EulerOS 2.0 SP9 : mesa (EulerOS-SA-2020-2433)

According to the version of the mesa package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the...

Oracle Linux 7 : libwmf (ELSA-2020-3943)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-3943 advisory. - Resolves: rhbz1679005 CVE-2019-6978 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus h...

DEBIAN-CVE-2020-6555

Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

chromium-browser: Out of bounds read in WebGL

Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

PT-2021-7580 · Mozilla +5 · Firefox Esr +6

Name of the Vulnerable Software and Affected Versions: Mozilla Thunderbird versions prior to 78.9 Mozilla Firefox ESR versions prior to 78.9 Description: The issue is related to an out-of-date graphics library, Angle, which may contain vulnerabilities. It is associated with insufficient input...

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2020-1747)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.0 : php (EulerOS-SA-2020-1747)

According to the versions of the php packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.1.x below 7.1.3...

Google Chrome ANGLE Resource Management Error Vulnerability

Google Chrome is a web browser from Google.Almost Native Graphics Layer Engine ANGLE is a graphics layer engine that allows Windows users to run WebGL and other OpenGL ES 2.0 content by translating the OpenGL ES 2.0 API to DirectX 9 or DirectX 11 API calls. DirectX 11 API calls to run WebGL and...

Denial Of Service (DoS)

gd is vulnerable to denial of serviceDoS. The readimagetga function in gdtga.c in the GD Graphics Library aka libgd allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA file, related to the decompression buffer...

Double Free

gd is vulnerable to Double free vulnerability. The attack exists because of a flaw in the gdImageWebPtr function in the GD Graphics Library aka libgd allowing remote attackers to have unspecified impact via large width and height values...

Denial Of Service (DoS)

gd is vulnerable to denial of service DoS. The vulnerability exists as the output function in gdgifout.c in the GD Graphics Library aka libgd allows remote attackers to cause a denial of service out-of-bounds read via a crafted image...

Denial Of Service (DoS)

gd is vulnerable to denial of service DoS. The vulnerability exists as gdtga.c in the GD Graphics Library aka libgd before 2.2.3 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA file...

Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method

The Mozilla Foundation Security Advisory describes this flaw as: When reading from areas partially or fully outside the source resource with WebGL's copyTexSubImage method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially...

USN-4316-1: GD Graphics Library vulnerabilities | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial ...

EulerOS Virtualization 3.0.2.2 : gd (EulerOS-SA-2020-1464)

According to the versions of the gd package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Integer overflow in gdio.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via...

Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method

The Mozilla Foundation Security Advisory describes this flaw as: When reading from areas partially or fully outside the source resource with WebGL's copyTexSubImage method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially...

CVE-2019-6977

gdImageColorMatch in gdcolormatch.c in the GD Graphics Library aka LibGD 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigg...

CVE-2019-6978

The GD Graphics Library aka LibGD 2.2.5 has a double free in the gdImagePtr functions in gdgifout.c, gdjpeg.c, and gdwbmp.c. NOTE: PHP is unaffected...

Ubuntu: Security Advisory (USN-4316-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4316-2: GD Graphics Library vulnerabilities

USN-4316-1 fixed a vulnerability in GD Graphics Library. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics...