Lucene search
K

6685 matches found

OSV
OSV
added 2015/10/16 1:59 a.m.2 views

DEBIAN-CVE-2013-7445

The Direct Rendering Manager DRM subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager GEM objects, which allows context-dependent attackers to cause a denial of service memory consumption via an application that processes graphics data, as demonstrated by...

7.8CVSS6.7AI score0.02728EPSS
Exploits0References1
OSV
OSV
added 2015/10/16 1:59 a.m.5 views

UBUNTU-CVE-2013-7445

The Direct Rendering Manager DRM subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager GEM objects, which allows context-dependent attackers to cause a denial of service memory consumption via an application that processes graphics data, as demonstrated by...

7.8CVSS7.1AI score0.02728EPSS
Exploits0References3
CVE
CVE
added 2015/10/16 1:0 a.m.148 views

CVE-2013-7445

CVE-2013-7445 : In the Linux kernel DRM subsystem, the Graphics Execution Manager (GEM) object handling (through GEM requests) is mishandled, allowing a context-aware attacker to cause a denial of service via memory exhaustion. The exploitation described uses JavaScript creating many CANVAS eleme...

7.8CVSS7.7AI score0.02728EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2015/10/16 12:0 a.m.7 views

PT-2015-3593

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.x Description The issue is related to the Direct Rendering Manager DRM subsystem in the Linux kernel, which mishandles requests for Graphics Execution Manager GEM objects. This allows attackers to cause a denia...

7.8CVSS7.1AI score0.02728EPSS
Exploits0References14
BDU FSTEC
BDU FSTEC
added 2015/10/06 12:0 a.m.6 views

The vulnerability of the Firefox browser, which allows a perpetrator to gain access to protected information or cause a service failure

The vulnerability of the gfx/2d/DataSurfaceHelpers.cpp component in the Firefox browser is caused by buffer overflow. Exploiting this vulnerability can allow an attacker to gain access to protected information or cause a service failure by using the CANVAS element to switch to 2D rendering mode,...

6.4CVSS8.2AI score0.03493EPSS
Exploits0References3Affected Software1
Fedora
Fedora
added 2015/10/05 10:53 p.m.18 views

[SECURITY] Fedora 21 Update: webkitgtk-2.4.9-2.fc21

WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform...

1.3AI score
Exploits0
Fedora
Fedora
added 2015/10/05 9:55 p.m.10 views

[SECURITY] Fedora 22 Update: webkitgtk-2.4.9-2.fc22

WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform...

1.3AI score
Exploits0
Fedora
Fedora
added 2015/10/05 9:55 p.m.13 views

[SECURITY] Fedora 22 Update: webkitgtk3-2.4.9-2.fc22

WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3...

1.8AI score
Exploits0
Fedora
Fedora
added 2015/10/03 6:5 p.m.17 views

[SECURITY] Fedora 23 Update: webkitgtk-2.4.9-3.fc23

WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform...

1.3AI score
Exploits0
exploitpack
exploitpack
added 2015/10/02 12:0 a.m.8 views

Avast! AntiVirus - X.509 Error Rendering Command Execution

Avast! AntiVirus - X.509 Error Rendering Command Execution Source: https://code.google.com/p/google-security-research/issues/detail?id=546 Avast will render the commonName of X.509 certificates into an HTMLLayout frame when your MITM proxy detects a bad signature. Unbelievably, this means...

0.9AI score
Exploits0
Exploit DB
Exploit DB
added 2015/10/02 12:0 a.m.34 views

Avast! AntiVirus - X.509 Error Rendering Command Execution

Source: https://code.google.com/p/google-security-research/issues/detail?id=546 Avast will render the commonName of X.509 certificates into an HTMLLayout frame when your MITM proxy detects a bad signature. Unbelievably, this means CN="really?!?!?" actually works, and is pretty simple to convert...

7AI score
Exploits0
Kitploit
Kitploit
added 2015/10/01 1:12 a.m.16 views

Gryffin - Large Scale Web Security Scanning Platform

Gryffin is a large scale web security scanning platform. It is not yet another scanner. It was written to solve two specific problems with existing scanners: coverage and scale. Better coverage translates to fewer false negatives. Inherent scalability translates to capability of scanning, and...

7.2AI score
Exploits0References1
NVD
NVD
added 2015/09/24 4:59 a.m.10 views

CVE-2015-4512

gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the Cairo library with 32-bit color-depth surface creation followed by 16-bit color-depth surface display, which allows remote attackers to obtain sensitive information from process memory or cause a...

6.4CVSS6.3AI score0.03493EPSS
Exploits0References11
Prion
Prion
added 2015/09/24 4:59 a.m.15 views

Out-of-bounds

gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the Cairo library with 32-bit color-depth surface creation followed by 16-bit color-depth surface display, which allows remote attackers to obtain sensitive information from process memory or cause a...

6.4CVSS7AI score0.03493EPSS
Exploits0References11Affected Software1
Ubuntu
Ubuntu
added 2015/09/22 10:8 p.m.67 views

USN-2743-1: Firefox vulnerabilities

Andrew Osmond, Olli Pettay, Andrew Sutherland, Christian Holler, David Major, Andrew McCreight, Cameron McCormack, Bob Clary and Randell Jesup discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially explo...

9.3CVSS9.1AI score0.0608EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2015/09/22 12:0 a.m.24 views

CVE-2015-4512

gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the Cairo library with 32-bit color-depth surface creation followed by 16-bit color-depth surface display, which allows remote attackers to obtain sensitive information from process memory or cause a...

6.4CVSS7.2AI score0.03493EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2015/09/15 12:0 a.m.2 views

Vulnerability of Firefox and Firefox ESR browsers, allowing attackers to execute arbitrary code

The vulnerability in the CanvasRenderingContext2D implementation in Firefox and Firefox ESR browsers is related to incorrect handling of events related to size changes. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely, using a sequence of characters for the CANV...

10CVSS8.2AI score0.08007EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2015/09/08 12:0 a.m.7 views

The vulnerability of the iOS operating system allows a perpetrator to forge any security certificate desired.

The vulnerability of the Certificate UI component in the iOS operating system is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to issue arbitrary security certificates due to display-related data rendering issues...

2.1CVSS5.6AI score0.00235EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.28 views

Amazon Linux: Security Advisory (ALAS-2013-150)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.4AI score0.03857EPSS
Exploits0References2
Atlassian
Atlassian
added 2015/09/01 2:42 p.m.32 views

change fontset 'icons' to html entities to improve security compliance

It seems that the icons in Confluence are currently rendered using fontset. This can be an issue for organization especially banks that have strict security constraint fontset cannot be downloaded as a result this will not render on customer instance. I would recommend that we change the current...

6.9AI score
Exploits0Affected Software1
Rows per page
Query Builder