CVE-2026-4293

The affected Kieback & Peter DDC building controllers are vulnerable to cross-site scripting, enabling JavaScript to be executed by the victim's browser, which allows the attacker to control the browser...

CVE-2026-4293

The affected Kieback & Peter DDC building controllers are vulnerable to cross-site scripting, enabling JavaScript to be executed by the victim's browser, which allows the attacker to control the browser...

CVE-2026-4293

The CVE-2026-4293 entry covers cross-site scripting in Kieback & Peter DDC Building Controllers. Affected component: DDC building controllers; vulnerability allows attacker-supplied scripting to run in the victim’s browser, enabling browser control. CVSS 3.1 metrics show Network attack vector, no...

CVE-2026-4293

The affected Kieback & Peter DDC building controllers are vulnerable to cross-site scripting, enabling JavaScript to be executed by the victim's browser, which allows the attacker to control the browser...

EUVD-2026-31125

The affected Kieback & Peter DDC building controllers are vulnerable to cross-site scripting, enabling JavaScript to be executed by the victim's browser, which allows the attacker to control the browser...

CVE-2026-4293 Kieback & Peter DDC Building Controllers Cross-site Scripting

The affected Kieback & Peter DDC building controllers are vulnerable to cross-site scripting, enabling JavaScript to be executed by the victim's browser, which allows the attacker to control the browser...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed a NULL pointer dereference in amdgpudmi2cxfer. When ddcserviceconstruct is called, it explicitly checks both the link type and whether there is something on the link that will determine whether the pin is...

PT-2026-42009

Name of the Vulnerable Software and Affected Versions Kieback & Peter DDC building controllers affected versions not specified Description Cross-site scripting XSS allows JavaScript to be executed by the victim's browser, enabling an attacker to control the browser. Recommendations At the moment,...

CVE-2026-23170

In the Linux kernel, the following vulnerability has been resolved: drm/imx/tve: fix probe device leak Make sure to drop the reference taken to the DDC device during probe on probe failure e.g. probe deferral and on driver unbind...

CVE-2026-23170

In the Linux kernel, the following vulnerability has been resolved: drm/imx/tve: fix probe device leak Make sure to drop the reference taken to the DDC device during probe on probe failure e.g. probe deferral and on driver unbind...

CVE-2026-23170

In the Linux kernel, the following vulnerability has been resolved: drm/imx/tve: fix probe device leak Make sure to drop the reference taken to the DDC device during probe on probe failure e.g. probe deferral and on driver unbind...

PT-2026-8165

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s drm/imx/tve subsystem related to device probe leakage. Specifically, the issue involves failing to drop a reference to the DDC device during probe...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993188)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993188 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add array index check for hdcp ddc access Why Coverity reports OVERRUN warning. ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992647)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992647 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add array index check for hdcp ddc access Why Coverity reports OVERRUN warning. ...

PVS Configuration Wizard Error: Insufficient Privileges

When creating a new PVS farm by running configuration wizard, and selecting option to register the PVS server with a CVAD farm, configuration wizard returns an error: The current user needs to be a Machine catalog Administrator or higher on the Citrix Virtual Desktops Controller at "servername"...

CVE-2024-33227

An issue in the component ddcdrv.sys of Nicomsoft WinI2C/DDC v3.7.4.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests...

SUSE CVE-2024-46804

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add array index check for hdcp ddc access Why Coverity reports OVERRUN warning. Do not check if array index valid. How Check msgid valid and valid array index...

DEBIAN-CVE-2024-46804

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add array index check for hdcp ddc access Why Coverity reports OVERRUN warning. Do not check if array index valid. How Check msgid valid and valid array index...

CVE-2024-46804 drm/amd/display: Add array index check for hdcp ddc access

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add array index check for hdcp ddc access Why Coverity reports OVERRUN warning. Do not check if array index valid. How Check msgid valid and valid array index...

CVE-2024-46804

CVE-2024-46804 affects the Linux kernel’s DRM/AMD display path, specifically HDCP DDC access. The vulnerability stems from an array index overrun due to not validating the index, which could lead to overrun/W earlier reports. The fix adds proper checks: validate the message id (msg_id) and ensure...