CVE-2024-5830

Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

Google Chrome < 126.0.6478.56 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 126.0.6478.56. It is, therefore, affected by multiple vulnerabilities as referenced in the 202406stable-channel-update-for-desktop advisory. - Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a...

SUSE CVE-2024-0646

An out-of-bounds memory write flaw was found in the Linux kernel's Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system...

RHEL 8 : cairo (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cairo: infinite loop in the function arcerrornormalized in the file cairo-arc.c CVE-2019-6462 - cairo...

RHEL 8 : mingw-binutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - binutils: out of bounds memory write in peXXigen.c files CVE-2018-10534 Note that Nessus has not tested for this...

Heap Buffer Overflow

chromium is vulnerable to Heap Buffer Overflow. The vulnerability is due to improper bounds checking, allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...

CVE-2024-5160

Heap buffer overflow in Dawn in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

CVE-2024-5160

Heap buffer overflow in Dawn in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

CVE-2024-5160

Heap buffer overflow in Dawn in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

CVE-2024-5160

CVE-2024-5160 describes a heap buffer overflow in Chrome’s Dawn (Chromium/Dawn) prior to 125.0.6422.76, allowing a remote attacker to cause an out-of-bounds write via a crafted HTML page. The CVSS vector indicates network access with low attack complexity and user interaction required, resulting ...

CVE-2024-5160

Heap buffer overflow in Dawn in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

kernel: Linux ebpf logic vulnerability leads to critical memory read and write gaining root privileges

A flaw was found in unrestricted eBPF usage by the BPFBTFLOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system...

Mageia: Security Advisory (MGASA-2024-0186)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated stb packages fix security vulnerabilities

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory write past an allocated heap buffer in startdecoder. The root cause is a potential integer overflow in sizeofchar f-commentlistlength which may make setupmalloc allocate less memory...

SUSE CVE-2024-35818

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Define the ioaw hook as mmiowb Commit fb24ea52f78e0d595852e "drivers: Remove explicit invocations of mmiowb" remove all mmiowb in drivers, but it says: "NOTE: mmiowb has only ever guaranteed ordering in conjunction wit...

EulerOS Virtualization 3.0.6.0 : libwebp (EulerOS-SA-2024-1689)

According to the versions of the libwebp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform a...

EulerOS Virtualization 3.0.6.6 : libwebp (EulerOS-SA-2024-1656)

According to the versions of the libwebp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform a...

CVE-2024-4761

An out-of-bounds write vulnerability was found in the Chromium web browser. If a remote, unauthenticated attacker tricks a user into visiting a specially crafted HTML page, the attacker could write to memory, which is out of bounds. This issue could have impacts to integrity, availability, and...

Huawei EulerOS: Security Advisory for libwebp (EulerOS-SA-2024-1656)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dsa-5689 : chromium - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5689 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5689-1 [email protected] https://www.debian.org/security/ Andres...