Lucene search
K

18323 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:12 p.m.5 views

CVE-2026-25168

Null pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to deny service locally...

6.2CVSS5.8AI score0.0048EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:12 p.m.3 views

CVE-2026-25180

Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose information locally...

5.5CVSS5.8AI score0.00655EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:11 p.m.4 views

CVE-2026-30974

Copyparty is a portable file server. Prior to v1.20.11., the nohtml config option, intended to prevent execution of JavaScript in user-uploaded HTML files, did not apply to SVG images. A user with write-permission could upload an SVG containing embedded JavaScript, which would execute in the...

5.4CVSS6AI score0.00323EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:10 p.m.4 views

CVE-2026-32139

Dataease is an open source data visualization analysis tool. In DataEase 2.10.19 and earlier, the static resource upload interface allows SVG uploads. However, backend validation only checks whether the XML is parseable and whether the root node is svg. It does not sanitize active content such as...

5.4CVSS6AI score0.002EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:7 p.m.5 views

CVE-2026-31807

SiYuan is a personal knowledge management system. Prior to 3.5.10, SiYuan's SVG sanitizer SanitizeSVG blocks dangerous elements...

9.3CVSS5.8AI score0.00625EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:3 p.m.5 views

CVE-2026-23668

Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally...

7CVSS7.4AI score0.0364EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:2 p.m.5 views

CVE-2026-32753

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. In versions 1.8.208 and below, bypasses of the attachment view logic and SVG sanitizer make it possible to upload and render an SVG that runs malicious JavaScript. An extension of .png with content type of...

8.5CVSS5.7AI score0.00207EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:1 p.m.5 views

CVE-2026-33418

DiceBear is an avatar library for designers and developers. Prior to version 9.4.2, the ensureSize function in @dicebear/converter used a regex-based approach to rewrite SVG width/height attributes, capping them at 2048px to prevent denial of service. This size capping could be bypassed by crafti...

7.5CVSS5.8AI score0.00376EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/03/26 2:43 p.m.7 views

SUSE CVE-2026-33416

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single allocation acros...

8.1CVSS5.9AI score0.01052EPSS
Exploits1References28
RedHat Linux
RedHat Linux
added 2026/03/26 12:23 p.m.49 views

freerdp: FreeRDP: Arbitrary code execution via heap buffer overflow in GDI surface pipeline

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap buffer overflow vulnerability by sending a specially crafted graphics command to a FreeRDP client. This allows the server to write data outside of its intended memory...

8.8CVSS6.6AI score0.00537EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/03/26 11:38 a.m.10 views

firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: Canvas2D component...

7.5CVSS7.2AI score0.00687EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/03/26 11:38 a.m.4 views

firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Graphics component...

7.5CVSS7.2AI score0.00772EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/03/26 11:38 a.m.6 views

firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: Canvas2D component...

7.5CVSS7.2AI score0.00702EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/03/26 11:38 a.m.6 views

firefox: thunderbird: Race condition, use-after-free in the Graphics: WebRender component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Race condition, use-after-free in the Graphics: WebRender component...

7.5CVSS7.2AI score0.00352EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/03/26 11:38 a.m.6 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

10CVSS7.3AI score0.00773EPSS
Exploits0References38
RedHat Linux
RedHat Linux
added 2026/03/26 11:38 a.m.4 views

firefox: thunderbird: Incorrect boundary conditions in the Graphics: Text component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: Text component...

7.5CVSS7.2AI score0.00433EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/03/26 11:38 a.m.4 views

firefox: thunderbird: Uninitialized memory in the Graphics: Canvas2D component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Uninitialized memory in the Graphics: Canvas2D component...

9.1CVSS7.2AI score0.0043EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/03/26 11:38 a.m.10 views

firefox: thunderbird: Incorrect boundary conditions in the Graphics component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics component...

7.5CVSS7.2AI score0.00433EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/03/26 11:38 a.m.10 views

firefox: thunderbird: Incorrect boundary conditions in the Graphics component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics component...

7.5CVSS7.2AI score0.00433EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/03/26 11:37 a.m.3 views

firefox: thunderbird: Incorrect boundary conditions in the Graphics: Text component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: Text component...

7.5CVSS7.2AI score0.00433EPSS
Exploits0References6
Rows per page
Query Builder