SUSE SLED15 / SLES15 Security Update : freerdp (SUSE-SU-2026:1633-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1633-1 advisory. - CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. -...

Linux Distros Unpatched Vulnerability : CVE-2026-27950

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix for the heap-use-after-free described in CVE-2026-24680 is...

CVE-2026-27950

creationtimestamp| type| source ---|---|--- 2026-02-28 11:01:17+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfw34xbiee2s...

CVE-2026-27950

A flaw was found in FreeRDP. An incomplete fix for a heap-use-after-free vulnerability CVE-2026-24680 in the SDL2 implementation allows a remote attacker to trigger a denial of service. The pointer is not nulled after being freed, which can lead to memory corruption. This issue means that...

CVE-2026-27950

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix for the heap-use-after-free described in CVE-2026-24680 is incomplete. While the vulnerable execution flow referenced in the advisory exists in the SDL2 implementation, the fix appears to have been...

CVE-2026-27950

CVE-2026-27950 affects FreeRDP prior to 3.23.0, where the heap-use-after-free described in the advisory is incompletely fixed in the SDL2 path (SDL3 path fix present). The SDL2 code path does not nulled the pointer after free, leaving a vulnerable execution flow in some builds/environments. A com...

CVE-2026-27950

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix for the heap-use-after-free described in CVE-2026-24680 is incomplete. While the vulnerable execution flow referenced in the advisory exists in the SDL2 implementation, the fix appears to have been...

Linux Distros Unpatched Vulnerability : CVE-2022-27950

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In drivers/hid/hid-elo.c in the Linux kernel before 5.16.11, a memory leak exists for a certain hidparse error condition. CVE-2022-27950 Note that Nessus relies...

TencentOS Server 4: kernel (TSSA-2025:0048)

"The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0048 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilitie...

CVE-2024-27950

Missing Authorization vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through = 7.2.0...

CVE-2020-27950

A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS...

CVE-2024-27950

creationtimestamp| type| source ---|---|--- 2024-03-01 09:26:18+00:00| seen| https://t.me/ctinow/197415 2024-03-01 09:31:38+00:00| seen| https://t.me/ctinow/197425 2025-02-19 21:02:47+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3likodsi62w2b...

CVE-2024-27950

Missing Authorization vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through = 7.2.0...

CVE-2024-27950

The CVE-2024-27950 issue applies to the Sirv WordPress Plugin (Image Optimizer/Resizer/CDN) with versions through 7.2.0. Root cause is Missing Authorization (Broken Access Control) in the plugin. Impact and exploit details are not elaborated in the provided documents. Remediation: upgrade to vers...

WordPress Sirv Plugin <= 7.2.0 is vulnerable to Broken Access Control

Software Sirv Type Plugin Vulnerable versions = 7.2.0 Fixed in 7.2.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-27950 Patch priority Low CVSS severity Low 5.4 Developer Sirv PSID 622e8386dd23 Credits CatFather Required privilege Subscriber Published 1...

CVE-2023-27950

creationtimestamp| type| source ---|---|--- 2023-09-06 07:33:40+00:00| seen| https://t.me/cibsecurity/69954...

CVE-2023-27950

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory...

CVE-2023-27950

CVE-2023-27950 describes an out-of-bounds read in macOS Ventura components related to image processing. The connected documents indicate affected areas include ImageIO and Model I/O, where improper input validation on image data could disclose process memory. The issue is mitigated by Apple’s mac...

CBL Mariner 2.0 Security Update: kernel (CVE-2022-27950)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-27950 advisory. - In drivers/hid/hid-elo.c in the Linux kernel before 5.16.11, a memory leak exists for a certain hidparse err...

Moderate: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...