Lucene search
K

6685 matches found

Tenable Nessus
Tenable Nessus
added 2016/03/09 12:0 a.m.73 views

Google Chrome < 49.0.2623.87 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 49.0.2623.87. It is, therefore, affected by multiple vulnerabilities as referenced in the 201603stable-channel-update8 advisory. - Multiple integer signedness errors in the opjj2kupdateimagedata function in j2k.c in...

9.3CVSS8.4AI score0.02749EPSS
Exploits0References7
OSV
OSV
added 2016/03/08 12:13 p.m.3 views

USN-2904-1 thunderbird vulnerabilities

Karthikeyan Bhargavan and Gaetan Leurent discovered that NSS incorrectly allowed MD5 to be used for TLS 1.2 connections. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to view sensitive information. CVE-2015-7575 Yves Younan discovered that...

10CVSS7.1AI score0.05992EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2016/03/08 12:0 a.m.29 views

CVE-2016-2797

The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart...

8.8CVSS7.3AI score0.02718EPSS
Exploits0References6
Mozilla
Mozilla
added 2016/03/08 12:0 a.m.43 views

Local file overwriting and potential privilege escalation through CSP reports — Mozilla

Security researcher Nicolas Golubovic reported that a malicious page can overwrite files on the user's machine using Content Security Policy CSP violation reports. The file contents are restricted to the JSON format of the report. In many cases overwriting a local file may simply be destructive,...

8.8CVSS0.5AI score0.02339EPSS
Exploits0References2Affected Software3
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.35 views

Fedora 22 : webkitgtk4-2.10.7-1.fc22 (2016-143a48536c)

This update together with previous releases addresses the following vulnerabilities: - CVE-2015-7096 - CVE-2015-7098 Additional fixes: - Disable DNS prefetch when a proxy is configured. - Reduce the maximum simultaneous network connections to match other browsers. - Make WebKitWebView always...

6.8CVSS7.6AI score0.02795EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.19 views

Fedora 23 : webkitgtk4-2.10.4-1.fc23 (2015-182d308d5a)

WebKitGTK+ 2.10.4 includes fixes for 2 security issues. Additional fixes: Fixed dashed and dotted border painting. Properly cancel navigation policy checks. Several crashes fixed when running editor commands. Fix several crashes due to assertions in Debug builds. Note that Tenable Network Securit...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.36 views

Fedora 23 : webkitgtk4-2.10.7-1.fc23 (2016-ec05afb364)

This update together with previous releases addresses the following vulnerabilities: - CVE-2015-7096 - CVE-2015-7098 Additional fixes: - Disable DNS prefetch when a proxy is configured. - Reduce the maximum simultaneous network connections to match other browsers. - Make WebKitWebView always...

6.8CVSS7.6AI score0.02795EPSS
Exploits0References1
CNVD
CNVD
added 2016/03/03 12:0 a.m.3 views

Microsoft Internet Explorer Cmarkup Memory Misreference Vulnerability

Microsoft Internet Explorer IE is a Web browser developed by the American company Microsoft and is the default browser that comes with the Windows operating system. A memory misreference vulnerability exists in Microsoft Internet Explorer Cmarkup, due to a failure to properly handle CMarkup in...

7.2AI score
Exploits0
Fedora
Fedora
added 2016/03/02 1:52 a.m.11 views

[SECURITY] Fedora 23 Update: graphite2-1.3.6-1.fc23

Graphite2 is a project within SIL=E2=80=99s Non-Roman Script Initiative and Language Software Development groups to provide rendering capabilities for complex non-Roman writing systems. Graphite can be used to create =E2=80=9Csmart fo nts=E2=80=9D capable of displaying writing systems with variou...

1.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/02/25 12:0 a.m.45 views

Google Chrome < 48.0.2564.116 Vulnerability

The version of Google Chrome installed on the remote macOS host is prior to 48.0.2564.116. It is, therefore, affected by a vulnerability as referenced in the 201602stable-channel-update18 advisory. - Google Chrome before 48.0.2564.116 allows remote attackers to bypass the Blink Same Origin Policy...

10CVSS8.3AI score0.02639EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/02/22 12:0 a.m.43 views

Debian DSA-3479-1 : graphite2 - security update

Multiple vulnerabilities have been found in the Graphite font rendering engine which might result in denial of service or the execution of arbitrary code if a malformed font file is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

9.3CVSS7.8AI score0.0831EPSS
Exploits1References7
Ubuntu
Ubuntu
added 2016/02/17 2:46 p.m.81 views

USN-2902-1: graphite2 vulnerabilities

Yves Younan discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially- crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute...

9.3CVSS7.6AI score0.0831EPSS
Exploits1
Jake Archibald's Blog
Jake Archibald's Blog
added 2016/02/16 1:2 p.m.15 views

Control CSS loading with custom properties

Last week I wrote about a simple method to load CSS progressively, and on the very same day some scientists taught gravity how to wave. Coincidence? Yes. The pattern in the previous post covers the 90% case of multi-stage CSS loading, and it's really simple to understand. But would you like to he...

6.9AI score
Exploits0
Debian
Debian
added 2016/02/15 10:43 p.m.33 views

[SECURITY] [DSA 3479-1] graphite2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3479-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 15, 2016 https://www.debian.org/security/faq -...

9.3CVSS8.7AI score0.0831EPSS
Exploits1
OSV
OSV
added 2016/02/15 12:0 a.m.29 views

DSA-3479-1 graphite2 - security update

Bulletin has no description...

9.3CVSS7.7AI score0.0831EPSS
Exploits1
Jake Archibald's Blog
Jake Archibald's Blog
added 2016/02/11 3:24 p.m.13 views

The future of loading CSS

Chrome is intending to change the behaviour of , which will be noticeable when it appears within . The impact and benefits of this aren't clear from the blink-dev post, so I wanted to go into detail here. Update: This is now in Chrome Canary. The current state of loading CSS …content… CSS blocks...

6.4AI score
Exploits0
Fedora
Fedora
added 2016/02/10 10:55 a.m.26 views

[SECURITY] Fedora 22 Update: imlib2-1.4.7-1.fc22

Imlib 2 is a library that does image file loading and saving as well as rendering, manipulation, arbitrary polygon support, etc. It does ALL of these operations FAST. Imlib2 also tries to be highly intelligent about doing them, so writing naive programs can be done easily, without sacrificing...

7.5CVSS1.4AI score0.02709EPSS
Exploits0
Fedora
Fedora
added 2016/02/10 10:52 a.m.38 views

[SECURITY] Fedora 22 Update: webkitgtk4-2.10.7-1.fc22

WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3...

6.8CVSS1.8AI score0.02795EPSS
Exploits0
Fedora
Fedora
added 2016/02/01 6:38 a.m.44 views

[SECURITY] Fedora 22 Update: webkitgtk4-2.10.4-1.fc22

WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3...

6.8CVSS1.8AI score0.10946EPSS
Exploits2
Fedora
Fedora
added 2016/01/30 6:27 p.m.27 views

[SECURITY] Fedora 23 Update: imlib2-1.4.7-1.fc23

Imlib 2 is a library that does image file loading and saving as well as rendering, manipulation, arbitrary polygon support, etc. It does ALL of these operations FAST. Imlib2 also tries to be highly intelligent about doing them, so writing naive programs can be done easily, without sacrificing...

7.5CVSS1.4AI score0.02709EPSS
Exploits0
Rows per page
Query Builder