CVEs

Evolution of non-/corporate vulnerability research over the last decades and those which made it public.

Bugzilla ~567 bugs filed in components like WebRTC, IPC, WebGL, WebAudio, WebCrypto, OpenH264, Graphite2, Opus, Fonts and others.

Description

CVE-2023-4353

Google Chrome 116 - Heap buffer overflow in ANGLE

CVE-2022-4907

Google Chrome 104 - Unitialized use in FFMPEG/libavformat

CVE-2022-1482

Google Chrome 99 - Incorrect implementation of WebGPU

CVE-2019-17012

Firefox - UAF throught IPC with Msg_PPluginScriptableObjectConstructor

CVE-2018-18502

Firefox - Wild-Ptr through IPC in NeckoParent::RecvPredPredict

CVE-2017-7810

Firefox - OOB read in IPC with JSStructuredCloneReader

702934

Google Chrome 59 - UAF in PNGImageDecoder

669534

Google Chrome 50 - UAF in PrintWebViewHelper

588550

Google Chrome 50 - UAF in CanvasAsyncBlobCreator

CVE-2016-5257

libPNG - Memory corruption

CVE-2016-5256

Cairo Graphics - Double free crash

572404

Google Chrome 49 - UAF in WindowSelector

CVE-2016-1614

Google Chrome 46 - Use of uninitialized value in Blink

CVE-2015-1227

Google Chrome 41 - Use of uninitialized value in DragImage

CVE-2014-7941

Google Chrome 40 - OOB in SelectionOwner

CVE-2014-7936

Google Chrome 40 - UAF in ZoomBubbleView::Close

CVE-2014-7908

Google Chrome 39 - MPEG-4 CheckMov() integer overflow

CVE-2013-0749

Opus Codec - Inproper checks for channels in multistream leading to HBO

CVE-2013-5610

ANGLE - Crash with long expressions in NVIDIA GeForce GT 650M

X-2012-0929

Google Chrome 24 - WebGL memory corruption

CVE-2010-4203

Google Chrome 7 - WebM memory corruption

CVE-2011-2368

Invalid write and OOB read in WebGL

CVE-2011-2367

Firefox - Invalid write and OOB read in WebGL

CVE-2010-3768

Firefox - Inproper validation of downloadable Fonts

CVE-2007-0126

Opera 9.10 - JPG image DHT marker heap corruption

CVE-2006-3912

WinRAR 3.60 - Stack buffer overflow

CVE-2006-1540

Microsoft Office 2002 - Array index bounds error

X-2006-0126

Sambar All-In-One Server IMAPd - Integer overflow

X-2006-0126

Sambar All-In-One Server FTPd - Memory corruption

X-2006-0112

Apple iTunes media sharing server - Denial of Service

CVE-2005-4718

Opera 8.02 - Denial of Service

EDB-ID: 1253

Mozilla Firefox 1.0.7

CVE-2005-4267

Qualcomm WorldMail IMAPd - Literal processing overflow

TA-2005-0303

pcwsd 1.1.0 - Insufficient boundary checking

TA-2005-0220

Tin 1.6.2 - Insufficient boundary checking

TA-2004-0115

Xtreme ASP Photo Gallery 2.0 - SQL injection

CVE-2003-1032

Pi3Web 2.0.2 - Buffer overflow

TA-2003-0915

IpSwitch IMail 8.02 - Directory traversal

TA-2003-0623

iWeb Server 2 - Directory traversal

TA-2003-0622

VisNetic WebMail v5.8 - Failure to handle except. cond.

TA-2003-0621

Twilight WebServer v1.3.3.0 - Memory corruption

TA-2003-0618

Armida Web Server v1.0 - Memory corruption

TA-2003-0527

Abyss WebServer X1 - Directory traversal

TA-2003-0425

CesarFTP Server 0.99g - Denial of service

BID 317429

Hyperion FTP Server 3.0 - Buffer overflow