136 matches found
CVE-2025-43234
Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in watchOS 11.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, macOS Sequoia 15.6, visionOS 2.6. Processing a maliciously crafted texture may lead to unexpected app termination...
Apple多款产品 安全漏洞
Apple iOS and others are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple watchOS is an operating system for smartwatches.Apple macOS is a specialized operating system developed for Mac computers. A security vulnerability exists in several Apple products,...
The vulnerability of the Substance 3D Sampler software for creating textures and materials for 3D models allows a hacker to trigger a service failure. This vulnerability is related to the handling of the null pointer.
The vulnerability of the Substance 3D Sampler software for creating textures and materials for 3D models is related to the handling of a zero pointer. Exploiting this vulnerability could allow an attacker to cause a system failure...
Apple macOS 安全漏洞
Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS version 13.7, which stems from the handling of maliciously crafted textures may cause an application to terminate unexpectedly...
Apple macOS 安全漏洞
Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS version 13.7, which stems from the handling of maliciously crafted textures may cause an application to terminate unexpectedly...
USN-6562-2 firefox regressions
USN-6562-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...
Mozilla: Potential sandbox escape due to <code>VideoBridge</code> lack of texture validation
The Mozilla Foundation Security Advisory describes this flaw as: The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox...
Mozilla: Potential sandbox escape due to <code>VideoBridge</code> lack of texture validation
The Mozilla Foundation Security Advisory describes this flaw as: The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox...
Mozilla: Potential sandbox escape due to <code>VideoBridge</code> lack of texture validation
The Mozilla Foundation Security Advisory describes this flaw as: The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox...
Mozilla: Potential sandbox escape due to <code>VideoBridge</code> lack of texture validation
The Mozilla Foundation Security Advisory describes this flaw as: The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox...
Mozilla: Potential sandbox escape due to <code>VideoBridge</code> lack of texture validation
The Mozilla Foundation Security Advisory describes this flaw as: The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox...
USN-6562-1 firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code.CVE-2023-6865, CVE-2023-6857,...
SUSE CVE-2023-6860
The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...
UBUNTU-CVE-2023-6860
The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...
SUSE CVE-2011-2366
Mozilla Gecko before 5.0, as used in Firefox before 5.0 and Thunderbird before 5.0, does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment shader...
SUSE CVE-2011-3653
Mozilla Firefox before 8.0 and Thunderbird before 8.0 on Mac OS X do not properly interact with the GPU memory behavior of a certain driver for Intel integrated GPUs, which allows remote attackers to bypass the Same Origin Policy and read image data via vectors related to WebGL textures...
SUSE CVE-2012-2819
The texSubImage2D implementation in the WebGL subsystem in Google Chrome before 20.0.1132.43 does not properly handle uploads to floating-point textures, which allows remote attackers to cause a denial of service assertion failure and application crash or possibly have unspecified other impact vi...
SUSE CVE-2013-2874
Google Chrome before 28.0.1500.71 on Windows, when an Nvidia GPU is used, allows remote attackers to bypass intended restrictions on access to screen data via vectors involving IPC transmission of GL textures...
Out-of-bounds Memory Access
directxtex is vulnerable to Out-of-bound Memory Access. A remote attacker is able to overwrite memory through the ConvertToSinglePlane method via the texconv command-line tool when given an invalid height for planar video textures such as NV12, resulting in a system crash or disclosure of sensiti...
Improper Input Validation
Overview directxtexdesktopwin10 is a DirectXTex texture processing library Affected versions of this package are vulnerable to Improper Input Validation in the ConvertToSinglePlane function in DirectXTexConvert.cpp, when processing an invalid height value from the DDS loader for planar video...