Vulnerabilities > Webmproject
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-30 | CVE-2023-44488 | Improper Handling of Exceptional Conditions vulnerability in multiple products VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. | 7.5 |
2023-09-28 | CVE-2023-5217 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity webmproject microsoft mozilla fedoraproject debian apple google redhat CWE-787 | 8.8 |
2023-09-12 | CVE-2023-4863 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. network low complexity google fedoraproject debian mozilla microsoft webmproject netapp bentley bandisoft CWE-787 | 8.8 |
2023-06-20 | CVE-2023-1999 | Use After Free vulnerability in Webmproject Libwebp There exists a use after free/double free in libwebp. | 7.5 |
2021-05-21 | CVE-2018-25009 | Out-of-bounds Read vulnerability in multiple products A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE16(). | 9.1 |
2021-05-21 | CVE-2018-25010 | Out-of-bounds Read vulnerability in multiple products A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ApplyFilter(). | 9.1 |
2021-05-21 | CVE-2018-25011 | A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in PutLE16(). | 9.8 |
2021-05-21 | CVE-2018-25012 | Out-of-bounds Read vulnerability in multiple products A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE24(). | 9.1 |
2021-05-21 | CVE-2018-25013 | Out-of-bounds Read vulnerability in multiple products A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ShiftBytes(). | 9.1 |
2021-05-21 | CVE-2018-25014 | A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol(). | 9.8 |