Lucene search
K

6685 matches found

BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.8 views

The vulnerability of the `debug_event_write_work_handler()` function in the `drivers/gpu/drm/amd/amdkfd/kfddebug.c` driver, a driver for supporting Direct Rendering Infrastructure (DRI) in AMD graphics cards for Linux operating systems, allows a hacker to trigger a service failure.

The vulnerability of the debugeventwriteworkhandler function in the drivers/gpu/drm/amd/amdkfd/kfddebug.c file, a driver for AMD Direct Rendering Infrastructure DRI graphics cards for Linux operating systems, is related to pointer manipulation. Exploiting this vulnerability could allow an attacke...

5.5CVSS6.2AI score0.00261EPSS
Exploits0References14Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.10 views

The vulnerability of the resource_build_bit_depth_reduction_params() function in the DRI driver for AMD kernel-based Linux graphics cards allows a attacker to cause a service failure.

The vulnerability of the resourcebuildbitdepthreductionparams function in the Direct Rendering Infrastructure DRI driver for AMD graphics cards in Linux operating systems is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.6AI score0.00236EPSS
Exploits0References14Affected Software4
RedhatCVE
RedhatCVE
added 2025/05/22 11:30 p.m.8 views

CVE-2022-1416

Missing sanitization of data in Pipeline error messages in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 allows for rendering of attacker controlled HTML tags and CSS styling...

5.4CVSS6.4AI score0.00708EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:17 p.m.7 views

CVE-2022-24071

A Built-in extension in Whale browser before 3.12.129.46 allows attackers to compromise the rendering process which could lead to controlling browser internal APIs...

4.3CVSS6.7AI score0.00651EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:41 p.m.6 views

CVE-2022-28648

In JetBrains YouTrack before 2022.1.43563 HTML code from the issue description was being rendered...

5.7CVSS7AI score0.01335EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:38 p.m.3 views

CVE-2022-28204

A denial-of-service issue was discovered in MediaWiki 1.37.x before 1.37.2. Rendering of w/index.php?title=Special%3AWhatLinksHere⌖=Property%3AP31=1=1 can take more than thirty seconds. There is a DDoS risk...

7.5CVSS6.7AI score0.00825EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:36 p.m.6 views

CVE-2022-2316

HTML injection vulnerability in secure messages of Devolutions Server before 2022.2 allows attackers to alter the rendering of the page or redirect a user to another site...

5.4CVSS6.9AI score0.00487EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:30 p.m.14 views

CVE-2022-2507

In affected versions of Octopus Deploy it is possible to render user supplied input into the webpage...

5.3CVSS6.9AI score0.00417EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:12 p.m.6 views

CVE-2022-24717

ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.5, a cross site scripting XSS issue can occur when providing untrusted input to the redirect.link property as an argument to the buildMessagePageOptions function. While there is no known...

6.1CVSS5.6AI score0.00852EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:30 p.m.6 views

CVE-2021-21422

mongo-express is a web-based MongoDB admin interface, written with Node.js and express. 1: As mentioned in this issue: https://github.com/mongo-express/mongo-express/issues/577, when the content of a cell grows larger than supported size, clicking on a row will show full document unescaped, howev...

8.1CVSS6.5AI score0.0157EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:12 p.m.5 views

CVE-2021-27629

SAP NetWeaver ABAP Server and ABAP Platform Enqueue Server, versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73, allows an unauthenticated attacker without specific knowledge of the system to send a...

7.5CVSS7AI score0.01508EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:47 p.m.5 views

CVE-2021-22645

Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to an attack because the .bip documents display a “load” command, which can be pointed to a .dll fro...

7.8CVSS6.9AI score0.01509EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:16 p.m.6 views

CVE-2021-22951

Unauthorized individuals could view password protected files using viewinline in Concrete CMS previously concrete 5 prior to version 8.5.7. Concrete CMS now checks to see if a file has a password in viewinline and, if it does, the file is not rendered.For version 8.5.6, the following mitigations...

7.5CVSS7AI score0.01075EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:40 p.m.6 views

CVE-2020-1018

An information disclosure vulnerability exists when Microsoft Dynamics Business Central/NAV on-premise does not properly hide the value of a masked field when showing the records as a chart page.The attacker who successfully exploited the vulnerability could see the information that are in a mask...

7.5CVSS6.1AI score0.06158EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:8 p.m.6 views

CVE-2020-13451

An incomplete-cleanup vulnerability in the Office rendering engine of Gotenberg through 6.2.1 allows an attacker to overwrite LibreOffice configuration files and execute arbitrary code via macros...

9.8CVSS7.7AI score0.0302EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/05/22 8:33 a.m.9 views

CVE-2019-7296

typora through 0.9.64 has XSS, with resultant remote command execution, during inline rendering of a mathematical formula...

6.1CVSS7.2AI score0.01686EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:25 a.m.5 views

CVE-2019-19329

In Wikibase Wikidata Query Service GUI before 0.3.6-SNAPSHOT 2019-11-07, when mathematical expressions in results are displayed directly, arbitrary JavaScript execution can occur, aka XSS. This was addressed by introducing MathJax as a new mathematics rendering engine. NOTE: this GUI code is no...

6.1CVSS7.2AI score0.0142EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:37 a.m.7 views

CVE-2019-13982

interfaces/markdown/input.vue in Directus 7 Application before 7.7.0 does not sanitize Markdown text before rendering a preview...

5.3CVSS6.9AI score0.01103EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:54 a.m.10 views

CVE-2011-2670

Mozilla Firefox before 3.6 is vulnerable to XSS via the rendering of Cascading Style Sheets...

6.1CVSS5.7AI score0.00697EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:23 a.m.6 views

CVE-2011-0219

Apple Safari before 5.0.6 allows remote attackers to bypass the Same Origin Policy, and modify the rendering of text from arbitrary web sites, via a Java applet that loads fonts...

5.8CVSS6.7AI score0.01611EPSS
Exploits0References1
Rows per page
Query Builder