CVE-2025-13397

A security vulnerability has been detected in mrubyc up to 3.4. This impacts the function mrbcrawrealloc of the file src/alloc.c. Such manipulation of the argument ptr leads to null pointer dereference. An attack has to be approached locally. The name of the patch is...

CVE-2024-13397

creationtimestamp| type| source ---|---|--- 2025-01-31 02:30:29+00:00| seen| https://infosec.exchange/users/cve/statuses/113920614665135760 2025-01-31 03:15:25+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgyzu4jrie27 2025-01-31 04:12:59+00:00|...

CVE-2024-13397 WPRadio – WordPress Radio Streaming Plugin <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

The WPRadio – WordPress Radio Streaming Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpradioplayer' shortcode in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This make...

[SECURITY] [DLA 3606-1] freerdp2 security update

Debian LTS Advisory DLA-3606-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost October 07, 2023 https://wiki.debian.org/LTS Package : freerdp2 Version : 2.3.0+dfsg1-2+deb10u3 CVE ID : CVE-2020-4030 CVE-2020-4031 CVE-2020-4032 CVE-2020-4033 CVE-2020-11017 CVE-2020-110...

FreeRDP < 2.1.1 Multiple Vulnerabilities

FreeRDP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:freerdpproject:freerdp";...

NewStart CGSL MAIN 6.02 : freerdp Multiple Vulnerabilities (NS-SA-2021-0083)

The remote NewStart CGSL host, running version MAIN 6.02, has freerdp packages installed that are affected by multiple vulnerabilities: - In FreeRDP greater than 1.2 and before 2.0.0, a double free in updatereadcachebitmapv3order crashes the client application if corrupted data from a manipulated...

Oracle Linux 8 : freerdp / and / vinagre (ELSA-2020-4647)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4647 advisory. freerdp 2:2.1.1-1 - Update to 2.1.1 rhbz1834287. 2:2.0.0-47.rc4 - Fix SCARDINSUFFICIENTBUFFER error rhbz1803054 - Do not advertise /usb in help output...

Huawei EulerOS: Security Advisory for freerdp (EulerOS-SA-2020-2343)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ALSA-2020:4647 Moderate: freerdp and vinagre security, bug fix, and enhancement update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. The vinagre packages provide the Vinagre remote desktop viewer for the GNOME desktop. Th...

Scientific Linux Security Update : freerdp on SL7.x x86_64 (20201001)

Security Fixes : - freerdp: Out of bound read in cliprdrserverreceivecapabilities CVE-2020-11018 - freerdp: Out of bound read/write in usb redirection channel CVE-2020-11039 - freerdp: out-of-bounds read in updatereadiconinfo function CVE-2020-11042 - freerdp: out-of-bounds read in...

freerdp, libwinpr security update

CentOS Errata and Security Advisory CESA-2020:4031 An update for freerdp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

[SECURITY] [DLA 2356-1] freerdp security update

Debian LTS Advisory DLA-2356-1 [email protected] https://www.debian.org/lts/security/ Mike Gabriel August 30, 2020 https://wiki.debian.org/LTS Package : freerdp Version : 1.1.0git20140921.1.440916e+dfsg1-13+deb9u4 CVE ID : CVE-2014-0791 CVE-2020-11042 CVE-2020-11045 CVE-2020-11046...

CVE-2020-13397

creationtimestamp| type| source ---|---|--- 2020-05-27 07:55:27+00:00| seen| https://t.me/cibsecurity/12295...

[ASA-202005-16] freerdp: information disclosure

Arch Linux Security Advisory ASA-202005-16 ========================================== Severity: High Date : 2020-05-23 CVE-ID : CVE-2020-13396 CVE-2020-13397 CVE-2020-13398 Package : freerdp Type : information disclosure Remote : No Link : https://security.archlinux.org/AVG-1172 Summary ======= T...

CVE-2020-13397

CVE-2020-13397 affects FreeRDP prior to 2.1.1, with an out-of-bounds read vulnerability in security_fips_decrypt in libfreerdp/core/security.c caused by an uninitialized value. Impact is a local OOB read; mitigations documented via upstream fixes upgrading to 2.1.1. Connected advisories (Debian/A...

CVE-2019-13397

Unauthenticated Stored XSS in osTicket 1.10.1 allows a remote attacker to gain admin privileges by injecting arbitrary web script or HTML via arbitrary file extension while creating a support ticket...

CVE-2019-13397

The CVE-2019-13397 issue affects osTicket 1.10.1 and is an Unauthenticated Stored XSS vulnerability that lets an attacker gain admin privileges by injecting script/HTML via an arbitrary file extension during ticket creation. The vulnerability is documented across multiple sources (NVD/Red Hat/OSV...

Sierra Wireless AirLink ES450 Information Disclosure Vulnerability (CNVD-2019-13397)

The Sierra Wireless AirLink ES450 is a cellular network modem device from Sierra Wireless Canada. An information disclosure vulnerability exists in the ACEManager templateload.cgi function in the Sierra Wireless AirLink ES450 using firmware version 4.9.3. The vulnerability stems from an error in...

CVE-2018-13397

Sourcetree for Windows (versions 0.5.1.0 up to, but not including, 3.0.0) is vulnerable to an argument injection flaw in Git subrepositories within Mercurial repositories. An attacker with commit access to a linked Mercurial repo can exploit this to gain code execution on the host. Affected macOS...

Sourcetree Git Arbitrary Code Execution Vulnerability

An attacker can exploit the embedded version of Git used in Sourcetree if they can commit to a Git repository linked in Sourcetree. This allows them to execute arbitrary code on systems running a vulnerable version of Sourcetree for macOS. Versions of Sourcetree for macOS starting with version...