Lucene search
K

6688 matches found

CNNVD
CNNVD
added 2024/09/04 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an insufficient critical zone in the drm/xe component preemptfence could lead to a deadlock...

5.5CVSS6.3AI score0.00142EPSS
Exploits0References4
OSV
OSV
added 2024/09/03 3:1 p.m.23 views

SUSE-SU-2024:3109-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.44.3 bsc1228696 bsc1228697 bsc1228698: - Fix web process cache suspend/resume when sandbox is enabled. - Fix accelerated images dissapearing after scrolling. - Fix video flickering with DMA-BUF sink. - Fix pointer lock on...

9.8CVSS7.4AI score0.01344EPSS
Exploits1References12
AlmaLinux
AlmaLinux
added 2024/09/03 12:0 a.m.32 views

Moderate: ghostscript security update

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: ghostscript: format string injection leads to shell command execution SAFER bypass...

6.3CVSS8.1AI score0.27992EPSS
Exploits6References8
Veracode
Veracode
added 2024/09/02 4:13 a.m.7 views

Cross Site Scripting(XSS)

Svelte is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper HTML escaping during server-side rendering, allowing an attacker to inject malicious content and execute unauthorized scripts in the victim's browser...

6.1CVSS6.1AI score0.00344EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2024/08/30 4:49 p.m.2 views

GHSA-8266-84WP-WV5C Svelte has a potential mXSS vulnerability due to improper HTML escaping

Summary A potential XSS vulnerability exists in Svelte for versions prior to 4.2.19. Details Svelte improperly escapes HTML on server-side rendering. It converts strings according to the following rules: - If the string is an attribute value: - " - " - & - & - Other characters - No conversion -...

5.4CVSS5.9AI score0.00344EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2024/08/30 4:49 p.m.22 views

Svelte has a potential mXSS vulnerability due to improper HTML escaping

Summary A potential XSS vulnerability exists in Svelte for versions prior to 4.2.19. Details Svelte improperly escapes HTML on server-side rendering. It converts strings according to the following rules: - If the string is an attribute value: - " - " - & - & - Other characters - No conversion -...

6.1CVSS6AI score0.00344EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/30 12:0 a.m.4 views

PT-2024-31398 · Svelte · Svelte

Name of the Vulnerable Software and Affected Versions: Svelte versions prior to 4.2.19 Description: A potential mXSS vulnerability exists in Svelte due to improper HTML escaping on server-side rendering. The issue arises when the final DOM tree rendered on browsers differs from what Svelte expect...

6.1CVSS6.1AI score0.00344EPSS
Exploits1References11
CNNVD
CNNVD
added 2024/08/30 12:0 a.m.7 views

Svelte 跨站脚本漏洞

Svelte is a new way to build web applications from Svelte Open Source. A cross-site scripting vulnerability exists in Svelte 4.2.19 and earlier versions that stems from improper HTML escaping during server-side rendering, which could lead to a variant cross-site scripting attack, especially when...

6.1CVSS5.6AI score0.00344EPSS
Exploits1References3
Fedora
Fedora
added 2024/08/27 5:8 p.m.26 views

[SECURITY] Fedora 40 Update: webkitgtk-2.44.3-2.fc40

WebKitGTK is the port of the WebKit web rendering engine to the GTK platform...

9.8CVSS9.6AI score0.01135EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/08/27 12:0 a.m.34 views

Fedora 40 : webkitgtk (2024-6b8845e3f0)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-6b8845e3f0 advisory. Fix web process cache suspend/resume when sandbox is enabled. Fix accelerated images disappearing after scrolling. Fix video flickering with DMA-BUF...

9.8CVSS6.4AI score0.01135EPSS
Exploits0References6
OSV
OSV
added 2024/08/26 11:15 a.m.3 views

AZL-48228 CVE-2024-43905 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix the null pointer dereference for vega10hwmgr Check return value and conduct null pointer handling to avoid null pointer dereference...

5.5CVSS6.1AI score0.00212EPSS
Exploits0References1
OSV
OSV
added 2024/08/26 11:15 a.m.2 views

UBUNTU-CVE-2024-43894

In the Linux kernel, the following vulnerability has been resolved: drm/client: fix null pointer dereference in drmclientmodesetprobe In drmclientmodesetprobe, the return value of drmmodeduplicate is assigned to modeset-mode, which will lead to a possible NULL pointer dereference on failure of...

5.5CVSS6.2AI score0.00228EPSS
Exploits0References26
Tenable Nessus
Tenable Nessus
added 2024/08/25 12:0 a.m.44 views

SUSE SLED12: libjavascriptcoregtk-4_0-18 / libjavascriptcoregtk-4_0-18-32bit / etc (SUSE-SU-2024:3005-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3005-1 advisory. Update to version 2.44.3 bsc1228696 bsc1228697 bsc1228698: - Fix web process cache suspend/resume when sandbox...

9.6CVSS6.6AI score0.01344EPSS
Exploits1References24
OSV
OSV
added 2024/08/23 11:28 a.m.24 views

SUSE-SU-2024:3005-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.44.3 bsc1228696 bsc1228697 bsc1228698: - Fix web process cache suspend/resume when sandbox is enabled. - Fix accelerated images dissapearing after scrolling. - Fix video flickering with DMA-BUF sink. - Fix pointer lock on...

9.6CVSS7.4AI score0.01344EPSS
Exploits1References16
Fedora
Fedora
added 2024/08/22 1:9 a.m.25 views

[SECURITY] Fedora 39 Update: webkitgtk-2.44.3-2.fc39

WebKitGTK is the port of the WebKit web rendering engine to the GTK platform...

9.8CVSS6.9AI score0.01135EPSS
Exploits0
OSV
OSV
added 2024/08/21 7:15 a.m.1 views

UBUNTU-CVE-2023-52912

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed bug on error when unloading amdgpu Fixed bug on error when unloading amdgpu. The error message is as follows: 377.706202 kernel BUG at drivers/gpu/drm/drmbuddy.c:278! 377.706215 invalid opcode: 0000 1 PREEMPT SM...

5.5CVSS5.9AI score0.00205EPSS
Exploits0References5
OSV
OSV
added 2024/08/21 7:15 a.m.2 views

UBUNTU-CVE-2022-48898

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: do not complete dpauxcmdfifotx if irq is not for aux transfer There are 3 possible interrupt sources are handled by DP controller, HPDstatus, Controller state changes and Aux read/write transaction. At every irq, DP...

4.7CVSS5.9AI score0.00181EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/08/21 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse of GEM handle creation in the drm/virtio component...

4.7CVSS6.3AI score0.00233EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/08/21 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an error in the drm/amdgpu component during uninstallation...

5.5CVSS6.5AI score0.00205EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/08/21 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an issue with the drm/i915/gt component when cleaning up some engine discovery failures...

5.5CVSS6.5AI score0.00241EPSS
Exploits0References5
Rows per page
Query Builder