Lucene search
K
AstralinuxRecent

18095 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to bypass permission restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS6.8AI score0.00968EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to perform an origin spoof in the security UI via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6.6AI score0.00645EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Insufficient data validation in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

6.5CVSS6.6AI score0.003EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in SQLite in Google Chrome prior to version 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.1AI score0.0112EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Integer overflow in Skia in Google Chrome prior to version 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. Chromium security severity: High...

9.6CVSS7.7AI score0.05786EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Memory access beyond the allowed boundaries in the Service Worker API in Google Chrome prior to version 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.01059EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.40798EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

The incorrect security UI in the Navigation section of Google Chrome prior to version 112.0.5615.49 allowed a remote attacker to perform domain spoofing through a crafted HTML page. Chromium security severity: Low...

6.5CVSS6.8AI score0.0092EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

6.5CVSS6.8AI score0.00889EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in the Browser History component of Google Chrome prior to version 112.0.5615.49 allowed a remote attacker who convinced a user to perform certain UI interactions to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.2AI score0.00975EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

In Networking APIs of Google Chrome, before version 112.0.5615.49, it was possible for a remote attacker to exploit heap corruption by using a crafted HTML page, as long as that attacker could convince a user to perform certain UI interactions. Chromium security severity: Medium...

8.8CVSS7AI score0.00914EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass download checking via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS6.8AI score0.00889EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

In accessibility settings within Google Chrome, before version 112.0.5615.49, it was possible for a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: Medium...

6.5CVSS6.6AI score0.0088EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

In Google Chrome, out-of-bounds memory access during DOM bindings before version 112.0.5615.49 allowed a remote attacker to perform out-of-bounds memory access through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7AI score0.00935EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

The use of frames with free in Google Chrome before version 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS6.9AI score0.00968EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

The out-of-bounds reading in ANGLE in Google Chrome prior to version 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7AI score0.01339EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

Using “after free” in PDFs in Google Chrome before version 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.4AI score0.0082EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

The use of after free in WebProtect in Google Chrome before version 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.00853EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

The use of after free in Passwords in Google Chrome before version 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.00769EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Dbus

A issue was discovered in D-Bus before 1.12.24, 1.13.x, and 1.14.x, before 1.14.4, and 1.15.x, before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where the array length is inconsistent with the size of the element...

6.5CVSS6.7AI score0.0131EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in imagemagick

A flaw was discovered in ImageMagick in versions prior to 7.0.11 and prior to 6.9.12. In these versions, a division by zero in the WaveImage function of MagickCore/visual-effects.c could lead to undefined behavior when a malicious image file was submitted to an application that used ImageMagick...

7.8CVSS6.8AI score0.02315EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A data race flaw was discovered in the Linux kernel, between the allocation of the con variable and the setting of con-sock. This issue results in a NULL pointer dereferencing when accessing con-sock-sk in the net/tipc/topsrv.c file within the tipc protocol in the Linux kernel...

4.7CVSS6.6AI score0.00184EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in Resource Timing in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to obtain potentially sensitive information from APIs through a crafted HTML page. Chromium security severity: Low...

4.3CVSS6.7AI score0.00476EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.13 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in the Web Audio API in Google Chrome prior to version 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.6AI score0.00585EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in the Web Payments API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions through a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6.1AI score0.00444EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

Type confusion in CSS in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.00549EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.12 views

Astra Linux – Vulnerability in Chromium

Type confusion in V8 in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.00668EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

There exists a use-after-free vulnerability in the Linux kernel through the iouring mechanism and the IORINGOPSPLICE operation. If the IORINGOPSPLICE operation lacks the IOWQWORKFILES flag, it indicates that the operation will not utilize current-nsproxy. As a result, the reference counter is not...

7.8CVSS6.6AI score0.00407EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Node.js

There is a vulnerability related to untrusted search paths in Node.js. Versions 19.6.1, 18.14.1, 16.19.1, and 14.21.3 may allow an attacker to search for and potentially load ICU data when running with elevated privileges...

4.2CVSS6.7AI score0.00471EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Tiff

LibTIFF 4.4.0 contains an out-of-bounds write vulnerability in tiffcrop, located at line 3502 of tools/tiffcrop.c. This vulnerability allows attackers to cause a denial-of-service attack through a malicious TIF file. For users who compile LibTIFF from source code, the fix is available in the comm...

6.8CVSS6.7AI score0.00435EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: block, bfq: do not move oombfqq Our test report a UAF: 2073.019181 ================================================================== 2073.019188 BUG: KASAN: use-after-free in bfqputbfqq+0xa0/0x168 2073.019191 Written a size 8...

7.8CVSS6.2AI score0.00262EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Vim

NULL pointer dereferencing in the GitHub repository for vim/vim before version 9.0.0224...

6.6CVSS6.7AI score0.00454EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Vim

Vim is vulnerable to Heap-based Buffer Overflow attacks...

9.3CVSS7.1AI score0.01669EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Vim

Vim is vulnerable to use of uninitialized variables...

7.8CVSS7.1AI score0.00591EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in OpenSSL

The crehash script does not properly sanitize shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner that it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the...

10CVSS7.1AI score0.83223EPSS
Exploits5References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A use-after-free read flaw was discovered in the sockgetsockopt function in net/core/sock.c, due to race conditions involving SOPEERCRED and SOPEERGROUPS functions when used with listen and connect in the Linux kernel. In this flaw, an attacker with user privileges could potentially crash the...

6.8CVSS6.7AI score0.01747EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in SQLite3

The ext/misc/zipfile.c file in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded \0' characters in filenames, resulting in a memory-management error that can be detected using tools like valgrind...

7.5CVSS7.9AI score0.03244EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Git

In connect.c, the gitconnectgit function in Git before version 2.30.1 allows a repository path to contain a newline character. This may lead to unexpected cross-protocol requests, as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring...

7.5CVSS7.1AI score0.03074EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, from drivers/staging/rtl8188eu/osdep/ioctllinux.c, the function rtwwxsetscan allows writing beyond the end of the -ssid array. NOTE: From the perspective of kernel.org’s release processes, CVE IDs are not typically used for drivers/staging/ unfinished work. However, system...

8.8CVSS6.5AI score0.01316EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in OpenLDAP

An integer underflow was discovered in OpenLDAP before version 2.4.57, causing slapd to crash during the Certificate Exact Assertion processing, resulting in a denial of service schemainit.c serialNumberAndIssuerCheck...

7.5CVSS6.9AI score0.84224EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nilfs2: Access to buffers is protected when there are no active references to them. The function nilfslookupdirtydatabuffers iterates through buffers attached to dirty data folios/pages. It accesses these attached buffers without...

7.8CVSS6.1AI score0.00216EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nbd: Do not allow reconnection after disconnection The following process may cause a UAF in nbdconfig: 1 Temporarily grabs nbdconfig; 2 In nbdgenldisconnect, all recvwork calls are flushed, and the initial reference to nbdconfig ...

7.8CVSS6.2AI score0.00204EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iiosimplydummybuffer: fixed the information leak in the triggered buffer. The data array is allocated using kmalloc, and it is used to push data to user space from the triggered buffer. However, it does not set values...

7.1CVSS6.2AI score0.00214EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15, and Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Do not call BUGON when the reference count is 0 at btrfslookupextentinfo. Instead of calling BUGON, handle the error by returning -EUCLEAN, aborting the transaction, and logging an error message...

5.5CVSS6.2AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevention of integer overflow issues In the expression “cmd.wqesize cmd.wrcount”, both variables are of type u32 and come from the user space. This multiplication can lead to integer wraparound issues. Similarly, th...

5.5CVSS6.2AI score0.00207EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: ref-verify: Fix for a use-after-free after an invalid ref action. After calling btrfsreftreemod, if we successfully insert the new ref entry local variable 'ref' into the respective block entry’s rbtree local variable 'be,...

7.8CVSS6.3AI score0.00239EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: prevented the use of deleted inodes. syzbot reported a warning in nilfsrmdir. 1 Due to the corrupted inode bitmap, an inode with a number that should exist as a ".nilfs" file was reassigned by nilfsmkdir for "file0",...

5.5CVSS6.4AI score0.00254EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: A missing range check was added in bitmapipuadt. When tbIPSETATTRIPTO is not present, but tbIPSETATTRCIDR exists, the values of ip and ipto are slightly swapped. As a result, the range check for ip should be...

7.8CVSS6.2AI score0.00396EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nilfs2: Fix null-ptr-deref in blocktouchbuffer tracepoint The patch series “nilfs2: Fix null-ptr-deref bugs on block tracepoints” addresses these bugs that occur when using nilfs2 and two block-related tracepoints. This patch...

5.5CVSS6.4AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media:cx24116: prevents overflows in the SNR calculation. According to Coverity reports, if reading the SNR registers fails, a negative number will be returned, resulting in an underflow when reading the SNR registers. This issue...

5.5CVSS6.1AI score0.00254EPSS
Exploits0References2
Total number of security vulnerabilities18095