6686 matches found
[SECURITY] Fedora 27 Update: webkitgtk4-2.20.0-1.fc27
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3...
[SECURITY] Fedora 26 Update: webkitgtk4-2.20.0-1.fc26
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3...
Microsoft Skype Mobile v8.x - Emoticons DoS Vulnerability
Document Title: =============== Microsoft Skype Mobile v8.x - Emoticons DoS Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2117 Video: https://www.youtube.com/watch?v=2vcdQb98zE0 Advisory: https://www.vulnerability-lab.com/getcontent.php?id=2116 MSRC ID:...
openSUSE: Security Advisory for SDL2 (openSUSE-SU-2018:0734-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for SDL2, SDL2_image (important)
This update for SDL2 and SDL2image fixes the following issues: - CVE-2017-14441: Code execution in the ICO image rendering bsc1084282. - CVE-2017-14440: Potential code execution in the ILBM image rendering functionality bsc1084257. - CVE-2017-12122: Potential code execution in the ILBM image...
PT-2018-5363 · Sdl +2 · Sdl2 Image +2
Name of the Vulnerable Software and Affected Versions: SDL2 image version 2.0.2 Description: A code execution issue exists in the ILBM image rendering functionality. A specially crafted ILBM image can cause a heap overflow, resulting in code execution. An attacker can trigger this issue by...
PT-2018-5642 · Sdl +2 · Sdl2 Image +2
Name of the Vulnerable Software and Affected Versions: SDL2 image version 2.0.2 Description: A code execution issue exists in the ICO image rendering functionality. A specially crafted ICO image can cause an integer overflow, leading to a heap overflow and resulting in code execution. This can be...
PT-2018-5643 · Sdl +2 · Sdl2 Image +2
Name of the Vulnerable Software and Affected Versions: SDL2 image version 2.0.2 Description: A code execution issue exists in the BMP image rendering functionality. A specially crafted BMP image can cause a stack overflow, resulting in code execution. An attacker can trigger this issue by...
PT-2018-5641 · Sdl +2 · Sdl2 Image +2
Name of the Vulnerable Software and Affected Versions: SDL2 image version 2.0.2 Description: A code execution issue exists in the ILBM image rendering functionality. A specially crafted ILBM image can cause a stack overflow, resulting in code execution. An attacker can trigger this issue by...
PT-2018-5650 · Sdl +2 · Sdl2 Image +2
Name of the Vulnerable Software and Affected Versions: SDL2 image version 2.0.2 Description: A double-Free issue exists in the XCF image rendering functionality. This can be triggered by a specially crafted XCF image, causing a Double-Free situation. An attacker can exploit this by displaying a...
PT-2018-5649 · Sdl +2 · Sdl2 Image +2
Name of the Vulnerable Software and Affected Versions: SDL2 image version 2.0.2 Description: A code execution issue exists in the XCF image rendering functionality. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can trigger this issue by displayi...
March 15, 2018—KB4090912 Update for Windows 10 Mobile (OS Build 15254.313)
March 15, 2018—KB4090912 Update for Windows 10 Mobile OS Build 15254.313 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: This build includes all the improvements from KB4088782. Addresses...
CVE-2018-8711
A local file inclusion issue was discovered in the WooCommerce Products Filter aka WOOF plugin before 2.2.0 for WordPress, as demonstrated by the shortcode parameter in a woofredrawwoof action. The vulnerability is due to the lack of args/input validation on renderhtml before allowing it to be...
[SECURITY] Fedora 26 Update: freetype-2.7.1-10.fc26
The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a...
chromium-browser: timing attack using svg filters
Displacement map filters being applied to cross-origin images in Blink SVG rendering in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
DEBIAN-CVE-2018-7999
In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation, which may allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .ttf file...
UBUNTU-CVE-2018-7999
In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation, which may allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .ttf file...
Vulnerability Spotlight: Simple DirectMedia Layer’s SDL2_Image
Overview Talos is disclosing several vulnerabilities identified in Simple DirectMedia Layer's SDL2Image library that could allow code execution. Simple DirectMedia Layer is a cross-platform development library designed to provide low-level access to audio, keyboard, mouse, joystick and graphics...
Simple DirectMedia Layer SDL2_image ILBM CMAP Parsing Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2image-2.0.2. A specially crafted ILBM image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. Tested...
Simple DirectMedia Layer SDL2_image Image Palette Population Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the BMP image rendering functionality of SDL2image-2.0.2. A specially crafted BMP image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. Tested...