2114 matches found
Security update for chromium (important)
This update to Chromium 62.0.3202.75 fixes the following security issues: - CVE-2017-5124: UXSS with MHTML - CVE-2017-5125: Heap overflow in Skia - CVE-2017-5126: Use after free in PDFium - CVE-2017-5127: Use after free in PDFium - CVE-2017-5128: Heap overflow in WebGL - CVE-2017-5129: Use after...
FreeBSD : chromium -- multiple vulnerabilities (a692bffe-b6ad-11e7-a1c2-e8e0b747a45a)
Google Chrome Releases reports : 35 security fixes in this release, including : - 762930 High CVE-2017-5124: UXSS with MHTML. Reported by Anonymous on 2017-09-07 - 749147 High CVE-2017-5125: Heap overflow in Skia. Reported by Anonymous on 2017-07-26 - 760455 High CVE-2017-5126: Use after free in...
chromium-browser: incorrect stack manipulation in webassembly
Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka incorrect WebAssembly stack manipulation...
CVE-2017-5132
Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka incorrect WebAssembly stack manipulation...
chromium -- multiple vulnerabilities
Google Chrome Releases reports: 35 security fixes in this release, including: 762930 High CVE-2017-5124: UXSS with MHTML. Reported by Anonymous on 2017-09-07 749147 High CVE-2017-5125: Heap overflow in Skia. Reported by Anonymous on 2017-07-26 760455 High CVE-2017-5126: Use after free in PDFium...
radare2 denial of service vulnerability (CNVD-2017-32251)
radare2 is a set of libraries and tools for working with binary files. A security vulnerability exists in the 'wasmdis' function in the libr/asm/arch/wasm/wasm.c file in radare2 version 2.0.0. A remote attacker can exploit this vulnerability to cause a denial of service stack-based buffer...
Flash Player is Dead, Long Live Flash Player!
Adobe last week detailed plans to retire its Flash Player software, a cross-platform browser plugin so powerful and so packed with security holes that it has become the favorite target of malware developers. To help eradicate this ubiquitous liability, Adobe is enlisting the help of Apple,...
radare2 buffer overflow vulnerability (CNVD-2017-07168)
radare2 is a set of libraries and tools for working with binary files. A buffer overflow vulnerability exists in the 'consumeinitexpr' function of the wasm.c file in radare2 version 1.3.0. A remote attacker can exploit this vulnerability to cause a denial of service heap buffer out-of-bounds read...
Security update for Mozilla Firefox (important)
Mozilla Firefox was updated to Firefox 52.1.0esr. The following vulnerabilities were fixed bsc1035082: - CVE-2017-5443: Out-of-bounds write during BinHex decoding - CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1 - CVE-2017-5464: Memory corruption wit...
openSUSE Security Update : Mozilla Firefox (openSUSE-2017-509)
Mozilla Firefox was updated to Firefox 52.1.0esr. The following vulnerabilities were fixed bsc1035082 : - CVE-2017-5443: Out-of-bounds write during BinHex decoding - CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1 - CVE-2017-5464: Memory corruption wi...
openSUSE: Security Advisory for Mozilla (openSUSE-SU-2017:1099-1)
The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
UBUNTU-CVE-2017-7716
The readu32leb128 function in libr/util/uleb128.c in radare2 1.3.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted Web Assembly file...
CVE-2016-10226
JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service bitfield out-of-bounds read and application crash via crafted JavaScript code that is mishandled in the operatorString function, related to...
WebAssembly — New Standard for Powerful and Faster Web Apps
Google, Apple, Microsoft, and Mozilla have joined hands to create code for use in the future web browsers that promises up to 20 times faster performance. Dubbed WebAssembly or wasm for short, a project to create a new portable bytecode for the Web that will be more efficient for both desktop as...