20315 matches found
EUVD-2026-39735
Unauthenticated Broken Access Control in Flash & HTML5 Video = 2.11.0 versions...
CVE-2026-57323 WordPress Flash & HTML5 Video plugin <= 2.11.0 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Flash & HTML5 Video = 2.11.0 versions...
CVE-2026-57323
The CVE-2026-57323 entry concerns the WordPress Flash & HTML5 Video plugin (versions <= 2.11.0). Affected component: the Flash & HTML5 Video functionality within the WordPress plugin. Root cause: Unauthenticated Broken Access Control, enabling access to resources without authentication. Impact...
CVE-2026-53138
A flaw was found in the Linux kernel's AMD display drm/amd/display driver. A malformed VBIOS image can cause unbounded processing loops, leading to an out-of-bounds read. This could result in information disclosure or a system crash...
CVE-2026-50745
A missing sanitisation vulnerability exists with user input in the stats-video.php script. The way URLs to this script were constructed did not follow best practices, and the output of the Smarty custom helper function url was neither properly encoded nor sanitised, allowing user‑supplied input t...
CVE-2026-50745
A missing sanitisation vulnerability exists with user input in the stats-video.php script. The way URLs to this script were constructed did not follow best practices, and the output of the Smarty custom helper function url was neither properly encoded nor sanitised, allowing user‑supplied input t...
CVE-2026-50745
A missing sanitisation vulnerability exists with user input in the stats-video.php script. The way URLs to this script were constructed did not follow best practices, and the output of the Smarty custom helper function url was neither properly encoded nor sanitised, allowing user‑supplied input t...
CVE-2026-36907
Summary: CVE-2026-36907 is a stack overflow in the Bento4 toolkit (Apollo AXIOMATIC Bento4) within the AP4_StsdAtom component. Affected version(s): Bento4 before v1.8.9. Impact: Denial of Service (DoS) via a crafted MP4 file. Root cause: Stack overflow in AP4_StsdAtom when parsing MP4 metadata. R...
PT-2026-52652
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A missing sanitisation issue exists in the stats-video.php script. The construction of URLs to this script does not follow best practices, and the output of the...
CVE-2026-46601
The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...
CVE-2026-48940
A Joomla user with K2 "create item" rights Author tier by default can submit an article whose embedVideo POST field contains a raw tag; K2 stores it verbatim and renders it unescaped to any visitor of the article page...
CVE-2026-48940
A Joomla user with K2 "create item" rights Author tier by default can submit an article whose embedVideo POST field contains a raw tag; K2 stores it verbatim and renders it unescaped to any visitor of the article page...
EUVD-2026-39343
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Bound VBIOS record-chain walk loops Why & How All record-chain walk loops in biosparser.c and biosparser2.c use for;; and only terminate on a 0xFF recordtype sentinel or zero recordsize. A malformed VBIOS image...
EUVD-2026-39341
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp VBIOS HDMI retimer register count to array size Why & How The VBIOS integrated info tables v111 and v21 contain HdmiRegNum and Hdmi6GRegNum fields that are used as loop bounds when copying retimer I2C...
CVE-2026-53138
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Bound VBIOS record-chain walk loops Why & How All record-chain walk loops in biosparser.c and biosparser2.c use for;; and only terminate on a 0xFF recordtype sentinel or zero recordsize. A malformed VBIOS image...
CVE-2026-53136
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp VBIOS HDMI retimer register count to array size Why & How The VBIOS integrated info tables v111 and v21 contain HdmiRegNum and Hdmi6GRegNum fields that are used as loop bounds when copying retimer I2C...
UBUNTU-CVE-2026-53138
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Bound VBIOS record-chain walk loops Why & How All record-chain walk loops in biosparser.c and biosparser2.c use for;; and only terminate on a 0xFF recordtype sentinel or zero recordsize. A malformed VBIOS image...
CVE-2026-53138
The CVE affects the Linux kernel’s drm/amd/display path. A malformed VBIOS image could cause unbounded iteration during probe due to for(;;) record-chain walks in bios_parser.c/bios_parser2.c, terminating only on a 0xFF sentinel or a zero record_size. In worst cases, this could loop hundreds of t...
CVE-2026-53136 drm/amd/display: Clamp VBIOS HDMI retimer register count to array size
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp VBIOS HDMI retimer register count to array size Why & How The VBIOS integrated info tables v111 and v21 contain HdmiRegNum and Hdmi6GRegNum fields that are used as loop bounds when copying retimer I2C...
CVE-2026-53136
The CVE pertains to the Linux kernel driver drm/amd/display. A malformed VBIOS can set HdmiRegNum/Hdmi6GRegNum to values up to 255, used as loop bounds when copying retimer I2C settings into fixed-size arrays, causing an out-of-bounds heap write during driver probe. The fix clamps each register c...