6681 matches found
poppler security update
CentOS Errata and Security Advisory CESA-2016:2580 An update for poppler is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
[SECURITY] Fedora 24 Update: zathura-pdf-mupdf-0.3.0-3.fc24
This plugin adds PDF support to zathura using the mupdf rendering engine...
[SECURITY] Fedora 25 Update: zathura-pdf-mupdf-0.3.0-3.fc25
This plugin adds PDF support to zathura using the mupdf rendering engine...
IBM Social Rendering Templates for Digital Data Connector Cross-Site Scripting Vulnerability
A cross-site scripting vulnerability exists in IBM Social Rendering Templates for Digital Data Connector. Due to the program failing to filter user-supplied input. An attacker could exploit this issue to execute arbitrary script code in an unsuspecting user's browser within the context of the...
Poppler: Multiple vulnerabilities
Background Poppler is a PDF rendering library based on the xpdf-3.0 code base. Description Multiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted PDF using...
openSUSE Security Update : Mozilla Firefox (openSUSE-2016-1271)
Mozilla Firefox was updated to 49.0.2 to fix two security issues and some bugs. The following vulnerabilities were fixed : - CVE-2016-5287: Crash in nsTArraybase bsc1006475 - CVE-2016-5288: Web content can read cache entries bsc1006476 The following changes and fixes are included : - Asynchronous...
RHEL 7 : poppler (RHSA-2016:2580)
An update for poppler is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Remote Code Execution Vulnerability in ThinkPHP 5
ThinkPHP is an open source PHP framework. A remote code execution vulnerability exists in ThinkPHP 5. ThinkPHP 5 is vulnerable to a remote code execution vulnerability due to unfiltering and improper use of sensitive functions when rendering template content. An attacker can exploit the...
[SECURITY] Fedora 23 Update: libass-0.13.4-1.fc23
Libass is a portable library for SSA/ASS subtitles rendering...
[SECURITY] Fedora 25 Update: libass-0.13.4-1.fc25
Libass is a portable library for SSA/ASS subtitles rendering...
[SECURITY] Fedora 24 Update: libass-0.13.4-1.fc24
Libass is a portable library for SSA/ASS subtitles rendering...
Libass Memory Overflow Vulnerability
libass is a lightweight library of functions for rendering subtitles in ASS/SSA format. A memory overflow vulnerability exists in Libass, which can be exploited by remote attackers to execute arbitrary code...
openSUSE Security Update : MozillaThunderbird (openSUSE-2016-1195)
This update for Mozilla Thunderbird to version 45.4.0 fixes the following issues : - When using Thunderbird in a browser like context, for rendering HTML e-mail or feeds, it may be affected by vulnerabilities also fixed in Firefox ESR 45.4. MFSA 2016-86, boo999701 The following bugs were fixed in...
openSUSE Security Update : MozillaThunderbird (openSUSE-2016-1166)
This update for Mozilla Thunderbird to version 45.4.0 fixes the following issues : - When using Thunderbird in a browser like context, for rendering HTML e-mail or feeds, it may be affected by vulnerabilities also fixed in Firefox ESR 45.4. MFSA 2016-86, boo999701 The following bugs were fixed in...
Scripting Engine Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In a web-based...
[SECURITY] Fedora 23 Update: zathura-pdf-mupdf-0.3.0-2.fc23
This plugin adds PDF support to zathura using the mupdf rendering engine...
[SECURITY] Fedora 24 Update: zathura-pdf-mupdf-0.3.0-2.fc24
This plugin adds PDF support to zathura using the mupdf rendering engine...
[SECURITY] Fedora 25 Update: zathura-pdf-mupdf-0.3.0-2.fc25
This plugin adds PDF support to zathura using the mupdf rendering engine...
[slackware-security] bind
New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/bind-9.10.4P3-i586-1slack14.2.txz: Upgraded. This update fixes a denial-of-service vulnerability. Testi...
CVE-2016-5275
Buffer overflow in the mozilla::gfx::FilterSupport::ComputeSourceNeededRegions function in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code by leveraging improper interaction between empty filters and CANVAS element rendering...