Lucene search
K

304 matches found

RedHat Linux
RedHat Linux
added 2026/01/07 1:3 p.m.4 views

libpng: LIBPNG buffer overflow

A buffer overflow flaw has been discovered in libpng. An out-of-bounds read vulnerability exists in pngimagereadcomposite when processing palette images with PNGFLAGOPTIMIZEALPHA enabled. The palette compositing code in pnginitreadtransformations incorrectly applies background compositing during...

7.1CVSS6AI score0.00352EPSS
Exploits4References8
RedHat Linux
RedHat Linux
added 2026/01/07 1:2 p.m.2 views

libpng: LIBPNG buffer overflow

A buffer overflow flaw has been discovered in libpng. An out-of-bounds read vulnerability exists in pngimagereadcomposite when processing palette images with PNGFLAGOPTIMIZEALPHA enabled. The palette compositing code in pnginitreadtransformations incorrectly applies background compositing during...

7.1CVSS6AI score0.00352EPSS
Exploits4References8
RedHat Linux
RedHat Linux
added 2026/01/06 11:25 a.m.2 views

libpng: LIBPNG buffer overflow

A buffer overflow flaw has been discovered in libpng. An out-of-bounds read vulnerability exists in pngimagereadcomposite when processing palette images with PNGFLAGOPTIMIZEALPHA enabled. The palette compositing code in pnginitreadtransformations incorrectly applies background compositing during...

7.1CVSS6AI score0.00352EPSS
Exploits4References8
OSV
OSV
added 2025/12/01 10:31 p.m.7 views

JLSEC-2025-330 LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in pngimagereadcomposite when processing palette images with PNGFLAGOPTIMIZEALP...

7.1CVSS6.9AI score0.00352EPSS
Exploits4References5
CNVD
CNVD
added 2025/11/18 12:0 a.m.3 views

Google Chrome Code Problem Vulnerability (CNVD-2025-29238)

Google Chrome is a web browser developed by Google. A security vulnerability exists in the compositing feature in Google Chrome prior to version 140.0.7339.80, which stems from a flaw in the compositing module's handling of UI elements. The vulnerability can be exploited by an attacker to conduct...

4.3CVSS6.4AI score0.0018EPSS
Exploits1References1
NVD
NVD
added 2025/11/14 3:15 a.m.4 views

CVE-2025-13107

Inappropriate implementation in Compositing in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS0.0018EPSS
Exploits1References2
OSV
OSV
added 2025/11/14 3:15 a.m.2 views

DEBIAN-CVE-2025-13107

Inappropriate implementation in Compositing in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS4.9AI score0.0018EPSS
Exploits1References1
CVE
CVE
added 2025/11/14 2:29 a.m.427 views

CVE-2025-13107

CVE-2025-13107 concerns an Inappropriate implementation in Compositing in Google Chrome prior to 140.0.7339.80 that enables a remote attacker to perform a UI spoofing attack via a crafted HTML page. The affected product is Google Chrome (Chromium-based); the root cause is an inadequate implementa...

4.3CVSS6AI score0.0018EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/11/14 2:29 a.m.5 views

CVE-2025-13107

Inappropriate implementation in Compositing in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

0.0018EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/11/14 2:29 a.m.4 views

CVE-2025-13107

Inappropriate implementation in Compositing in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

6AI score0.0018EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2025/11/14 2:29 a.m.4 views

CVE-2025-13107

Inappropriate implementation in Compositing in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS4.9AI score0.0018EPSS
Exploits1
CNNVD
CNNVD
added 2025/11/14 12:0 a.m.3 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google. A security vulnerability exists in the compositing feature in Google Chrome prior to version 140.0.7339.80, which stems from a flaw in the compositing module's handling of UI elements. The vulnerability can be exploited by an attacker to conduct...

4.3CVSS5.9AI score0.0018EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-0818

Malware in sbrugna...

7.5CVSS9.2AI score0.03623EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-17801

Malware in sbrugna...

4.7CVSS6.3AI score0.01114EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/09/02 12:0 a.m.3 views

PT-2025-46937

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 140.0.7339.80 Description An issue in Compositing within Google Chrome, prior to version 140.0.7339.80, could allow a remote attacker to perform UI spoofing through a specially designed HTML page. This is due to...

4.3CVSS6.5AI score0.0018EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2025/07/07 2:28 a.m.9 views

webkitgtk: CSS compositing issue leading to revealing of the browsing history

A flaw was found in the way WebKitGTK performed CSS compositing. A malicious web site could possibly use this flaw to reveal user's browsing history...

4.7CVSS6.5AI score0.01114EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2025/06/26 12:0 a.m.4 views

IDGraphs: Intrusion Detection and Analysis Using Stream Compositing

Traffic anomalies and attacks are commonplace in today's networks and identifying them rapidly and accurately is critical for large network operators. For a statistical intrusion detection system IDS, it is crucial to detect at the flow-level for accurate detection and mitigation. However, existi...

6.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/06/06 12:0 a.m.7 views

The vulnerability of the Compositing component in the Google Chrome browser allows attackers to execute arbitrary code or trigger a service denial.

The vulnerability of the Compositing component in the Google Chrome browser is related to the use of memory after deallocation. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause a service failure...

10CVSS8.4AI score0.03073EPSS
Exploits0References9Affected Software4
SUSE CVE
SUSE CVE
added 2025/05/29 2:12 a.m.4 views

SUSE CVE-2025-5063

Use after free in Compositing in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.4AI score0.03073EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/05/27 9:15 p.m.2 views

CVE-2025-5063

Use after free in Compositing in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.8AI score0.03073EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder