18310 matches found
UBUNTU-CVE-2026-23471
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
UBUNTU-CVE-2026-23466
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Open-code GGTT MMIO access protection GGTT MMIO access is currently protected by hotplug drmdeventer, which works correctly when the driver loads successfully and is later unbound or unloaded. However, if driver load fail...
UBUNTU-CVE-2026-23469
In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Synchronize interrupts before suspending the GPU The runtime PM suspend callback doesn't know whether the IRQ handler is in progress on a different CPU core and doesn't wait for it to finish. Depending on timing,...
CVE-2026-23471
CVE-2026-23471 documents a use-after-free in the Linux kernel DRM subsystem, specifically involving framebuffers and property blobs during drm_dev_unplug. The issue manifested as OOPSes and dereferencing freed pointers after compositor exit, ultimately risking a crash or instability in graphics s...
CVE-2026-23471
In the Linux kernel, the following vulnerability has been resolved: drm: Fix use-after-free on framebuffers and property blobs when calling drmdevunplug When trying to do a rather aggressive test of igt's "xemoduleload --r reload" with a full desktop environment and game running I noticed a few...
CVE-2026-23468
CVE-2026-23468 affects the Linux kernel’s DRM/amdgpu BO list handling. The issue was an attacker-controlled bo_number could trigger excessive memory allocation and slow list processing; the fix introduces a hard limit of 128k entries per BO list and returns -EINVAL when exceeded. Connected adviso...
CVE-2026-23467
CVE-2026-23467 affects the Linux kernel drm/i915/dmc driver. The vulnerability is a NULL pointer dereference that can occur during probe when DC6 is unexpectedly enabled, due to intel_power_domains_init_hw() calling intel_dmc_update_dc6_allowed_count() before intel_dmc_init(). The root cause is u...
CVE-2026-23466
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Open-code GGTT MMIO access protection GGTT MMIO access is currently protected by hotplug drmdeventer, which works correctly when the driver loads successfully and is later unbound or unloaded. However, if driver load fail...
CVE-2026-23466
The CVE-2026-23466 vulnerability affects the Linux kernel’s drm/xe component, where GGTT MMIO access was only protected by hotplug mechanics (drm_dev_enter). If a driver fails to load or during teardown when BOs may be freed asynchronously, drm_dev_unplug() may not be invoked and the MMIO region ...
CVE-2026-23430 drm/vmwgfx: Don't overwrite KMS surface dirty tracker
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Don't overwrite KMS surface dirty tracker We were overwriting the surface's dirty tracker here causing a memory leak...
CVE-2026-35545
A flaw was found in Roundcube Webmail. A remote attacker could bypass the remote image blocking feature by sending a specially crafted e-mail message containing SVG Scalable Vector Graphics content. This bypass may lead to information disclosure or an access-control bypass, allowing the attacker ...
Incorrect Resource Transfer Between Spheres
Overview Affected versions of this package are vulnerable to Incorrect Resource Transfer Between Spheres in the remote image blocking process. An attacker can obtain sensitive information or bypass access controls by embedding specially crafted SVG content with animate attributes in an email...
EUVD-2026-18593
An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke...
GHSA-J2G6-8RVG-7MF6 Roundcube Webmail: Bypass of remote image blocking via SVG content (with animate attributes) in an e-mail message
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via SVG content with animate attributes in an e-mail message. This may lead to information disclosure or access-control bypass...
CVE-2026-35543
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via SVG content with animate attributes in an e-mail message. This may lead to information disclosure or access-control bypass...
UBUNTU-CVE-2026-35545
An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke...
CVE-2026-35545
An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke...
CVE-2026-35545
An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke...
CVE-2026-35543
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via SVG content with animate attributes in an e-mail message. This may lead to information disclosure or access-control bypass...
CVE-2026-35543
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via SVG content with animate attributes in an e-mail message. This may lead to information disclosure or access-control bypass...