Lucene search
K

206205 matches found

EUVD
EUVD
added 2026/04/01 6:36 p.m.9 views

EUVD-2026-17953

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with admin-level privileges to execute arbitrary code as the root user. This vulnerability is due to improper validation of user-supplied input to the web-based management interface. A...

6.5CVSS6.2AI score0.00549EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/01 4:28 p.m.6 views

Important: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.8CVSS6.5AI score0.00591EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2026/04/01 4:28 p.m.4 views

freerdp: FreeRDP: Arbitrary code execution via heap buffer overflow in GDI surface pipeline

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap buffer overflow vulnerability by sending a specially crafted graphics command to a FreeRDP client. This allows the server to write data outside of its intended memory...

8.8CVSS6.6AI score0.00537EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/01 4:28 p.m.8 views

freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap out-of-bounds write vulnerability in the planardecompressplanerle function. This vulnerability allows the server to write past the end of a temporary buffer, potentiall...

8.8CVSS6.4AI score0.00591EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/01 4:24 p.m.7 views

freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap out-of-bounds write vulnerability in the planardecompressplanerle function. This vulnerability allows the server to write past the end of a temporary buffer, potentiall...

8.8CVSS6.4AI score0.00591EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/01 4:24 p.m.5 views

freerdp: FreeRDP: Arbitrary code execution via heap buffer overflow in GDI surface pipeline

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap buffer overflow vulnerability by sending a specially crafted graphics command to a FreeRDP client. This allows the server to write data outside of its intended memory...

8.8CVSS6.6AI score0.00537EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/01 3:1 p.m.4 views

freerdp: FreeRDP: Arbitrary code execution via heap buffer overflow in GDI surface pipeline

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap buffer overflow vulnerability by sending a specially crafted graphics command to a FreeRDP client. This allows the server to write data outside of its intended memory...

8.8CVSS6.6AI score0.00537EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/01 3:1 p.m.11 views

freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap out-of-bounds write vulnerability in the planardecompressplanerle function. This vulnerability allows the server to write past the end of a temporary buffer, potentiall...

8.8CVSS6.4AI score0.00591EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/01 2:55 p.m.8 views

freerdp: FreeRDP: Arbitrary code execution via heap buffer overflow in GDI surface pipeline

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap buffer overflow vulnerability by sending a specially crafted graphics command to a FreeRDP client. This allows the server to write data outside of its intended memory...

8.8CVSS6.6AI score0.00537EPSS
Exploits1References6
OSV
OSV
added 2026/04/01 1:40 p.m.4 views

SUSE-SU-2026:1165-1 Security update for freerdp

This update for freerdp fixes the following issues: - CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing bsc1258979. - CVE-2026-26955: Out-of-bounds Write in freerdp bsc1258982. - CVE-2026-26965: Out-of-bounds Write in freerdp bsc1258985. - CVE-2026-31806: improper validation of server...

9.8CVSS6.5AI score0.00656EPSS
Exploits5References13
OSV
OSV
added 2026/04/01 1:40 p.m.7 views

SUSE-SU-2026:1164-1 Security update for freerdp2

This update for freerdp2 fixes the following issues: - CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing bsc1258979. - CVE-2026-26955: Out-of-bounds Write in freerdp bsc1258982. - CVE-2026-26965: Out-of-bounds Write in freerdp bsc1258985. - CVE-2026-31806: improper validation of server...

9.8CVSS6.5AI score0.00656EPSS
Exploits5References13
SUSE Linux
SUSE Linux
added 2026/04/01 1:40 p.m.4 views

Security update for freerdp2

This update for freerdp2 fixes the following issues: CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing bsc1258979. CVE-2026-26955: Out-of-bounds Write in freerdp bsc1258982. CVE-2026-26965: Out-of-bounds Write in freerdp bsc1258985. CVE-2026-31806: improper validation of server messages...

8.8CVSS6.6AI score0.00656EPSS
Exploits5References24
RedhatCVE
RedhatCVE
added 2026/04/01 1:36 p.m.4 views

CVE-2026-23410

A flaw was found in the Linux kernel's AppArmor security module. This vulnerability, a race condition, allows a local attacker to trigger a use-after-free error by simultaneously opening rawdata files and removing an associated AppArmor profile. This can lead to the system accessing freed memory,...

6AI score0.00141EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/01 9:8 a.m.4 views

freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. The gdisurfacebits function, which processes SURFACEBITSCOMMAND messages, does not properly validate image dimensions bmp.width and bmp.height provided by a malicious RDP server. This can lead to a heap buffer...

9.8CVSS6.2AI score0.00656EPSS
Exploits1References6
Snyk
Snyk
added 2026/04/01 6:31 a.m.1 views

Arbitrary Code Execution

Overview fonttools is a Tools to manipulate font files Affected versions of this package are vulnerable to Arbitrary Code Execution due to the parseBlendList function's usage of built-in Python's eval function when parsing TTX font data. An attacker can execute arbitrary scripts by supplying a...

8.3CVSS6.2AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/01 5:0 a.m.4 views

CVE-2026-30285

An arbitrary file overwrite vulnerability in Zora: Post, Trade, Earn Crypto v2.60.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...

9.8CVSS6.4AI score0.00617EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/01 5:0 a.m.4 views

CVE-2025-32957

baserCMS is a website development framework. Prior to version 5.2.3, the application's restore function allows users to upload a .zip file, which is then automatically extracted. A PHP file inside the archive is included using requireonce without validating or restricting the filename. An attacke...

8.7CVSS6.3AI score0.00577EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/01 5:0 a.m.5 views

CVE-2026-34060

Ruby LSP is an implementation of the language server protocol for Ruby. Prior to Shopify.ruby-lsp version 0.10.2 and ruby-lsp version 0.26.9, the rubyLsp.branch VS Code workspace setting was interpolated without sanitization into a generated Gemfile, allowing arbitrary Ruby code execution when a...

9.8CVSS6.3AI score0.00479EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/01 4:41 a.m.2 views

CVE-2026-5284

Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

6.2AI score0.0028EPSS
Exploits0References2
NVD
NVD
added 2026/04/01 2:16 a.m.6 views

CVE-2026-3779

The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents to trigger a use-after-free when the calculation runs and can potentially lead to arbitrary code execution...

7.8CVSS0.00309EPSS
Exploits1References2
Rows per page
Query Builder