Lucene search
K

130 matches found

RedHat Linux
RedHat Linux
added 2018/04/10 4:51 p.m.4 views

firefox: Use-after-free in compositor potentially allows code execution

A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR 52.7.3 and Firefox 59.0.2...

9.8CVSS7.3AI score0.03013EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2018/03/27 9:48 a.m.25 views

CVE-2018-5148

A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR 52.7.3 and Firefox 59.0.2...

9.8CVSS2.3AI score0.03013EPSS
Exploits0References2
OSV
OSV
added 2018/03/27 12:0 a.m.2 views

UBUNTU-CVE-2018-5148

A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR 52.7.3 and Firefox 59.0.2...

9.8CVSS7.1AI score0.03013EPSS
Exploits0References4
CNVD
CNVD
added 2018/03/27 12:0 a.m.1 views

Mozilla Firefox Code Execution Vulnerability (CNVD-2018-07712)

Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox. Mozilla Firefox A code execution vulnerability exists in Mozilla Firefox due to a post-release us...

9.8CVSS9.4AI score0.03013EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/03/27 12:0 a.m.19 views

FreeBSD : mozilla -- use-after-free in compositor (23f59689-0152-42d3-9ade-1658d6380567)

The Mozilla Foundation reports : CVE-2018-5148: Use-after-free in compositor A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash. C Tenable...

9.8CVSS8.1AI score0.03013EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2018/03/26 12:0 a.m.25 views

mozilla -- use-after-free in compositor

The Mozilla Foundation reports: CVE-2018-5148: Use-after-free in compositor A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash...

9.8CVSS9.3AI score0.03013EPSS
Exploits0References1
Mozilla
Mozilla
added 2018/03/26 12:0 a.m.531 views

Use-after-free in compositor — Mozilla

A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash...

9.8CVSS2.6AI score0.03013EPSS
Exploits0References1Affected Software2
Fedora
Fedora
added 2017/12/19 7:55 p.m.12 views

[SECURITY] Fedora 27 Update: wayland-1.14.0-2.fc27

Wayland is a protocol for a compositor to talk to its clients as well as a C library implementation of that protocol. The compositor can be a standalone display server running on Linux kernel modesetting and evdev input devices, an X application, or a wayland client itself. The clients can be...

3.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/10/19 12:0 a.m.19 views

Fedora 24 : 1:epiphany / webkitgtk4 (2016-f4b5897686)

Update WebKitGTK+ package to 2.14.1. Major changes in 2.14.0 : - Threaded compositor is enabled by default in both X11 and Wayland. - Accelerated compositing is now supported in Wayland. - Clipboard works in Wayland too. - Memory pressure handler always works even when cgroups is not present or n...

5.6AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.6 views

The vulnerability of the Firefox browser, which allows a remote attacker to execute arbitrary code or trigger a service denial-of-service attack.

The vulnerability of the Firefox browser in the OMTC component lies in the incorrect invocation of the memset function when interacting with the mozilla::layers::BufferTextureClient::AllocateForSurface function. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or...

7.5CVSS8.2AI score0.03623EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2016/04/21 2:59 p.m.2 views

DEBIAN-CVE-2016-3190

The fillxrgb32lerpopaquespans function in cairo-image-compositor.c in cairo before 1.14.2 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a negative span length...

7.5CVSS7.2AI score0.01805EPSS
Exploits1References1
Prion
Prion
added 2016/04/21 2:59 p.m.18 views

Out-of-bounds

The fillxrgb32lerpopaquespans function in cairo-image-compositor.c in cairo before 1.14.2 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a negative span length...

5CVSS6.9AI score0.01805EPSS
Exploits1References4Affected Software2
RedHat Linux
RedHat Linux
added 2015/11/19 12:0 a.m.5 views

cairo: out of bounds read in fill_xrgb32_lerp_opaque_spans

The fillxrgb32lerpopaquespans function in cairo-image-compositor.c in cairo before 1.14.2 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a negative span length...

7.5CVSS7.2AI score0.01805EPSS
Exploits1References5
OSV
OSV
added 2014/12/03 3:57 p.m.3 views

USN-2428-1 thunderbird vulnerabilities

Gary Kwong, Randell Jesup, Nils Ohlmeier, Jesse Ruderman, and Max Jonas Werner discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service...

6.8CVSS7.5AI score0.04052EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2014/12/03 12:0 a.m.76 views

Ubuntu 14.04 LTS : Firefox vulnerabilities (USN-2424-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2424-1 advisory. Gary Kwong, Randell Jesup, Nils Ohlmeier, Jesse Ruderman, Max Jonas Werner, Christian Holler, Jon Coppeard, Eric Rahm, Byron Campen, Eric Rescorla, and...

6.8CVSS8.5AI score0.04052EPSS
Exploits0References9
Ubuntu
Ubuntu
added 2014/12/02 8:24 p.m.79 views

USN-2424-1: Firefox vulnerabilities

Gary Kwong, Randell Jesup, Nils Ohlmeier, Jesse Ruderman, Max Jonas Werner, Christian Holler, Jon Coppeard, Eric Rahm, Byron Campen, Eric Rescorla, and Xidorn Quan discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker...

6.8CVSS8.4AI score0.04052EPSS
Exploits0
OSV
OSV
added 2014/10/10 1:55 a.m.3 views

UBUNTU-CVE-2014-3201

core/rendering/compositing/RenderLayerCompositor.cpp in Blink, as used in Google Chrome before 38.0.2125.102 on Android, does not properly handle a certain IFRAME overflow condition, which allows remote attackers to spoof content via a crafted web site that interferes with the scrollbar...

5CVSS5.7AI score0.0077EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2014/04/14 12:0 a.m.25 views

Debian: Security Advisory (DSA-2905-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.01934EPSS
Exploits10References3
OpenVAS
OpenVAS
added 2012/10/15 12:0 a.m.23 views

Google Chrome Multiple Vulnerabilities-01 Oct12 (Windows)

This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvuln01oct12win.nasl 5963 2017-04-18 09:02:14Z teissa $ Google Chrome Multiple Vulnerabilities-01 Oct12 Windows Authors: Antu Sanadi Copyright: Copyright c 2012...

9.3CVSS0.8AI score0.02053EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2012/10/15 12:0 a.m.26 views

Google Chrome Multiple Vulnerabilities-01 Oct12 (Mac OS X)

This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvuln01oct12macosx.nasl 5963 2017-04-18 09:02:14Z teissa $ Google Chrome Multiple Vulnerabilities-01 Oct12 Mac OS X Authors: Antu Sanadi Copyright: Copyright c 2012...

9.3CVSS0.9AI score0.02053EPSS
Exploits0References3
Rows per page
Query Builder