48 matches found
CVE-2026-53293
A flaw was found in the Linux kernel's AMDGPU graphics driver. Multiple issues exist within the AMDGPUINFOREADMMRREG function, including an incorrect order of operations between the reset semaphore and the memory management lock, and memory allocation while holding the reset semaphore. These issu...
UBUNTU-CVE-2026-53293
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix AMDGPUINFOREADMMRREG There were multiple issues in that code. First of all the order between the reset semaphore and the mmlock was wrong e.g. copytouser was called while holding the lock. Then we allocated memory...
CVE-2026-53293 drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix AMDGPUINFOREADMMRREG There were multiple issues in that code. First of all the order between the reset semaphore and the mmlock was wrong e.g. copytouser was called while holding the lock. Then we allocated memory...
EUVD-2025-0104
Malicious code in bioql PyPI...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write via the scanruns function in the MMRDecoder component. An attacker can cause heap corruption or read sensitive memory by providing specially crafted input that causes the xr pointer to write or read outside the bound...
GHSA-RCXC-WJGW-579R Matrix Media Repo (MMR) allows untrusted file formats can be thumbnailed, invoking potentially further untrusted decoders
Impact If SVG or JPEGXL thumbnailers are enabled they are disabled by default, a user may upload a file which claims to be either of these types and request a thumbnail to invoke a different decoder in ImageMagick. In some ImageMagick installations, this includes the capability to run Ghostscript...
Matrix Media Repo (MMR) allows untrusted file formats can be thumbnailed, invoking potentially further untrusted decoders
Impact If SVG or JPEGXL thumbnailers are enabled they are disabled by default, a user may upload a file which claims to be either of these types and request a thumbnail to invoke a different decoder in ImageMagick. In some ImageMagick installations, this includes the capability to run Ghostscript...
SAP NetWeaver AS Resource Management Error Vulnerability
SAP NetWeaver AS is an SAP web application server from SAP, Germany. It not only provides network services, but is also the basic platform for SAP software. A resource management error vulnerability exists in SAP NetWeaver AS Java MMRSERVER version 7.5, which arises from unrestricted access to th...
SUSE CVE-2009-1183
The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service infinite loop and hang via a crafted PDF file...
CVE-2022-28761
Zoom On-Premise Meeting Connector MMR before version 4.8.20220916.131 contains an improper access control vulnerability. As a result, a malicious actor in a meeting or webinar they are authorized to join could prevent participants from receiving audio and video causing meeting disruptions...
CVE-2022-28760
Zoom On-Premise Meeting Connector MMR before version 4.8.20220815.130 contains an improper access control vulnerability. As a result, a malicious actor could obtain the audio and video feed of a meeting they were not authorized to join and cause other meeting disruptions...
CVE-2022-28759
Zoom On-Premise Meeting Connector MMR before version 4.8.20220815.130 contains an improper access control vulnerability. As a result, a malicious actor could obtain the audio and video feed of a meeting they were not authorized to join and cause other meeting disruptions...
Improper access control
Zoom On-Premise Meeting Connector MMR before version 4.8.20220916.131 contains an improper access control vulnerability. As a result, a malicious actor in a meeting or webinar they are authorized to join could prevent participants from receiving audio and video causing meeting disruptions...
CVE-2022-28761
The CVE-2022-28761 entry concerns Zoom On-Premise Meeting Connector MMR prior to version 4.8.20220916.131, with an improper access control flaw. The root cause is inadequate access control within the Meeting Connector, enabling a meeting/webinar participant who is authorized to join to prevent ot...
CVE-2022-28759
Summary (CVE-2022-28759): Zoom On-Premise Meeting Connector MMR versions prior to 4.8.20220815.130 are affected by an improper access control vulnerability that could allow a malicious actor to obtain the audio and video feed of a meeting they were not authorized to join and potentially disrupt m...
CVE-2022-28759 Zoom On-Premise Deployments: Improper Access Control
Zoom On-Premise Meeting Connector MMR before version 4.8.20220815.130 contains an improper access control vulnerability. As a result, a malicious actor could obtain the audio and video feed of a meeting they were not authorized to join and cause other meeting disruptions...
CVE-2022-28760
The CVE-2022-28760 issue affects Zoom On-Premise Meeting Connector MMR prior to 4.8.20220815.130, caused by improper access control that could allow an unauthorized user to obtain the audio and video feeds of a meeting and cause disruptions. Affected product: Zoom On-Premise Meeting Connector MMR...
CVE-2022-28758
Zoom On-Premise Meeting Connector MMR before version 4.8.20220815.130 contains an improper access control vulnerability. As a result, a malicious actor could obtain the audio and video feed of a meeting they were not authorized to join and cause other meeting disruptions...
CVE-2022-28758
Zoom On-Premise Meeting Connector MMR before version 4.8.20220815.130 contains an improper access control vulnerability. As a result, a malicious actor could obtain the audio and video feed of a meeting they were not authorized to join and cause other meeting disruptions...
CVE-2022-28758
The CVE-2022-28758 entry concerns Zoom On-Premise Meeting Connector MMR prior to 4.8.20220815.130, with an improper access control flaw. The issue could allow a malicious actor to obtain the audio and video feeds of a meeting they are not authorized to join, potentially causing other meeting disr...