Lucene search
K

6684 matches found

NVD
NVD
added 2025/06/17 3:15 p.m.6 views

CVE-2025-49175

A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash...

6.1CVSS0.00279EPSS
Exploits0References34
Cvelist
Cvelist
added 2025/06/17 2:39 p.m.10 views

CVE-2025-49175 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: out-of-bounds read in x rendering extension animated cursors

A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash...

6.1CVSS0.00279EPSS
Exploits0References33
AlpineLinux
AlpineLinux
added 2025/06/17 2:39 p.m.3 views

CVE-2025-49175

A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash...

6.1CVSS5.4AI score0.00279EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/06/17 2:39 p.m.3 views

CVE-2025-49175 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: out-of-bounds read in x rendering extension animated cursors

A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash...

6.1CVSS5.3AI score0.00279EPSS
Exploits0References33
CVE
CVE
added 2025/06/17 2:39 p.m.91 views

CVE-2025-49175

CVE-2025-49175 describes a flaw in the X Rendering extension’s handling of animated cursors: if a client provides no cursors, the server may assume one exists, causing an out-of-bounds read and a potential crash in the X server. Connected sources identify this vulnerability affecting multiple X.o...

6.1CVSS5.3AI score0.00279EPSS
Exploits0References34
Debian CVE
Debian CVE
added 2025/06/17 2:39 p.m.5 views

CVE-2025-49175

A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash...

6.1CVSS6.5AI score0.00279EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/06/17 2:39 p.m.5 views

CVE-2025-49175

A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash. Mitigation Mitigation for this issue is either not available or the currently available...

6.1CVSS5.2AI score0.00279EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2025/06/17 12:0 a.m.6 views

xorg server -- Multiple vulnerabilities

The X.Org project reports: CVE-2025-49175: Out-of-bounds access in X Rendering extension Animated cursors The X Rendering extension allows creating animated cursors providing a list of cursors. By default, the Xserver assumes at least one cursor is provided while a client may actually pass no...

7.8CVSS7.6AI score0.00361EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/17 12:0 a.m.3 views

X.org X Rendering 缓冲区错误漏洞

X.org X Rendering is an extension to the X11 core protocol from the X.org Foundation. A buffer error vulnerability exists in X.org X Rendering that stems from mishandling of animated cursors, which can lead to out-of-bounds reads and crashes...

6.1CVSS6.7AI score0.00279EPSS
Exploits0References5
OSV
OSV
added 2025/06/17 12:0 a.m.1 views

UBUNTU-CVE-2025-49175

A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash...

6.1CVSS7AI score0.00279EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed the null check for pipectx-planestate in resourcebuildscalingparams A null pointer dereference issue could occur when pipectx-planestate is null. The fix adds a check to ensure that ‘pipectx-planestate’ is...

5.5CVSS5.8AI score0.0018EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.2 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/xe: The local fence was used in the error path of xemigrateclear. The purpose of the error path in xemigrateclear is to wait for the locally generated fence before returning. The code is waiting for m-fence, which could be th...

7.8CVSS6.2AI score0.00237EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/06/13 12:0 a.m.4 views

PT-2025-35976

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the drm/xe subsystem related to DMA fence handling. The driver may free data pointed to by DMA fences before all references are released,...

7.8CVSS7.1AI score0.00154EPSS
Exploits0
Fedora
Fedora
added 2025/06/11 2:46 a.m.6 views

[SECURITY] Fedora 42 Update: qt6-qtsvg-6.9.1-1.fc42

Scalable Vector Graphics SVG is an XML-based language for describing two-dimensional vector graphics. Qt provides classes for rendering and displaying SVG drawings in widgets and on other paint devices...

8.4CVSS7.4AI score0.00309EPSS
Exploits0
Fedora
Fedora
added 2025/06/11 2:46 a.m.5 views

[SECURITY] Fedora 42 Update: qt6-qt3d-6.9.1-1.fc42

Qt 3D provides functionality for near-realtime simulation systems with support for 2D and 3D rendering in both Qt C++ and Qt Quick applications...

8.4CVSS7.4AI score0.00309EPSS
Exploits0
Cvelist
Cvelist
added 2025/06/10 2:58 p.m.9 views

CVE-2025-30145 GeoServer has an Infinite Loop Vulnerability in Jiffle process

GeoServer is an open source server that allows users to share and edit geospatial data. Malicious Jiffle scripts can be executed by GeoServer, either as a rendering transformation in WMS dynamic styles or as a WPS process, that can enter an infinite loop to trigger denial of service. This...

7.5CVSS0.00432EPSS
Exploits0References3
CVE
CVE
added 2025/06/10 2:58 p.m.59 views

CVE-2025-30145

CVE-2025-30145 affects GeoServer; malicious Jiffle scripts can enter an infinite loop when used in WMS dynamic styling or a WPS process, enabling denial of service. Affected behavior is described as rendering transformations or WPS processes that may loop indefinitely. The issue is fixed in GeoSe...

7.5CVSS7.3AI score0.00432EPSS
Exploits0References3Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2025/06/08 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-46982

Next.js is a React framework for building full-stack web applications. By sending a crafted HTTP request, it is possible to poison the cache of a non-dynamic server-side rendered route in the pages router this does not affect the app router. When this crafted request is sent it could coerce...

7.5CVSS5.8AI score0.60625EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/06/05 6:12 a.m.10 views

CVE-2025-27038

Memory corruption while rendering graphics using Adreno GPU drivers in Chrome...

7.5CVSS7.2AI score0.00802EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/06/04 5:29 p.m.2 views

webkitgtk: A malicious website may exfiltrate data cross-origin

A flaw was found in WebKitGTK. A malicious website may steal data cross-origin due to improper security checks within the web browser or rendering engine, leading to unauthorized disclosure of information...

6.5CVSS5.7AI score0.00383EPSS
Exploits0References5
Rows per page
Query Builder