CVE-2026-40567 FreeScout has HTML Injection in Outgoing Emails via Unsanitized Customer Name in Signature Variables

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can inject arbitrary HTML into outgoing emails generated by FreeScout by sending an email with a crafted From display name. The name is stored in the database without sanitization a...

Linux Distros Unpatched Vulnerability : CVE-2021-40567

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Segmentation fault vulnerability exists in Gpac through 1.0.1 via the gfodfsizedescriptor function in descprivate.c when using mp4box, which causes a denial of...

MAL-2025-40567 Malicious code in ynt45 (npm)

The package ynt45 was found to contain malicious code...

CVE-2025-40567

creationtimestamp| type| source ---|---|--- 2025-06-10 15:31:01+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17903 2025-06-10 17:08:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrbeznlba42a 2025-06-12 10:00:00+00:00| seen|...

CVE-2025-40567

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions V3.2, SCALANCE XCH328 6GK5328-4TS01-2EC2 All versions V3.2, SCALANCE XCM324 6GK5324-8TS01-2AC2 All versions V3.2, SCALANCE XCM328 6GK5328-4TS01-2AC2 All versions V3.2, SCALANCE XCM332 6GK5332-0GA01-2AC2 All...

CVE-2025-40567

CVE-2025-40567 affects Siemens RUGGEDCOM RST2428P and a range of SCALANCE devices (XC316-8, XC324-4, XC332, XC416-8, XC424-4, XC432, XCH328, XCM324/328/332, XR302-32, XR322-12, XR326-8, XR502-32, XR522-12, XR526-8, XRH334, XRM334) with all versions before V3.2. The root cause is an incorrect auth...

CVE-2025-40567

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions V3.2, SCALANCE XCH328 6GK5328-4TS01-2EC2 All versions V3.2, SCALANCE XCM324 6GK5324-8TS01-2AC2 All versions V3.2, SCALANCE XCM328 6GK5328-4TS01-2AC2 All versions V3.2, SCALANCE XCM332 6GK5332-0GA01-2AC2 All...

Oracle Linux 9 : freerdp (ELSA-2024-2208)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2208 advisory. 2:2.11.2-1 - Update to 2.11.2 RHEL-4290, RHEL-4292, RHEL-4296, RHEL-4298, RHEL-4300, RHEL-4302, RHEL-4304, RHEL-4306, RHEL-4308, RHEL-4310, RHEL-4312,...

Moderate: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Huawei EulerOS: Security Advisory for freerdp (EulerOS-SA-2024-1264)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for freerdp (SUSE-SU-2023:4893-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3606-1] freerdp2 security update

Debian LTS Advisory DLA-3606-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost October 07, 2023 https://wiki.debian.org/LTS Package : freerdp2 Version : 2.3.0+dfsg1-2+deb10u3 CVE ID : CVE-2020-4030 CVE-2020-4031 CVE-2020-4032 CVE-2020-4033 CVE-2020-11017 CVE-2020-110...

Fedora: Security Advisory for freerdp (FEDORA-2023-5e6796cb83)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2023-40567

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the cleardecompressbandsdata function in which there is no offset validation. Abuse of this vulnerability may lead to an out of bounds...

UBUNTU-CVE-2023-40567

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the cleardecompressbandsdata function in which there is no offset validation. Abuse of this vulnerability may lead to an out of bounds...

CVE-2023-40567

CVE-2023-40567 affects FreeRDP. It is an Out-Of-Bounds Write in the function clear_decompress_bands_data due to missing offset validation, potentially allowing memory write/crash. Addressed in versions 2.11.0 and 3.0.0-beta3; upgrade recommended. Connected sources (Astra Linux, AlmaLinux, Debian ...

CVE-2022-40567

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none...

CVE-2021-40567

creationtimestamp| type| source ---|---|--- 2022-01-13 20:18:21+00:00| seen| https://t.me/cibsecurity/35424...

CVE-2021-40567

Segmentation fault vulnerability exists in Gpac through 1.0.1 via the gfodfsizedescriptor function in descprivate.c when using mp4box, which causes a denial of service...

CVE-2021-40567

GPAC (up to version 1.0.1) contains a segmentation fault in gf_odf_size_descriptor (desc_private.c) when using mp4box, leading to denial of service. Affected CVE: CVE-2021-40567. Debian advisory DSA-5411-1 fixes with gpac 1.0.1+dfsg1-4+deb11u2; Gentoo GLSA 202408-21 advises upgrading to the lates...