1162 matches found
Mozilla: Iframe contents could be rendered outside the iframe
The Mozilla Foundation Security Advisory describes this flaw as: Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks...
DEBIAN-CVE-2022-3661
Insufficient data validation in Extensions in Google Chrome prior to 107.0.5304.62 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome extension. Chromium security severity: Low...
DRUPAL-CONTRIB-2022-058
This module enables themers to get partial data from field render arrays. It gives them more control over the output without drilling deep into the render array or using preprocess functions. The module doesn't sufficiently apply access restrictions when using the filters field\label, field\value...
Twig Field Value - Moderately critical - Access bypass - SA-CONTRIB-2022-058
This module enables themers to get partial data from field render arrays. It gives them more control over the output without drilling deep into the render array or using preprocess functions. The module doesn't sufficiently apply access restrictions when using the filters fieldlabel, fieldvalue,...
OESA-2022-1949 xorg-x11-server security update
Security Fixes: A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...
UBUNTU-CVE-2022-28204
A denial-of-service issue was discovered in MediaWiki 1.37.x before 1.37.2. Rendering of w/index.php?title=Special%3AWhatLinksHere&target=Property%3AP31&namespace=1&invert=1 can take more than thirty seconds. There is a DDoS risk...
DEBIAN-CVE-2022-36402
An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfxexecbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 or Dxxx'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of serviceDoS...
UBUNTU-CVE-2022-36402
An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfxexecbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 or Dxxx'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of serviceDoS...
AZL-10903 CVE-2022-40133 affecting package kernel 5.15.200.1-1
A use-after-freeUAF vulnerability was found in function 'vmwexecbuftiecontext' in drivers/gpu/vmxgfx/vmxgfxexecbuf.c in Linux kernel's vmwgfx driver with device file '/dev/dri/renderD128 or Dxxx'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a...
AZL-10902 CVE-2022-38457 affecting package kernel 5.15.200.1-1
A use-after-freeUAF vulnerability was found in function 'vmwcmdrescheck' in drivers/gpu/vmxgfx/vmxgfxexecbuf.c in Linux kernel's vmwgfx driver with device file '/dev/dri/renderD128 or Dxxx'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of...
AZL-10901 CVE-2022-38096 affecting package kernel for versions less than 5.15.158.2-1
A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfxexecbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 or Dxxx'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of...
AZL-34861 CVE-2022-38096 affecting package kernel for versions less than 6.6.35.1-4
A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfxexecbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 or Dxxx'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of...
DEBIAN-CVE-2022-38096
A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfxexecbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 or Dxxx'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of...
DEBIAN-CVE-2022-36280
An out-of-boundsOOB memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfxkms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 or Dxxx'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial...
UBUNTU-CVE-2022-38457
A use-after-freeUAF vulnerability was found in function 'vmwcmdrescheck' in drivers/gpu/vmxgfx/vmxgfxexecbuf.c in Linux kernel's vmwgfx driver with device file '/dev/dri/renderD128 or Dxxx'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of...
UBUNTU-CVE-2022-38096
A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfxexecbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 or Dxxx'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of...
UBUNTU-CVE-2022-40133
A use-after-freeUAF vulnerability was found in function 'vmwexecbuftiecontext' in drivers/gpu/vmxgfx/vmxgfxexecbuf.c in Linux kernel's vmwgfx driver with device file '/dev/dri/renderD128 or Dxxx'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a...
UBUNTU-CVE-2022-36280
An out-of-boundsOOB memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfxkms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 or Dxxx'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial...
Linux kernel 资源管理错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel due to a post-release reuse of the "vmwexecbuftiecontext" function in the /gpu/vmxgfx/vmxgfxexecbuf.c component of its vmwgf...
PT-2022-4757
Name of the Vulnerable Software and Affected Versions Linux kernel's vmwgfx driver affected versions not specified Description A use-after-free UAF vulnerability was found in the vmw cmd res check function in drivers/gpu/vmxgfx/vmxgfx execbuf.c. This flaw allows a local attacker with a user accou...