2108 matches found
openSUSE Security Update : chromium (openSUSE-2017-1349)
This update to Chromium 63.0.3239.84 fixes the following security issues : - CVE-2017-15408: Heap buffer overflow in PDFium - CVE-2017-15409: Out of bounds write in Skia - CVE-2017-15410: Use after free in PDFium - CVE-2017-15411: Use after free in PDFium - CVE-2017-15412: Use after free in libXM...
openSUSE Security Update : binutils (openSUSE-2017-1330)
GNU binutil was updated to the 2.29.1 release, bringing various new features, fixing a lot of bugs and security issues. Following security issues are being addressed by this release : - 18750 bsc1030296 CVE-2014-9939 - 20891 bsc1030585 CVE-2017-7225 - 20892 bsc1030588 CVE-2017-7224 - 20898...
[ASA-201712-6] qt5-webengine: multiple issues
Arch Linux Security Advisory ASA-201712-6 ========================================= Severity: Critical Date : 2017-12-13 CVE-ID : CVE-2017-15386 CVE-2017-15387 CVE-2017-15388 CVE-2017-15390 CVE-2017-15392 CVE-2017-15394 CVE-2017-5124 CVE-2017-5126 CVE-2017-5127 CVE-2017-5128 CVE-2017-5129...
Security update for chromium (important)
This update to Chromium 63.0.3239.84 fixes the following security issues: - CVE-2017-5124: UXSS with MHTML - CVE-2017-5125: Heap overflow in Skia - CVE-2017-5126: Use after free in PDFium - CVE-2017-5127: Use after free in PDFium - CVE-2017-5128: Heap overflow in WebGL - CVE-2017-5129: Use after...
Security update for chromium (important)
This update to Chromium 63.0.3239.84 fixes the following security issues: - CVE-2017-15408: Heap buffer overflow in PDFium - CVE-2017-15409: Out of bounds write in Skia - CVE-2017-15410: Use after free in PDFium - CVE-2017-15411: Use after free in PDFium - CVE-2017-15412: Use after free in libXML...
chromium-browser: type confusion in webassembly
Type confusion in WebAssembly in V8 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2017-15413
Type confusion in WebAssembly in V8 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 63 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 63.0.3239.84 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming...
SUSE SLED12 / SLES12 Security Update : binutils (SUSE-SU-2017:3170-1)
GNU binutil was updated to the 2.29.1 release, bringing various new features, fixing a lot of bugs and security issues. Following security issues are being addressed by this release : - 18750 bsc1030296 CVE-2014-9939 - 20891 bsc1030585 CVE-2017-7225 - 20892 bsc1030588 CVE-2017-7224 - 20898...
chromium-browser webassembly component stack manipulation vulnerability
chromium-browser is an open source web browser project started by Google to provide source code for the proprietary Google Chrome browser. A stack manipulation vulnerability exists in the chromium-browser webassembly component. An attacker could exploit the vulnerability to execute arbitrary code...
Debian DSA-4020-1 : chromium-browser - security update
Several vulnerabilities have been discovered in the chromium web browser. In addition, this message serves as an annoucment that security support for chromium in the oldstable release jessie, Debian 8, is now discontinued. Debian 8 chromium users that desire continued security updates are strongl...
Debian: Security Advisory (DSA-4020-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
chakra: Crash in Js::WebAssembly::EntryQueryResponse
Project: https://github.com/Microsoft/ChakraCore.git Detailed report: https://oss-fuzz.com/testcase?key=5816764773433344 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x01873fff8003 Crash State: Js::WebAssembly::EntryQueryResponse...
openSUSE Security Update : chromium (openSUSE-2017-1221)
This update to Chromium 62.0.3202.75 fixes the following security issues : - CVE-2017-5124: UXSS with MHTML - CVE-2017-5125: Heap overflow in Skia - CVE-2017-5126: Use after free in PDFium - CVE-2017-5127: Use after free in PDFium - CVE-2017-5128: Heap overflow in WebGL - CVE-2017-5129: Use after...
Security update for chromium (important)
This update to Chromium 62.0.3202.75 fixes the following security issues: - CVE-2017-5124: UXSS with MHTML - CVE-2017-5125: Heap overflow in Skia - CVE-2017-5126: Use after free in PDFium - CVE-2017-5127: Use after free in PDFium - CVE-2017-5128: Heap overflow in WebGL - CVE-2017-5129: Use after...
FreeBSD : chromium -- multiple vulnerabilities (a692bffe-b6ad-11e7-a1c2-e8e0b747a45a)
Google Chrome Releases reports : 35 security fixes in this release, including : - 762930 High CVE-2017-5124: UXSS with MHTML. Reported by Anonymous on 2017-09-07 - 749147 High CVE-2017-5125: Heap overflow in Skia. Reported by Anonymous on 2017-07-26 - 760455 High CVE-2017-5126: Use after free in...
chromium-browser: incorrect stack manipulation in webassembly
Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka incorrect WebAssembly stack manipulation...
CVE-2017-5132
Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka incorrect WebAssembly stack manipulation...
chromium -- multiple vulnerabilities
Google Chrome Releases reports: 35 security fixes in this release, including: 762930 High CVE-2017-5124: UXSS with MHTML. Reported by Anonymous on 2017-09-07 749147 High CVE-2017-5125: Heap overflow in Skia. Reported by Anonymous on 2017-07-26 760455 High CVE-2017-5126: Use after free in PDFium...
radare2 denial of service vulnerability (CNVD-2017-32251)
radare2 is a set of libraries and tools for working with binary files. A security vulnerability exists in the 'wasmdis' function in the libr/asm/arch/wasm/wasm.c file in radare2 version 2.0.0. A remote attacker can exploit this vulnerability to cause a denial of service stack-based buffer...