767 matches found
Stable Channel Update for ChromeOS / ChromeOS Flex
The Stable channel is being updated to OS version: 15572.50.0 Browser version: 117.0.5938.115 for most ChromeOS devices. If you find new issues, please let us know one of the following ways 1. File a bug 2. Visit our ChromeOS communities 1. General: Chromebook Help Community 2. Beta Specific:...
Debian dla-3585 : exempi - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3585 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3585-1 [email protected]...
CVE-2023-5129
Removed by vendor...
Number withdrawn
libwebp is a library for encoding and decoding the WebP image format. This CVE number has been withdrawn...
OESA-2023-1681 libwebp security update
This is an image format that does lossy compression of digital photographic images. WebP consists of a codec based on VP8, and a container based on RIFF. Webmasters, web developers and browser developers can use WebP to compress, archive and distribute digital images more efficiently. Security...
AlmaLinux 8 : libwebp (ALSA-2023:5309)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5309 advisory. - Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...
Two Qt security advisories: GDI Font Engine & WebP image format
An issue on Windows with the GDI font engine has been reported and has been assigned the CVE id CVE-2023-43114. When corrupt font data is passed to the GDI font engine via QFontDatabase::addApplicationFontFromData then it can trigger a crash in the application. Solution: As a workaround, validate...
Two Qt security advisorys: GDI Font Engine & WebP image format
An issue on Windows with the GDI font engine has been reported and has been assigned the CVE id CVE-2023-43114. When corrupt font data is passed to the GDI font engine via QFontDatabase::addApplicationFontFromData then it can trigger a crash in the application. Solution: As a workaround, validate...
GHSA-J646-GJ5P-P45G CefSharp affected by heap buffer overflow in WebP
Google is aware that an exploit for CVE-2023-4863 exists in the wild. Description Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical References -...
CefSharp affected by heap buffer overflow in WebP
Google is aware that an exploit for CVE-2023-4863 exists in the wild. Description Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical References -...
FreeBSD : graphics/webp heap buffer overflow (4fd7a2fc-5860-11ee-a1b3-dca632daf43b)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 4fd7a2fc-5860-11ee-a1b3-dca632daf43b advisory. - Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to...
CefSharp affected by heap buffer overflow in WebP
Google is aware that an exploit for CVE-2023-4863 exists in the wild. Description Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. Chromium security severity: Critical References -...
CefSharp affected by heap buffer overflow in WebP
Google is aware that an exploit for CVE-2023-4863 exists in the wild. Description Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. Chromium security severity: Critical References -...
Slackware Linux 15.0 / current seamonkey Vulnerability (SSA:2023-264-03)
The version of seamonkey installed on the remote host is prior to 2.53.17.1. It is, therefore, affected by a vulnerability as referenced in the SSA:2023-264-03 advisory. - Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds...
libwebp: out-of-bounds write with a specially crafted WebP lossless file
This CVE ID has been rejected by its CVE Numbering Authority. Duplicate of CVE-2023-4863...
Important: Red Hat Security Advisory: libwebp security update
An update for libwebp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
libwebp: Heap buffer overflow in WebP Codec
A heap-based buffer flaw was found in the way libwebp, a library used to process "WebP" image format data, processes certain specially formatted WebP images. An attacker could use this flaw to crash or execute remotely arbitrary code in an application such as a web browser compiled with this...
PYSEC-2023-174
imagecodecs versions before v2023.9.18 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-5129 previously CVE-2023-4863. imagecodecs v2023.9.18 upgrades the bundled libwebp binary to v1.3.2...
ROS-20230920-03
A vulnerability in the WebP image display module of the Google Chrome browser is related to reading outside the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
Important: libwebp security update
The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format RIFF. Webmasters, web...