6683 matches found
The vulnerability of the DRM/AMD/display components in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the DRM/amd/display components in the Linux operating system is related to a numerical overflow condition. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the DRM/AMD/display components in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the DRM/amd/display components in the Linux operating system is related to the lack of zero-division checking. Exploiting this vulnerability can allow a perpetrator to cause service failures...
The vulnerability of the drm/xe component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the drm/xe component in the Linux operating system is related to the breach of the initial buffer boundary. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability of the DRM/AMD/display components in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the DRM/amd/display components in the Linux operating system is related to errors in pointer arithmetic. Exploiting this vulnerability can allow an attacker to cause a service failure...
Fedora 42 : webkitgtk (2025-5427adc3f4)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-5427adc3f4 advisory. Limit the data stored in session state. Remove the empty area below the title bar in Web Inspector when not docked. Fix various crashes and renderin...
DRUPAL-CONTRIB-2025-086
This module enables you to use config\pages as a content entity. The module doesn't check permission or entity access before rendering config\pages content...
CVE-2025-52886
A use-after-free vulnerability has been discovered in the PDF rendering library, stemming from a reference counting flaw. This issue allows an attacker, by providing specially crafted malicious input, to overflow a reference counter which subsequently leads to a use-after-free condition. While th...
xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors
A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash...
CVE-2025-52886
Poppler is a PDF rendering library. Versions prior to 25.06.0 use std::atomicint for reference counting. Because std::atomicint is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue...
CVE-2025-6725
In the PdfViewer component, a Cross-Site Scripting XSS vulnerability is possible if a specially-crafted document has already been loaded and the user engages with a tool that requires the DOM to be re-rendered...
thunderbird: Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links
A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is...
CVE-2025-6725 Cross-Site Scripting (XSS) in PdfViewer
In the PdfViewer component, a Cross-Site Scripting XSS vulnerability is possible if a specially-crafted document has already been loaded and the user engages with a tool that requires the DOM to be re-rendered...
CVE-2025-6725
CVE-2025-6725 is a Cross-Site Scripting (XSS) vulnerability reported in the PdfViewer component across Progress Telerik UI products (e.g., UI for ASP.NET Core/Blazor/ASP.NET MVC, Kendo UI for React/Angular/jQuery). The root cause, as described in the initial materials, is insufficient validation ...
The vulnerability of the WPE WebKit and WebKitGTK page rendering modules, related to the occurrence of operations outside the buffer in memory, allows attackers to cause service failures.
The vulnerability of the WPE WebKit and WebKitGTK page rendering modules is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors
A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash...
SAMSUNG rLottie 安全漏洞
SAMSUNG rLottie is a platform-independent, standalone c++ library for real-time rendering of vector-based animation and art from Samsung South Korea. A code execution vulnerability exists in SAMSUNG rLottie, which can be exploited by an attacker to execute arbitrary code on a system...
Fedora 42 : webkitgtk (2025-40aeebe6d2)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-40aeebe6d2 advisory. Enable CSS Overscroll Behavior by default. Change threaded rendering implementation to use Skia API instead of WebCore display list that is not thre...
Vulnerability of the dpu_encoder_phys_init() function in the drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c module – This driver for supporting the Direct Rendering Infrastructure (DRI) of the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of protected information.
Vulnerability of the dpuencoderphysinit function in the drivers/gpu/drm/msm/disp/dpu1/dpuencoder.c module – The driver for supporting Direct Rendering Infrastructure DRI in Linux kernel is vulnerable to synchronization errors when using shared resources. Exploiting this vulnerability could allow...
Vulnerability of the si_dpm_enable() function in the drivers/gpu/drm/amd/pm/powerplay/si_dpm.c module – A driver for supporting Direct Rendering Infrastructure (DRI) in AMD graphics cards for Linux operating systems, which allows a hacker to cause a service failure
Vulnerability of the sidpmenable function in the drivers/gpu/drm/amd/pm/powerplay/sidpm.c module – The driver for supporting Direct Rendering Infrastructure DRI in AMD graphics cards for Linux operating systems is vulnerable due to a buffer overflow vulnerability related to the assignment of the...
xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors
A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash...