Lucene search
K

86 matches found

CVE
CVE
added 2023/11/29 12:2 p.m.202 views

CVE-2023-6351

CVE-2023-6351 describes a use-after-free in libavif used by Google Chrome before 119.0.6045.199, allowing a remote attacker to cause heap corruption via a crafted AVIF file. Affected product/component: Google Chrome/Chromium with libavif. Root cause: use-after-free in libavif leading to possible ...

8.8CVSS9AI score0.00913EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2023/11/29 12:2 p.m.547 views

CVE-2023-6350

CVE-2023-6350 is a use-after-free in libavif used by Google Chrome/Chromium before version 119.0.6045.199, potentially enabling remote heap corruption via a crafted avif file. Affected software stacks include Chromium-based browsers (Chrome/Chromium) and related Electron builds, with multiple sec...

8.8CVSS9AI score0.01118EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2023/11/29 12:2 p.m.24 views

CVE-2023-6351

Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. Chromium security severity: High...

9.3AI score0.00913EPSS
Exploits0References7
Cvelist
Cvelist
added 2023/11/29 12:2 p.m.30 views

CVE-2023-6350

Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. Chromium security severity: High...

9.3AI score0.01118EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2023/11/29 12:2 p.m.75 views

CVE-2023-6350

Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. Chromium security severity: High...

8.8CVSS9.4AI score0.01118EPSS
Exploits0
Debian CVE
Debian CVE
added 2023/11/29 12:2 p.m.55 views

CVE-2023-6351

Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. Chromium security severity: High...

8.8CVSS9.4AI score0.00913EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/11/13 12:0 a.m.12 views

PT-2023-7328 · Google +5 · Google Chrome +5

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 119.0.6045.199 Microsoft Edge affected versions not specified Description: The issue is related to a use after free in libavif, which can lead to heap corruption when processing crafted avif files. This can...

10CVSS7.1AI score0.99735EPSS
Exploits128References1096
Positive Technologies
Positive Technologies
added 2023/11/13 12:0 a.m.5 views

PT-2023-7329 · Google +5 · Google Chrome +5

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 119.0.6045.199 Microsoft Edge affected versions not specified Description: The issue is related to a use after free in the libavif library, which can lead to heap corruption when processing crafted avif files...

10CVSS7AI score0.99735EPSS
Exploits128References1096
Prion
Prion
added 2023/11/09 10:15 p.m.14 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in ShortPixel ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin = 3.7.1 versions...

6.8CVSS7.2AI score0.00312EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/11/09 9:21 p.m.36 views

CVE-2023-32512

CVE-2023-32512 is a CSRF vulnerability in the WordPress plugin ShortPixel Adaptive Images (WebP, AVIF, CDN, Image Optimization) vulnerable through versions

8.8CVSS8.9AI score0.00312EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/26 12:0 a.m.7 views

The vulnerability of the heif::Fraction::round() function in the box.cc file decoder for HEIF and AVIF formats in the libheif library allows a malicious actor to cause service interruptions.

The vulnerability of the heif::Fraction::round function in the box.cc file format decoders for HEIF and AVIF formats in the libheif library is related to a floating-point exception. Exploiting this vulnerability could allow an attacker to cause service failures...

7.8CVSS7AI score0.00927EPSS
Exploits1References8Affected Software5
Redos
Redos
added 2023/06/15 12:0 a.m.27 views

ROS-20230615-03

A vulnerability in the HEIF and AVIF libheif file format decoder is related to a floating point exception in the heif::Fraction::round function in box.cc Exploitation of the vulnerability could allow an attacker, remotely to perform a denial of service attack...

6.5CVSS6.2AI score0.00927EPSS
Exploits1
Fedora
Fedora
added 2023/05/06 12:45 a.m.24 views

[SECURITY] Fedora 36 Update: libheif-1.15.2-1.fc36

libheif is an ISO/IEC 23008-12:2017 HEIF and AVIF AV1 Image File Format file format decoder and encoder...

6.5CVSS7.1AI score0.00927EPSS
Exploits1
Fedora
Fedora
added 2023/05/06 12:41 a.m.25 views

[SECURITY] Fedora 37 Update: libheif-1.15.2-1.fc37

libheif is an ISO/IEC 23008-12:2017 HEIF and AVIF AV1 Image File Format file format decoder and encoder...

6.5CVSS7.1AI score0.00927EPSS
Exploits1
OpenVAS
OpenVAS
added 2023/05/06 12:0 a.m.23 views

Fedora: Security Advisory for libheif (FEDORA-2023-440c8694e5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.00927EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/05/06 12:0 a.m.10 views

Fedora: Security Advisory for libheif (FEDORA-2023-fd63c401df)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2023/05/05 2:21 p.m.18 views

[SECURITY] Fedora 38 Update: libheif-1.15.2-1.fc38

libheif is an ISO/IEC 23008-12:2017 HEIF and AVIF AV1 Image File Format file format decoder and encoder...

7.1AI score
Exploits0
Redos
Redos
added 2023/03/22 12:0 a.m.26 views

ROS-20230322-01

A vulnerability in the HEIF and AVIF libheif file format decoder is related to the data parsing code of strided images in the emscripten wrapper for libheif. Exploitation of the vulnerability could allow an attacker acting remotely to use a specially crafted image file to cause a buffer overflow ...

7.8CVSS7.7AI score0.00307EPSS
Exploits0
Hacker One
Hacker One
added 2021/11/04 3:45 p.m.17 views

Cloudflare Public Bug Bounty: Bypassing Cache Deception Armor using .avif extension file

Cloudflare Deception Armor could be bypassed by using .avif extension making Cache deception attack possible on vulnerable origin servers. Cloudflare Cache Deception Armor uses a Page rule to protect Cloudflare Cache against caching possibly sensitive information. This attack could be performed b...

1AI score
Exploits0
CNVD
CNVD
added 2021/07/02 12:0 a.m.16 views

libavif buffer overflow vulnerability

libavif is a library for encoding and decoding .avif files. libavif suffers from a security vulnerability that stems from libavif 0.8.0 and 0.8.1 having an out-of-bounds write in the avifDecoderDataFillImageGrid. no details of the vulnerability are currently available...

8.8CVSS5.4AI score0.01402EPSS
Exploits1References1
Rows per page
Query Builder