6686 matches found
October 10, 2017—KB4042895 (OS Build 10240.17643)
October 10, 2017—KB4042895 OS Build 10240.17643 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include the following: Addressed issue in which the Universal CRT splitpath was not handling multibyt...
[SECURITY] Fedora 27 Update: poppler-0.57.0-5.fc27
poppler is a PDF rendering library...
[SECURITY] Fedora 27 Update: poppler-0.57.0-5.fc27
poppler is a PDF rendering library...
[SECURITY] Fedora 26 Update: poppler-0.52.0-9.fc26
poppler is a PDF rendering library...
USN-3467-1: poppler vulnerability
It was discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service...
Google Chrome Type Obfuscation Vulnerability (CNVD-2017-33592)
Google Chrome for Linux, Windows, Mac and Android is the United States Google Google company developed a Linux, Windows, Mac and Android platform based on the Web browser. PDFium is one of the open source PDF rendering engine. PDFium in Google Chrome on Mac, Windows, Linux and Android platforms...
CVE-2017-5107
A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to extract pixel values from a cross-origin page being iframe'd via a crafted HTML page...
CVE-2017-5107
A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to extract pixel values from a cross-origin page being iframe'd via a crafted HTML page...
UBUNTU-CVE-2017-5107
A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to extract pixel values from a cross-origin page being iframe'd via a crafted HTML page...
Input validation
A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to extract pixel values from a cross-origin page being iframe'd via a crafted HTML page...
CVE-2017-5107
A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to extract pixel values from a cross-origin page being iframe'd via a crafted HTML page...
CVE-2017-5107
The CVE-2017-5107 entry describes a timing-based information disclosure in Google Chrome's SVG rendering prior to 60.0.3112.78, enabling a remote attacker to extract pixel values from a cross-origin page loaded in an iframe on Linux/Windows/macOS. The connected sources corroborate Chrome/Chromium...
CVE-2017-5107
Removed by vendor...
CVE-2017-5107
A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to extract pixel values from a cross-origin page being iframe'd via a crafted HTML page...
Design/Logic Flaw
XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address is used as one or more arguments in a...
CVE-2017-15801
XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at...
CVE-2017-15802
XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at...
CVE-2017-15803
XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address is used as one or more arguments in a...
CVE-2017-15801
XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at...
CVE-2017-15577
Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles the rendering of wiki links, which allows remote attackers to obtain sensitive information...