155 matches found
[SECURITY] Fedora 42 Update: gimp-3.0.8-5.fc42
GIMP GNU Image Manipulation Program is a powerful image composition and editing program, which can be extremely useful for creating logos and other graphics for web pages. GIMP has many of the tools and filters you would expe ct to find in similar commercial offerings, and some interesting extras...
Astra Linux – Vulnerability in Firefox
A compromised web process was able to trigger unauthorized reads and writes in a more privileged process by using manipulated WebGL textures. This vulnerability has been fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component...
PT-2025-51792
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 143.0.7499.147 Description A use-after-free issue exists in the WebGPU component of Google Chrome. This flaw could allow a remote attacker to exploit heap corruption through a specially crafted HTML page. The...
Exploit for CVE-2025-14174
CVE-2025-14174 PoC Exploit Repository Overview This reposi...
thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures...
Google Chrome Heap Buffer Overflow Vulnerability
Google Chrome is a web browser developed by Google Inc. Google Chrome suffers from a heap buffer overflow vulnerability that stems from a heap buffer overflow issue in the WebGPU component. An attacker can exploit this vulnerability to execute arbitrary code on the system or cause denial of heap...
RHEL 9 : firefox (RHSA-2025:15423)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:15423 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
Linux Distros Unpatched Vulnerability : CVE-2018-6034
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HT...
Linux Distros Unpatched Vulnerability : CVE-2017-5112
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in WebGL in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to execute arbitrary code inside a sandbox via a...
Linux Distros Unpatched Vulnerability : CVE-2018-6047
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user redirect URL via a crafted...
Linux Distros Unpatched Vulnerability : CVE-2018-6154
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in WebGL in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...
Linux Distros Unpatched Vulnerability : CVE-2018-6073
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow in WebGL in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML...
Linux Distros Unpatched Vulnerability : CVE-2023-6856
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacke...
Linux Distros Unpatched Vulnerability : CVE-2020-26972
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The lifecycle of IPC Actors allows managed actors to outlive their manager actors; and the former must ensure that they are not attempting to use a dead actor...
Linux Distros Unpatched Vulnerability : CVE-2023-29531
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash. This bug only...
CVE-2025-1246
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operation...
CVE-2025-0050
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to make valid GPU processing operations,...
UBUNTU-CVE-2022-49069
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix by adding FPU protection for dcn30internalvalidatebw Why Below general protection fault observed when WebGL Aquarium is run for longer duration. If drm debug logs are enabled and set to 0x1f then the issue is...
CVE-2024-11691
Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. This bug only affected the application on Apple M series hardware. Other platforms were unaffected. This vulnerability affects Firefox 13...