CVE-2026-4016

A security vulnerability has been detected in GPAC 26.03-DEV. Affected by this vulnerability is the function svginprocess of the file src/filters/loadsvg.c of the component SVG Parser. The manipulation leads to out-of-bounds write. Local access is required to approach this attack. The exploit has...

AlmaLinux 10 : qt6-qtsvg (ALSA-2025:22394)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:22394 advisory. qtsvg: Uncontrolled recursion in Qt SVG module CVE-2025-10728 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...

EUVD-2015-2800

Malware in sbrugna...

Low: qt5-qtsvg security update

Scalable Vector Graphics SVG is an XML-based language for describing two-dimensional vector graphics. Qt provides classes for rendering and displaying SVG drawings in widgets and on other paint devices. Security Fixes: qt: Uninitialized variable usage in munitsPerEm CVE-2023-32573 For more detail...

[SECURITY] Fedora 35 Update: qt5-qtsvg-5.15.2-6.fc35

Scalable Vector Graphics SVG is an XML-based language for describing two-dimensional vector graphics. Qt provides classes for rendering and displaying SVG drawings in widgets and on other paint devices...

An SVG graphic that has attributes that use large values may not be parsed correctly

An SVG graphic that has attributes that use large values may not be parsed correctly Symptoms When you browse a webpage that contains a Scalable Vector Graphics SVG graphic that has attributes that use large values, the SVG graphic may not be parsed correctly. Cause This problem occurs because...

Mozilla Firefox ESR < 31.7 Multiple Vulnerabilities

Binary data 701255.prm...

CVE-2015-2710

Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets CSS token sequence...

CVE-2015-2710

Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets CSS token sequence...

CVE-2015-2710

Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets CSS token sequence...

Firefox ESR 31.x < 31.7 Multiple Vulnerabilities (Mac OS X)

The version of Firefox ESR 31.x installed on the remote Mac OS X host is prior to 31.7. It is, therefore, affected by the following vulnerabilities : - Multiple memory corruption issues exist within the browser engine. A remote attacker can exploit these to corrupt memory and execute arbitrary...

Firefox < 38.0 Multiple Vulnerabilities (Mac OS X)

The version of Firefox installed on the remote Mac OS X host is prior to 38.0. It is, therefore, affected by the following vulnerabilities : - Multiple memory corruption issues exist within the browser engine. A remote attacker can exploit these to corrupt memory and execute arbitrary code...

opera -- multiple vulnerabilities

Opera reports: CORS Cross-Origin Resource Sharing allows web pages to retrieve the contents of pages from other sites, with their permission, as they would appear for the current user. When requests are made in this way, the browser should only allow the page content to be retrieved if the target...