Lucene search
K

11374 matches found

RedHat Linux
RedHat Linux
added 16 hours ago3 views

xorg: X11: xserver: X.org: glamor Font Atlas Heap Buffer Overflow

A flaw was found in the glamorfontget function of the xorg-x11-server. This vulnerability, a heap buffer overflow, occurs when the server processes a specially crafted PCF font file where individual glyph metrics exceed the declared maximum bounds. An authenticated X client can exploit this by...

8.5CVSS6.5AI score0.00212EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 20 hours ago3 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes

An out-of-bounds read flaw was found in the X.Org X server and Xwayland in glXDispChangeDrawableAttributes. A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists but requires byte-swapp...

5.5CVSS6.2AI score0.00132EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 6 days ago7 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence()

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...

7.8CVSS6.9AI score0.00142EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.6 views

Devolutions Remote Desktop Manager 2026.2.5 < 2026.2.12 Code Execution (DEVO-2026-0021)

The version of Devolutions Remote Desktop Manager installed on the remote host is 2026.2.5 through 2026.2.11. It is, therefore, affected by a code execution vulnerability: - Incorrect link resolution by display name in the custom PowerShell VPN editor allows an authenticated attacker with write...

7.2CVSS6.5AI score0.00278EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 8:10 p.m.14 views

CVE-2026-58460

CVE-2026-58460 affects the React Native package react-native-receive-sharing-intent. A path traversal vulnerability allows a co-resident malicious app to write files outside the intended cache directory by supplying a crafted _display_name with dot-dot path components via a malicious ContentProvi...

7.7CVSS5.9AI score0.00138EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/02 8:10 p.m.7 views

CVE-2026-58460

react-native-receive-sharing-intent contains a path traversal vulnerability that allows a co-resident malicious application to write files outside the intended cache directory by supplying a crafted displayname value containing dot-dot path components through a malicious ContentProvider. Attacker...

7.7CVSS5.9AI score0.00138EPSS
Exploits0References3
OSV
OSV
added 2026/07/02 5:51 p.m.4 views

GHSA-4H7G-5542-V3FC mediawiki/maps has stored XSS through the overlays parameter in the display_map parser function

Summary Stored XSS through wikitext can be performed by inserting malicious HTML into the overlays parameter of the displaymap parser function when using the leaflet service. Details The maps extension doesn't escape overlay names before passing them to leaflet. Leaflet then inserts them as HTML:...

8.6CVSS5.8AI score
Exploits0References2
EUVD
EUVD
added 2026/07/02 5:13 p.m.11 views

EUVD-2026-36317

OpenClaw: Matrix allowFrom could bind to mutable display names...

8.8CVSS5.8AI score0.00309EPSS
Exploits0References3
OSV
OSV
added 2026/07/02 5:13 p.m.5 views

GHSA-7HXM-F538-3XP6 OpenClaw: Matrix allowFrom could bind to mutable display names

Summary Matrix allowFrom could bind to mutable display names. In affected versions, a Matrix account able to change display name metadata could match a policy entry through mutable display metadata. This advisory is scoped to the named feature and configuration. It does not change OpenClaw's...

8.8CVSS5.9AI score0.00309EPSS
Exploits0References4
OSV
OSV
added 2026/07/02 4:43 p.m.7 views

GHSA-C29C-2Q9C-PC86 OpenClaw: Slack allowFrom could bind to mutable display names

Summary Slack allowFrom could bind to mutable display names. In affected versions, a Slack account able to change display name metadata could match a policy entry through mutable display metadata. This advisory is scoped to the named feature and configuration. It does not change OpenClaw's...

8.6CVSS6AI score0.00209EPSS
Exploits0References2
OSV
OSV
added 2026/07/02 3:40 p.m.7 views

GHSA-XWW8-GQVH-92X9 OpenClaw: Exec approval display truncation could hide the command being approved

Summary OpenClaw exec approvals could show a shortened command in the approval UI while keeping the full original command for execution. For very long commands, an approver could see and approve a benign-looking prefix while a hidden suffix remained part of the command that would run after...

8CVSS5.8AI score0.00232EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-53330

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/display: Fix out-of-bounds read in dpgeteqauxrdinterval Why & How The auxrdinterval array in struct dclttprcaps is declared with MAXREPEATERCNT - 1 7...

6AI score0.00166EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53329

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/display: Use kreallocarray in dalvectorreserve Why & How dalvectorreserve computes the allocation size as capacity vector-structsize using uint32t...

6.3AI score0.00195EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/07/01 7:52 p.m.7 views

CVE-2026-53329

A flaw was found in the Linux kernel's drm/amd/display component. The dalvectorreserve function calculates memory allocation size using 32-bit arithmetic, which can lead to an integer overflow. This overflow causes a smaller memory buffer to be allocated than intended, resulting in a heap overflo...

6.3AI score0.00195EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/07/01 7:42 p.m.6 views

CVE-2026-53332

A flaw was found in the Linux kernel's Qualcomm NGD Next Generation Display controller qcom-ngd-ctrl component. This vulnerability arises from a race condition where callbacks are registered before the NGD device is fully initialized. This can lead to the callbacks operating on uninitialized data...

5.8AI score0.00168EPSS
Exploits0References4
OSV
OSV
added 2026/07/01 5:24 p.m.5 views

DRUPAL-CONTRIB-2026-069

The Colorbox module integrates with the Colorbox JavaScript library to display content in an overlay above the page. The module doesn't sufficiently protect against injection of malicious JavaScript under certain scenarios. This vulnerability is mitigated by the fact that an attacker must have a...

5.4CVSS5.8AI score0.00204EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/07/01 4:7 p.m.10 views

CVE-2026-53330

A flaw was found in the Linux kernel's AMD display driver. This vulnerability allows for an out-of-bounds read when the system processes DisplayPort DP sink reports that exceed expected limits. This could potentially lead to the disclosure of sensitive information or cause the system to become...

5.8AI score0.00166EPSS
Exploits0References4
NVD
NVD
added 2026/07/01 2:16 p.m.6 views

CVE-2026-53329

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Use kreallocarray in dalvectorreserve Why & How dalvectorreserve computes the allocation size as "capacity vector-structsize" using uint32t arithmetic, which can silently wrap to a small value on overflow. This...

0.00195EPSS
Exploits0References8
NVD
NVD
added 2026/07/01 2:16 p.m.7 views

CVE-2026-53330

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds read in dpgeteqauxrdinterval Why & How The auxrdinterval array in struct dclttprcaps is declared with MAXREPEATERCNT - 1 7 elements, indexed 0..6. However, the offset parameter passed to...

0.00166EPSS
Exploits0References3
OSV
OSV
added 2026/07/01 2:16 p.m.3 views

UBUNTU-CVE-2026-53330

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds read in dpgeteqauxrdinterval Why & How The auxrdinterval array in struct dclttprcaps is declared with MAXREPEATERCNT - 1 7 elements, indexed 0..6. However, the offset parameter passed to...

5.7AI score0.00166EPSS
Exploits0References6
Rows per page
Query Builder