Lucene search
+L

151 matches found

AlpineLinux
AlpineLinux
added 2025/05/16 12:0 a.m.48 views

CVE-2025-48174

In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream-offset+size...

9.1CVSS7.9AI score0.00311EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.6 views

openSUSE Security Advisory (SUSE-SU-2024:0423-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.8AI score0.00653EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2024/04/05 3:42 p.m.5 views

emulsion (>=6.0.0 <=10.0.0), libavif-sys (>=0.8.0 <=0.15.0) +1 more potentially affected by CVE-2024-1580 via libdav1d-sys (>=0.2.0 <=0.6.0)

libdav1d-sys CARGO version =0.2.0, =6.0.0, =0.8.0, =0.9.4, =0.10.1 Source cves: CVE-2024-1580 Source advisory: OSV:GHSA-MC39-H54G-PVW6...

8.8CVSS6.5AI score0.01835EPSS
Exploits0
Redos
Redos
added 2024/03/28 12:0 a.m.35 views

ROS-20240328-08

A vulnerability in the WebRTC technology of Google Chrome browser is related to the use of memory after its freeing. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code or cause a denial of service using specially crafted malware. arbitrary code or cause a...

9.6CVSS9.3AI score0.4351EPSS
Exploits4
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.27 views

openSUSE Security Advisory (openSUSE-SU-2024:0020-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.9AI score0.4351EPSS
Exploits3References10
vulnersOsv
vulnersOsv
added 2024/02/19 12:0 p.m.3 views

emulsion (>=6.0.0 <=10.0.0), libavif-sys (>=0.8.0 <=0.15.0) +1 more potentially affected by CVE-2024-1580 via libdav1d-sys (>=0.2.0 <=0.6.0)

libdav1d-sys CARGO version =0.2.0, =6.0.0, =0.8.0, =0.9.4, =0.10.1 Source cves: CVE-2024-1580 Source advisory: OSV:RUSTSEC-2024-0016...

8.8CVSS6.5AI score0.01835EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/02/18 12:0 a.m.41 views

GLSA-202402-14 : QtWebEngine: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202402-14 QtWebEngine: Multiple Vulnerabilities - Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium...

9.6CVSS7.9AI score0.4351EPSS
Exploits4References30
OpenVAS
OpenVAS
added 2024/02/09 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2024:0423-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.8AI score0.00653EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/02/09 12:0 a.m.34 views

SUSE SLED15: avif-tools / gdk-pixbuf-loader-libavif / libavif-devel / libavif13 / etc (SUSE-SU-2024:0423-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0423-1 advisory. - CVE-2023-6704: Fixed use after free by not storing colorproperties until alpha item is found bsc1218303...

8.8CVSS7.3AI score0.00653EPSS
Exploits0References4
OSV
OSV
added 2024/02/08 10:33 a.m.5 views

SUSE-SU-2024:0423-1 Security update for libavif

This update for libavif fixes the following issues: - CVE-2023-6704: Fixed use after free by not storing colorproperties until alpha item is found bsc1218303...

8.8CVSS8.8AI score0.00653EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/01/04 12:0 a.m.35 views

FreeBSD : electron26 -- multiple vulnerabilities (0cee4f9c-5efb-4770-b917-f4e4569e8bec)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 0cee4f9c-5efb-4770-b917-f4e4569e8bec advisory. - Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to...

8.8CVSS8.2AI score0.4351EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2024/01/04 12:0 a.m.37 views

FreeBSD : electron27 -- multiple vulnerabilities (d1b20e09-dbdf-432b-83c7-89f0af76324a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the d1b20e09-dbdf-432b-83c7-89f0af76324a advisory. - Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to...

8.8CVSS8.2AI score0.4351EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2024/01/01 12:0 a.m.51 views

openSUSE 15 Security Update : opera (openSUSE-SU-2024:0001-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0001-1 advisory. - Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HT...

8.8CVSS9AI score0.4351EPSS
Exploits3References15
Tenable Nessus
Tenable Nessus
added 2024/01/01 12:0 a.m.43 views

openSUSE 15 Security Update : opera (openSUSE-SU-2024:0002-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0002-1 advisory. - Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HT...

8.8CVSS9AI score0.4351EPSS
Exploits3References15
Opera Security Advisories
Opera Security Advisories
added 2023/12/22 12:0 a.m.12 views

Update your browser: Security fixes for latest Chrome zero-day

News, Security Update your browser: Security fixes for latest Chrome zero-day Share December 22nd, 2023 Hi everyone! The latest patches to the Opera, Opera GX, Opera Crypto, and Opera for Android browsers address several recent vulnerabilities, including a zero-day exploit CVE-2023-7024. We...

8.8CVSS7.1AI score0.4351EPSS
Exploits7References1
Veracode
Veracode
added 2023/12/15 5:1 a.m.25 views

Use After Free

Chromium is vulnerable to Use After Free. The vulnerability is caused because of a User After Free error in libavif component. A remote attacker can exploit Heap Corruption via a crafted image file...

8.8CVSS6.5AI score0.00653EPSS
Exploits0References5Affected Software1
SUSE CVE
SUSE CVE
added 2023/12/15 2:7 a.m.3 views

SUSE CVE-2023-6704

Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted image file. Chromium security severity: High...

8.8CVSS7.1AI score0.00653EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2023/12/15 12:0 a.m.13 views

The vulnerability of the Libavif library for encoding and decoding .avif files allows a perpetrator to execute arbitrary code or cause a service failure. This vulnerability is present in Google Chrome browsers.

The vulnerability of the Libavif library for encoding and decoding .avif files in Google Chrome’s Google Chrome browser is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause a service failure through a...

10CVSS8.1AI score0.00653EPSS
Exploits0References11Affected Software5
Tenable Nessus
Tenable Nessus
added 2023/12/15 12:0 a.m.46 views

Fedora 38 : chromium (2023-3d9f7ca27f)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-3d9f7ca27f advisory. update to 120.0.6099.109 - High CVE-2023-6702: Type Confusion in V8 - High CVE-2023-6703: Use after free in Blink - High CVE-2023-6704: Use after fr...

8.8CVSS8.3AI score0.4351EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2023/12/15 12:0 a.m.56 views

Debian DSA-5577-1 : chromium - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5577 advisory. - Use after free in FedCM in Google Chrome prior to 120.0.6099.109 allowed a remote attacker who convinced a user to engage in specific UI interaction to...

8.8CVSS8.3AI score0.4351EPSS
Exploits1References16
Rows per page
Query Builder