5 matches found
CVE-2026-20719 DoS via URL Previews Rendering Malicious SVGs
Mattermost versions 11.4.x = 11.4.0, 11.3.x = 11.3.1, 11.2.x = 11.2.3, 10.11.x = 10.11.11 fail to prevent rendering of external SVGs on link embeds which allows unauthenticated users to crash the Mattermost webapp and desktop app via creating an issue or PR on GitHub.. Mattermost Advisory ID:...
UBUNTU-CVE-2015-0805
The Off Main Thread Compositing OMTC implementation in Mozilla Firefox before 37.0 makes an incorrect memset call during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service...
Microsoft Office Embedded TIFF Image Remote Code Execution (CVE-2013-3906)
A remote code execution vulnerability has been reported in a graphic rendering library used by Microsoft Office products...
GDI+ - gdiplus.dll CreateDashedPath Integer Overflow
GDI+ - gdiplus.dll CreateDashedPath Integer Overflow Abysssec Research 1 Advisory information Title : GDI+ CreateDashedPath Integer overflow in gdiplus.dll Discovery : Nicolas july from vupen Analysis : Abysssec.com Vendor : http://www.microsoft.com Impact : High Contact : info at abysssec.com...
MS05-053: Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424)
The remote host contains a version of Microsoft Windows missing a critical security update to fix several vulnerabilities in the Graphic Rendering Engine, and in the way Windows handles Metafiles. An attacker could exploit these flaws to execute arbitrary code on the remote host by sending a...