to undefined behavior when processing a malicious image file submitted by an attacker through an application th...

7.8CVSS6.8AI score0.01272EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15, Linux

Insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access...

5.5CVSS6.7AI score0.00283EPSS
Exploits0References2
Total number of security vulnerabilities18095