openSUSE 15 Security Update : seamonkey (openSUSE-SU-2023:0278-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2023:0278-1 advisory. - Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory...

Updated libwebp packages fix a security vulnerability

Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...

Amazon Linux 2023 : libwebp, libwebp-devel, libwebp-java (ALAS2023-2023-358)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-358 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks ...

Low: libwebp

Issue Overview: No CVE associated with this advisory Affected Packages: libwebp Issue Correction: Run dnf update libwebp --releasever 2023.2.20231002 or dnf update --advisory ALAS2023-2023-358 --releasever 2023.2.20231002 to update your system. More information on how to update your system can be...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libwebp (SUSE-SU-2023:3829-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3829-1 advisory. - Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a...

WebM Project WebP Image Library (libwebp) < 1.3.2 Vulnerability

The version of WebM Project WebP Image Library libwebp installed on the remote host is prior to 1.3.2. It is, therefore, affected by a vulnerability: - Heap buffer overflow in libwebp prior to libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a specially crafted...

Ubuntu 18.04 ESM : libwebp vulnerability (USN-6369-2)

The remote Ubuntu 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-6369-2 advisory. USN-6369-1 fixed a vulnerability in libwebp. This update provides the corresponding update for Ubuntu 18.04 LTS. Tenable has extracted the preceding description...

GHSA-4VJR-CRVH-383H @napi-rs/image affected by libwebp CVE

Impact Heap buffer overflow in libwebp allows a remote attacker to perform an out of bounds memory write via a crafted webp image. References - https://github.com/advisories/GHSA-j7hp-h8jx-5ppr - https://blog.isosceles.com/the-webp-0day/...

(0Day) Exim libspf2 Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Exim libspf2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of SPF macros. When parsing SPF macros, the process does not properly...

SUSE SLES12 Security Update : libwebp (SUSE-SU-2023:3794-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3794-1 advisory. - Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write v...

Rocky Linux 8 : libwebp (RLSA-2023:5309)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:5309 advisory. - Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML pag...

Fedora 38 : thunderbird (2023-a7aba7e1b0)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-a7aba7e1b0 advisory. Update to 102.15.1 ; https://www.mozilla.org/en-US/security/advisories/mfsa2023-28/ ; https://www.mozilla.org/en-US/security/advisories/mfsa2023-32/ ;...

GHSA-J646-GJ5P-P45G CefSharp affected by heap buffer overflow in WebP

Google is aware that an exploit for CVE-2023-4863 exists in the wild. Description Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical References -...

Slackware Linux 15.0 / current seamonkey Vulnerability (SSA:2023-264-03)

The version of seamonkey installed on the remote host is prior to 2.53.17.1. It is, therefore, affected by a vulnerability as referenced in the SSA:2023-264-03 advisory. - Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds...

CefSharp affected by heap buffer overflow in WebP

Google is aware that an exploit for CVE-2023-4863 exists in the wild. Description Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. Chromium security severity: Critical References -...

FreeBSD : graphics/webp heap buffer overflow (4fd7a2fc-5860-11ee-a1b3-dca632daf43b)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 4fd7a2fc-5860-11ee-a1b3-dca632daf43b advisory. - Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to...

FreeBSD : libwebp heap buffer overflow (58a738d4-57af-11ee-8c58-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 58a738d4-57af-11ee-8c58-b42e991fc52e advisory. - Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to...

Oracle Linux 7 : firefox (ELSA-2023-5197)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-5197 advisory. 102.15.1-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libwebp (SUSE-SU-2023:3634-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3634-1 advisory. - Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to...

PYSEC-2023-306

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine EVM. In version 0.3.9 and prior, under certain conditions, the memory used by the builtins rawcall, createfromblueprint and createcopyof can be corrupted. For rawcall, the argument buffer of the call can be corrupted,...