RHEL 10 : freerdp (RHSA-2026:19142)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19142 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to...

Security update for freerdp (important)

openSUSE security update: security update for freerdp ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20657-1 Rating: important References: bsc1258919 bsc1258920 bsc1258921 bsc1258923 bsc1258924 bsc1258973 bsc1258976 bsc1258977 bsc1258979 bsc1258982...

Fedora: Security Advisory (FEDORA-2026-f6fe509803)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeRDP < 3.24.2 Multiple Vulnerabilities

FreeRDP is prone to multiple vulnerabilities. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2026-33982

creationtimestamp| type| source ---|---|--- 2026-03-30 23:20:23+00:00| published-proof-of-concept| Telegram/dTdXmSClQuUutduSI7B7lq8U0lWyZCa4SY-4SfXv6kqarNA 2026-03-31 00:15:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3micvjdkqij2i 2026-04-04 11:40:09+00:00| seen|...

DEBIAN-CVE-2026-33982

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, there is a heap-buffer-overflow READ vulnerability at 24 bytes before the allocation, in winpralignedoffsetrecalloc. This issue has been patched in version 3.24.2...

CVE-2026-33982

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, there is a heap-buffer-overflow READ vulnerability at 24 bytes before the allocation, in winpralignedoffsetrecalloc. This issue has been patched in version 3.24.2...

CVE-2026-33982

CVE-2026-33982 is listed by Debian as “Persistent Cache Allocator Mismatch - Heap OOB Read.” The connected document confirms a heap out-of-bounds read caused by a mismatch in the persistent cache allocator. No further details (affected versions, exploitability, or fixes) are provided in the suppl...

CVE-2023-33982

Bramble Handshake Protocol BHP in Briar before 1.5.3 is not forward secure: eavesdroppers can decrypt network traffic between two accounts if they later compromise both accounts. NOTE: the eavesdropping is typically impractical because BHP runs over an encrypted session that uses the Tor hidden...

CVE-2024-33982

Cross-Site Scripting XSS vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'StudentID' parameter in...

CVE-2024-33982 Cross-Site Scripting (XSS) vulnerability in Janobe products

Cross-Site Scripting XSS vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'StudentID' parameter in...

CVE-2024-33982

The CVE-2024-33982 entry corresponds to an XSS flaw in School Attendance Monitoring System v1.0 and School Event Management System v1.0. The vulnerability arises from unsafely handling the StudentID parameter in /AttendanceMonitoring/student/controller.php, enabling an attacker to craft a URL to ...

CVE-2024-33982 Cross-Site Scripting (XSS) vulnerability in Janobe products

Cross-Site Scripting XSS vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'StudentID' parameter in...

CVE-2023-33982

creationtimestamp| type| source ---|---|--- 2023-05-24 22:27:19+00:00| seen| https://t.me/cibsecurity/64714 2025-01-16 15:55:58+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1958...

CVE-2023-33982

Bramble Handshake Protocol BHP in Briar before 1.5.3 is not forward secure: eavesdroppers can decrypt network traffic between two accounts if they later compromise both accounts. NOTE: the eavesdropping is typically impractical because BHP runs over an encrypted session that uses the Tor hidden...

CVE-2023-33982

Bramble Handshake Protocol BHP in Briar before 1.5.3 is not forward secure: eavesdroppers can decrypt network traffic between two accounts if they later compromise both accounts. NOTE: the eavesdropping is typically impractical because BHP runs over an encrypted session that uses the Tor hidden...

CVE-2023-33982

Bramble Handshake Protocol BHP in Briar before 1.5.3 is not forward secure: eavesdroppers can decrypt network traffic between two accounts if they later compromise both accounts. NOTE: the eavesdropping is typically impractical because BHP runs over an encrypted session that uses the Tor hidden...

CVE-2023-33982

Summary (CVE-2023-33982): Briar’s Bramble Handshake Protocol (BHP) in Briar versions prior to 1.5.3 is not forward secure. If an attacker later compromises both accounts, they can decrypt traffic between them. The vulnerability is tied to the BHP and is considered impractical to exploit in normal...

CVE-2022-33982

DMA attacks on the parameter buffer used by the Int15ServiceSmm software SMI handler could lead to a TOCTOU attack on the SMI handler and lead to corruption of SMRAM. DMA attacks on the parameter buffer used by the software SMI handler used by the driver Int15ServiceSmm could lead to a TOCTOU...

CVE-2022-33982

CVE-2022-33982 concerns a DMA-based TOCTOU vulnerability in the Int15ServiceSmm software SMI handler. The parameter buffer accessed by the SMI handler is susceptible to DMA manipulation, allowing an attacker to alter values after they are checked but before use, potentially causing SMRAM corrupti...