Lucene search
K
AstralinuxRecent

18086 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in WebAudio in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out-of-bounds memory read via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.6AI score0.00447EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Chromium

Using “after free” in Dawn in Google Chrome before version 146.0.7680.178 allowed a remote attacker to execute arbitrary code through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.00313EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in PrivateAI in Google Chrome before version 147.0.7727.55 allowed a remote attacker who convinced a user to perform certain UI gestures to potentially execute a sandbox escape through a crafted HTML page. Chromium security severity: Medium...

9.6CVSS7.4AI score0.00253EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability in libexif

In libexif versions up to 0.6.25, a integer underflow in size checking for Fuji and Olympus MakerNote decoding could be exploited by attackers to cause programs that use libexif to crash or leak information...

7.1CVSS7AI score0.0014EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in WebUSB in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

6.5CVSS7.3AI score0.00189EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Chromium

Using “after free” in WebRTC in Google Chrome before version 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS5.8AI score0.00281EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Python 3.11

User-controlled header names and values containing newlines can allow for the injection of HTTP headers...

5.9CVSS6.7AI score0.00463EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Chromium

Using the “after free” mechanism in the Digital Credentials API in Google Chrome before version 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. Chromium security severity: High...

8.8CVSS5.8AI score0.00253EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Chromium

Using “after free” in Dawn in Google Chrome before version 146.0.7680.165 allowed a remote attacker to potentially perform a sandbox escape through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.00359EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00543EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Undefined behavior in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

9.8CVSS7.3AI score0.00418EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Chromium

The use of After Free in Media in Google Chrome before version 147.0.7727.55 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.00303EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in Chromium

Using after-free in WebGL in Google Chrome before version 146.0.7680.178 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00403EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in WebGL in Google Chrome prior to version 146.0.7680.165 allowed a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: High...

8.8CVSS6.1AI score0.00385EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in glibc

Calling getnetbyaddr or getnetbyaddrr with a configured nsswitch.conf that specifies the library’s DNS backend can lead to a situation where a zero-valued network is queried during operations in the GNU C Library versions 2.0 to 2.42. This could result in leaking stack contents to the configured...

7.5CVSS7.1AI score0.00564EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in WebAudio in Google Chrome prior to version 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory through a crafted HTML page. Chromium security severity: High...

4.3CVSS7.2AI score0.00241EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in cups

OpenPrinting CUPS is an open-source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.17, a network-attached attacker could send a crafted SNMP response to the CUPS SNMP backend, causing an out-of-bounds read of up to 176 bytes beyond the stack buffer. The leak...

5.4CVSS5.7AI score0.00409EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Flatpak

Flatpak is a Linux application sandboxing and distribution framework. Prior to version 1.16.4, the caching mechanism for ld.so removed outdated cache files without properly checking whether the app’s control over the path to the outdated cache was valid within the cache directory. This allowed...

8.7CVSS7.1AI score0.00323EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Chromium

In CSS, operations outside the bounds were allowed in Google Chrome before version 146.0.7680.165; this enabled a remote attacker to perform out-of-bounds memory access through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.6AI score0.00454EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: AppArmor: Fixing differential encoding verification Differential encoding allows loops to be created if it is abused. To prevent this, the unpacking process should verify that the diff-encode chain terminates. Unfortunately, t...

5.5CVSS5.9AI score0.00177EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Firefox

DoS attack in the XML component. This vulnerability has been fixed in Firefox 149 and Thunderbird 149...

7.5CVSS5.7AI score0.0053EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Chromium

Integer overflow in Codecs in Google Chrome prior to version 146.0.7680.178 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00336EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Privilege escalation in the Messaging System component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00366EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in libexif

LibExif through version 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function receives a 0 size as input, the passed-in buffer will be overwritten due to an integer underflow...

7.8CVSS5.9AI score0.00193EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in GIMP

GIMP XWD File Parsing: Out-of-Bounds Write Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or open a malicious file. The...

7.8CVSS7.5AI score0.00566EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in libssh

A malicious SCP server can send unexpected commands that may cause the client application to override local files outside of the working directory. This could be exploited to create malicious executable or configuration files, causing the user to execute them with specific consequences. This is t...

6.3CVSS6.4AI score0.00408EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in unbound

A vulnerability in caching resolvers called “Rebirthday Attack” has been discovered in resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., with the option --enable-subnet, and when configured to send ECS information along with queries to...

8.7CVSS6.5AI score0.00188EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Chromium

Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.00365EPSS
Exploits2References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Chromium

Using “after free” in Dawn in Google Chrome before version 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code through a crafted HTML page. Chromium security severity: High...

7.5CVSS6.2AI score0.0028EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Invalid pointer in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00366EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability in util-linux

util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU Time-of-Check-Time-of-Use vulnerability was identified in the SUID binary /usr/bin/mount from util-linux. The mount binary, when setting up loop devices, validates the source file path with user privileges via...

4.7CVSS5.8AI score0.00118EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00314EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

A use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00384EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Firefox

Memory safety bugs exist in Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability has been fixed in Firefox 149.0.2 and...

9.8CVSS7.5AI score0.00257EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in sssd

A flaw was discovered in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Since the data is treated as a NUL-terminated C string without an explicit termination, this leads to a...

5.5CVSS5.7AI score0.00141EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in libsoup3

A flaw was discovered in libsoup’s SoupServer. A remote attacker could exploit a use-after-free vulnerability, where the soupserverdisconnect function releases connection objects prematurely, even if a TLS handshake is still pending. If the handshake completes after the connection object has been...

8.2CVSS5.8AI score0.00447EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00491EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.11 views

Astra Linux – Vulnerability in Chromium

A stack buffer overflow in WebRTC in Google Chrome prior to version 146.0.7680.153 allowed a remote attacker to potentially exploit stack corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS6.1AI score0.00301EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in Chromium

Integer overflow in ANGLE in Google Chrome prior to version 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS5.9AI score0.00253EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in Firefox and Thunderbird

JIT compilation errors, use-after-free in the JavaScript Engine: JIT components. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00469EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: AppArmor: Avoid per-cpu hold underflow in aagetbuffer. When aagetbuffer retrieves data from the per-cpu list, it conditionally decreases cache-hold. If hold reaches 0 while count remains non-zero, the unsigned decrement wraps to...

5.5CVSS5.7AI score0.00155EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: Do not dump the entire memory region. The current logic in cperprintfwerr does not check whether the length of the error record is sufficient to handle the offset. In a faulty firmware, if the offset is greater than the...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: EFI: Fix for reserving unaccepted memory tables The reserveunaccepted function incorrectly calculates the size of the memblock reserved for unaccepted memory tables. It aligns the size of the table, but fails to take into account...

7.1CVSS5.7AI score0.00159EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: hfsplus: treating special inodes as regular files Since the commit af153bb63a33 "vfs: catching invalid modes in mayopen" requires that any inode be of one of the types SIFDIR/SIFLNK/SIFREG/SIFCHR/SIFBLK/SIFIFO/SIFSOCK, use SIFREG...

5.5CVSS5.7AI score0.00117EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: authgss: Fixed memory leaks in XDR decoding error paths. The functions gssxdecctx, gssxdecstatus, and gssxdecname allocate memory through gssxdecbuffer, which calls kmemdup. When a subsequent decoding operation fails, the...

5.5CVSS6.3AI score0.0016EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: drm/atmel-hlcdc: fixed the issue where “drmcrtccommit” was used after release. The atmelhlcdcplaneatomicduplicatestate callback was copying the atmelhlcdcplane state structure without properly duplicating the drmplanestate...

7.8CVSS5.8AI score0.00135EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Fixed potential OOB access in audio mixer handling. In the audio mixer handling code of the ctxfi driver, the conf field is used as a loop index, and it’s referenced in the index callback functions amixerindex and...

7.1CVSS5.8AI score0.00126EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fixed the WQMEMRECLAIM warning When sunrpc is used, if a reset occurs, our workqueue may result in the following call trace: workqueue: WQMEMRECLAIM xprtiod: xprtrdmaconnectworker rpcrdma is being flushed! WQMEMRECLAIM...

7.5CVSS5.7AI score0.00371EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: mfd: arizona: Fixed a regulator resource leak caused by a failure in wm5102clearwritesequencer. The wm5102clearwritesequencer helper function may return an error and simply terminate, bypassing the cleanup sequence. This results ...

5.5CVSS5.7AI score0.00166EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in LCMS2

In Little CMS lcms2 version 2.18, there is an integer overflow in the CubeSize function in cmslut.c, as the overflow check is performed after the multiplication operation...

7.5CVSS5.8AI score0.00365EPSS
Exploits1References2
Total number of security vulnerabilities18086