5270 matches found
Google Chrome < 39.0.2171.65 Multiple Vulnerabilities
Binary data 8580.pasl...
DEBIAN-CVE-2015-1548
minihttpd 1.21 and earlier allows remote attackers to obtain sensitive information from process memory via an HTTP request with a long protocol string, which triggers an incorrect response size calculation and an out-of-bounds read...
flash-plugin: Information disclosure via various methods (APSB15-01)
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allo...
Code injection
The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline operations, which allows remote attackers to cause a denial of service uninitialized-memory read and...
CVE-2014-8640
The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline operations, which allows remote attackers to cause a denial of service uninitialized-memory read and...
CVE-2014-9351
engine/server/server.cpp in Teeworlds 0.6.x before 0.6.3 allows remote attackers to read memory and cause a denial of service crash via unspecified vectors...
DEBIAN-CVE-2014-9351
engine/server/server.cpp in Teeworlds 0.6.x before 0.6.3 allows remote attackers to read memory and cause a denial of service crash via unspecified vectors...
UBUNTU-CVE-2014-9351
engine/server/server.cpp in Teeworlds 0.6.x before 0.6.3 allows remote attackers to read memory and cause a denial of service crash via unspecified vectors...
CVE-2014-9351
engine/server/server.cpp in Teeworlds 0.6.x before 0.6.3 allows remote attackers to read memory and cause a denial of service crash via unspecified vectors...
CVE-2014-9351
engine/server/server.cpp in Teeworlds 0.6.x before 0.6.3 allows remote attackers to read memory and cause a denial of service crash via unspecified vectors...
Updated teeworlds packages fix security vulnerability
A security flaw was found in the teeworlds server prior to 0.6.3 where an incorrect offset check could enable an attacker to read the memory or trigger a segmentation fault. The teeworlds package in Mageia 4 has been update to version 0.6.3, thus providing the fix for this security flaw and a...
[USN-2410-1] Oxide vulnerabilities
========================================================================== Ubuntu Security Notice USN-2410-1 November 19, 2014 oxide-qt vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...
chromium-browser: Uninitialized memory read in Skia
effects/SkDashPathEffect.cpp in Skia, as used in Google Chrome before 39.0.2171.65, computes a hash key using uninitialized integer values, which might allow remote attackers to cause a denial of service by rendering crafted data...
chromium: multiple issues
CVE-2014-7899 address bar spoofing A flaw allows remote attackers to spoof the address bar by placing a blob: substring at the beginning of the URL, followed by the original URI scheme and a long username string. - CVE-2014-7900 use-after-free Use-after-free vulnerability in the...
Ubuntu: Security Advisory (USN-2410-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : Oxide vulnerabilities (USN-2410-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2410-1 advisory. A buffer overflow was discovered in Skia. If a user were tricked in to opening a specially crafted website, an attacked could potentially exploit this to...
USN-2410-1: Oxide vulnerabilities
A buffer overflow was discovered in Skia. If a user were tricked in to opening a specially crafted website, an attacked could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. CVE-2014-7904...
Google Chrome < 39.0.2171.65 Multiple Vulnerabilities (Mac OS X)
The version of Google Chrome installed on the remote Mac OS X host is a version prior to 39.0.2171.65. It is, therefore, affected by the following vulnerabilities : - A double-free vulnerability exists in the version of Adobe Flash bundled with Chrome which could result in arbitrary code executio...
Google Chrome < 39.0.2171.65 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is a version prior to 39.0.2171.65. It is, therefore, affected by the following vulnerabilities : - A double-free vulnerability exists in the version of Adobe Flash bundled with Chrome which could result in arbitrary code execution...
FreeBSD : chromium -- multiple vulnerabilities (d395e44f-6f4f-11e4-a444-00262d5ed8ee)
Google Chrome Releases reports : 42 security fixes in this release, including : - 389734 High CVE-2014-7899: Address bar spoofing. Credit to Eli Grey. - 406868 High CVE-2014-7900: Use-after-free in pdfium. Credit to Atte Kettunen from OUSPG. - 413375 High CVE-2014-7901: Integer overflow in pdfium...