Lucene search
K

22 matches found

RedHat Linux
RedHat Linux
added 2025/07/07 2:28 a.m.3 views

webkitgtk: use-after-free in the MediaRecorder API of the WebKit GStreamer-based ports

A use-after-free vulnerability was found in the WebKitGTK's MediaRecorder API that may lead to memory corruption and Remote Code Execution. The victim needs to access a malicious web page to trigger this vulnerability...

8.8CVSS5.8AI score0.01408EPSS
Exploits0References5
OSV
OSV
added 2025/06/10 3:14 a.m.1 views

MAL-2025-4850 Malicious code in media-recorder-polyfill (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4a0ea0109d577f9df113fa325e2972e99d701b2a51a9453305c09381bd93d902 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/06/10 3:14 a.m.3 views

Malicious code in media-recorder-polyfill (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4a0ea0109d577f9df113fa325e2972e99d701b2a51a9453305c09381bd93d902 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/03/26 3:44 p.m.4 views

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: CVE-2024-44192: Fixed unexpected process crash due to processing maliciously crafted web content bsc1239863 CVE-2024-54467: Fixed data exilfration cross-origin due to a cookie management issue via a malicious website bsc1239864 Other fixes: ...

7.1CVSS8.1AI score0.0424EPSS
Exploits4References12
OSV
OSV
added 2024/10/16 12:26 p.m.7 views

MAL-2024-9488 Malicious code in @vertiv-co/voidray-sdk-addon-media-recorder (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/10/09 5:6 a.m.5 views

Malicious code in replaceable-media-recorder (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d6f6611eabb1686bf9e41a305a75a4bce89c0c30c903fc91235ffd22895e097 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2024/10/09 5:6 a.m.5 views

MAL-2024-9178 Malicious code in replaceable-media-recorder (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d6f6611eabb1686bf9e41a305a75a4bce89c0c30c903fc91235ffd22895e097 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/04/30 12:0 a.m.102 views

RHEL 9 : webkit2gtk3 (RHSA-2024:2126)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2126 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: use-after-free in the...

9.8CVSS8.4AI score0.0937EPSS
Exploits0References26
OSV
OSV
added 2023/10/06 4:15 p.m.1 views

DEBIAN-CVE-2023-39928

A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. A specially crafted web page can abuse this vulnerability to cause memory corruption and potentially arbitrary code execution. A user would need to to visit a malicious webpage to trigger this vulnerability...

8.8CVSS8.6AI score0.01408EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/09/28 12:0 a.m.4 views

PT-2023-6386 · Webkitgtk +9 · Webkitgtk +9

Name of the Vulnerable Software and Affected Versions: WebKitGTK versions 2.40.5 Description: A use-after-free vulnerability exists in the MediaRecorder API of WebKitGTK, which can be exploited by a specially crafted web page to cause memory corruption and potentially arbitrary code execution. A...

10CVSS7.6AI score0.29179EPSS
Exploits3References229
Veracode
Veracode
added 2019/05/16 3:7 a.m.17 views

Denial Of Service (DoS)

Thunderbird, Firefox ESR and Firefox are vulnerable to denial of service attacks. A segmentation fault may occur in the media recorder when the track type is changed during capture allowing remote unauthenticated attacker to cause a system hang by exploiting the vulnerable Capture Handler compone...

9.8CVSS8.9AI score0.03755EPSS
Exploits0References18Affected Software2
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.37 views

openSUSE Security Update : MozillaThunderbird (openSUSE-2019-680)

This update for Mozilla Thunderbird to version 60.2.1 fixes multiple issues. Multiple security issues were fixed in the Mozilla platform as advised in MFSA 2018-25. In general, these flaws cannot be exploited through email in Thunderbird because scripting is disabled when reading mail, but are...

9.8CVSS7.3AI score0.04647EPSS
Exploits6References27
OSV
OSV
added 2018/12/11 4:29 p.m.1 views

DEBIAN-CVE-2018-18340

Incorrect object lifecycle in MediaRecorder in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS8.2AI score0.01386EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2018/12/10 10:34 a.m.4 views

chromium-browser: Use after free in MediaRecorder

Incorrect object lifecycle in MediaRecorder in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.4AI score0.01386EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2018/10/22 12:0 a.m.39 views

SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2018:2322-2)

This update for MozillaFirefox to version ESR 52.9 fixes the following issues : CVE-2018-5188: Various memory safety bugs bsc1098998 CVE-2018-12368: No warning when opening executable SettingContent-ms files CVE-2018-12366: Invalid data handling during QCMS transformations CVE-2018-12365:...

9.8CVSS7.3AI score0.04831EPSS
Exploits1References22
RedHat Linux
RedHat Linux
added 2018/06/28 4:23 p.m.3 views

Mozilla: Media recorder segmentation fault when track type is changed during capture

A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This vulnerability affects Thunderbird 60, Firefox ESR 60.1, Firefox ESR...

9.8CVSS7.3AI score0.03755EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/06/28 4:23 p.m.4 views

Mozilla: Media recorder segmentation fault when track type is changed during capture

A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This vulnerability affects Thunderbird 60, Firefox ESR 60.1, Firefox ESR...

9.8CVSS7.3AI score0.03755EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2018/06/27 12:0 a.m.32 views

Mozilla Firefox ESR Security Advisories (MFSA2018-15, MFSA2018-17) - 01 - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

9.8CVSS7.8AI score0.04831EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2018/06/27 12:0 a.m.39 views

FreeBSD : mozilla -- multiple vulnerabilities (cd81806c-26e7-4d4a-8425-02724a2f48af)

Mozilla Foundation reports : CVE-2018-12359: Buffer overflow using computed size of canvas element CVE-2018-12360: Use-after-free when using focus CVE-2018-12361: Integer overflow in SwizzleData CVE-2018-12358: Same-origin bypass using service worker and redirection CVE-2018-12362: Integer overfl...

9.8CVSS7.3AI score0.04831EPSS
Exploits3References22
OpenVAS
OpenVAS
added 2018/06/27 12:0 a.m.48 views

Mozilla Firefox ESR Security Advisories (MFSA2018-15, MFSA2018-17) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

9.8CVSS7.8AI score0.04831EPSS
Exploits2References1
Rows per page
Query Builder