6685 matches found
DEBIAN-CVE-2013-7445
The Direct Rendering Manager DRM subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager GEM objects, which allows context-dependent attackers to cause a denial of service memory consumption via an application that processes graphics data, as demonstrated by...
UBUNTU-CVE-2013-7445
The Direct Rendering Manager DRM subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager GEM objects, which allows context-dependent attackers to cause a denial of service memory consumption via an application that processes graphics data, as demonstrated by...
CVE-2013-7445
CVE-2013-7445 : In the Linux kernel DRM subsystem, the Graphics Execution Manager (GEM) object handling (through GEM requests) is mishandled, allowing a context-aware attacker to cause a denial of service via memory exhaustion. The exploitation described uses JavaScript creating many CANVAS eleme...
PT-2015-3593
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.x Description The issue is related to the Direct Rendering Manager DRM subsystem in the Linux kernel, which mishandles requests for Graphics Execution Manager GEM objects. This allows attackers to cause a denia...
The vulnerability of the Firefox browser, which allows a perpetrator to gain access to protected information or cause a service failure
The vulnerability of the gfx/2d/DataSurfaceHelpers.cpp component in the Firefox browser is caused by buffer overflow. Exploiting this vulnerability can allow an attacker to gain access to protected information or cause a service failure by using the CANVAS element to switch to 2D rendering mode,...
[SECURITY] Fedora 21 Update: webkitgtk-2.4.9-2.fc21
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform...
[SECURITY] Fedora 22 Update: webkitgtk-2.4.9-2.fc22
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform...
[SECURITY] Fedora 22 Update: webkitgtk3-2.4.9-2.fc22
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3...
[SECURITY] Fedora 23 Update: webkitgtk-2.4.9-3.fc23
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform...
Avast! AntiVirus - X.509 Error Rendering Command Execution
Avast! AntiVirus - X.509 Error Rendering Command Execution Source: https://code.google.com/p/google-security-research/issues/detail?id=546 Avast will render the commonName of X.509 certificates into an HTMLLayout frame when your MITM proxy detects a bad signature. Unbelievably, this means...
Avast! AntiVirus - X.509 Error Rendering Command Execution
Source: https://code.google.com/p/google-security-research/issues/detail?id=546 Avast will render the commonName of X.509 certificates into an HTMLLayout frame when your MITM proxy detects a bad signature. Unbelievably, this means CN="really?!?!?" actually works, and is pretty simple to convert...
Gryffin - Large Scale Web Security Scanning Platform
Gryffin is a large scale web security scanning platform. It is not yet another scanner. It was written to solve two specific problems with existing scanners: coverage and scale. Better coverage translates to fewer false negatives. Inherent scalability translates to capability of scanning, and...
CVE-2015-4512
gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the Cairo library with 32-bit color-depth surface creation followed by 16-bit color-depth surface display, which allows remote attackers to obtain sensitive information from process memory or cause a...
Out-of-bounds
gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the Cairo library with 32-bit color-depth surface creation followed by 16-bit color-depth surface display, which allows remote attackers to obtain sensitive information from process memory or cause a...
USN-2743-1: Firefox vulnerabilities
Andrew Osmond, Olli Pettay, Andrew Sutherland, Christian Holler, David Major, Andrew McCreight, Cameron McCormack, Bob Clary and Randell Jesup discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially explo...
CVE-2015-4512
gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the Cairo library with 32-bit color-depth surface creation followed by 16-bit color-depth surface display, which allows remote attackers to obtain sensitive information from process memory or cause a...
Vulnerability of Firefox and Firefox ESR browsers, allowing attackers to execute arbitrary code
The vulnerability in the CanvasRenderingContext2D implementation in Firefox and Firefox ESR browsers is related to incorrect handling of events related to size changes. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely, using a sequence of characters for the CANV...
The vulnerability of the iOS operating system allows a perpetrator to forge any security certificate desired.
The vulnerability of the Certificate UI component in the iOS operating system is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to issue arbitrary security certificates due to display-related data rendering issues...
Amazon Linux: Security Advisory (ALAS-2013-150)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
change fontset 'icons' to html entities to improve security compliance
It seems that the icons in Confluence are currently rendered using fontset. This can be an issue for organization especially banks that have strict security constraint fontset cannot be downloaded as a result this will not render on customer instance. I would recommend that we change the current...