Lucene search
K

6686 matches found

Microsoft KB
Microsoft KB
added 2017/09/21 12:0 a.m.5 views

August 15, 2017—KB4034670 (Preview of Monthly Rollup)

August 15, 2017—KB4034670 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4034664released August 8, 2017 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addressed an...

6.9AI score
Exploits0
Fedora
Fedora
added 2017/09/19 3:25 p.m.17 views

[SECURITY] Fedora 25 Update: k3d-0.8.0.6-8.fc25

K-3D is a complete 3D modeling, animation and rendering system. K-3D features a robust, object oriented plugin architecture, designed to scale to the needs of professional artists. It is designed from the ground up to generate motion picture quality animation using RenderMan compliant render...

8.8CVSS2.5AI score0.04042EPSS
Exploits1
Fedora
Fedora
added 2017/09/19 3:27 a.m.38 views

[SECURITY] Fedora 26 Update: synfig-1.2.0-9.fc26.1

Synfig is a powerful, industrial-strength vector-based 2D animation software, designed from the ground-up for producing feature-film quality animation with fewer people and resources. It is designed to be capable of producing feature-film quality animation. It eliminates the need for tweening,...

9.8CVSS1.3AI score0.13393EPSS
Exploits14
Fedora
Fedora
added 2017/09/19 3:27 a.m.40 views

[SECURITY] Fedora 26 Update: k3d-0.8.0.6-8.fc26

K-3D is a complete 3D modeling, animation and rendering system. K-3D features a robust, object oriented plugin architecture, designed to scale to the needs of professional artists. It is designed from the ground up to generate motion picture quality animation using RenderMan compliant render...

9.8CVSS2.5AI score0.13393EPSS
Exploits14
CNVD
CNVD
added 2017/09/19 12:0 a.m.1 views

Linux PDF rendering engine poppler suffers from a denial of service vulnerability

Poppler is used to generate a PDF of the C++ class library , from xpdf inheritance. Linux PDF rendering engine poppler Stream.cc ImageStream::ImageStream there is a denial-of-service vulnerability. Attackers can use this vulnerability to launch denial-of-service attacks...

6.9AI score
Exploits0References1
seebug.org
seebug.org
added 2017/09/18 12:0 a.m.43 views

AntennaHouse DMC HTMLFilter Doc_SetSummary Code Execution Vulnerability(CVE-2016-8382)

Summary An exploitable heap corruption vulnerability exists in the DocSetSummary functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send a malicious doc file to trigger this vulnerability...

9.5AI score0.02124EPSS
Exploits2
seebug.org
seebug.org
added 2017/09/14 12:0 a.m.69 views

Poppler PDF Image Display DCTStream::readScan() Code Execution Vulnerability(CVE-2017-2814)

Summary An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler-0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker controlled PDF...

6.8CVSS9.1AI score0.02716EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2017/09/12 7:0 a.m.57 views

Scripting Engine Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In a web-based...

9.3CVSS7.6AI score0.10144EPSS
Exploits0
Jake Archibald's Blog
Jake Archibald's Blog
added 2017/09/08 9:57 a.m.20 views

Lazy async SVG rasterisation

Phwoar I love a good sciency-sounding title. SVG can be slow When transforming an SVG image, browsers try to render on every frame to keep the image as sharp as possible. Unfortunately SVG rendering can be slow, especially for non-trivial images. Here's a demo, press "Scale SVG". Devtools timelin...

7.1AI score
Exploits0
Jake Archibald's Blog
Jake Archibald's Blog
added 2017/09/08 9:57 a.m.21 views

Lazy async SVG rasterisation

Phwoar I love a good sciency-sounding title. SVG can be slow When transforming an SVG image, browsers try to render on every frame to keep the image as sharp as possible. Unfortunately SVG rendering can be slow, especially for non-trivial images. Here's a demo, press "Scale SVG". Devtools timelin...

7.1AI score
Exploits0
OSV
OSV
added 2017/09/05 6:29 p.m.3 views

CVE-2017-2822

An exploitable code execution vulnerability exists in the image rendering functionality of Lexmark Perceptive Document Filters 11.3.0.2400. A specifically crafted PDF can cause a function call on a corrupted DCTStream to occur, resulting in user controlled data being written to the stack. A...

8.8CVSS6.2AI score0.02067EPSS
Exploits1References2
Prion
Prion
added 2017/09/05 6:29 p.m.18 views

Design/Logic Flaw

An exploitable code execution vulnerability exists in the image rendering functionality of Lexmark Perceptive Document Filters 11.3.0.2400. A specifically crafted PDF can cause a function call on a corrupted DCTStream to occur, resulting in user controlled data being written to the stack. A...

6.8CVSS8.7AI score0.02067EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2017/09/05 6:29 p.m.26 views

CVE-2017-2822

An exploitable code execution vulnerability exists in the image rendering functionality of Lexmark Perceptive Document Filters 11.3.0.2400. A specifically crafted PDF can cause a function call on a corrupted DCTStream to occur, resulting in user controlled data being written to the stack. A...

8.8CVSS7.9AI score0.02067EPSS
Exploits1References2
Cvelist
Cvelist
added 2017/09/05 6:0 p.m.28 views

CVE-2017-2822

An exploitable code execution vulnerability exists in the image rendering functionality of Lexmark Perceptive Document Filters 11.3.0.2400. A specifically crafted PDF can cause a function call on a corrupted DCTStream to occur, resulting in user controlled data being written to the stack. A...

7.5CVSS8.8AI score0.02067EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2017/09/05 12:0 a.m.58 views

RHEL 6 : poppler (RHSA-2017:2550)

An update for poppler is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.8CVSS7.4AI score0.01999EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/09/05 12:0 a.m.35 views

RHEL 7 : poppler (RHSA-2017:2551)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2551 advisory. Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: A stack-based buffer...

7.8CVSS7.7AI score0.04338EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2017/09/01 12:0 a.m.52 views

CentOS 6 : poppler (CESA-2017:2550)

An update for poppler is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.8CVSS7.4AI score0.01999EPSS
Exploits0References2
Cent OS
Cent OS
added 2017/08/31 6:58 p.m.160 views

poppler security update

CentOS Errata and Security Advisory CESA-2017:2551 An update for poppler is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.8CVSS7.3AI score0.04338EPSS
Exploits0References7
Cent OS
Cent OS
added 2017/08/31 6:48 p.m.75 views

poppler security update

CentOS Errata and Security Advisory CESA-2017:2550 An update for poppler is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.8CVSS7.2AI score0.01999EPSS
Exploits0References7
Talos Blog
Talos Blog
added 2017/08/28 8:30 a.m.60 views

Vulnerability Spotlight: Lexmark Perceptive Document Filters Code Execution Bugs

OverviewTalos is disclosing a pair of code execution vulnerabilities in Lexmark Perceptive Document Filters. Perceptive Document Filters are a series of libraries that are used to parse massive amounts of different types of file formats for multiple purposes. Talos has previously discussed in...

6.8CVSS9.2AI score0.02303EPSS
Exploits2
Rows per page
Query Builder