304 matches found
DEBIAN-CVE-2025-5063
Use after free in Compositing in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
qt6-webengine -- Multiple vulnerabilities
Qt qtwebengine-chromium repo reports: Backports for 25 security bugs in Chromium: CVE-2025-5063: Use after free in Compositing CVE-2025-5064: Inappropriate implementation in Background Fetch CVE-2025-5065: Inappropriate implementation in FileSystemAccess API CVE-2025-5068: Use after free in Blink...
The vulnerability of the Compositing component in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code or trigger a service denial.
The vulnerability of the Compositing component in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause a service failure...
FreeBSD : qt5-webengine -- Use after free in Compositing (a58fdfef-07c6-11f0-8688-4ccc6adda413)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a58fdfef-07c6-11f0-8688-4ccc6adda413 advisory. Qt qtwebengine-chromium repo reports: Backports for 1 security bug in Chromium: Tenable has extracted t...
When resizing an OS layer to a smaller size, the Finalize process fails
When attempting to shrink an OS layer version OS layer using a size that is smaller then it currently is , the Finalize process may fail. The CALCE or UNISYSLIB logs from the Compositing Engine would shows an error similar to the following: 2024-01-17 09:29:11 ERROR 1668 uni.ca.syslib.reghive...
qt5-webengine -- Use after free in Compositing
Qt qtwebengine-chromium repo reports: Backports for 1 security bug in Chromium: CVE-2024-12694: Use after free in Compositing...
Astra Linux – Vulnerability in Chromium
The use of “after free” in Compositing in Google Chrome before version 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
The vulnerability of the Compositing component in Google Chrome and Microsoft Edge browsers allows attackers to replace the user interface.
The vulnerability of the Compositing component in Google Chrome and Microsoft Edge exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to replace the user interface with a specially created HTML page...
SUSE CVE-2025-0448
Inappropriate implementation in Compositing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
Google Chrome < 132.0.6834.83 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 132.0.6834.83. It is, therefore, affected by multiple vulnerabilities as referenced in the 202501stable-channel-update-for-desktop14 advisory. - Inappropriate implementation in Compositing in Google Chrome prior to...
qt6-webengine -- Multiple vulnerabilities
Qt qtwebengine-chromium repo reports: Backports for 9 security bugs in Chromium: CVE-2024-12693: Out of bounds memory access in V8 CVE-2024-12694: Use after free in Compositing CVE-2025-0436: Integer overflow in Skia CVE-2025-0437: Out of bounds read in Metrics CVE-2025-0438: Stack buffer overflo...
DEBIAN-CVE-2024-12694
Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2024-12694
Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
chromium -- multiple security fixes
Chrome Releases reports: This update includes 3 security fixes: 382291459 High CVE-2024-12692: Type Confusion in V8. Reported by Seunghyun Lee @0x10n on 2024-12-05 382190919 High CVE-2024-12693: Out of bounds memory access in V8. Reported by 303f06e3 on 2024-12-04 368222741 High CVE-2024-12694: U...
Publishing an App Layering image to PVS with Offload Compositing may fail
When publishing an App Layering image to PVS using Offload Composting, it may fail...
Moderate: Red Hat Security Advisory: gnome-shell and gnome-shell-extensions security update
An update for gnome-shell and gnome-shell-extensions is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
ALSA-2024:9114 Moderate: gnome-shell and gnome-shell-extensions security update
GNOME Shell acts as a compositing manager for the desktop, and displays both application windows and other objects. It provides core interface functions like switching windows, launching applications, and notifications. It takes advantage of the capabilities of modern graphics hardware and...
The vulnerability of Google Chrome’s Compositing component allows attackers to replace the user interface.
The vulnerability of the Compositing component in the Google Chrome browser is related to errors in information representation by the user interface. Exploiting this vulnerability could allow an attacker to replace the user interface with a specially created HTML page...
SUSE CVE-2023-7281
Inappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
Unspecified Vulnerability in Google Chrome (CNVD-2024-39248)
Google Chrome is a web browser from Google, an American company. A security vulnerability exists in Google Chrome prior to version 119.0.6045.105, which stems from an improper implementation of the compositing feature and can be exploited by remote attackers to perform UI spoofing via a crafted...