Arbitrary Code Execution

freetype is vulnerable to arbitrary code execution. The vulnerability exists through an array index error was found in the way the FreeType font rendering engine processed certain PostScript Type 42 font files. If a user loaded a specially-crafted font file with an application linked against...

[SECURITY] Fedora 30 Update: webkit2gtk3-2.28.0-5.fc30

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3...

[SECURITY] Fedora 30 Update: webkit2gtk3-2.26.4-1.fc30

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3...

Fedora: Security Advisory for webkit2gtk3 (FEDORA-2020-4d11d35a1f)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 31 Update: webkit2gtk3-2.26.4-1.fc31

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3...

[SECURITY] Fedora 30 Update: webkit2gtk3-2.26.3-1.fc30

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3...

The vulnerability of Blink’s web page display mechanism in Google Chrome browser allows a hacker to gain unauthorized access to local files.

The vulnerability of Blink’s web page rendering mechanism in Google Chrome browsers is related to security configuration errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to local files through a specially created HTML page...

[SECURITY] Fedora 30 Update: webkit2gtk3-2.26.2-1.fc30

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3...

Google Chrome PDFium Input Validation Error Vulnerability (CNVD-2019-26516)

Google Chrome is the United States Google Google company's a Web browser. PDFium is one of the open source PDF rendering engine. An input validation error vulnerability exists in PDFium in versions prior to Google Chrome 76.0.3809.87. An attacker can exploit this vulnerability by tricking a user...

Scripting Engine Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploit...

Fedora Update for webkit2gtk3 FEDORA-2019-a0d15f5e40

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 29 Update: webkit2gtk3-2.24.2-1.fc29

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3...

[SECURITY] Fedora 30 Update: webkit2gtk3-2.24.2-1.fc30

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3...

Fedora Update for webkit2gtk3 FEDORA-2019-f18fb0f37d

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora Update for webkit2gtk3 FEDORA-2019-432b3dff25

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 28 Update: webkit2gtk3-2.24.1-1.fc28

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3...

[SECURITY] Fedora 30 Update: webkit2gtk3-2.24.1-1.fc30

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3...

Cross-Site Scripting

Overview All versions of harp are vulnerable to Cross-Site Scripting. Due to misconfiguration of its rendering engine, harp does not sanitize the HTML output allowing attackers to run arbitrary JavaScript when processing malicious files. Recommendation No fix is currently available. Consider usin...

Denial Of Service (Dos)

freetype is vulnerable to denial of service. This is due to an out-of-bounds read when the rendering engine processes certain Glyph Bitmap Distribution Format BDF fonts. An attacker is able to crash a user's application, or potentially execute arbitrary code, via a malicious font file that is...

Microsoft building Chrome-based browser to replace Edge on Windows 10

It is no secret how miserably Microsoft's 3-year-old Edge web browser has failed to compete against Google Chrome despite substantial investment and continuous improvements. According to the latest round of tech rumors, Microsoft has given up on Edge and reportedly building a new Chromium-based w...