6686 matches found
Debian DSA-4097-1 : poppler - security update
Multiple vulnerabilities were discovered in the poppler PDF rendering library, which could result in denial of service or the execution of arbitrary code if a malformed PDF file is processed. This update also fixes a regression in the handling of Type 3 fonts. C Tenable Network Security, Inc. The...
ALPINE-CVE-2017-12182
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code...
Debian: Security Advisory (DSA-4097-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 26 Update: webkitgtk4-2.18.5-1.fc26
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3...
[SECURITY] Fedora 27 Update: poppler-0.57.0-7.fc27
poppler is a PDF rendering library...
[SECURITY] Fedora 27 Update: mupdf-1.12.0-1.fc27
MuPDF is a lightweight PDF viewer and toolkit written in portable C. The renderer in MuPDF is tailored for high quality anti-aliased graphics. MuPDF renders text with metrics and spacing accurate to within fractions of a pixel for the highest fidelity in reproducing the look of a printed page on...
[SECURITY] Fedora 26 Update: poppler-0.52.0-11.fc26
poppler is a PDF rendering library...
[SECURITY] Fedora 26 Update: webkitgtk4-2.18.4-1.fc26
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3...
USN-3517-1: poppler vulnerabilities
It was discovered that poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could execute arbitrary. CVE-2017-1000456 It was discovered that poppler incorrectly handled certain files. If a user or automated system were...
Debian: Security Advisory (DLA-1228-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-1228-1 : poppler security update
Jason Crain discovered a overflow vulnerability in the poppler PDF rendering library. For Debian 7 'Wheezy', this issue has been fixed in poppler version 0.18.4-6+deb7u5. We recommend that you upgrade your poppler packages. NOTE: Tenable Network Security has extracted the preceding description...
[SECURITY] Fedora 27 Update: webkitgtk4-2.18.4-1.fc27
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3...
The vulnerability of Google Chrome browser’s Blink rendering module allows a hacker to execute arbitrary code.
The vulnerability of the Blink rendering module in Google Chrome browsers is related to incorrect type conversion. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted HTML page from a remote location...
The vulnerability of Blink rendering module in Google Chrome browsers allows attackers to trigger false browser messages.
The vulnerability of Google Chrome’s Blink engine exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to trigger false browser messages using a specially created HTML page...
The vulnerability of Google Chrome’s Blink rendering module allows a hacker to obtain values of the URL fragments.
The vulnerability of Google Chrome’s Blink rendering module is related to errors in the Content Security Policy CSP reporting mechanism. Exploiting this vulnerability allows a malicious actor to obtain fragment values from URLs through a specially crafted HTML page...
The vulnerability of Google Chrome’s Blink rendering module allows a hacker to display a custom interface in a tab that is not controlled by the hacker.
The vulnerability of Google Chrome’s Blink rendering module is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to display a user interface in a tab that the attacker does not control, using a specially crafted HTML page...
The vulnerability of Google Chrome’s Blink rendering module allows a hacker to perform readout operations beyond the buffer in memory.
The vulnerability of Google Chrome’s Blink rendering module relates to the use of memory after deallocation. Exploiting this vulnerability allows a remote attacker to read beyond the buffer in memory using a specially crafted HTML page...
The vulnerability of Google Chrome’s Blink rendering module allows a hacker to display a custom interface in a tab that is not controlled by the hacker.
The vulnerability of Google Chrome’s Blink rendering module is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to display a user interface in a tab that the attacker does not control, using a specially crafted HTML page...
WebKitGTK+: Multiple vulnerabilities
Background WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Description Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the...
Scripting Engine Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploit...