Lucene search
K

18310 matches found

OSV
OSV
added 2026/04/03 4:16 p.m.4 views

UBUNTU-CVE-2026-23471

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.7AI score0.00032EPSS
Exploits0References9
OSV
OSV
added 2026/04/03 4:16 p.m.3 views

UBUNTU-CVE-2026-23466

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Open-code GGTT MMIO access protection GGTT MMIO access is currently protected by hotplug drmdeventer, which works correctly when the driver loads successfully and is later unbound or unloaded. However, if driver load fail...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References7
OSV
OSV
added 2026/04/03 4:16 p.m.6 views

UBUNTU-CVE-2026-23469

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Synchronize interrupts before suspending the GPU The runtime PM suspend callback doesn't know whether the IRQ handler is in progress on a different CPU core and doesn't wait for it to finish. Depending on timing,...

4.7CVSS5.8AI score0.00089EPSS
Exploits0References6
CVE
CVE
added 2026/04/03 3:15 p.m.12 views

CVE-2026-23471

CVE-2026-23471 documents a use-after-free in the Linux kernel DRM subsystem, specifically involving framebuffers and property blobs during drm_dev_unplug. The issue manifested as OOPSes and dereferencing freed pointers after compositor exit, ultimately risking a crash or instability in graphics s...

5.8AI score0.00032EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/04/03 3:15 p.m.3 views

CVE-2026-23471

In the Linux kernel, the following vulnerability has been resolved: drm: Fix use-after-free on framebuffers and property blobs when calling drmdevunplug When trying to do a rather aggressive test of igt's "xemoduleload --r reload" with a full desktop environment and game running I noticed a few...

5.8AI score0.00032EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/04/03 3:15 p.m.23 views

CVE-2026-23468

CVE-2026-23468 affects the Linux kernel’s DRM/amdgpu BO list handling. The issue was an attacker-controlled bo_number could trigger excessive memory allocation and slow list processing; the fix introduces a hard limit of 128k entries per BO list and returns -EINVAL when exceeded. Connected adviso...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/04/03 3:15 p.m.13 views

CVE-2026-23467

CVE-2026-23467 affects the Linux kernel drm/i915/dmc driver. The vulnerability is a NULL pointer dereference that can occur during probe when DC6 is unexpectedly enabled, due to intel_power_domains_init_hw() calling intel_dmc_update_dc6_allowed_count() before intel_dmc_init(). The root cause is u...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/03 3:15 p.m.3 views

CVE-2026-23466

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Open-code GGTT MMIO access protection GGTT MMIO access is currently protected by hotplug drmdeventer, which works correctly when the driver loads successfully and is later unbound or unloaded. However, if driver load fail...

5.7AI score0.00129EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/04/03 3:15 p.m.36 views

CVE-2026-23466

The CVE-2026-23466 vulnerability affects the Linux kernel’s drm/xe component, where GGTT MMIO access was only protected by hotplug mechanics (drm_dev_enter). If a driver fails to load or during teardown when BOs may be freed asynchronously, drm_dev_unplug() may not be invoked and the MMIO region ...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/03 3:15 p.m.24 views

CVE-2026-23430 drm/vmwgfx: Don't overwrite KMS surface dirty tracker

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Don't overwrite KMS surface dirty tracker We were overwriting the surface's dirty tracker here causing a memory leak...

0.00121EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/03 3:6 p.m.3 views

CVE-2026-35545

A flaw was found in Roundcube Webmail. A remote attacker could bypass the remote image blocking feature by sending a specially crafted e-mail message containing SVG Scalable Vector Graphics content. This bypass may lead to information disclosure or an access-control bypass, allowing the attacker ...

8.2CVSS5.9AI score0.00329EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/03 6:31 a.m.3 views

Incorrect Resource Transfer Between Spheres

Overview Affected versions of this package are vulnerable to Incorrect Resource Transfer Between Spheres in the remote image blocking process. An attacker can obtain sensitive information or bypass access controls by embedding specially crafted SVG content with animate attributes in an email...

6.9CVSS5.9AI score0.00402EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/03 6:31 a.m.19 views

EUVD-2026-18593

An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke...

5.3CVSS5.9AI score0.00329EPSS
Exploits0References8
OSV
OSV
added 2026/04/03 6:31 a.m.3 views

GHSA-J2G6-8RVG-7MF6 Roundcube Webmail: Bypass of remote image blocking via SVG content (with animate attributes) in an e-mail message

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via SVG content with animate attributes in an e-mail message. This may lead to information disclosure or access-control bypass...

5.3CVSS5.9AI score0.00402EPSS
Exploits0References9
NVD
NVD
added 2026/04/03 5:16 a.m.7 views

CVE-2026-35543

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via SVG content with animate attributes in an e-mail message. This may lead to information disclosure or access-control bypass...

5.3CVSS0.00402EPSS
Exploits0References7
OSV
OSV
added 2026/04/03 5:16 a.m.3 views

UBUNTU-CVE-2026-35545

An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke...

8.2CVSS5.8AI score0.00329EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/04/03 4:2 a.m.21 views

CVE-2026-35545

An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke...

5.3CVSS0.00329EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/04/03 4:2 a.m.6 views

CVE-2026-35545

An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke...

8.2CVSS5.3AI score0.00329EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/03 3:57 a.m.17 views

CVE-2026-35543

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via SVG content with animate attributes in an e-mail message. This may lead to information disclosure or access-control bypass...

5.3CVSS0.00402EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/04/03 3:57 a.m.4 views

CVE-2026-35543

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via SVG content with animate attributes in an e-mail message. This may lead to information disclosure or access-control bypass...

5.3CVSS5.9AI score0.00402EPSS
Exploits0References7
Rows per page
Query Builder