Lucene search
K
AstralinuxRecent

18099 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

A flaw was discovered in the Linux kernel. A null pointer dereference in the bondipsecaddsa function may lead to a local denial of service...

5.5CVSS6.6AI score0.00531EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A flaw was discovered in the Linux kernel. Measuring the usage of shared memory does not scale well with large counts of shared memory segments, which could lead to resource exhaustion and Denial-of-Service attacks...

5.5CVSS6.6AI score0.00281EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A memory overflow vulnerability was discovered in the ipc functionality of the memcg subsystem in the Linux kernel. This vulnerability occurs when a user calls the semget function multiple times, thereby creating semaphores. This flaw allows a local user to deplete resources, resulting in a denia...

5.5CVSS6.7AI score0.00345EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in node-marked

Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression block.def might cause catastrophic backtracking in certain cases, leading to a regular expression denial of service ReDoS. Anyone who runs untrusted markdown using a vulnerable version of Marked, without usi...

7.5CVSS6.6AI score0.02828EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in pgpool2

The Pgpool-II provided by PgPool Global Development Group contains a authentication bypass vulnerability as a primary weakness. If this vulnerability is exploited, an attacker may be able to log in to the system as an arbitrary user, allowing them to read or tamper with data in the database, and/...

9.8CVSS8.3AI score0.00791EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: dmaengine: ti: k3-udma-glue: fix memory leak when registerdevice fails. If deviceregister fails, it should call putdevice to release the reference. The name allocated by devsetname can be freed in the callback function...

5.5CVSS6.3AI score0.00164EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.7AI score
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.16 views

Astra Linux – Vulnerability in GhostScript

A divide-by-zero issue was discovered in epsprintpage within gdevepsn.c in Artifex Software GhostScript 9.50. This issue allows remote attackers to cause a denial of service by opening crafted PDF files...

5.5CVSS6.2AI score0.00619EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Zabbix

JavaScript preprocessing can be exploited by attackers to gain access to the file system read-only access on behalf of the user “zabbix” on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data...

8.5CVSS7.1AI score0.0105EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: mptcp: make the fallback action and decision atomic. Syzkaller reported the following errors: WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcpdofallback net/mptcp/protocol.h:1223 inline WARNING: CPU: 1 PID: 7704 at...

5.5CVSS6.7AI score0.00107EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in jbigkit

In LibTIFF 4.0.8, there is a memory allocation failure in the tifjbig.c file. A specially crafted TIFF document can cause an abort, leading to a remote denial-of-service attack...

6.5CVSS6.8AI score0.02846EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

A out-of-bounds memory read flaw was discovered in the Linux kernel’s BPF subsystem, related to how a user calls the bpftailcall function with a key that is larger than the maxentries of the map. This flaw allows a local user to gain unauthorized access to data...

5.5CVSS6.7AI score0.00338EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Jackson-Databind

A flaw was discovered in jackson-databind before version 2.9.10.7. FasterXML improperly handles the interaction between serialization gadgets and typing. The greatest threat of this vulnerability is to data confidentiality, integrity, and system availability...

8.3CVSS7.2AI score0.07483EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in PHP 7.3

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23, and 7.4.x below 7.4.11, when AES-CCM mode is used with the opensslencrypt function and a 12-byte IV is provided, only the first 7 bytes of the IV are actually used. This can result in reduced security and incorrect encrypted data...

6.5CVSS6.7AI score0.02055EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in TeXeVe-bin

OpenDetex 2.8.5 has a Buffer Overflow issue in TexOpen, specifically in detex.l, due to an incorrect sprintf operation...

7.8CVSS7.1AI score0.01212EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

Before version 141.0.7390.54, reading media content in Google Chrome allowed a remote attacker to potentially perform out-of-bounds memory access through a crafted HTML page. Chromium security severity: Medium...

7.5CVSS8.3AI score0.00356EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Chromium

Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.2AI score0.45912EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in imagemagick

In the RestoreMSCWarning function in /coders/pdf.c, there are several places where calls to GetPixelIndex may result in values that are outside the range that can be represented by the unsigned char type. The patch converts the return value of GetPixelIndex to the ssizet type to avoid this bug...

4.3CVSS6.5AI score0.01161EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in ffmpeg

A buffer overflow vulnerability exists in the function configinput in libavfilter/vfgblur.c in Ffmpeg 4.2.1. Attackers can exploit this vulnerability to cause a Denial of Service or other unspecified impacts...

8.8CVSS7.9AI score0.01195EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in node-json-schema

JSON-schema is vulnerable to improperly controlled modification of object prototype attributes known as “Prototype Pollution”...

9.8CVSS6.8AI score0.03563EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Jackson-Databind

FasterXML Jackson-Databind 2.x versions before 2.9.10.8 mishandle the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS...

8.8CVSS6.9AI score0.05041EPSS
Exploits2References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in User Education in Google Chrome before version 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted Chrome Extension or specific user interactions...

8.8CVSS7.3AI score0.00498EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

In versions of Google Chrome on Android prior to 101.0.4951.41, the security interface in the Downloads section allowed a remote attacker to spoof the APK download dialog box through a crafted HTML page...

4.3CVSS6.2AI score0.00589EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76 – Do not call mt76unregisterdevice on unregistered hardware devices. Attempting to probe a mt7921e PCI card without firmware results in a successful probe, but ieee80211registerhw is not called. When removing the drive...

5.5CVSS6.2AI score0.00164EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: xsk: Added a missing overflow check in xdpumemreg. The number of chunks can exceed the range of u32. Ensure that the value -EINVAL is returned in case of an overflow. Additionally, removed a redundant u32 cast when assigning...

5.5CVSS6.2AI score0.00183EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux

There is an information disclosure vulnerability in the ARM SIGPAGE functionality of the Linux Kernel v5.4.66 and v5.4.54. The latest version 5.11-rc4 appears to still be vulnerable. A userland application can read the contents of the sigpage, which may lead to exposure of kernel memory contents...

4CVSS6.2AI score0.00529EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: In the bpf and arm64 implementations, the value of prog-jitedlen was cleared along with prog-jited. The syzbot reported an attempt to perform an illegal copytouser operation from the bpfproggetinfobyfd function 1. There has been ...

5.5CVSS6.1AI score0.00274EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf/smmuv3: Fixed the hotplug callback leak in armsmmupmuinit. armsmmupmuinit does not remove the callback added by cpuhpsetupstatemulti when platformdriverregister fails. The callback must be removed by cpuhpremovemultistate in...

5.5CVSS5.8AI score0.00147EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in Firefox and Thunderbird

A Linux user who opened the print preview dialog box could have caused the browser to crash. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...

6.5CVSS6.6AI score0.00732EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in Linux, Linux 5.10

The function emsusbstartxmit in the file drivers/net/can/usb/emsusb.c within the Linux kernel, up to version 5.17.1, contains a double-free...

7.8CVSS6.6AI score0.0035EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Insufficient validation of untrusted input in the “File” feature in Google Chrome on Android prior to version 103.0.5060.134 allowed an attacker who convinced a user to install a malicious app to obtain potentially sensitive information from internal file directories via a crafted HTML page...

4.3CVSS6.1AI score0.0071EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in binutils

“findabstractinstance” in dwarf2.c, located in the Binary File Descriptor BFD library also known as libbfd, as part of GNU Binutils 2.32, allows remote attackers to cause a denial of service infinite recursion and application crash through a crafted ELF file...

6.5CVSS6.8AI score0.02752EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in ofono

oFono CUSD Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The...

7.8CVSS7.7AI score0.00294EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: vimc: Fixed an incorrect function call when vimcinit fails. In vimcinit, when platformdriverregister&vimcpdrv fails, the function platformdriverunregister&vimcpdrv is called incorrectly instead of...

5.5CVSS5.9AI score0.00145EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in ofono

oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

7.8CVSS7.5AI score0.00294EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: x86/entry: Clear X86FEATURESMAP when CONFIGX86SMAP=n Commit 3c73b81a9164 “x86/entry, selftests: Further improve user entry sanity checks” added a warning if AC is set when in the kernel. Commit 662a0221893a3d “x86/entry: Fix A...

3.3CVSS6.4AI score0.00217EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tty: serial: 8250: serialcs: Fixed a memory leak in the error handling path. In the probe function, if the serialconfig function fails, data from info is leaking. A resource handling path should be added to free up this memory...

5.5CVSS5.8AI score0.00245EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Tiff

LibTIFF 4.4.0 contains an out-of-bounds read in tiffcp, located at line 948 of tools/tiffcp.c. This vulnerability allows attackers to cause a denial-of-service attack through a specially crafted TIFF file. For users who compile LibTIFF from source code, the fix is available in the commit with the...

6.8CVSS6.7AI score0.00425EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed the use of inodes after freeing them in ext4endiorsvwork. In ext4ioenddefercompletion, it was checked whether ioend-listvec was empty to avoid adding an ioend that does not require any conversion to the...

7.8CVSS5.9AI score0.00147EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Prevents ubuf size overflow. The ubuf size calculation may overflow, leading to under-sized allocations and potential memory corruption. Use the checkaddoverflow helper function to validate the size calculation...

7.8CVSS5.8AI score0.00127EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: mt76: Fixed a use-after-free by removing a non-RCU wcid pointer. This fix addresses an issue detected by KASAN regarding use-after-free in mt76txqschedule. This was done by protecting mtxq-wcid with rculock between...

7.8CVSS6.4AI score0.00284EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in WebKit2GTK

A “use-after-free” issue has been addressed through improved memory management. This issue is fixed in macOS Ventura 13.5, iOS 16.6, iPadOS 16.6, Safari 16.6, iOS 15.8.7, and iPadOS 15.8. Processing maliciously crafted web content may lead to memory corruption...

8.8CVSS7.4AI score0.03955EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger an...

10CVSS7.6AI score0.02136EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption, and we assume that with...

8.8CVSS7.4AI score0.0087EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.14 views

Astra Linux – Vulnerability in Linux

A issue was discovered in the Linux kernel versions 2.6.39 through 5.10.16, as used in Xen. The block, net, and SCSI backends consider certain errors as ordinary bugs, which are deliberately designed to cause kernel crashes. For errors that may be influenced by guests such as memory exhaustion...

5.5CVSS6.6AI score0.00544EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.13 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed a bug in extent parsing when ehentries == 0 and ehdepth 0. When traversing inode extents, the ext4extbinsearchidx function assumes that the extent header has been validated previously. However, there are no checks to...

5.5CVSS6.1AI score0.00235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: udptunnel: Use netdevwarn instead of netdevWARN. netdevWARN uses WARN/WARNON to print a backtrace along with file and line information. In this case, udptunnelnicregister failing due to a memory allocation failure e.g., kzalloc o...

6.1AI score0.00173EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Tracing: Fixed a potential double-free issue in createvarref. In createvarref, initvarref is called to initialize the fields of the reffield variable. This variable is allocated in the previous function call, which creates...

7.8CVSS6.2AI score0.00289EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Python-Django

In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validateipv4address, and validateipv46address did not prohibit leading zero characters in octal literals. This may allow bypassing access control based on IP addresses. validateipv4address and validateipv46address...

7.5CVSS7.2AI score0.03058EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in iproute2

In iproute2 before version 5.1.0, there is a use-after-free issue in the getnetnsidfromname function in the ip/ipnetns.c file. NOTE: The relevance of this issue to security may be limited to certain uses of setuid, which, although not a default option, are sometimes an optional configuration...

4.4CVSS6.4AI score0.00403EPSS
Exploits0References1
Total number of security vulnerabilities18099