Lucene search
K

6681 matches found

Fedora
Fedora
added 2016/03/22 7:55 p.m.34 views

[SECURITY] Fedora 23 Update: webkitgtk4-2.10.9-1.fc23

WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3...

9.3CVSS1.8AI score0.04461EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/03/17 12:0 a.m.9 views

The vulnerability of Firefox ESR, the rendering software Graphite 2, and the Thunderbird email client, which allows a hacker to trigger a service failure or obtain confidential information.

The vulnerability of the TtfUtil:LocaLookup function in the Firefox ESR browser, the Graphite 2 rendering software, and the Thunderbird email client is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to obtain confidential information ...

5.8CVSS7.3AI score0.02254EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2016/03/17 12:0 a.m.5 views

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure or cause other effects.

The vulnerability in the WebKit/Source/core/layout/LayoutBlock.cpp function of the Google Chrome browser’s Blink kernel exists due to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to cause a service failure the appearance of a “Assertion failure” window ...

9.3CVSS7.7AI score0.02121EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/03/17 12:0 a.m.27 views

Mozilla Thunderbird < 38.4 Multiple Vulnerabilities

Binary data 9151.prm...

9.8CVSS9.7AI score0.10238EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2016/03/16 12:0 a.m.51 views

openSUSE Security Update : webkit2gtk3 (openSUSE-2016-340)

This update for webkit2gtk3 fixes the following issues : - Update to version 2.10.7 : + Fix the build with GTK+ 3.16. - Changes from version 2.10.6 : + Fix a deadlock in the Web Process when JavaScript garbage collector was running for a web worker thread that made google maps to hang. + Fix medi...

6.8CVSS6.6AI score0.10946EPSS
Exploits2References42
RedHat Linux
RedHat Linux
added 2016/03/15 8:55 p.m.5 views

rubygem-actionpack: directory traversal in Action View, incomplete CVE-2016-0752 fix

A directory traversal flaw was found in the way the Action View component searched for templates for rendering. If an application passed untrusted input to the 'render' method, a remote, unauthenticated attacker could use this flaw to render unexpected files and, possibly, execute arbitrary code...

7.5CVSS7.3AI score0.95537EPSS
Exploits11References5
Ubuntu
Ubuntu
added 2016/03/14 1:21 p.m.72 views

USN-2927-1: graphite2 vulnerabilities

It was discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially- crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute arbitrary...

9.3CVSS8.4AI score0.04907EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2016/03/14 12:0 a.m.244 views

Debian DSA-3515-1 : graphite2 - security update

Multiple vulnerabilities have been found in the Graphite font rendering engine which might result in denial of service or the execution of arbitrary code if a malformed font file is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

9.3CVSS8.5AI score0.04907EPSS
Exploits1References17
Debian
Debian
added 2016/03/13 7:13 p.m.38 views

[SECURITY] [DSA 3515-1] graphite2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3515-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 13, 2016 https://www.debian.org/security/faq -...

9.3CVSS8.4AI score0.04907EPSS
Exploits1
NVD
NVD
added 2016/03/13 6:59 p.m.14 views

CVE-2016-2797

The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart...

8.8CVSS9.6AI score0.02718EPSS
Exploits0References26
OpenVAS
OpenVAS
added 2016/03/13 12:0 a.m.42 views

Debian Security Advisory DSA 3515-1 (graphite2 - security update)

Multiple vulnerabilities have been found in the Graphite font rendering engine which might result in denial of service or the execution of arbitrary code if a malformed font file is processed. OpenVAS Vulnerability Test $Id: deb3515.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from...

9.3CVSS0.5AI score0.04907EPSS
Exploits1References1
OSV
OSV
added 2016/03/13 12:0 a.m.48 views

DSA-3515-1 graphite2 - security update

Bulletin has no description...

9.3CVSS9AI score0.04907EPSS
Exploits1
OpenVAS
OpenVAS
added 2016/03/12 12:0 a.m.39 views

Debian: Security Advisory (DSA-3515-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.3AI score0.04907EPSS
Exploits1References3
Debian
Debian
added 2016/03/09 5:48 p.m.29 views

[SECURITY] [DSA 3509-1] rails security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3509-1 [email protected] https://www.debian.org/security/ Luciano Bello March 09, 2016 https://www.debian.org/security/faq -...

7.5CVSS7.5AI score0.95537EPSS
Exploits18
ThreatPost
ThreatPost
added 2016/03/09 10:15 a.m.41 views

Google Updates Chrome, Fixes Three High Severity Issues

Google pushed out the latest version of its flagship browser Chrome on Tuesday, fixing three high severity bugs in the process. The update graduates the browser to version number 49.0.2623.87 for Windows, Mac, and Linux, according to a post on Google’s Chrome Releases blog this week. Two of the...

9.3CVSS0.8AI score0.02749EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2016/03/09 12:0 a.m.73 views

Google Chrome < 49.0.2623.87 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 49.0.2623.87. It is, therefore, affected by multiple vulnerabilities as referenced in the 201603stable-channel-update8 advisory. - Multiple integer signedness errors in the opjj2kupdateimagedata function in j2k.c in...

9.3CVSS8.4AI score0.02749EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2016/03/09 12:0 a.m.37 views

Google Chrome < 49.0.2623.87 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 49.0.2623.87. It is, therefore, affected by multiple vulnerabilities as referenced in the 201603stable-channel-update8 advisory. - Multiple integer signedness errors in the opjj2kupdateimagedata function in j2k.c in...

9.3CVSS8.4AI score0.02749EPSS
Exploits0References7
OSV
OSV
added 2016/03/08 12:13 p.m.4 views

USN-2904-1 thunderbird vulnerabilities

Karthikeyan Bhargavan and Gaetan Leurent discovered that NSS incorrectly allowed MD5 to be used for TLS 1.2 connections. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to view sensitive information. CVE-2015-7575 Yves Younan discovered that...

10CVSS7.1AI score0.05992EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2016/03/08 12:0 a.m.30 views

CVE-2016-2797

The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart...

8.8CVSS7.3AI score0.02718EPSS
Exploits0References6
Mozilla
Mozilla
added 2016/03/08 12:0 a.m.43 views

Local file overwriting and potential privilege escalation through CSP reports — Mozilla

Security researcher Nicolas Golubovic reported that a malicious page can overwrite files on the user's machine using Content Security Policy CSP violation reports. The file contents are restricted to the JSON format of the report. In many cases overwriting a local file may simply be destructive,...

8.8CVSS0.5AI score0.02339EPSS
Exploits0References2Affected Software3
Rows per page
Query Builder