1192 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-12220
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is an...
Linux Distros Unpatched Vulnerability : CVE-2021-3481
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelperp.h in Qt/Qtbase. While...
Linux Distros Unpatched Vulnerability : CVE-2018-14553
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call...
CVE-2025-9478
CVE-2025-9478 : Use-after-free in ANGLE within Google Chrome prior to 139.0.7258.154 can enable a remote attacker to cause heap corruption via a crafted HTML page. Affected component: ANGLE/Chromium WebKit stack used by Chrome. Impact per sources: potential arbitrary code execution, heap corrupti...
CVE-2025-9478
Use after free in ANGLE in Google Chrome prior to 139.0.7258.154 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...
gdk‑pixbuf: Heap‑buffer‑overflow in gdk‑pixbuf
A flaw exists in gdk‑pixbuf within the gdkpixbufjpegimageloadincrement function io-jpeg.c and in glib’s gbase64encodestep glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory,...
Linux Distros Unpatched Vulnerability : CVE-2018-6034
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HT...
Linux Distros Unpatched Vulnerability : CVE-2017-5112
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in WebGL in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to execute arbitrary code inside a sandbox via a...
CVE-2025-55286
z2d is a pure Zig 2D graphics library. z2d v0.7.0 released with a new multi-sample anti-aliasing MSAA method, which uses a new buffering mechanism for storing coverage data. This differs from the standard alpha mask surface used for the previous super-sample anti-aliasing SSAA method. Under certa...
Linux Distros Unpatched Vulnerability : CVE-2019-6245
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Anti-Grain Geometry AGG 2.4 as used in SVG++ aka svgpp 1.2.3. In the function agg::cellaa::notequal, dx is assigned to x2 - x1. If dx...
Linux Distros Unpatched Vulnerability : CVE-2018-6047
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user redirect URL via a crafted...
Linux Distros Unpatched Vulnerability : CVE-2018-6073
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow in WebGL in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML...
Linux Distros Unpatched Vulnerability : CVE-2018-6154
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in WebGL in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...
CVE-2025-55286
The CVE-2025-55286 issue affects z2d v0.7.0/v0.7.0-era MSAA buffering. Under scenarios where a drawn path lies wholly or partly outside the rendering surface, incorrect bounding can cause out-of-bounds access in the coverage buffer, impacting high-level operations (Context.fill/stroke, painter.fi...
CVE-2025-55286 z2d OOB drawing with new multi-sample anti-aliasing could lead to invalid memory access and corruption
z2d is a pure Zig 2D graphics library. z2d v0.7.0 released with a new multi-sample anti-aliasing MSAA method, which uses a new buffering mechanism for storing coverage data. This differs from the standard alpha mask surface used for the previous super-sample anti-aliasing SSAA method. Under certa...
SUSE-SU-2025:02795-1 Security update for cairo
This update for cairo fixes the following issues: - CVE-2019-6462: Fixed a potentially infinite loop bsc1122321...
Linux Distros Unpatched Vulnerability : CVE-2023-29531
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash. This bug only...
Linux Distros Unpatched Vulnerability : CVE-2020-26972
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The lifecycle of IPC Actors allows managed actors to outlive their manager actors; and the former must ensure that they are not attempting to use a dead actor...
A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in SDL_render_gles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not affected.
...
Google Chrome ANGLE/GPU Input Validation Vulnerability
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from an input validation vulnerability that stems from insufficient validation of untrustworthy input by ANGLE and GPU, which can be exploited by an attacker to submit a special WEB request, which can be tricke...