Lucene search
K
AstralinuxRecent

18095 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Chromium

Using “after free” in Dawn in Google Chrome before version 146.0.7680.178 allowed a remote attacker to execute arbitrary code through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.00313EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in libheif

libheif is a decoder and encoder for HEIF and AVIF file formats. In versions 1.21.2 and earlier, a crafted HEIF sequence file where the saiz box declares more samples than actually exist in the track’s chunk table could cause a heap-buffer-overflow out-of-bounds read in the SampleAuxInfoReader...

8.1CVSS5.8AI score0.00302EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: crypto: starfive – Fixed a memory leak in starfiveaesaeaddoonereq The starfiveaesaeaddoonereq function allocates rctx-adata using kzalloc, but fails to free it if sgcopytobuffer or starfiveaeshwinit fails. This leads to memory...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Chromium

Using “after free” in Blink in Google Chrome before version 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.00253EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, there was a vulnerability related to dereferencing an uninitialized pointer in the JBIG decoder, due to a missing check. This vulnerability has been fixed in...

7.5CVSS7.1AI score0.00353EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.8AI score0.00281EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Chromium

The inappropriate implementation of navigation functions in Google Chrome prior to version 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to leak cross-origin data through a crafted HTML page. Chromium security severity: Low...

4.3CVSS7.4AI score0.00158EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Chromium

The use of after-free in Forms in Google Chrome before version 147.0.7727.101 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.00323EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in openexr

OpenEXR provides the specification and reference implementation of the EXR file format, a image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, the per-pixel totals are accumulated in vectors of unsigned integers, called totalsizes. These totalsizes are wrapp...

8.4CVSS7AI score0.00201EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Python 3.11

Python-Markdown version 3.8 contains a vulnerability where malformed HTML-like sequences can cause html.parser.HTMLParser to raise an unhandled AssertionError during Markdown parsing. Since Python-Markdown does not catch this exception, any application that processes Markdown controlled by...

8.2CVSS5.8AI score0.00566EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, there was a 32-bit unsigned integer overflow in the XWD X Windows encoder, which could lead to an undersized heap buffer allocation. When writing an extremely...

6.8CVSS6AI score0.00099EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Chromium

The use of after-free in CSS in Google Chrome before version 147.0.7727.101 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.00341EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Chromium

The use of after free in Dawn in Google Chrome before version 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. Chromium security severity: High...

8.3CVSS7.3AI score0.00251EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, the progressivedecompresstileupgrade function detected mismatches using progressiverfxquantcmpequal, but only emitted a WLogWARN message; execution continued. The wrapped value 247 was used as a shift...

7.5CVSS6.1AI score0.00426EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Python 3.11

The “tarfile” module will still apply normalization of AREGTYPE \x00 blocks to DIRTYPE, even when processing multi-block members such as GNUTYPELONGNAME or GNUTYPELONGLINK. This could lead to a crafted tar archive being misinterpreted by the tarfile module compared to other implementations...

3.3CVSS5.8AI score0.00164EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in WebML in Google Chrome prior to version 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory through a crafted HTML page. Chromium security severity: High...

4.3CVSS7.2AI score0.00286EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.22.0, the ecamencodercompressh264 function relied on server-controlled dimensions and did not validate the source buffer size, resulting in a out-of-bounds read in swsscale. This vulnerability has been fixed in...

9.1CVSS5.5AI score0.00489EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ASoC: fslxcvr: Revert to fixing the missing lock in fslxcvrmodeput This revert commits f51424872760 “ASoC: fslxcvr: fix missing lock in fslxcvrmodeput”. The original patch attempted to acquire the card-controlsrwsem lock in...

5.5CVSS5.7AI score0.00091EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Use kvfree instead of kfree in amdgpugmcgetnpsmemranges. The amdgpudiscoverygetnpsinfo function internally allocates memory for ranges using kvcalloc, which may use vmalloc for large allocations. Using kfree to releas...

7.8CVSS5.8AI score0.00163EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed an issue where engid could be negative, causing the streamenc regs array to be indexed out of bounds. The variable engid is used directly as an index into the streamenc regs array, which has only 5 elements...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in exiv2

Exiv2 is a C++ library and a command-line utility for reading, writing, deleting, and modifying Exif, IPTC, XMP, and ICC image metadata. Prior to version 0.28.8, a buffer overflow vulnerability was discovered. The vulnerability resides in the CRW image parser. This issue has been fixed in version...

8.1CVSS6AI score0.00307EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in GraphicsMagick

GraphicsMagick before 8e56520 has a heap-based buffer over-read issue in the ReadJXLImage function, located in coders/jxl.c, related to a call to ImportViewPixelArea...

9.1CVSS5.9AI score0.00315EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Python 3.11

The webbrowser.open API accepts URLs with leading hyphens, which can be treated as command-line options for certain web browsers. However, the new behavior disallows the use of leading hyphens. It is recommended that users sanitize URLs before passing them to webbrowser.open...

7.1CVSS6.5AI score0.00308EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in yuvensurebuffer in libfreerdp/codec/h264.c, h264-width and h264-height were updated before the reallocation loop. If any winpralignedrecalloc call fails, the function returns FALSE, but width/height have...

7.5CVSS6.3AI score0.00265EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: Added an seqadj extension for natted connections. Sequence adjustment may be required for FTP traffic with PASV/EPSV modes. This is due to the need to rewrite the packet payload IP, port on the ftp control...

5.9AI score0.00173EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fixed a memory leak in the GETDATADIRECTSYSFSPATH handler. The UVERBSHANDLERMLX5IBMETHODGETDATADIRECTSYSFSPATH function allocates memory for the device path using kobjectgetpath. If the length of the device path exceed...

5.5CVSS5.9AI score0.00155EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: i3c: dw: Fixed a memory leak in dwi3cmasteri2cxfers The dwi3cmasteri2cxfers function allocates memory for the xfer structure using dwi3cmasterallocxfer. If pmruntimeresumeandget fails, the function returns without freeing the...

5.5CVSS5.8AI score0.00155EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in exiv2

Exiv2 is a C++ library and a command-line utility for reading, writing, deleting, and modifying image metadata in formats such as Exif, IPTC, XMP, and ICC. Prior to version 0.28.8, a buffer overflow vulnerability was discovered in Exiv2. The vulnerability lies in the preview component, which only...

7.5CVSS6.8AI score0.00367EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Tracing: Ring-buffer: A fix was made to check the length of events before using them. Check the length of events before adding them for accessing the next index in rbreaddatabuffer. Since this function is used to validate possibl...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in qBittTorrent

qBittorrent versions before 5.1.2 do not prevent access to a local file that is referenced in a link URL. This issue affects rsswidget.cpp and searchjobwidget.cpp...

5.3CVSS5.8AI score0.00398EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in Skia in Google Chrome prior to version 147.0.7727.101 allowed a remote attacker to obtain potentially sensitive information from process memory through a crafted HTML page. Chromium security severity: Critical...

4.3CVSS6.3AI score0.00286EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: - In the net subsystem, use dstdevrcu in sksetupcaps. - Use RCU to protect accesses to dst-dev from sksetupcaps and skdstgsomaxsize. - Also use dstdevrcu in ip6dstmtumaybeforward and ipdstmtumaybeforward. - ip4dsthoplimit can...

6.1AI score0.0017EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: drm, fbcon, vgaswitcheroo: Avoid race conditions in the fbcon setup process. Protect the vgaswitcherooclientfbset function with a console lock. This prevents out-of-band OOB access in the fbconremapall function. Without holdin...

6AI score0.00171EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, there was a heap out-of-bounds read vulnerability in the coders/dcm.c module. When processing DICOM files with a specific configuration, the decoder loop...

6.5CVSS7.2AI score0.0034EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, there was a heap-buffer-overflow vulnerability at 24 bytes before the allocation, in the function winpralignedoffsetrecalloc. This issue has been fixed in version 3.24.2...

8.1CVSS5.7AI score0.00191EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: drm/panthor: Resolved issues related to failures in panthorgpuflushcaches. We have observed a few cases where the entire memory subsystem becomes blocked, and flushing operations never complete. In such cases, we want to: -...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in the resizevbarentry function in libfreerdp/codec/clear.c, vBarEntry-size was updated to vBarEntry-count before the winpralignedrecalloc call. If the realloc call fails, the size is inflated, and the pixel...

7.5CVSS6.1AI score0.00398EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in gpsd

In gpsd, before committing dc966aa, there is a heap-based out-of-bounds write vulnerability in the drivers/drivernmea2000.c file. The hnd129540 function, which handles NMEA2000 PGN 129540 GNSS Satellites in View packets, fails to validate the user-supplied satellite count against the size of the...

9.8CVSS7.5AI score0.00674EPSS
Exploits2References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Chromium

Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.00422EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Chromium

In versions of IFrameSandbox in Google Chrome prior to 147.0.7727.55, a remote attacker who convinced a user to perform certain UI gestures could bypass navigation restrictions by using a crafted HTML page. Chromium security severity: Low...

6.5CVSS6.7AI score0.00261EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Chromium

In Blink in Google Chrome prior to version 147.0.7727.55, policy bypass allowed a remote attacker to perform UI spoofing through a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6.7AI score0.00189EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Tiff

A flaw was discovered in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations...

7.8CVSS7.2AI score0.00553EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Chromium

Using “after free” in FedCM in Google Chrome before version 146.0.7680.165 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.0042EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Chromium

Insufficient validation of untrusted inputs in navigation in Google Chrome prior to version 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. Chromium security severity: High...

8.8CVSS5.8AI score0.00253EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Qemu

A flaw was discovered in QEMU. When reading input audio from the virtio-snd device’s input callback, the virtiosndpcmincb function did not check whether the iov could accommodate the data buffer, potentially leading to a heap out-of-bounds write. This issue persists due to an incomplete fix for...

7.4CVSS5.8AI score0.00126EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in mupdf

A integer overflow vulnerability exists in the 'pdf-image.c' file in Artifex’s MuPDF version 1.27.0. This vulnerability allows an attacker to create a PDF that can trigger an integer overflow within the 'pdfloadimageimp' function. This enables a heap out-of-bounds write, which could be exploited...

7.8CVSS6.4AI score0.00213EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Chromium

The vulnerability in Google Chrome’s media playback before version 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted HTML page, by convincing a user to perform certain UI gestures. Chromium security severity: High...

7.5CVSS7.5AI score0.00293EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: media: ipu6: Fixed a RPM reference leak in error handling paths. Several error paths in ipu6pciprobe allowed code to directly jump to outipu6busdeldevices without releasing the runtime PM reference. Added pmruntimeputsync befo...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in hdf5

HDF5 through 1.14.3 contains a stack buffer overflow issue in H5Rdecodeheap, which leads to corruption of the instruction pointer and causes denial of service or potential code execution...

9.8CVSS7.5AI score0.00865EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in gst-plugins-good1.0

GStreamer rtpqdm2depay: Heap-based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors...

8.8CVSS7.8AI score0.00828EPSS
Exploits0References3
Total number of security vulnerabilities18095