Lucene search
K
AstralinuxRecent

18095 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementations in WebApp installations in Google Chrome prior to version 113.0.5672.126 allowed an attacker who convinced a user to install a malicious web app to bypass the installation dialog through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.3AI score0.00681EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox

If temporary “one-time” permissions, such as the ability to use the Camera, are granted to a document loaded using a file: URL, those permissions persist in that tab for all other documents loaded from the same file: URL. This is potentially dangerous if the local files come from different source...

8.8CVSS7.3AI score0.00619EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in exempi

A buffer overflow vulnerability exists in the function ID3Support::ID3v2Frame::getFrameValue in exempi 2.5.0 and earlier versions. This vulnerability allows remote attackers to cause a denial of service by opening crafted audio files that contain the ID3V2 frame...

6.5CVSS7.1AI score0.00998EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in PackageKit

PackageKit provided detailed error messages to unprivileged callers who were exposed to information about the presence of files and their mimetypes. This information was difficult for those callers to determine on their own...

3.3CVSS6AI score0.00462EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in libstb

STBVorbis is a single-file library licensed under MIT that processes OGG Vorbis files. A maliciously crafted file may cause memory writes to exceed the allocated heap buffer in startdecoder. The root cause of this issue is a potential integer overflow in sizeofchar f-commentlistlength, which may...

7.8CVSS7.6AI score0.00518EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Wireshark

The SPRT dissector crash in Wireshark versions 4.2.0 to 4.0.5, and 4.0.0 to 4.0.15 allows denial of service through packet injection or malicious capture files...

5.5CVSS6.7AI score0.00207EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.19 views

Astra Linux – Vulnerability in Wireshark

Large loops in multiple protocol dissectors in Wireshark versions 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture files...

6.5CVSS6.8AI score0.02374EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux

A memory-bound write flaw 1 or 2 bytes of memory was identified in the Linux kernel’s NFS subsystem, related to the way users use mirroring replication of files via NFS. A user with access to the NFS mount could potentially exploit this flaw to crash the system or escalate privileges on the syste...

8CVSS6.7AI score0.01584EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Flatpak

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Starting from version 0.9.4 and before version 1.10.2, Flatpak has a vulnerability in its “file forwarding” feature, which can be exploited by attackers to gain access to files that would normally...

8.2CVSS7.3AI score0.01546EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Fixing the lifetime of the sysfs interface The current nilfs2 sysfs support has issues with the timing of the creation and deletion of sysfs entries. This may lead to null pointer dereferences, use-after-free errors, a...

5.5CVSS6AI score0.00132EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.15 views

Astra Linux – Vulnerability in Wireshark

Improper URL handling in Wireshark versions 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 may allow for remote code execution through packet injection or crafted capture files...

8.8CVSS8.3AI score0.03639EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early The creation of debugfs files is moved to a dedicated function, and it is ensured that these files are explicitly removed during vhcirelease, before the...

7.8CVSS6.8AI score0.00142EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in golang-golang-x-net, containerd-app

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to a Denial-of-Service DoS attack if an attacker provides specially crafted HTML content...

5.3CVSS6.7AI score0.00482EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in p7zip

7-ZIP ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected 7-ZIP installations. Interaction with this product is required to exploit this vulnerability, but the attack vectors may vary depending ...

7.8CVSS7.8AI score0.27017EPSS
Exploits11References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ceph: Fix for oops due to invalid pointer for kfree in parselongname This fix addresses a kernel oops that occurs when reading ceph snapshot directories .snap, for example, by simply running ls /mnt/myceph/.snap. The variable str...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in p7zip

7-Zip 22.01 does not report an error for certain invalid xz files that involve block flags and reserved bits. Some later versions are unaffected...

3.3CVSS4.7AI score0.00199EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Chromium

Using “after free” in Dawn in Google Chrome before version 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.00668EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: xfs: Only call xfarray,blobdestroy if we have a valid pointer. Only call the xfarray and xfblob destructors if we have a valid pointer, and make sure to null out that pointer afterwards. Note that this patch fixes a large number ...

5.5CVSS5.9AI score0.00122EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: lockd: Other missing fields are set when unlocking files. The vfslockfile function expects that the struct filelock structure is fully initialized by the caller. If the flfile field is NULL after re-exporting NFSv3, an OOP err...

5.5CVSS5.7AI score0.00145EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Twig

Twig is a template language for PHP. Versions 1.x prior to 1.44.7, 2.x prior to 2.15.3, and 3.x prior to 3.4.3 encounter an issue when the filesystem loader loads templates whose names are user-inputs. It’s possible to use the source or include statement to read arbitrary files from outside the...

7.5CVSS7.3AI score0.01488EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nfsd: Fixed the reference leak in nfsd4addrdaccesstowrdeleg. The nfsd4addrdaccesstowrdeleg function overwrites fp-fifdsORDONLY unconditionally with a newly acquired nfsdfile. However, if the client already has a SHAREACCESSREA...

5.5CVSS5.8AI score0.001EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in PDF files in Google Chrome prior to version 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption through a crafted PDF file. Chromium security severity: Medium...

8.8CVSS7.6AI score0.00239EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in libksba

A vulnerability was discovered in the Libksba library due to an integer overflow within the CRL parser. This vulnerability can be exploited remotely to execute code on the target system by passing specially crafted data to the application, such as a malicious S/MIME attachment...

9.8CVSS6.9AI score0.01635EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iouring: A memory leak was fixed when removing provided buffers. When removing provided buffers, the iobuffer structures were not being disposed of properly, resulting in a memory leak. These structures cannot be freed...

5.7AI score0.00162EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in gst-plugins-good1.0

GStreamer before version 1.18.4 may cause heap corruption when parsing certain malformed Matroska files...

7.8CVSS7.1AI score0.0177EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: - In mm/vmalloc and mm/kasan, there is a issue where the gfp mask is not respected when calling kasanpopulatevmalloc. kasanpopulatevmalloc and its helpers ignore the caller’s gfpmask and always allocate memory using the...

5.5CVSS6AI score0.00093EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in golang-golang-x-net, containerd-app

The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to a Denial-of-Service DoS attack if an attacker provides specially crafted HTML content...

5.3CVSS6.7AI score0.00502EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: pNFS: Fixed an issue where uninitialized pointers were dereferenced. The error occurs during the third attempt to encode extents. When the function exttreepreparecommit reallocates a larger buffer to retry encoding extents, th...

5.5CVSS6.6AI score0.00165EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Wireshark

IEEE 1609.2 dissector crash in Wireshark versions 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service through packet injection or malicious capture files...

7.8CVSS6.7AI score0.00579EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: Do not reallocate the workqueue every time an interface is added. The commit 09ed8bfc5215 “wilc1000: Rename the workqueue from “WILCwq” to “NETDEV-wq” moved the creation of the workqueue in wilcnetdevifcinit, in...

5.5CVSS5.9AI score0.00272EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.32724EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net/iucv: Fixed the issue where iucvsockclose was used after memory was freed. The iucvseverpath function is called from both process context and thread context. The iucv-path variable is used to indicate whether someone else ...

7.8CVSS6.5AI score0.00235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

A vulnerability, classified as problematic, has been identified in the Linux kernel. This issue affects the function nilfsattachlogwriter in the file fs/nilfs2/segment.c of the BPF component. The manipulation leading to this issue results in a memory leak. The attack can be initiated remotely. It...

4.3CVSS5.6AI score0.00812EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Mariadb 10.3

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. The supported versions affected are 5.7.33 and earlier, as well as 8.0.23 and earlier. This easily exploitable vulnerability allows a highly privileged attacker with network access via multiple protocols to compromi...

4.9CVSS6.7AI score0.04643EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.12 views

Astra Linux – Vulnerability in Chromium

Using the “after free” mechanism in the Presentation API in Google Chrome before version 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.00638EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in gnutls28

A flaw was discovered in GnuTLS. This vulnerability allows for a denial of service attack through excessive CPU usage and memory consumption, caused by specially crafted malicious certificates that contain a large number of name constraints and Subject Alternative Names SANs...

5.3CVSS6.8AI score0.00638EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Media: i2c: ar0521: Use the CANsleep version of gpiodsetvalue If we use GPIO reset from the I2C port expander, we must use the CANsleep variant of GPIO functions. This was not done in the ar0521poweron/ar0521poweroff functions...

5.5CVSS6.3AI score0.00234EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Puma

Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. When using Puma behind a proxy that does not properly validate that the incoming HTTP requests comply with the RFC7230 standard, Puma and the frontend proxy may disagree about where the requests start and...

9.1CVSS6.5AI score0.0214EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in node-minimatch

A vulnerability was discovered in the minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when the braceExpand function is called with specific arguments, resulting in a denial of service...

7.5CVSS6.8AI score0.01674EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Flatpak

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak did not properly validate whether the permissions displayed to the user during installation match the actual permissions granted to the app at runtime, especially when there was a nu...

8.6CVSS7.2AI score0.01346EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in uriparser

A issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner...

5.5CVSS6.1AI score0.01131EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in libjackson-json-java

A deserialization flaw was discovered in the Jackson-Databind library, in versions prior to 2.6.7.1, 2.7.9.1, and 2.8.9. This flaw could allow an unauthenticated user to execute arbitrary code by sending maliciously crafted input to the readValue method of the ObjectMapper...

9.8CVSS7.2AI score0.37925EPSS
Exploits7References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Ansible

A flaw was discovered in Ansible 2.7.16 and earlier versions, as well as 2.8.8 and earlier, and 2.9.5 and earlier. When a password is set using the “password” argument of the svn module, it is used in the svn command line, thereby exposing it to other users within the same node. An attacker could...

3.9CVSS6.7AI score0.00358EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in WebKit2GTK

This issue has been resolved through improved memory handling. This issue is fixed in Safari 26.1, iOS 18.7.2, and iPadOS 18.7.2; iOS 26.1 and iPadOS 26.1; macOS Tahoe 26.1; tvOS 26.1; visionOS 26.1; and watchOS 26.1. Processing maliciously crafted web content may lead to memory corruption...

8.8CVSS6.7AI score0.00786EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in Cast in Google Chrome before version 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific interactions to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7AI score0.007EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: i40e: The macvlan leak was fixed by synchronizing access to macfilterhash. This patch addresses a macvlan leak issue in the i40e driver, which was caused by concurrent access to vsi-macfilterhash. The leak occurs when multiple...

5.5CVSS6.2AI score0.00219EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.14 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Fixed an issue where the extent map was used after free, especially when handling a missing device in the readonechunk function. The error code must be stored before freeing the extentmap. Although it’s a...

7.8CVSS6AI score0.00148EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in python-httplib2

httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server that responded with a long series of "\xa0" characters in the “www-authenticate” header could cause a Denial of Service attack, resulting in excessive CPU usage during header parsing ...

7.5CVSS7AI score0.03876EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.02557EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in WebKit2GTK

In WebKitGTK before 2.32.4, there is an incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, which leads to a segmentation violation and an application crash. This is a different vulnerability than CVE-2021-30889...

6.5CVSS6.2AI score0.01425EPSS
Exploits1References1
Total number of security vulnerabilities18095