956 matches found
Integer Overflow to Buffer Overflow
Overview Affected versions of this package are vulnerable to Integer Overflow to Buffer Overflow via the WebP Image Decoding functionality. An attacker can execute arbitrary code by enticing a user to open a specially crafted .webp animation file, which triggers an integer overflow during stride...
CVE-2025-52456
The CVE-2025-52456 entry describes a memory corruption in the WebP decoding path of the SAIL Image Decoding Library v0.9.8. Specifically, an integer overflow during stride calculation in the WebP animation decoding can overflow a heap buffer, enabling remote code execution when a crafted file is ...
CVE-2025-52456
A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .webp animation an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based...
Linux Distros Unpatched Vulnerability : CVE-2017-2907
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable integer overflow exists in the animation playing functionality of the Blender open-source 3d creation suite version 2.78c. A specially created...
Linux Distros Unpatched Vulnerability : CVE-2017-2906
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable integer overflow exists in the animation playing functionality of the Blender open-source 3d creation suite version 2.78c. A specially created...
Linux Distros Unpatched Vulnerability : CVE-2025-6555
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Animation in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Linux Distros Unpatched Vulnerability : CVE-2019-9796
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability can occur when the SMIL animation controller incorrectly registers with the refresh driver twice when only a single registration ...
Linux Distros Unpatched Vulnerability : CVE-2024-9680
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this...
assimp: Open Asset Import Library Assimp LWO File LWOAnimation.cpp UpdateAnimRangeSetup heap-based overflow
A flaw has been found in the Open Asset Import Library assimp. In affected versions, a malformed LWO file may trigger a heap-based buffer overflow, which may lead to an application crash or other undefined behavior...
The vulnerability of the Animation component in the Google Chrome browser allows a hacker to execute arbitrary code.
The vulnerability of the Animation component in Google Chrome browser relates to the use of memory after deallocation. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
FacialMotionID: Identifying Users of Mixed Reality Headsets Using Abstract Facial Motion Representations
Facial motion capture in mixed reality headsets enables real-time avatar animation, allowing users to convey non-verbal cues during virtual interactions. However, as facial motion data constitutes a behavioral biometric, its use raises novel privacy concerns. With mixed reality systems becoming...
ROS-20250707-05
A vulnerability in the Google Chrome browser is related to post-release usage errors in Animation in Google Chrome. Exploitation of the vulnerability could allow an attacker acting remotely, compromise a vulnerable system...
Google Chrome Resource Management Error Vulnerability (CNVD-2025-15176)
Google Chrome is a web browser from Google, an American company. A resource management error vulnerability exists in versions of Google Chrome prior to 138.0.7204.49, which stems from a mix-up in the instructions responsible for freeing memory in the Animation component, and can be exploited by a...
SAMSUNG rLottie Code Execution Vulnerability
SAMSUNG rLottie is a platform-independent, standalone c++ library for real-time rendering of vector-based animation and art from Samsung South Korea. A code execution vulnerability exists in SAMSUNG rLottie, which can be exploited by an attacker to execute arbitrary code on a system...
SAMSUNG rLottie 安全漏洞
SAMSUNG rLottie is a platform-independent, standalone c++ library for real-time rendering of vector-based animation and art from Samsung South Korea. A security vulnerability exists in SAMSUNG rLottie, which can be exploited by attackers to cause a buffer over-read...
SAMSUNG rLottie 安全漏洞
SAMSUNG rLottie is a platform-independent, standalone c++ library for real-time rendering of vector-based animation and art from Samsung South Korea. A code execution vulnerability exists in SAMSUNG rLottie, which can be exploited by an attacker to execute arbitrary code on a system...
SAMSUNG rLottie 安全漏洞
SAMSUNG rLottie is a platform-independent, standalone c++ library for real-time rendering of vector-based animation and art from Samsung South Korea. A code execution vulnerability exists in SAMSUNG rLottie, which can be exploited by an attacker to execute arbitrary code on a system...
SUSE CVE-2025-6555
Use after free in Animation in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2025-6555
Use after free in Animation in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-6555
Use after free in Animation in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...