drm/amd/display: Skip pipe if the pipe idx not set properly

...

CVE-2025-47563 WordPress CURCY plugin <= 2.3.7 - Arbitrary Shortcode Execution vulnerability

Missing Authorization vulnerability in villatheme CURCY woocommerce-multi-currency allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects CURCY: from n/a through = 2.3.7...

CVE-2024-50259 netdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write()

In the Linux kernel, the following vulnerability has been resolved: netdevsim: Add trailing zero to terminate the string in nsimnexthopbucketactivitywrite This was found by a static analyzer. We should not forget the trailing zero after copyfromuser if we will further do some string operations,...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the performance monitor not being stopped properly...

CVE-2024-42322 ipvs: properly dereference pe in ip_vs_add_service

In the Linux kernel, the following vulnerability has been resolved: ipvs: properly dereference pe in ipvsaddservice Use pe directly to resolve sparse warning: net/netfilter/ipvs/ipvsctl.c:1471:27: warning: dereference of noderef expression...

CVE-2024-42322 ipvs: properly dereference pe in ip_vs_add_service

In the Linux kernel, the following vulnerability has been resolved: ipvs: properly dereference pe in ipvsaddservice Use pe directly to resolve sparse warning: net/netfilter/ipvs/ipvsctl.c:1471:27: warning: dereference of noderef expression...

SUSE CVE-2024-42064

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip pipe if the pipe idx not set properly why Driver crashes when pipe idx not set properly how Add code to skip the pipe that idx not set properly...

CVE-2024-28072

A highly privileged account can overwrite arbitrary files on the system with log output. The log file path tags were not sanitized properly...

CVE-2024-27029

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix mmhub client id out-of-bounds access Properly handle cid 0x140...

SUSE CVE-2024-31142

Because of a logical error in XSA-407 Branch Type Confusion, the mitigation is not applied properly when it is intended to be used. XSA-434 Speculative Return Stack Overflow uses the same infrastructure, so is equally impacted. For more details, see: https://xenbits.xen.org/xsa/advisory-407.html...

kaleidoskop-suedpark.de Improper Access Control vulnerability OBB-3819173

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Authorization

Missing Authorization vulnerability in Clever plugins Delete Duplicate Posts allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Delete Duplicate Posts: from n/a through 4.8.9...

Dompdf Security Vulnerabilities

Dompdf is an HTML to PDF converter. A security vulnerability exists in Dompdf versions prior to 2.0.4, which stems from a recursive link that is not properly validated and may exhaust the memory available to the executing process and/or the server itself...

CVE-2023-3615 Lack of server certificate validation in websockets connection

Mattermost iOS app fails to properly validate the server certificate while initializing the TLS connection allowing a network attacker to intercept the WebSockets connection...

CVE-2023-30559

The firmware update package for the wireless card is not properly signed and can be modified...

Google Android Denial of Service Vulnerability (CNVD-2022-65635)

Google Android is a Linux-based open source operating system from Google. A denial of service vulnerability exists in Google Android, which can be exploited by an attacker to cause a denial of service due to failure to properly handle incoming error messages...

CVE-2022-24706

In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating and gain admin privileges. The CouchDB documentation has always made recommendations for properly securing an installation, including recommending using a firewall in front o...

Moderate: Red Hat Security Advisory: rh-dotnet31-curl security update

An update for rh-dotnet31-curl is now available for .NET Core on Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Cross site scripting in getgrav/grav

User input is not properly sanitized leading to cross site scrpting xss in grav...

SEUR Oficial < 1.7.0 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escape some of its settings allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed Put the following payload in one of the plugin's settings: "alert'XSS'; Affected files:...