6688 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an insufficient critical zone in the drm/xe component preemptfence could lead to a deadlock...
SUSE-SU-2024:3109-1 Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.44.3 bsc1228696 bsc1228697 bsc1228698: - Fix web process cache suspend/resume when sandbox is enabled. - Fix accelerated images dissapearing after scrolling. - Fix video flickering with DMA-BUF sink. - Fix pointer lock on...
Moderate: ghostscript security update
The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: ghostscript: format string injection leads to shell command execution SAFER bypass...
Cross Site Scripting(XSS)
Svelte is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper HTML escaping during server-side rendering, allowing an attacker to inject malicious content and execute unauthorized scripts in the victim's browser...
GHSA-8266-84WP-WV5C Svelte has a potential mXSS vulnerability due to improper HTML escaping
Summary A potential XSS vulnerability exists in Svelte for versions prior to 4.2.19. Details Svelte improperly escapes HTML on server-side rendering. It converts strings according to the following rules: - If the string is an attribute value: - " - " - & - & - Other characters - No conversion -...
Svelte has a potential mXSS vulnerability due to improper HTML escaping
Summary A potential XSS vulnerability exists in Svelte for versions prior to 4.2.19. Details Svelte improperly escapes HTML on server-side rendering. It converts strings according to the following rules: - If the string is an attribute value: - " - " - & - & - Other characters - No conversion -...
PT-2024-31398 · Svelte · Svelte
Name of the Vulnerable Software and Affected Versions: Svelte versions prior to 4.2.19 Description: A potential mXSS vulnerability exists in Svelte due to improper HTML escaping on server-side rendering. The issue arises when the final DOM tree rendered on browsers differs from what Svelte expect...
Svelte 跨站脚本漏洞
Svelte is a new way to build web applications from Svelte Open Source. A cross-site scripting vulnerability exists in Svelte 4.2.19 and earlier versions that stems from improper HTML escaping during server-side rendering, which could lead to a variant cross-site scripting attack, especially when...
[SECURITY] Fedora 40 Update: webkitgtk-2.44.3-2.fc40
WebKitGTK is the port of the WebKit web rendering engine to the GTK platform...
Fedora 40 : webkitgtk (2024-6b8845e3f0)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-6b8845e3f0 advisory. Fix web process cache suspend/resume when sandbox is enabled. Fix accelerated images disappearing after scrolling. Fix video flickering with DMA-BUF...
AZL-48228 CVE-2024-43905 affecting package kernel for versions less than 5.15.167.1-1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix the null pointer dereference for vega10hwmgr Check return value and conduct null pointer handling to avoid null pointer dereference...
UBUNTU-CVE-2024-43894
In the Linux kernel, the following vulnerability has been resolved: drm/client: fix null pointer dereference in drmclientmodesetprobe In drmclientmodesetprobe, the return value of drmmodeduplicate is assigned to modeset-mode, which will lead to a possible NULL pointer dereference on failure of...
SUSE SLED12: libjavascriptcoregtk-4_0-18 / libjavascriptcoregtk-4_0-18-32bit / etc (SUSE-SU-2024:3005-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3005-1 advisory. Update to version 2.44.3 bsc1228696 bsc1228697 bsc1228698: - Fix web process cache suspend/resume when sandbox...
SUSE-SU-2024:3005-1 Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.44.3 bsc1228696 bsc1228697 bsc1228698: - Fix web process cache suspend/resume when sandbox is enabled. - Fix accelerated images dissapearing after scrolling. - Fix video flickering with DMA-BUF sink. - Fix pointer lock on...
[SECURITY] Fedora 39 Update: webkitgtk-2.44.3-2.fc39
WebKitGTK is the port of the WebKit web rendering engine to the GTK platform...
UBUNTU-CVE-2023-52912
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed bug on error when unloading amdgpu Fixed bug on error when unloading amdgpu. The error message is as follows: 377.706202 kernel BUG at drivers/gpu/drm/drmbuddy.c:278! 377.706215 invalid opcode: 0000 1 PREEMPT SM...
UBUNTU-CVE-2022-48898
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: do not complete dpauxcmdfifotx if irq is not for aux transfer There are 3 possible interrupt sources are handled by DP controller, HPDstatus, Controller state changes and Aux read/write transaction. At every irq, DP...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse of GEM handle creation in the drm/virtio component...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an error in the drm/amdgpu component during uninstallation...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an issue with the drm/i915/gt component when cleaning up some engine discovery failures...