151 matches found
CVE-2025-48174
In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream-offset+size...
openSUSE Security Advisory (SUSE-SU-2024:0423-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
emulsion (>=6.0.0 <=10.0.0), libavif-sys (>=0.8.0 <=0.15.0) +1 more potentially affected by CVE-2024-1580 via libdav1d-sys (>=0.2.0 <=0.6.0)
libdav1d-sys CARGO version =0.2.0, =6.0.0, =0.8.0, =0.9.4, =0.10.1 Source cves: CVE-2024-1580 Source advisory: OSV:GHSA-MC39-H54G-PVW6...
ROS-20240328-08
A vulnerability in the WebRTC technology of Google Chrome browser is related to the use of memory after its freeing. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code or cause a denial of service using specially crafted malware. arbitrary code or cause a...
openSUSE Security Advisory (openSUSE-SU-2024:0020-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
emulsion (>=6.0.0 <=10.0.0), libavif-sys (>=0.8.0 <=0.15.0) +1 more potentially affected by CVE-2024-1580 via libdav1d-sys (>=0.2.0 <=0.6.0)
libdav1d-sys CARGO version =0.2.0, =6.0.0, =0.8.0, =0.9.4, =0.10.1 Source cves: CVE-2024-1580 Source advisory: OSV:RUSTSEC-2024-0016...
GLSA-202402-14 : QtWebEngine: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202402-14 QtWebEngine: Multiple Vulnerabilities - Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium...
SUSE: Security Advisory (SUSE-SU-2024:0423-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15: avif-tools / gdk-pixbuf-loader-libavif / libavif-devel / libavif13 / etc (SUSE-SU-2024:0423-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0423-1 advisory. - CVE-2023-6704: Fixed use after free by not storing colorproperties until alpha item is found bsc1218303...
SUSE-SU-2024:0423-1 Security update for libavif
This update for libavif fixes the following issues: - CVE-2023-6704: Fixed use after free by not storing colorproperties until alpha item is found bsc1218303...
FreeBSD : electron26 -- multiple vulnerabilities (0cee4f9c-5efb-4770-b917-f4e4569e8bec)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 0cee4f9c-5efb-4770-b917-f4e4569e8bec advisory. - Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to...
FreeBSD : electron27 -- multiple vulnerabilities (d1b20e09-dbdf-432b-83c7-89f0af76324a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the d1b20e09-dbdf-432b-83c7-89f0af76324a advisory. - Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to...
openSUSE 15 Security Update : opera (openSUSE-SU-2024:0001-1)
The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0001-1 advisory. - Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HT...
openSUSE 15 Security Update : opera (openSUSE-SU-2024:0002-1)
The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0002-1 advisory. - Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HT...
Update your browser: Security fixes for latest Chrome zero-day
News, Security Update your browser: Security fixes for latest Chrome zero-day Share December 22nd, 2023 Hi everyone! The latest patches to the Opera, Opera GX, Opera Crypto, and Opera for Android browsers address several recent vulnerabilities, including a zero-day exploit CVE-2023-7024. We...
Use After Free
Chromium is vulnerable to Use After Free. The vulnerability is caused because of a User After Free error in libavif component. A remote attacker can exploit Heap Corruption via a crafted image file...
SUSE CVE-2023-6704
Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted image file. Chromium security severity: High...
The vulnerability of the Libavif library for encoding and decoding .avif files allows a perpetrator to execute arbitrary code or cause a service failure. This vulnerability is present in Google Chrome browsers.
The vulnerability of the Libavif library for encoding and decoding .avif files in Google Chrome’s Google Chrome browser is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause a service failure through a...
Fedora 38 : chromium (2023-3d9f7ca27f)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-3d9f7ca27f advisory. update to 120.0.6099.109 - High CVE-2023-6702: Type Confusion in V8 - High CVE-2023-6703: Use after free in Blink - High CVE-2023-6704: Use after fr...
Debian DSA-5577-1 : chromium - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5577 advisory. - Use after free in FedCM in Google Chrome prior to 120.0.6099.109 allowed a remote attacker who convinced a user to engage in specific UI interaction to...