91 matches found
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013034)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013034 advisory. In the Linux kernel, the following vulnerability has been resolved: fbdev: Add bounds checking in bitputcs to fix vmalloc-out-of-bounds Add bounds checking to preven...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011313)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011313 advisory. In the Linux kernel, the following vulnerability has been resolved: fbdev: Add bounds checking in bitputcs to fix vmalloc-out-of-bounds Add bounds checking to preven...
CVE-2026-28401
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, rich text cell content rendered via v-html without sanitization enables stored XSS. This issue has been patched in version 0.301.3...
CVE-2026-28401 NocoDB: Stored Cross-Site Scripting via Rich Text Cells
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, rich text cell content rendered via v-html without sanitization enables stored XSS. This issue has been patched in version 0.301.3...
Cisco TelePresence Collaboration Endpoint Software and RoomOS Software DoS (cisco-sa-tce-roomos-dos-9V9jrC2q)
According to its self-reported version, Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service is affected by a vulnerability. - A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint CE Software and Cisco RoomOS Software cou...
CVE-2026-20119
A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint CE Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation...
CVE-2026-20119
A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint CE Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation...
CVE-2026-20119 Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability
A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint CE Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation...
CVE-2026-20119 Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability
A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint CE Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation...
CVE-2026-20119
A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint CE Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation...
Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability
A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint CE Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation...
Cisco RoomOS Software和Cisco TelePresence Collaboration Endpoint Software 安全漏洞
Cisco RoomOS Software and Cisco TelePresence Collaboration Endpoint Software are both products of the American company Cisco. Cisco RoomOS Software is a set of automated management software for Cisco devices. This software is primarily used for upgrading and managing the motherboard firmware of...
PT-2026-6082
Name of the Vulnerable Software and Affected Versions Cisco TelePresence Collaboration Endpoint Software affected versions not specified Cisco RoomOS Software affected versions not specified Description A flaw exists in the text rendering subsystem that could allow a remote attacker to cause a...
CVE-2025-61657
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Vector. This vulnerability is associated with program files resources/skins.Vector.Js/stickyHeader.Js. This issue affects Vector: from before 1.43.4, 1.44.1...
CVE-2025-40304
CVE-2025-40304: Linux kernel fbdev rendering bounds check added for bit_putcs to prevent vmalloc-out-of-bounds writes when clipping framebuffer text at screen edges. The fix clips Y off-screen, adjusts image height, breaks on off-screen X, and updates the character count when clipping width to av...
CVE-2025-40304
In the Linux kernel, the following vulnerability has been resolved: fbdev: Add bounds checking in bitputcs to fix vmalloc-out-of-bounds Add bounds checking to prevent writes past framebuffer boundaries when rendering text near screen edges. Return early if the Y position is off-screen and clip...
CVE-2025-40304 fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds
In the Linux kernel, the following vulnerability has been resolved: fbdev: Add bounds checking in bitputcs to fix vmalloc-out-of-bounds Add bounds checking to prevent writes past framebuffer boundaries when rendering text near screen edges. Return early if the Y position is off-screen and clip...
Fedora 41 : webkitgtk (2025-04c193ecfe)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-04c193ecfe advisory. Update to WebKitGTK 2.50.1: Improve text rendering performance. Fix audio playback broken on instagram. Fix rendering of layers with fractional transforms. F...
EUVD-2025-37401
ELOG allows an authenticated user to upload arbitrary HTML files. The HTML content is executed in the context of other users when they open the file. Because ELOG includes usernames and password hashes in certain HTTP requests, an attacker can obtain the target's credentials and replay them or...
CVE-2025-62618
ELOG allows an authenticated user to upload arbitrary HTML files. The HTML content is executed in the context of other users when they open the file. Because ELOG includes usernames and password hashes in certain HTTP requests, an attacker can obtain the target's credentials and replay them or...