In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c.
Max CVSS
9.1
EPSS Score
0.31%
Published
2019-12-24
Updated
2022-10-31
In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.
Max CVSS
9.8
EPSS Score
1.21%
Published
2019-12-24
Updated
2022-10-31
In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c.
Max CVSS
9.8
EPSS Score
0.71%
Published
2019-12-24
Updated
2022-10-31
Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.74%
Published
2019-12-10
Updated
2022-01-01
Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.74%
Published
2019-11-25
Updated
2022-10-14
An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. ssh) could exploit this vulnerability due to insecure permissions allowing a user to edit files within `/run/singularity/instances/sing/<user>/<instance>`. The manipulation of those files can change the behavior of the starter-suid program when instances are joined resulting in potential privilege escalation on the host.
Max CVSS
9.0
EPSS Score
0.21%
Published
2019-05-14
Updated
2023-02-28
Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
1.14%
Published
2019-06-27
Updated
2022-07-29
Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
1.86%
Published
2019-06-27
Updated
2022-07-29
Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
Max CVSS
8.8
EPSS Score
3.69%
Published
2019-06-27
Updated
2022-07-29
Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
Max CVSS
8.8
EPSS Score
2.79%
Published
2019-06-27
Updated
2022-07-29
Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.54%
Published
2019-06-27
Updated
2022-07-29
Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
2.67%
Published
2019-06-27
Updated
2022-07-29
Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
Max CVSS
8.8
EPSS Score
1.72%
Published
2019-06-27
Updated
2022-07-29
Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
Max CVSS
8.8
EPSS Score
3.03%
Published
2019-06-27
Updated
2022-07-29
Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
Max CVSS
8.8
EPSS Score
3.03%
Published
2019-06-27
Updated
2022-10-11
Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.41%
Published
2019-06-27
Updated
2022-10-11
Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a remote attacker to potentially persist an exploited process via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.68%
Published
2019-06-27
Updated
2022-10-11
Use after free in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
2.79%
Published
2019-06-27
Updated
2022-10-07
Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
Max CVSS
8.8
EPSS Score
1.72%
Published
2019-06-27
Updated
2022-10-11
Use after free in file chooser in Google Chrome prior to 74.0.3729.108 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page.
Max CVSS
8.8
EPSS Score
2.79%
Published
2019-06-27
Updated
2022-10-11
Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
2.79%
Published
2019-06-27
Updated
2022-10-11
Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
2.79%
Published
2019-06-27
Updated
2022-10-11
Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
3.90%
Published
2019-06-27
Updated
2022-10-11
Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file.
Max CVSS
8.8
EPSS Score
0.51%
Published
2019-05-23
Updated
2022-10-11
Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file.
Max CVSS
8.8
EPSS Score
0.51%
Published
2019-05-23
Updated
2022-10-11