1162 matches found
CVE-2025-9182
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service due to out-of-memory in the Graphics: WebRender component...
UBUNTU-CVE-2025-9182
Denial-of-service due to out-of-memory in the Graphics: WebRender component. This vulnerability was fixed in Firefox 142, Firefox ESR 140.2, Thunderbird 142, and Thunderbird 140.2...
Mozilla Thunderbird < 140.2
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 140.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-72 advisory. - Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ES...
Mozilla多款产品 安全漏洞
Mozilla Firefox and Mozilla Thunderbird are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open-source Web browser.Mozilla Thunderbird is a separate set of Mozilla Application Suite Email client software. The program supports IMAP, POP mail protocols, and HTML mail...
CVE-2025-55286
z2d is a pure Zig 2D graphics library. z2d v0.7.0 released with a new multi-sample anti-aliasing MSAA method, which uses a new buffering mechanism for storing coverage data. This differs from the standard alpha mask surface used for the previous super-sample anti-aliasing SSAA method. Under certa...
Linux Distros Unpatched Vulnerability : CVE-2023-25360
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8 allows attackers to execute code remotely. CVE-2023-25360 Note that...
Malicious code in webpack-sever-render-middleware (npm)
The package webpack-sever-render-middleware was found to contain malicious code...
MAL-2025-32073 Malicious code in render-loop (npm)
The package render-loop was found to contain malicious code...
formii (=1.0.0), html-patcher-stream (>=1.0.0 <=1.1.0) +1 more potentially affected by unknown CVE via html-patcher (>=0.0.3 <=0.1.0)
html-patcher NPM version =0.0.3, =1.0.0, =0.1.0, =1.0.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-22751...
Malicious code in render-loop (npm)
The package render-loop was found to contain malicious code...
MAL-2025-17361 Malicious code in com.unity.render-pipelines.core (npm)
The package com.unity.render-pipelines.core was found to contain malicious code...
MAL-2025-17362 Malicious code in com.unity.render-pipelines.universal (npm)
The package com.unity.render-pipelines.universal was found to contain malicious code...
Malicious code in com.unity.render-pipelines.core (npm)
The package com.unity.render-pipelines.core was found to contain malicious code...
MAL-2025-39034 Malicious code in webpack-sever-render-middleware (npm)
The package webpack-sever-render-middleware was found to contain malicious code...
Malicious code in cicada-render (npm)
The package cicada-render was found to contain malicious code...
MAL-2025-17016 Malicious code in cicada-render (npm)
The package cicada-render was found to contain malicious code...
Linux Distros Unpatched Vulnerability : CVE-2021-29952
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort may have been...
Linux Distros Unpatched Vulnerability : CVE-2024-32875
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.125.3, title arguments in Markdown for links and images not escaped in...
Linux Distros Unpatched Vulnerability : CVE-2015-3231
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Render cache system in Drupal 7.x before 7.38, when used to cache content by user role, allows remote authenticated users to obtain private content viewed b...
xorg-x11-server: Use-after-free in ProcRenderAddGlyphs
A use-after-free vulnerability was found in the ProcRenderAddGlyphs function of Xorg servers. This issue occurs when AllocateGlyph is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently,...