drm/amd/display: Handle dml allocation failure to avoid crash

...

drm/amd: check num of link levels when update pcie param

...

drm/xe/ufence: Prefetch ufence addr to catch bogus address

...

drm/amd/display: Fix NULL pointer dereference for DTN log in DCN401

...

CVE-2025-45805

In phpgurukul Doctor Appointment Management System 1.0, an authenticated doctor user can inject arbitrary JavaScript code into their profile name. This payload is subsequently rendered without proper sanitization, when a user visits the website and selects the doctor to book an appointment...

CVE-2025-45805

In phpgurukul Doctor Appointment Management System 1.0, an authenticated doctor user can inject arbitrary JavaScript code into their profile name. This payload is subsequently rendered without proper sanitization, when a user visits the website and selects the doctor to book an appointment...

Linux Distros Unpatched Vulnerability : CVE-2019-14802

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Nomad 0.5.0 through 0.9.4 fixed in 0.9.5 reveals unintended environment variables to the rendering task during template rendering, aka...

CVE-2025-45805

In phpgurukul Doctor Appointment Management System 1.0, an authenticated doctor user can inject arbitrary JavaScript code into their profile name. This payload is subsequently rendered without proper sanitization, when a user visits the website and selects the doctor to book an appointment...

PT-2025-35815

Name of the Vulnerable Software and Affected Versions: phpgurukul Doctor Appointment Management System version 1.0 Description: An authenticated doctor user can inject arbitrary JavaScript code into their profile name. This payload is rendered without proper sanitization when a user visits the...

CVE-2025-45805

CVE-2025-45805 affects phpgurukul Doctor Appointment Management System 1.0. An authenticated doctor can inject JavaScript into the doctor profile name, which is rendered unsafely when patients book an appointment, enabling stored XSS in the victim’s browser. The exploit is demonstrated in the lin...

Security Bulletin: React Router ≤ 7.5.1 Vulnerability Allows SPA Forcing and Cache Poisoning in SSR Applications, which affects IBM watsonx.data

Summary React Router is a router for React. Starting in version 7.2.0 and prior to version 7.5.2, it is possible to force an application to switch to SPA mode by adding a header to the request. If the application uses SSR and is forced to switch to SPA, this causes an error that completely corrup...

PT-2025-40528

Name of the Vulnerable Software and Affected Versions Qt versions 6.7.0 through 6.9.0 Description A flaw exists that could lead to a denial-of-service DoS condition. This occurs when the software renders a Scalable Vector Graphics SVG file containing a element, potentially resulting in recursive...

Linux Distros Unpatched Vulnerability : CVE-2025-0811

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. Improper rendering of...

Linux Distros Unpatched Vulnerability : CVE-2021-22230

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper code rendering while rendering merge requests could be exploited to submit malicious code. This vulnerability affects GitLab CE/EE 9.3 and later throug...

Linux Distros Unpatched Vulnerability : CVE-2017-15576

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles Time Entry rendering in activity views, which allows remote attackers to obtain sensitive information...

Incorrect Authorization

Overview contao/core-bundle is an Open Source PHP Content Management System for people who want a professional website that is easy to maintain. Affected versions of this package are vulnerable to Incorrect Authorization in the fragments rendering process. An attacker can access sensitive...

CVE-2025-57756 Contao discloses sensitive information in the front end search index

Contao is an Open Source CMS. In versions starting from 4.9.14 and prior to 4.13.56, 5.3.38, and 5.6.1, protected content elements that are rendered as fragments are indexed and become publicly available in the front end search. This issue has been patched in versions 4.13.56, 5.3.38, and 5.6.1. ...

CVE-2025-55618

In Hyundai Navigation App STD5W.EUR.HMC.230516.afa908d, an attacker can inject HTML payloads in the profile name field in navigation app which then get rendered...

Linux Distros Unpatched Vulnerability : CVE-2021-3481

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelperp.h in Qt/Qtbase. While...

Linux Distros Unpatched Vulnerability : CVE-2025-49175

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leadi...