UT-Security

3 exploits Active since Sep 2023
CVE-2023-5217 NOMISEC HIGH WORKING POC
Webmproject Libvpx < 1.13.1 - Out-of-Bounds Write
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
17 stars
CVSS 8.8
CVE-2023-5217 INTHEWILD HIGH WORKING POC
Webmproject Libvpx < 1.13.1 - Out-of-Bounds Write
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVSS 8.8
CVE-2023-44216 WRITEUP MEDIUM WORKING POC
Canonical Ubuntu Linux - Information Disclosure
PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately determine text contained on a web page from one origin if they control a resource from a different origin.
CVSS 5.3