Lucene search
K

6684 matches found

Tenable Nessus
Tenable Nessus
added 2015/03/05 12:0 a.m.47 views

Google Chrome < 41.0.2272.76 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 41.0.2272.76. It is, therefore, affected by multiple vulnerabilities as referenced in the 201503stable-channel-update advisory. - Multiple use-after-free vulnerabilities in core/html/HTMLInputElement.cpp in the DOM...

7.5CVSS8.5AI score0.02565EPSS
Exploits0References40
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2015/03/03 12:0 a.m.27 views

Stable Channel Update

The Chrome team is delighted to announce the promotion of Chrome 41 to the stable channel for Windows, Mac and Linux. Chrome 41.0.2272.76 contains a number of fixes and improvements, including: A number of new apps/extension APIs Lots of under the hood changes for stability and performance A list...

7.5CVSS8.4AI score0.02565EPSS
Exploits0Affected Software1
OSV
OSV
added 2015/03/02 5:36 p.m.8 views

SUSE-SU-2015:0463-1 Security update for freetype2

The font rendering library freetype2 has been updated to fix various security issues. Security Issues: CVE-2014-9656 CVE-2014-9657 CVE-2014-9658 CVE-2014-9660 CVE-2014-9661 CVE-2014-9662 CVE-2014-9667 CVE-2014-9666 CVE-2014-9665 CVE-2014-9664 CVE-2014-9663 CVE-2014-9659 CVE-2014-9668 CVE-2014-966...

7.5CVSS6.2AI score0.07687EPSS
Exploits20References36
Mozilla
Mozilla
added 2015/02/24 12:0 a.m.46 views

Out-of-bounds read and write while rendering SVG content — Mozilla

Security researcher Abhishek Arya Inferno of the Google Chrome Security Team used the Address Sanitizer tool to report an out-of-bounds read and an out-of-bounds write when rendering an improperly formatted SVG graphic. This could potentially allow the attacker to read uninitialized memory...

4.3CVSS8.8AI score0.02887EPSS
Exploits0References2Affected Software5
Fedora
Fedora
added 2015/02/20 8:31 a.m.46 views

[SECURITY] Fedora 20 Update: freetype-2.5.0-9.fc20

The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a...

7.5CVSS1.5AI score0.07687EPSS
Exploits23
Fedora
Fedora
added 2015/02/19 6:1 p.m.48 views

[SECURITY] Fedora 21 Update: freetype-2.5.3-15.fc21

The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a...

7.5CVSS1.5AI score0.07687EPSS
Exploits20
myhack58
myhack58
added 2015/02/08 12:0 a.m.12 views

Vulnerability tracking: latest IE UXSS vulnerability technical analysis-vulnerability warning-the black bar safety net

This article is a brief analysis about the vulnerability of the principle. Attack process top0. eval'=top1;alert;. location="javascript:alertdocument. domain"'; poc in the first iframe the use of a 3 0 2 jump, jump to the target domain, the second one the iframe is also loading the target domain ...

2.4AI score
Exploits0
OSV
OSV
added 2015/01/30 11:59 a.m.3 views

UBUNTU-CVE-2014-4467

WebKit, as used in Apple iOS before 8.1.3, does not properly determine scrollbar boundaries during the rendering of FRAME elements, which allows remote attackers to spoof the UI via a crafted web site...

4.3CVSS5.8AI score0.01148EPSS
Exploits0References2
CNVD
CNVD
added 2015/01/30 12:0 a.m.3 views

Apple MAC OS X Yosemite Lock Screen Bypass Vulnerability

Apple MAC OS X Yosemite is the latest operating system developed by Apple. Apple MAC OS X Yosemite suffers from a security vulnerability in the way it handles lock screen rendering, which allows attackers to exploit the vulnerability so that the MAC does not lock immediately upon wakeup...

2.1CVSS6.5AI score0.00352EPSS
Exploits0References1
OSV
OSV
added 2015/01/27 8:4 p.m.3 views

UBUNTU-CVE-2015-1360

Skia, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via crafted data that is improperly handled during text drawing, related to gpu/GrBitmapTextContext.cpp and...

7.5CVSS7.4AI score0.0128EPSS
Exploits0References6
NVD
NVD
added 2015/01/22 10:59 p.m.19 views

CVE-2014-7925

Use-after-free vulnerability in the WebAudio implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an audio-rendering thread in which AudioNode data is improper...

7.5CVSS7.1AI score0.01746EPSS
Exploits0References14
OSV
OSV
added 2015/01/22 10:59 p.m.2 views

UBUNTU-CVE-2014-7945

OpenJPEG before r2908, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service out-of-bounds read via a crafted PDF document, related to j2k.c, jp2.c, and t2.c...

5CVSS7.3AI score0.01762EPSS
Exploits0References5
CVE
CVE
added 2015/01/22 10:0 p.m.76 views

CVE-2014-7925

CVE-2014-7925 affects Blink’s WebAudio: a use-after-free in the audio-rendering thread can allow a remote attacker to cause a denial of service, with possible other impact. Evidence across multiple advisories shows Chrome/Blink remediation via upgrade to a fixed Chrome version (40.0.2214.91/111 d...

7.5CVSS9.4AI score0.01746EPSS
Exploits0References14Affected Software1
Cvelist
Cvelist
added 2015/01/22 10:0 p.m.18 views

CVE-2014-7925

Use-after-free vulnerability in the WebAudio implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an audio-rendering thread in which AudioNode data is improper...

9.6AI score0.01746EPSS
Exploits0References14
Debian CVE
Debian CVE
added 2015/01/22 10:0 p.m.21 views

CVE-2014-7925

Removed by vendor...

7.5CVSS9.4AI score0.01746EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2015/01/22 12:0 a.m.24 views

CVE-2014-7925

Use-after-free vulnerability in the WebAudio implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an audio-rendering thread in which AudioNode data is improper...

7.5CVSS7.3AI score0.01746EPSS
Exploits0References7
CNVD
CNVD
added 2015/01/15 12:0 a.m.1 views

Mozilla Firefox/SeaMonkey Bitmap Rendering Information Disclosure Vulnerability

Firefox/SeaMonkey is a web browser and newsgroup client released by Mozilla. An information disclosure vulnerability exists in Mozilla Firefox/SeaMonkey, which can be exploited by attackers to obtain sensitive information or launch further attacks...

5CVSS6.2AI score0.0217EPSS
Exploits0References1
Mozilla
Mozilla
added 2015/01/13 12:0 a.m.42 views

Uninitialized memory use during bitmap rendering — Mozilla

Google security researcher Michal Zalewski reported that when a malformed bitmap image is rendered by the bitmap decoder within a element, memory may not always be properly initialized. The resulting image then uses this uninitialized memory during rendering, allowing data to potentially leak to...

5CVSS8.9AI score0.0217EPSS
Exploits0References2Affected Software2
Fedora
Fedora
added 2015/01/11 2:57 a.m.32 views

[SECURITY] Fedora 21 Update: webkitgtk-2.4.8-1.fc21

WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform...

6.8CVSS1.3AI score0.02762EPSS
Exploits0
Mageia
Mageia
added 2015/01/07 3:14 p.m.45 views

Updated nvidia packages fix security vulnerabilities

Updated nvidia304 and nvidia-current drivers fixes security issues: The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R331.113, R340.x before R340.65, R343.x before R343.36, and R346.x before R346.22, Linux for Tegra L4T driver before R21.2, and Chrome OS driver before R40 allo...

7.5CVSS8.1AI score0.05192EPSS
Exploits0References4
Rows per page
Query Builder