18 matches found
Ubuntu: Security Advisory (USN-8105-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2026:0762-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CLSA-2026-1771011128 freerdp: Fix of 2 CVEs
CVE-2026-22857: fix heap use-after-free in irpthreadfunc when serialprocessirp fails - CVE-2026-23530: fix heap buffer overflow in planar bitmap decompression due to missing nSrcWidth/nSrcHeight validation...
Fedora: Security Advisory (FEDORA-2026-a193f1698f)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
freerdp-3.20.2-1.1 on GA media (moderate)
freerdp-3.20.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10059-1 Rating: moderate Cross-References: CVE-2026-22851 CVE-2026-22852 CVE-2026-22853 CVE-2026-22854 CVE-2026-22855 CVE-2026-22856 CVE-2026-22857 CVE-2026-22858 CVE-2026-22859 CVSS scores: CVE-2026-22851 SUSE : 5.9...
CVE-2026-22857
creationtimestamp| type| source ---|---|--- 2026-01-14 18:38:51+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115894906438860835 2026-01-14 19:49:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcftnqq4i42q...
CVE-2024-22857
Heap based buffer flow in zlog v1.1.0 to v1.2.17 in zlogrulenew.The size of recordname is MAXLENPATH1024 + 1 but filepath may have data upto MAXLENCFGLINEMAXLENPATH4 + 1. So a check was missing in zlogrulenew while copying the recordname from filepath + 1 which caused the buffer overflow. An...
OESA-2024-2318 zlog security update
zlog is a reliable, high-performance, thread safe, flexible, clear-model, pure C logging library. Security Fixes: Heap based buffer flow in zlog v1.1.0 to v1.2.17 in zlogrulenew.The size of recordname is MAXLENPATH1024 + 1 but filepath may have data upto MAXLENCFGLINEMAXLENPATH4 + 1. So a check w...
OESA-2024-2213 zlog security update
zlog is a reliable, high-performance, thread safe, flexible, clear-model, pure C logging library. Security Fixes: Heap based buffer flow in zlog v1.1.0 to v1.2.17 in zlogrulenew.The size of recordname is MAXLENPATH1024 + 1 but filepath may have data upto MAXLENCFGLINEMAXLENPATH4 + 1. So a check w...
CVE-2024-22857
creationtimestamp| type| source ---|---|--- 2024-03-07 02:26:59+00:00| seen| https://t.me/ctinow/202000 2024-03-13 15:53:39+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/10140 2024-03-15 01:31:50+00:00| seen| https://t.me/ctinow/208329...
CVE-2024-22857
CVE-2024-22857 (zlog) : Heap-based buffer overflow in zlog_rule_new() affects zlog v1.1.0–v1.2.17. The bug arises from copying record_name from file_path+1 without verifying size against MAXLEN_PATH, allowing overflow of record_func pointer (zlog_record_fn) and potentially enabling arbitrary or r...
CVE-2023-22857
creationtimestamp| type| source ---|---|--- 2023-03-06 12:17:44+00:00| seen| https://t.me/cibsecurity/59467...
CVE-2023-22857
BlogEngine.NET 3.3.8.0 is affected by a stored XSS vulnerability (CVE-2023-22857). An attacker can inject arbitrary JavaScript into a blog post, executing in the visitor’s browser. The provided documents do not include exploitation details or a remediation (patch/version) recommendation.
CVE-2023-22857 Stored cross-site scripting in BlogEngine.NET version 3.3.8.0
A stored Cross-site Scripting XSS vulnerability in BlogEngine.NET 3.3.8.0, allows injection of arbitrary JavaScript in the security context of a blog visitor through an injection of a malicious payload into a blog post...
CVE-2023-22857 Stored cross-site scripting in BlogEngine.NET version 3.3.8.0
A stored Cross-site Scripting XSS vulnerability in BlogEngine.NET 3.3.8.0, allows injection of arbitrary JavaScript in the security context of a blog visitor through an injection of a malicious payload into a blog post...
CVE-2021-22857
CVE-2021-22857 describes a Directory Traversal vulnerability in the CGE page download function, allowing attackers to download arbitrary system files. Connected records identify the affected software as ChanGate Enterprise Co., Ltd property management system (per CVE-List). CVSS v3.1 impact: High...
NetMail WebAdmin username buffer overflow
Added: 03/16/2007 CVE: CVE-2007-1350 BID: 22857 OSVDB: 33886 Background Novell NetMail WebAdmin is a web-based administration interface which runs an HTTP server on port 89/TCP. Problem A buffer overflow vulnerability in Novell NetMail WebAdmin allows remote attackers to execute arbitrary command...
NetMail WebAdmin username buffer overflow
Added: 03/16/2007 CVE: CVE-2007-1350 BID: 22857 OSVDB: 33886 Background Novell NetMail WebAdmin is a web-based administration interface which runs an HTTP server on port 89/TCP. Problem A buffer overflow vulnerability in Novell NetMail WebAdmin allows remote attackers to execute arbitrary command...