Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2025-65018)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-65018 advisory. - LIBPNG is a reference library for use in applications that read, create, and manipulate PNG...

MiracleLinux 7 : SDL-1.2.15-17.el7 (AXSA:2020-602:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-602:02 advisory. SDL: buffer over-read in IMAADPCMnibble in audio/SDLwave.c CVE-2019-7572 SDL: heap-based buffer overflow in function MSADPCMdecode in audio/SDLwave.c...

MiracleLinux 4 : xorg-x11-server-1.13.0-23.1.0.1.AXS4 (AXSA:2014-075:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2014-075:01 advisory. X.Org X11 X server Security issues fixed with this release: CVE-2013-1940 X.Org X server before 1.13.4 and 1.4.x before 1.14.1 does not properly restrict acce...

MiracleLinux 4 : gegl-0.1.2-4.AXS4 (AXSA:2012-1027:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-1027:01 advisory. EGL Generic Graphics Library is a graph based image processing framework. GEGLs original design was made to scratch GIMPs itches for a new compositing and...

AZL-74505 CVE-2026-22801 affecting package gdal 3.6.3-2

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.6.26 to 1.6.53, there is an integer truncation in the libpng simplified write API functions pngwriteimage16bit and pngwriteimage8bit causes heap buffer...

CVE-2021-31523

The Debian xscreensaver 5.42+dfsg1-1 package for XScreenSaver has capnetraw enabled for the /usr/libexec/xscreensaver/sonar file, which allows local users to gain privileges because this is arguably incompatible with the design of the Mesa 3D Graphics library dependency...

CVE-2017-6363

In the GD Graphics Library aka LibGD through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gdtiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and should only be used for development and...

CVE-2025-15155

A vulnerability was detected in floooh sokol up to 16cbcc864012898793cd2bc57f802499a264ea40. The impacted element is the function sgpipelinedescdefaults in the library sokolgfx.h. The manipulation results in stack-based buffer overflow. The attack requires a local approach. The exploit is now...

Google Chrome: chromium: webkitgtk: Out of bounds memory access via crafted HTML page

A flaw was found in ANGLE in Google Chrome. This vulnerability allows a remote attacker to perform out of bounds memory access via a crafted HTML HyperText Markup Language page. Although this was reported on Google Chrome, this issue also affected the WebKitGTK package with the same possible...

CVE-2025-15013

A vulnerability was identified in floooh sokol up to 5d11344150973f15e16d3ec4ee7550a73fb995e0. The impacted element is the function sgvalidatepipelinedesc in the library sokolgfx.h. Such manipulation leads to stack-based buffer overflow. The attack must be carried out locally. The exploit is...

CVE-2025-15013 floooh sokol sokol_gfx.h _sg_validate_pipeline_desc stack-based overflow

A vulnerability was identified in floooh sokol up to 5d11344150973f15e16d3ec4ee7550a73fb995e0. The impacted element is the function sgvalidatepipelinedesc in the library sokolgfx.h. Such manipulation leads to stack-based buffer overflow. The attack must be carried out locally. The exploit is...

Sokol 安全漏洞

Sokol is a platform interface for Andre Weissflog individual developers. A security vulnerability exists in Sokol, which stems from a misbehavior of the function sgvalidatepipelinedesc in the library sokolgfx.h, which could lead to a stack buffer overflow...

CVE-2025-14958

A security flaw has been discovered in floooh sokol up to 33e2271c431bf21de001e972f72da17a984da932. This vulnerability affects the function sgpipelinecommoninit in the library sokolgfx.h. Performing manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The...

Google Chromium Out of Bounds Memory Access Vulnerability

Google Chromium contains an out of bounds memory access vulnerability in ANGLE that could allow a remote attacker to perform out of bounds memory access via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google...

CVE-2025-50361

Buffer Overflow was found in SmallBASIC community SmallBASIC with SDL Before v1228, and commit sha:298a1d495355959db36451e90a0ac74bcc5593fe in the function main.cpp, which can lead to potential information leakage and crash...

TencentOS Server 3: libwmf (TSSA-2022:0059)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0059 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 3: gd (TSSA-2022:0054)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0054 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Mozilla Firefox ESR < 52.1.1

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 52.1.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2017-14 advisory. - A use-after-free can occur during Buffer11 API calls within the ANGLE graphics library, used for WebGL content...

Mozilla Firefox ESR < 52.4

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 52.4. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-22 advisory. - Mozilla developers and community members Christoph Diehl, Jan de Mooij, Jason Kratzer, Randell Jesup, Tom...

Mozilla Thunderbird < 60.4

The version of Thunderbird installed on the remote Windows host is prior to 60.4. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-31 advisory. - A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when ...