Lucene search
K

2289 matches found

UbuntuCve
UbuntuCve
added 2015/09/24 4:59 a.m.26 views

CVE-2015-7179

The VertexBufferInterface::reserveVertexSpace function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, incorrectly allocates memory for shader attribute arrays, which allows remote attackers to execute arbitrary code or cause a denial of...

7.5CVSS7.6AI score0.04184EPSS
Exploits0References2
Prion
Prion
added 2015/09/24 4:59 a.m.17 views

Memory corruption

The ProgramBinary::linkAttributes function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, mishandles shader access, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application cras...

7.5CVSS8.3AI score0.03416EPSS
Exploits0References8Affected Software2
UbuntuCve
UbuntuCve
added 2015/09/24 4:59 a.m.32 views

CVE-2015-7178

The ProgramBinary::linkAttributes function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, mishandles shader access, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application cras...

7.5CVSS7.3AI score0.03416EPSS
Exploits0References2
Cvelist
Cvelist
added 2015/09/24 1:0 a.m.30 views

CVE-2015-7178

The ProgramBinary::linkAttributes function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, mishandles shader access, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application cras...

7.6AI score0.03416EPSS
Exploits0References8
CVE
CVE
added 2015/09/24 1:0 a.m.111 views

CVE-2015-7178

CVE-2015-7178 affects Mozilla Firefox on Windows via ANGLE’s libGLES, where the ProgramBinary::linkAttributes function mishandles shader access. This can allow a remote attacker to execute arbitrary code or cause a denial of service through crafted OpenGL/WebGL content, leading to memory corrupti...

7.5CVSS7.8AI score0.03416EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2015/09/24 1:0 a.m.74 views

CVE-2015-7179

The CVE-2015-7179 entry is confirmed public with concrete details: The flaw occurs in ANGLE’s libGLES used by Mozilla Firefox on Windows, in VertexBufferInterface::reserveVertexSpace. It allocates memory for shader attribute arrays incorrectly, enabling remote attackers to run arbitrary code or c...

7.5CVSS7.9AI score0.04184EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2015/09/24 1:0 a.m.23 views

CVE-2015-7179

The VertexBufferInterface::reserveVertexSpace function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, incorrectly allocates memory for shader attribute arrays, which allows remote attackers to execute arbitrary code or cause a denial of...

7.7AI score0.04184EPSS
Exploits0References8
Mozilla
Mozilla
added 2015/09/22 12:0 a.m.42 views

Memory safety errors in libGLES in the ANGLE graphics library — Mozilla

Security researcher Ronald Crane reported two issues in the libGLES portions of the ANGLE graphics library, used for WebGL and OpenGL content on Windows systems. The first of these is a missing bounds check leading to memory safety errors when manipulating shaders which could result in the writin...

7.5CVSS6.7AI score0.04184EPSS
Exploits0References4Affected Software4
Tenable Nessus
Tenable Nessus
added 2015/04/28 12:0 a.m.39 views

Ubuntu 14.04 LTS : Oxide vulnerabilities (USN-2570-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2570-1 advisory. An issue was discovered in the HTML parser in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially...

7.5CVSS9.1AI score0.02702EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2015/04/28 12:0 a.m.51 views

FreeBSD : chromium -- multiple vulnerabilities (b57f690e-ecc9-11e4-876c-00262d5ed8ee)

Google Chrome Releases reports : 45 new security fixes, including : - 456518 High CVE-2015-1235: Cross-origin-bypass in HTML parser. Credit to anonymous. - 313939 Medium CVE-2015-1236: Cross-origin-bypass in Blink. Credit to Amitay Dobo. - 461191 High CVE-2015-1237: Use-after-free in IPC. Credit ...

7.5CVSS8.6AI score0.02702EPSS
Exploits1References15
Ubuntu
Ubuntu
added 2015/04/27 4:13 p.m.77 views

USN-2570-1: Oxide vulnerabilities

An issue was discovered in the HTML parser in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. CVE-2015-1235 An issue was discovered in the Web Audio API implementation in Blink. If a user were...

7.5CVSS9AI score0.02702EPSS
Exploits1
OSV
OSV
added 2015/04/27 4:13 p.m.5 views

USN-2570-1 oxide-qt vulnerabilities

An issue was discovered in the HTML parser in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. CVE-2015-1235 An issue was discovered in the Web Audio API implementation in Blink. If a user were...

7.5CVSS7.7AI score0.02702EPSS
Exploits1References13
Debian
Debian
added 2015/04/27 2:41 a.m.44 views

[SECURITY] [DSA 3238-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3238-1 [email protected] http://www.debian.org/security/ Michael Gilbert April 26, 2015 http://www.debian.org/security/faq -...

7.5CVSS0.5AI score0.02702EPSS
Exploits3
OSV
OSV
added 2015/04/26 12:0 a.m.35 views

DSA-3238-1 chromium-browser - security update

Bulletin has no description...

7.5CVSS8.1AI score0.02702EPSS
Exploits3
Mageia
Mageia
added 2015/04/23 9:14 p.m.55 views

Updated chromium-browser-stable packages fix security vulnerabilities

Chromium-browser 42.0.2311.90 fixes several security issues, among others a cross-origin-bypass in HTML parser CVE-2015-1235, a cross-origin-bypass in Blink CVE-2015-1236, a use-after-free in IPC CVE-2015-1237, an out-of-bounds write in Skia CVE-2015-1238, an out-of-bounds read in WebGL...

7.5CVSS6.9AI score0.02702EPSS
Exploits1References2
NVD
NVD
added 2015/04/19 10:59 a.m.18 views

CVE-2015-1240

gpu/blink/webgraphicscontext3dimpl.cc in the WebGL implementation in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service out-of-bounds read via a crafted WebGL program that triggers a state inconsistency...

5CVSS6AI score0.01239EPSS
Exploits0References10
Prion
Prion
added 2015/04/19 10:59 a.m.17 views

Out-of-bounds

gpu/blink/webgraphicscontext3dimpl.cc in the WebGL implementation in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service out-of-bounds read via a crafted WebGL program that triggers a state inconsistency...

5CVSS6.6AI score0.01239EPSS
Exploits0References10Affected Software3
CVE
CVE
added 2015/04/19 10:0 a.m.83 views

CVE-2015-1240

The CVE-2015-1240 entry applies to Google Chrome’s WebGL implementation (gpu/blink/webgraphicscontext3d_impl.cc) and describes an out-of-bounds read in WebGL that can be triggered by a crafted WebGL program, potentially causing denial of service due to a state inconsistency. Affected version is C...

5CVSS6AI score0.01239EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2015/04/19 10:0 a.m.21 views

CVE-2015-1240

gpu/blink/webgraphicscontext3dimpl.cc in the WebGL implementation in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service out-of-bounds read via a crafted WebGL program that triggers a state inconsistency...

5.9AI score0.01239EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2015/04/19 10:0 a.m.20 views

CVE-2015-1240

Removed by vendor...

5CVSS9.6AI score0.01239EPSS
Exploits0
Rows per page
Query Builder