2481 matches found
Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2019-25160)
The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-25160 advisory. - In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memo...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38100)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38100 advisory. - In the Linux kernel, the following vulnerability has been resolved: x86/iopl: Cure TIFIOBITMAP inconsistenci...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38218)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38218 advisory. - In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on...
kernel: Linux kernel: iommufd/iova_bitmap shift-out-of-bounds vulnerability
A flaw was found in the Linux kernel's iommufd/iovabitmap component. This vulnerability allows a local attacker with low privileges to cause a system crash or denial of service via a shift-out-of-bounds error...
CVE-2026-23876
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-13 and 6.9.13-38, a heap buffer overflow vulnerability in the XBM image decoder ReadXBMImage allows an attacker to write controlled data past the allocated heap buffer when...
SUSE CVE-2026-23884
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, offscreen bitmap deletion leaves gdi-drawing pointing to freed memory, causing UAF when related update packets arrive. A malicious server can trigger a client-side use after free, causing a crash DoS and...
ImageMagick input validation vulnerability
ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-13 and 6.9.13-38 contained a vulnerability related to input validation errors. This vulnerability...
CVE-2026-23884
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A malicious server can exploit this vulnerability when a client connects to it. Specifically, offscreen bitmap deletion can lead to a use-after-free UAF condition, where the client attempts to use memory that has...
CVE-2026-23530
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. This vulnerability occurs because the freerdpbitmapdecompressplanar function does not properly validate bitmap dimensions when decompressing planar bitmap data. A malicious server can exploit this by sending...
CVE-2026-23884
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, offscreen bitmap deletion leaves gdi-drawing pointing to freed memory, causing UAF when related update packets arrive. A malicious server can trigger a client‑side use after free, causing a crash DoS and...
CVE-2026-23884
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, offscreen bitmap deletion leaves gdi-drawing pointing to freed memory, causing UAF when related update packets arrive. A malicious server can trigger a client‑side use after free, causing a crash DoS and...
UBUNTU-CVE-2026-23884
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, offscreen bitmap deletion leaves gdi-drawing pointing to freed memory, causing UAF when related update packets arrive. A malicious server can trigger a client‑side use after free, causing a crash DoS and...
CVE-2026-23884
Summary: CVE-2026-23884 affects FreeRDP prior to 3.21.0, where offscreen bitmap deletion can leave gdi->drawing pointing to freed memory, enabling a client-side use-after-free that may crash the client (DoS) and cause heap corruption depending on allocator/heap layout. The issue is addressed i...
CVE-2026-23884 Heap-use-after-free in gdi_set_bounds
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, offscreen bitmap deletion leaves gdi-drawing pointing to freed memory, causing UAF when related update packets arrive. A malicious server can trigger a client‑side use after free, causing a crash DoS and...
CVE-2026-23884 Heap-use-after-free in gdi_set_bounds
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, offscreen bitmap deletion leaves gdi-drawing pointing to freed memory, causing UAF when related update packets arrive. A malicious server can trigger a client‑side use after free, causing a crash DoS and...
CVE-2026-23884
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, offscreen bitmap deletion leaves gdi-drawing pointing to freed memory, causing UAF when related update packets arrive. A malicious server can trigger a client‑side use after free, causing a crash DoS and...
EUVD-2026-3310
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, offscreen bitmap deletion leaves gdi-drawing pointing to freed memory, causing UAF when related update packets arrive. A malicious server can trigger a client‑side use after free, causing a crash DoS and...
CVE-2026-23884
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, offscreen bitmap deletion leaves gdi-drawing pointing to freed memory, causing UAF when related update packets arrive. A malicious server can trigger a client‑side use after free, causing a crash DoS and...
poppler: Out-of-Bounds Read in Poppler
A flaw was found in Poppler. This vulnerability allows out-of-bounds reads via crafted input files that trigger the JBIG2Bitmap::combine function due to a misplaced isOk check...
poppler: Out-of-Bounds Read in Poppler
A flaw was found in Poppler. This vulnerability allows out-of-bounds reads via crafted input files that trigger the JBIG2Bitmap::combine function due to a misplaced isOk check...