425 matches found
ALSA-2024:0001 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.6.0. Security Fixes: Mozilla: Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver CVE-2023-6856 Mozilla: Memory safety bugs fixed in Firefox 121, Firefo...
CVE-2023-6860
The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...
CVE-2023-6860
The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...
CVE-2023-6860
The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...
MAL-2023-1320 Malicious code in texture-allocator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 295589602f0c0baf1ed21fb915589780ccee883cf28e0458728a211b840b4bae The OpenSSF Package Analysis project identified 'texture-allocator' @ 99.99.80 npm as malicious. It is considered malicious because: - The packa...
Malicious code in texture-allocator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 295589602f0c0baf1ed21fb915589780ccee883cf28e0458728a211b840b4bae The OpenSSF Package Analysis project identified 'texture-allocator' @ 99.99.80 npm as malicious. It is considered malicious because: - The packa...
Mageia: Security Advisory (MGASA-2023-0020)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Malicious Package
Overview texture-allocator is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package...
SUSE CVE-2012-2826
Google Chrome before 20.0.1132.43 does not properly implement texture conversion, which allows remote attackers to cause a denial of service out-of-bounds read via unspecified vectors...
SUSE CVE-2013-6665
Heap-based buffer overflow in the ResourceProvider::InitializeSoftware function in cc/resources/resourceprovider.cc in Google Chrome before 33.0.1750.146 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large texture size that triggers improper...
SUSE CVE-2015-0824
The mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 36.0 allows remote attackers to cause a denial of service out-of-bounds write of zero values, and application crash via vectors that trigger use of DrawTarget and the Cairo library for image drawing...
SUSE CVE-2015-7212
Integer overflow in the mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering a graphics operation that requires a large texture allocation...
SUSE CVE-2016-2828
Use-after-free vulnerability in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via WebGL content that triggers texture access after destruction of the texture's recycle pool...
SUSE CVE-2017-2927
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution...
SUSE CVE-2017-2933
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability related to texture compression. Successful exploitation could lead to arbitrary code execution...
SUSE CVE-2017-2934
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when parsing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution...
SUSE CVE-2017-3078
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the Adobe Texture Format ATF module. Successful exploitation could lead to arbitrary code execution...
SUSE CVE-2017-5580
The parseinstruction function in gallium/auxiliary/tgsi/tgsitext.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service out-of-bounds array access and process crash via a crafted texture instruction...
SUSE CVE-2018-6079
Inappropriate sharing of TEXTURE2DARRAY/TEXTURE3D data between tabs in WebGL in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
SUSE CVE-2018-12294
WebCore/platform/graphics/texmap/TextureMapperLayer.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.2, is vulnerable to a use after free for a WebCore::TextureMapperLayer object...