Search CVE reports
441 – 450 of 881 results
Some fixes available 27 of 31
SkPath.cpp in Skia, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, does not properly validate the return values of ChopMonoAtY calls, which allows remote attackers to cause a...
7 affected packages
android, chromium-browser, firefox, oxide-qt, thunderbird...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| android | Not in release | Not in release | Not in release | Not in release | Not in release |
| chromium-browser | Fixed | Fixed | Fixed | Fixed | Fixed |
| firefox | Not affected | Not affected | Not affected | Not in release | Not affected |
| oxide-qt | Not in release | Not in release | Not in release | Not in release | Not in release |
| thunderbird | Not affected | Not affected | Not affected | Not in release | Not affected |
| wine-gecko-2.21 | Not in release | Not in release | Not in release | Not in release | Not in release |
| wine-gecko2.21 | Not in release | Not in release | Not in release | Not in release | Not in release |
Some fixes available 3 of 4
The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for...
2 affected packages
chromium-browser, oxide-qt
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | — |
| oxide-qt | — | — | — | — | — |
Some fixes available 3 of 4
The bidirectional-text implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not ensure left-to-right (LTR) rendering of URLs, which allows remote attackers to spoof the...
2 affected packages
chromium-browser, oxide-qt
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | — |
| oxide-qt | — | — | — | — | — |
Some fixes available 3 of 4
The AllowCrossRendererResourceLoad function in extensions/browser/url_request_util.cc in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly use an extension's manifest.json...
2 affected packages
chromium-browser, oxide-qt
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | — |
| oxide-qt | — | — | — | — | — |
Some fixes available 3 of 4
The AllowCrossRendererResourceLoad function in extensions/browser/url_request_util.cc in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly use an extension's manifest.json...
2 affected packages
chromium-browser, oxide-qt
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | — |
| oxide-qt | — | — | — | — | — |
Some fixes available 10 of 16
Multiple integer overflows in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow)...
4 affected packages
chromium-browser, openjpeg, openjpeg2, oxide-qt
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | Fixed |
| openjpeg | — | — | — | — | Not in release |
| openjpeg2 | — | — | — | — | Not affected |
| oxide-qt | — | — | — | — | Not in release |
Some fixes available 10 of 16
Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a...
4 affected packages
chromium-browser, openjpeg, openjpeg2, oxide-qt
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | Fixed |
| openjpeg | — | — | — | — | Not in release |
| openjpeg2 | — | — | — | — | Not affected |
| oxide-qt | — | — | — | — | Not in release |
Some fixes available 3 of 4
Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to execute...
2 affected packages
chromium-browser, oxide-qt
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | — |
| oxide-qt | — | — | — | — | — |
Some fixes available 3 of 4
Multiple heap-based buffer overflows in PDFium, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service or possibly have unspecified...
2 affected packages
chromium-browser, oxide-qt
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | — |
| oxide-qt | — | — | — | — | — |
Some fixes available 3 of 4
Integer overflow in the opj_tcd_get_decoded_tile_size function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to cause a...
2 affected packages
chromium-browser, oxide-qt
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | — |
| oxide-qt | — | — | — | — | — |