CVE-2026-25180 Windows Graphics Component Information Disclosure Vulnerability

...

CVE-2026-25180

creationtimestamp| type| source ---|---|--- 2026-03-10 16:57:37+00:00| seen| https://www.thezdi.com/blog/2026/3/10/the-march-2026-security-update-review 2026-03-10 19:07:55+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0080 2026-03-11 03:00:16+00:00| seen|...

CVE-2018-25180

creationtimestamp| type| source ---|---|--- 2026-03-06 16:17:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgfpkzzhqz2x...

CVE-2018-25180

Maitra 1.7.2 contains an sql injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the mailid parameter in outmail and inmail modules. Attackers can also download the SQLite database file directly from the application...

CVE-2025-25180

creationtimestamp| type| source ---|---|--- 2025-07-14 02:26:32+00:00| seen| Telegram/BG1k5rtUtqd96aRwtpny8SJ-IDKjPvwJXEwe5LNhNMsyyp4...

CVE-2025-25180

CVE-2025-25180 affects Imagination Technologies’ PowerVR-GPU driver. The issue arises from insufficient validation in RGXCREATEFREELIST, allowing an unprivileged user to trigger improper GPU system calls that can subvert GPU hardware and write to arbitrary physical memory pages. Under certain con...

CVE-2025-25180 GPU DDK - Insufficient validation in RGXCREATEFREELIST creates corrupt freelist

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...

CVE-2024-25180

An issue discovered in pdfmake 0.2.9 allows remote attackers to run arbitrary code via crafted POST request to the /pdf endpoint. NOTE: this is disputed because the behavior of the /pdf endpoint is intentional. The /pdf endpoint is only available after installing a test framework that lives outsi...

CVE-2020-25180

Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x includes the functionality of setting a password that is required to execute privileged commands. The password value passed to ISaGRAF Runtime is the result of encryption performed with a fixed key value using the tiny encryption algorithm...

Exploit for Code Injection in Pdfmake_Project Pdfmake

CVE-2024-25180 Overview pdfmake is a pure JavaScript clien...

Security Bulletin: pdfmake vulnerability affect IBM Spectrum Control

Summary Vulnerability in pdfmake could allow a remote attacker to execute arbitrary code on the system, which could affect IBM Spectrum Control. CVE-2024-25180. Vulnerability Details CVEID:CVE-2024-25180 DESCRIPTION: pdfmake could allow a remote attacker to execute arbitrary code on the system,...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Node.js Vulnerability Details CVEID:CVE-2024-25180 DESCRIPTION: pdfmake could allow a remote attacker to execute arbitrary code on the system, caused by improper neutralization of user supplied-input. By...

CVE-2024-25180

pdfmake 0.2.9 is affected by CVE-2024-25180: a crafted POST request to the /pdf endpoint can allow remote code execution. The /pdf endpoint’s behavior is disputed and is reported as intentional; it is only exposed after installing a test framework outside the pdfmake application, and users are re...

EulerOS 2.0 SP11 : glib2 (EulerOS-SA-2023-2684)

According to the versions of the glib2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Rejected reason: Rejected by upstream. CVE-2023-24593, CVE-2023-25180 Note that Tenable Network Security has extracted the preceding description...

EulerOS Virtualization 2.11.1 : glib2 (EulerOS-SA-2023-2723)

According to the versions of the glib2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Rejected reason: Rejected by upstream. CVE-2023-24593, CVE-2023-25180 Note that Tenable Network Security has extracted the precedin...

EulerOS 2.0 SP11 : glib2 (EulerOS-SA-2023-2642)

According to the versions of the glib2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Rejected reason: Rejected by upstream. CVE-2023-24593, CVE-2023-25180 Note that Tenable Network Security has extracted the preceding description...

glib2 security and bug fix update

2.68.4-11 - Really fix authentication failures when sd-bus clients connect to GDBus servers - Resolves: 2217771 2.68.4-10 - Fix authentication failures when sd-bus clients connect to GDBus servers - Resolves: 2217771 2.68.4-9 - Resolve s390x crashes introduced by fixes for...

Huawei EulerOS: Security Advisory for glib2 (EulerOS-SA-2023-2982)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for glib2 (EulerOS-SA-2023-2754)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for glib2 (EulerOS-SA-2023-2723)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...