Important: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

RHEL 7 : freerdp (RHSA-2026:11323)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:11323 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to...

RHEL 9 : freerdp (RHSA-2026:6958)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6958 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to R...

Important: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

RLSA-2026:6340 Important: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: FreeRDP heap-use-after-free CVE-2026-22856 freerdp: FreeRDP...

freerdp security update

An update is available for freerdp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released...

Important: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

Important: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: FreeRDP heap-use-after-free CVE-2026-22856 freerdp: FreeRDP...

Important: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Amazon Linux 2023 : freerdp, freerdp-devel, freerdp-libs (ALAS2023-2026-1454)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1454 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP...

Fedora: Security Advisory (FEDORA-2026-fa67f40526)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-23948

creationtimestamp| type| source ---|---|--- 2026-02-10 16:28:36+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mejezoeeq22x...

CVE-2026-23948

A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0. Mitigation Mitigation for this issue is...

CVE-2026-23948

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0. This vulnerability...

CVE-2025-23948

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Webarea Background animation blocks background-animation-blocks allows PHP Local File Inclusion.This issue affects Background animation blocks: from n/a through = 2.1.5...

AlmaLinux 8 : grafana (ALSA-2025:23948)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23948 advisory. golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 Tenable has extracted the preceding description block directly from the...

CVE-2025-23948

creationtimestamp| type| source ---|---|--- 2025-01-22 15:21:45+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdoallqep2p 2025-01-22 15:49:24+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/113872795345361036 2025-01-22 15:49:51+00:00| seen|...

CVE-2025-23948

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Webarea Background animation blocks background-animation-blocks allows PHP Local File Inclusion.This issue affects Background animation blocks: from n/a through = 2.1.5...

CVE-2025-23948 WordPress Background animation blocks Plugin <= 2.1.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Webarea Background animation blocks background-animation-blocks allows PHP Local File Inclusion.This issue affects Background animation blocks: from n/a through = 2.1.5...

CVE-2025-23948

CVE-2025-23948 – Background animation blocks (WordPress plugin) is an active vulnerability caused by improper control of filenames in PHP include/require statements, enabling unauthenticated PHP Local File Inclusion. Affected component: Background animation blocks; affected versions: up to 2.1.5 ...