CVE-2025-6555

Use after free in Animation in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-6555

Use after free in Animation in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-6555

Use after free in Animation in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

Medium: qt5-qt3d

Issue Overview: A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation leads to...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser from Google, an American company. A resource management error vulnerability exists in versions of Google Chrome prior to 138.0.7204.49, which stems from a mix-up in the instructions responsible for freeing memory in the Animation component, and can be exploited by a...

PT-2025-26785 · Google +3 · Google Chrome +3

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 138.0.7204.49 Description: A use after free issue in the Animation component of Google Chrome allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This could lead to remote...

Animating zooming using CSS: transform order is important… sometimes

I was using Discord the other day. I tapped to zoom into an image, and it animated in an odd way that I'd seen before. Like this: Notice how it kinda 'swoops' into the wildcat's face, rather than zooming straight in? See how the right-hand side of the cat's head goes out-of-frame, and then back i...

Astra Linux – Vulnerability in Chromium

The use of after-free in Animation in Google Chrome before version 138.0.7204.49 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

TencentOS Server 3: thunderbird (TSSA-2024:0729)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0729 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

[SECURITY] Fedora 42 Update: qt6-qtquicktimeline-6.9.1-1.fc42

The Qt Quick Timeline plugin provides QML types to use timelines and keyframes to animate Qt Quick user interfaces...

[SECURITY] Fedora 42 Update: qt6-qtlottie-6.9.1-1.fc42

Qt Lottie Animation provides a QML API for rendering graphics and animations that are exported in JSON format by the Bodymovin plugin for Adobe After Effects...

DEBIAN-CVE-2025-48796

A flaw was found in GIMP. The GIMP aniloadimage function is vulnerable to a stack-based overflow. If a user opens.ANI files, GIMP may be used to store more information than the capacity allows. This flaw allows a malicious ANI file to trigger arbitrary code execution...

CVE-2024-47641

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Muhammad Shakeel Confetti Fall Animation confetti-fall-animation allows Stored XSS.This issue affects Confetti Fall Animation: from n/a through = 1.3.0...

CVE-2024-43944

Authentication Bypass by Spoofing vulnerability in ilyasine Maintenance & Coming Soon Redirect Animation maintenance-coming-soon-redirect-animation allows Identity Spoofing.This issue affects Maintenance & Coming Soon Redirect Animation: from n/a through = 2.3.3...

CVE-2024-3680

The Enter Addons – Ultimate Template Builder for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Animation Title widget's img tag in all versions up to, and including, 2.1.5 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2024-8919

The Confetti Fall Animation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'confetti-fall-animation' shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2024-50419

Incorrect Authorization vulnerability in wpsoul Greenshift greenshift-animation-and-page-builder-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Greenshift: from n/a through = 9.7...

CVE-2023-22707

Auth. author+ Cross-Site Scripting XSS vulnerability in Wpsoul Greenshift – animation and page builder blocks plugin = 4.9.9 versions...

CVE-2023-21095

In canStartSystemGesture of RecentsAnimationDeviceState.java, there is a possible partial lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2011-2620

Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service application crash via vectors involving SVG animation...