Lucene search
+L

16 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.17 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol. Clients and servers that use versions of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read vulnerabilities. Versions 3.5.0 and 2.11.6 address this issue. There are no known workarounds available...

9.8CVSS8AI score0.0375EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/26 3:2 p.m.8 views

CVE-2026-32621

Apollo Federation is an architecture for declaratively composing APIs into a unified graph. Prior to 2.9.6, 2.10.5, 2.11.6, 2.12.3, and 2.13.2, a vulnerability exists in query plan execution within the gateway that may allow pollution of Object.prototype in certain scenarios. A malicious client m...

9.9CVSS5.9AI score0.00512EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/13 8:29 p.m.10 views

CVE-2026-32621 Apollo Federation has prototype pollution via incomplete key sanitization

Apollo Federation is an architecture for declaratively composing APIs into a unified graph. Prior to 2.9.6, 2.10.5, 2.11.6, 2.12.3, and 2.13.2, a vulnerability exists in query plan execution within the gateway that may allow pollution of Object.prototype in certain scenarios. A malicious client m...

9.9CVSS5.9AI score0.00512EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-30278

Malicious code in bioql PyPI...

9.8CVSS8.8AI score0.01922EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.8 views

Welcart e-Commerce 代码问题漏洞

Welcart e-Commerce is a free e-commerce plugin for WordPress from Welcart Japan. A code issue vulnerability exists in Welcart e-Commerce version 2.11.6 and earlier, which stems from untrustworthy data deserialization and could lead to the execution of arbitrary code by a remote, unauthenticated...

8.8CVSS6.9AI score0.0043EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/11/12 9:36 a.m.8 views

freerdp: out-of-bounds read in ncrush_decompress

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients and servers that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. No known workarounds are available...

9.8CVSS5.8AI score0.0375EPSS
Exploits0References5
OSV
OSV
added 2024/07/24 7:16 a.m.22 views

BIT-ARGO-CD-2024-40634 Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. This report details a security vulnerability in Argo CD, where an unauthenticated attacker can send a specially crafted large JSON payload to the /api/webhook endpoint, causing excessive memory allocation that leads to...

7.5CVSS7.3AI score0.01392EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2024/07/22 5:22 p.m.39 views

CVE-2024-40634 Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. This report details a security vulnerability in Argo CD, where an unauthenticated attacker can send a specially crafted large JSON payload to the /api/webhook endpoint, causing excessive memory allocation that leads to...

7.5CVSS6.9AI score0.01392EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2024/04/23 9:5 p.m.19 views

CVE-2024-32458

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use /gfx or /rfx modes on by default, require server side...

9.8CVSS9.5AI score0.01958EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/04/22 9:49 p.m.23 views

CVE-2024-32460 FreeRDP Out-Of-Bounds Read in interleaved_decompress

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based based clients using /bpp:32 legacy GDI drawing path with a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use modern drawin...

8.1CVSS9.1AI score0.01922EPSS
Exploits0References8
NVD
NVD
added 2024/04/22 9:15 p.m.9 views

CVE-2024-32041

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate /gfx on by default, set /bpp or /rfx options...

9.8CVSS9.5AI score0.0195EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2024/04/22 8:23 p.m.13 views

CVE-2024-32039 FreeRDP Integer overflow & OutOfBound Write in clear_decompress_residual_data

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use /gfx options e.g. deactivat...

9.8CVSS9.7AI score0.02275EPSS
Exploits0References8
Patchstack
Patchstack
added 2024/02/26 12:0 a.m.12 views

WordPress Duitku Payment Gateway Plugin <= 2.11.6 is vulnerable to Broken Access Control

Software Duitku Payment Gateway Type Plugin Vulnerable versions = 2.11.6 Fixed in 2.11.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-0631 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 48de9cbc8e6d Credits Francesco Carlucci...

5.3CVSS6.5AI score0.0063EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/04/18 6:15 p.m.5 views

CVE-2022-0706

The Easy Digital Downloads WordPress plugin before 2.11.6 does not sanitise and escape the Downloadable File Name in the Logs, which could allow high privilege users to perform Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed...

4.8CVSS5.8AI score0.0065EPSS
Exploits2References2
0day.today
0day.today
added 2019/05/23 12:0 a.m.82 views

TapinRadio 2.11.6 - (Address) Denial of Service Exploit

Exploit Title: TapinRadio 2.11.6 - 'Address' Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: http://www.raimersoft.com/ Software Link: www.raimersoft.com/downloads/tapinradiosetupx64.exe Tested Version: 2.11.6 Tested on: Windows 7 Service Pack 1 x64 Steps to produce the cras...

0.3AI score
Exploits0
OpenVAS
OpenVAS
added 2010/01/20 12:0 a.m.27 views

Zope XSS Vulnerability (Jan 2010)

Zope is prone to a cross-site scripting XSS vulnerability because the application fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

4.3CVSS5.9AI score0.0195EPSS
Exploits0References2
Rows per page
Query Builder