255 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-32740
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap- buffer-overflow write vulnerability in the grid tile...
Astra Linux - уязвимость в webkit2gtk
The issue was resolved by adding additional restrictions on CSS compositing. This issue has been fixed in tvOS 15, watchOS 8, iOS 15, and iPadOS 15. Visiting a maliciously crafted website may reveal a user’s browsing history...
Astra Linux - уязвимость в chromium
The use of “after free” in Compositing in Google Chrome before version 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
ROS-20260520-73-0058
A vulnerability in the Compositing component of the Google Chrome browser is related to memory usage after release. Exploiting the vulnerability could allow a remote attacker to execute arbitrary code or cause a denial of service...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the overlay process. An attacker can cause a crash or potentially access sensitive memory contents by providing a crafted HEIF file that triggers incorrect indexing into the alpha buffer during image compositing...
DEBIAN-CVE-2026-32740
libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...
CVE-2026-32882 libheif: Heap Buffer OOB Read in overlay compositing due to wrong alpha stride
libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in libheif/pixelimage.cc. When compositing an overlay image iovl whose child image has a different bit depth for the alpha channel than for the color...
CVE-2026-32882 libheif: Heap Buffer OOB Read in overlay compositing due to wrong alpha stride
libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in libheif/pixelimage.cc. When compositing an overlay image iovl whose child image has a different bit depth for the alpha channel than for the color...
CVE-2026-32740
libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...
SUSE CVE-2026-8545
Object corruption in Compositing in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
Chromium: CVE-2026-8545 Object corruption in Compositing
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2026-8545
An object corruption flaw was found in the Compositing component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497486030...
CVE-2026-8545
Object corruption in Compositing in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
CVE-2026-8545
Object corruption in Compositing in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
CVE-2026-8545
Object corruption in Compositing in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
CVE-2026-8545
Object corruption in Compositing in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
EUVD-2026-30457
Object corruption in Compositing in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
CVE-2026-8545
Object corruption in Compositing in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
CVE-2026-8545
CVE-2026-8545 is an object-corruption in the Chromium-based Composite rendering path affecting Google Chrome. Public sources describe that an attacker who already compromised the renderer process could leak cross-origin data via a crafted HTML page. Affected product lineage is Google Chrome/Chrom...
PT-2026-41074
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description Object corruption in Compositing allows a remote attacker who has compromised the renderer process to leak cross-origin data through a crafted HTML page. Recommendations Update to...