webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution

A heap buffer overflow vulnerability was found in WebKitGTK. The vulnerability occurs when processing or rendering HTML content in WebKit. This flaw allows a remote attacker to trick the victim into opening a specially crafted web page, triggering a heap buffer overflow error and leading to the...

webkitgtk: heap-buffer-overflow in WebCore::TextureMapperLayer::setContentsLayer

REJECTED CVE In WebKitGTK through 2.36.0 and WPE WebKit, there is a use-after-free in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp...

DEBIAN-CVE-2025-3016

A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::MDLImporter::ParseTextureColorData of the file code/AssetLib/MDL/MDLMaterialLoader.cpp of the component MDL File Handler. The manipulation of the argument...

CVE-2024-46807

...

DEBIAN-CVE-2024-46807

In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: Check tbo resource pointer Validate tbo resource pointer, skip if NULL...

CVE-2024-44161

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted texture may lead to unexpected app termination...

CVE-2024-44161

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. Processing a maliciously crafted texture may lead to unexpected app termination...

CVE-2024-44160

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted texture may lead to unexpected app termination...

CVE-2024-44160

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. Processing a maliciously crafted texture may lead to unexpected app termination...

CVE-2024-44161

CVE-2024-44161 is an out-of-bounds read vulnerability in macOS texture processing that could cause an application to terminate if a maliciously crafted texture is processed. The issue is mitigated by improved bounds checking and is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, and macOS Sequoia...

CVE-2024-44161

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted texture may lead to unexpected app termination...

CVE-2024-44161

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. Processing a maliciously crafted texture may lead to unexpected app termination...

CVE-2024-44160

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted texture may lead to unexpected app termination...

CVE-2024-44160

CVE-2024-44160 describes a buffer overflow vulnerability in macOS texture handling. Affected products/versions include macOS Ventura 13.7, macOS Sonoma 14.7, and macOS Sequoia 15, where processing a maliciously crafted texture can cause an unexpected app termination. The issue is attributed to im...

CVE-2024-44160

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. Processing a maliciously crafted texture may lead to unexpected app termination...

qtbase: potential buffer overflow when reading KTX images

A vulnerability has been discovered in Qt Base, wherein an attacker can exploit a specially crafted KTX image file to induce a buffer overflow within the application parsing it. This overflow can subsequently result in a denial-of-service condition, rendering the affected application inaccessible...

The vulnerability in the `gui/util/qktxhandler.cpp` component of the KTX image processing module of the cross-platform framework for developing Qt software allows a hacker to cause a service failure.

The vulnerability in the gui/util/qktxhandler.cpp component of the KTX image processing module for the cross-platform development framework for Qt software development relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a malicious act...

Updated nss and firefox packages fix security vulnerabilities

The updated packages fix security vulnerabilities Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver. CVE-2023-6856 Potential exposure of uninitialized data in EncryptingOutputStream. CVE-2023-6865 Symlinks may resolve to smaller than expected buffers...

USN-6563-1 thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

Mozilla: Potential sandbox escape due to <code>VideoBridge</code> lack of texture validation

The Mozilla Foundation Security Advisory describes this flaw as: The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox...