2309 matches found
FreeBSD : graphics/webp heap buffer overflow (4fd7a2fc-5860-11ee-a1b3-dca632daf43b)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 4fd7a2fc-5860-11ee-a1b3-dca632daf43b advisory. - Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to...
CefSharp affected by heap buffer overflow in WebP
Google is aware that an exploit for CVE-2023-4863 exists in the wild. Description Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. Chromium security severity: Critical References -...
Slackware Linux 15.0 / current seamonkey Vulnerability (SSA:2023-264-03)
The version of seamonkey installed on the remote host is prior to 2.53.17.1. It is, therefore, affected by a vulnerability as referenced in the SSA:2023-264-03 advisory. - Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds...
FreeBSD : libwebp heap buffer overflow (58a738d4-57af-11ee-8c58-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 58a738d4-57af-11ee-8c58-b42e991fc52e advisory. - Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to...
Oracle Linux 7 : firefox (ELSA-2023-5197)
The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-5197 advisory. 102.15.1-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libwebp (SUSE-SU-2023:3634-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3634-1 advisory. - Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to...
PYSEC-2023-306
Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine EVM. In version 0.3.9 and prior, under certain conditions, the memory used by the builtins rawcall, createfromblueprint and createcopyof can be corrupted. For rawcall, the argument buffer of the call can be corrupted,...
Debian dla-3570 : libwebp-dev - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3570 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3570-1 [email protected] https://www.debian.org/lts/security/...
Samsung Mobile Devices Use-After-Free Vulnerability
Samsung devices with selected Exynos chipsets contain a use-after-free vulnerability that allows malicious memory write and code execution...
Debian DSA-5498-1 : thunderbird - security update
The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5498 advisory. A buffer overflow in parsing WebP images may result in the execution of arbitrary code. For the oldstable distribution bullseye, this problem has been fixed in versio...
SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2023:3626-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3626-1 advisory. - Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write v...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaFirefox (SUSE-SU-2023:3610-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3610-1 advisory. - Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to...
Heap Buffer Overflow
libwebp.so is vulnerable to Out Of Bounds Memory Write. The vulnerability is due to the BuildHuffmanTable function in src/dec/vp8ldec.c improperly allocating memory to the table when parsing a stream, which results in an application crash or Arbitrary Code Execution when reading a crafted webp...
Fedora 37 : firefox (2023-31fe7ee034)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-31fe7ee034 advisory. - Updated to latest upstream 117.0.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...
Fedora 38 : libwebp (2023-c4fa8a204d)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-c4fa8a204d advisory. Backport fix for CVE-2023-4863. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
Ubuntu 20.04 LTS : Firefox vulnerability (USN-6367-1)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6367-1 advisory. It was discovered that Firefox did not properly manage memory when handling WebP images. If a user were tricked into opening a webpage containing malicious WebP...
openSUSE 15 Security Update : chromium (openSUSE-SU-2023:0246-1)
The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2023:0246-1 advisory. - Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted...
Debian DSA-5496-1 : firefox-esr - security update
The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5496 advisory. - Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...
Debian DSA-5497-1 : libwebp - security update
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5497 advisory. A buffer overflow in parsing WebP images may result in the execution of arbitrary code. For the stable distribution bookworm, this problem has been fixed in version...
Slackware Linux 15.0 / current libwebp Vulnerability (SSA:2023-257-01)
The version of libwebp installed on the remote host is prior to 1.3.2. It is, therefore, affected by a vulnerability as referenced in the SSA:2023-257-01 advisory. - Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory...