Lucene search
K

6682 matches found

OSV
OSV
added 2025/04/24 4:31 p.m.4 views

GHSA-F46R-RW29-R322 React Router allows a DoS via cache poisoning by forcing SPA mode

Summary After some research, it turns out that it is possible to force an application to switch to SPA mode by adding a header to the request. If the application uses SSR and is forced to switch to SPA, this causes an error that completely corrupts the page. If a cache system is in place, this...

7.5CVSS7.1AI score0.23628EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/04/24 3:23 a.m.1 views

SUSE CVE-2025-46393

In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packetsize is mishandled related to the rendering of all channels in an arbitrary order...

5.7CVSS7AI score0.00345EPSS
Exploits0References7
OSV
OSV
added 2025/04/23 3:16 p.m.1 views

DEBIAN-CVE-2025-46393

In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packetsize is mishandled related to the rendering of all channels in an arbitrary order...

5.3CVSS4.8AI score0.00345EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/23 12:0 a.m.6 views

The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to copying buffers without checking the size of the input data, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

10CVSS7.3AI score0.0079EPSS
Exploits0References15Affected Software16
BDU FSTEC
BDU FSTEC
added 2025/04/23 12:0 a.m.5 views

The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to the occurrence of operations outside the buffer in memory, allows attackers to trigger a service failure.

The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by processing or loading specially created web...

5CVSS7AI score0.00714EPSS
Exploits0References16Affected Software17
OSV
OSV
added 2025/04/22 5:24 p.m.6 views

USN-7444-1 matrix-synapse vulnerabilities

It was discovered that Synapse network policies could be bypassed via specially crafted URLs. An attacker could possibly use this issue to bypass authentication mechanisms. CVE-2023-32683 It was discovered that Synapse exposed cached device information. An attacker could possibly use this issue t...

9.1CVSS6.8AI score0.01463EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/04/20 12:0 a.m.3 views

kitty 安全漏洞

kitty is a Python-based GPU terminal emulation software by Kovid Goyal, an individual developer in India. The software provides basic terminal functionality and GPU-based rendering reduces system load, uses OpenGL for rendering, and can be supported on Linux and Mac. A security vulnerability exis...

7.8CVSS5.3AI score0.00167EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/04/19 12:0 a.m.12 views

Fedora 40 : webkitgtk (2025-256a86d7c8)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-256a86d7c8 advisory. Limit the data stored in session state. Remove the empty area below the title bar in Web Inspector when not docked. Fix various crashes and renderin...

9.8CVSS7.1AI score0.0082EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2025/04/16 12:0 a.m.8 views

The vulnerability of the dmub_dcn35_get_current_time() function in the Direct Rendering Infrastructure (DRI) driver for AMD kernel-based Linux operating systems allows a malicious actor to cause a system failure.

The vulnerability of the dmubdcn35getcurrenttime function in the Direct Rendering Infrastructure DRI driver for AMD kernel-based Linux operating systems is related to the reutilization of previously freed memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.1AI score0.0018EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/16 12:0 a.m.8 views

The vulnerability of the xe_drm_client_add_bo() function in the DRI driver of the Linux operating system allows a attacker to cause a service failure.

The vulnerability of the xedrmclientaddbo function in the DRI driver of the Linux operating system’s kernel is related to insufficient resource locking. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.4AI score0.00139EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/16 12:0 a.m.6 views

The vulnerability of the show_meminfo() function in the Linux kernel’s Direct Rendering Infrastructure (DRI) support driver allows a malicious actor to cause a service failure.

The vulnerability of the showmeminfo function in the Linux kernel’s Direct Rendering Infrastructure DRI support driver is related to insufficient resource locking. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.4AI score0.00139EPSS
Exploits0References6Affected Software1
Fedora
Fedora
added 2025/04/15 6:37 p.m.10 views

[SECURITY] Fedora 41 Update: php-tcpdf-6.9.1-1.fc41

PHP class for generating PDF documents. no external libraries are required for the basic functions; all standard page formats, custom page formats, custom margins and units of measure; UTF-8 Unicode and Right-To-Left languages; TrueTypeUnicode, OpenTypeUnicode, TrueType, OpenType, Type1 and CID-0...

7.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/04/15 12:0 a.m.7 views

The vulnerability of the WPE WebKit and WebKitGTK web page rendering modules, related to data type conversion errors, allows attackers to influence the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the WPE WebKit and WebKitGTK page rendering modules is related to data type conversion errors. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

10CVSS7.3AI score0.01056EPSS
Exploits0References11Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/04/15 12:0 a.m.8 views

The vulnerability of the WPE WebKit and WebKitGTK page rendering modules, related to the occurrence of operations outside the buffer in memory, allows attackers to cause service failures.

The vulnerability of the WPE WebKit and WebKitGTK page rendering modules is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.8CVSS7.3AI score0.00954EPSS
Exploits0References11Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/04/15 12:0 a.m.9 views

The vulnerability of the WPE WebKit and WebKitGTK page rendering modules, related to resource release errors, allows attackers to trigger a service failure.

The vulnerability of the WPE WebKit and WebKitGTK page rendering modules is related to errors during resource release. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.8CVSS7.2AI score0.01564EPSS
Exploits0References11Affected Software7
NVD
NVD
added 2025/04/14 4:15 p.m.20 views

CVE-2025-22373

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in SicommNet BASEC on SaaS allows Reflected XSS, XSS Through HTTP Query Strings, Rendering of Arbitrary HTML and alternation of CSS Styles This issue affects BASEC: from 14 Dec 2021...

8.7CVSS0.00392EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/04/14 12:0 a.m.8 views

Vulnerability of the meson_probe_remote() function in the drivers/gpu/drm/meson/meson_drv.c module – This driver provides support for the Direct Rendering Infrastructure (DRI) of the Linux operating system, allowing an attacker to cause a service failure.

Vulnerability of the mesonproberemote function in the drivers/gpu/drm/meson/mesondrv.c module – The driver for supporting Direct Rendering Infrastructure DRI in Linux kernels is vulnerable due to a NULL pointer dereferencing issue. Exploiting this vulnerability could allow an attacker to cause a...

5.5CVSS6.4AI score0.00226EPSS
Exploits0References18Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/04/14 12:0 a.m.5 views

Vulnerability of the radeon_fp_native_mode() function in the drivers/gpu/drm/radeon/radeon_connectors.c file – This driver provides support for Direct Rendering Infrastructure (DRI) in Linux graphics cards from the Radion series. This vulnerability allows attackers to cause system failures.

Vulnerability of the radeonfpnativemode function in the drivers/gpu/drm/radeon/radeonconnectors.c file – The driver that supports Direct Rendering Infrastructure DRI for Linux graphics cards related to the Radion GPU is vulnerable due to a NULL pointer dereferencing issue. Exploiting this...

5.5CVSS5.7AI score0.00259EPSS
Exploits0References24Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/04/14 12:0 a.m.7 views

Vulnerability of the set_wm_ranges() function in the drivers/gpu/drm/amd/display/dc/dcn301/dcn301_resource.c file – This function is part of the driver support for Direct Rendering Infrastructure (DRI) of AMD graphics cards in Linux operating systems. It can be exploited by attackers to cause service failures.

Vulnerability of the setwmranges function in the drivers/gpu/drm/amd/display/dc/dcn301/dcn301resource.c file – The drivers for AMD graphics cards that support Direct Rendering Infrastructure DRI in Linux operating systems are vulnerable due to improper control of resource identifiers “resource...

5.5CVSS5.6AI score0.00182EPSS
Exploits0References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/04/14 12:0 a.m.6 views

The vulnerability of DRM/Vboxvideo components in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the DRM/Vboxvideo components in the Linux operating system is related to an operation that goes beyond the buffer boundaries in memory, within the function hgsmiupdatepointershape. Exploiting this vulnerability can allow a hacker to cause a service failure...

5.5CVSS6.9AI score0.00252EPSS
Exploits0References15Affected Software9
Rows per page
Query Builder