PT-2026-22022

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.23.0 Description The Stream EnsureCapacity function in FreeRDP versions prior to 3.23.0 can create an endless blocking loop. This issue may affect all client and server implementations using FreeRDP. Exploitation is...

CVE-2026-25916

CVE-2026-25916 affects Roundcube Webmail: versions prior to 1.5.13 and prior to 1.6.13 fail to block SVG feImage usage when “Block remote images” is enabled, enabling a DOM-based attack via SVG href/feImage that can bypass remote-image blocking. The exploit path described involves SVG handling wh...

Low: tomcat

Issue Overview: The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing but extremely hard to trigger concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5...

UBUNTU-CVE-2020-0433

In blkmqqueuetagbusyiter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...