Lucene search
K

93 matches found

Tenable Nessus
Tenable Nessus
added 2023/10/08 12:0 a.m.44 views

Debian dla-3606 : freerdp2-dev - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3606 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3606-1 [email protected]...

9.8CVSS7AI score0.02537EPSS
Exploits19References96
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.24 views

Oracle Linux 7 : libssh2 (ELSA-2019-2136)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2136 advisory. - fix integer overflow in keyboard interactive handling that allows out-of-bounds writes CVE-2019-3863 - fix out-of-bounds memory comparison with...

9.3CVSS7.6AI score0.09219EPSS
Exploits0References3
OSV
OSV
added 2023/08/08 12:0 a.m.25 views

ALSA-2023:4535 Moderate: postgresql:12 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: schemaelement defeats protective searchpath changes CVE-2023-2454 postgresql: row security policies disregard user ID changes after inlining. CVE-2023-2455 postgresql: Client memory disclosure...

7.2CVSS6.6AI score0.0119EPSS
Exploits0References8
CNNVD
CNNVD
added 2023/08/08 12:0 a.m.6 views

SAP PowerDesigner Information Disclosure Vulnerability

SAP PowerDesigner is a database design software from SAP, Germany. An information disclosure vulnerability exists in SAP PowerDesigner that originates from a special method to access password hashes from client memory...

5.3CVSS6.3AI score0.00428EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/04/04 9:56 a.m.44 views

Moderate: Red Hat Security Advisory: postgresql:13 security update

An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8CVSS6.7AI score0.0152EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/03/28 12:0 a.m.17 views

Mageia: Security Advisory (MGASA-2023-0064)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.7CVSS4.8AI score0.00616EPSS
Exploits0References4
OSV
OSV
added 2023/02/27 8:27 p.m.9 views

MGASA-2023-0064 Updated postgresql packages fix security vulnerability

Client memory disclosure when connecting, with Kerberos, to modified server. CVE-2022-41862...

3.7CVSS4.3AI score0.00616EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:40 a.m.2 views

SUSE CVE-2017-13721

In X.Org Server aka xserver and xorg-server before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session...

6.6CVSS7.7AI score0.00357EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:17 a.m.2 views

SUSE CVE-2019-3858

An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory...

4.6CVSS6.9AI score0.06448EPSS
Exploits0References15
SUSE CVE
SUSE CVE
added 2023/02/15 4:17 a.m.3 views

SUSE CVE-2019-3860

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory...

3.5CVSS6.9AI score0.05118EPSS
Exploits0References21
FreeBSD
FreeBSD
added 2023/02/09 12:0 a.m.74 views

PostgreSQL server -- Client memory disclosure when connecting, with Kerberos, to modified server.

PostgreSQL Project reports: A modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. When a libpq client application has a Kerberos credential cache and doesn't explicitly disable option gssencmode, a server can cause libpq to...

3.7CVSS3AI score0.00616EPSS
Exploits0References1
Snyk
Snyk
added 2022/10/21 8:50 p.m.3 views

Denial of Service (DoS)

Overview Microsoft.AspNetCore.App.Runtime.linux-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Denial of Service DoS via excess memory allocations...

7.5CVSS7.1AI score0.04935EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/06/22 12:0 a.m.18 views

FreeRDP < 2.4.1 Multiple Vulnerabilities

FreeRDP is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.4AI score0.01553EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/10/21 12:0 a.m.2 views

FreeRDP 缓冲区错误漏洞

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. A buffer error vulnerability exists in versions prior to FreeRDP 2.4.1, which stems from the program's inability to validate input data, and a malicious gateway could allow out-of-bounds writes to...

8.8CVSS7.2AI score0.01346EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2021/06/10 12:0 a.m.32 views

SUSE SLES11 Security Update : libssh2_org (SUSE-SU-2019:14099-1)

The remote SUSE Linux SLES11 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2019:14099-1 advisory. - An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who...

9.1CVSS7.2AI score0.05118EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/03/24 12:0 a.m.32 views

EulerOS 2.0 SP5 : freerdp (EulerOS-SA-2021-1675)

According to the versions of the freerdp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In FreeRDP greater than 1.1 and before 2.0.0, there is an out-of-bounds read in updatereadiconinfo. It allows reading a attacker-defined amount...

5.9CVSS6.8AI score0.02003EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2020/09/29 8:15 p.m.3 views

freerdp: out-of-bound read of client memory that is then passed on to the protocol parser

In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser. This has been patched in 2.0.0...

5.5CVSS5.7AI score0.01522EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2020/05/14 2:3 p.m.28 views

CVE-2020-11049

In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser. This has been patched in 2.0.0...

5.5CVSS3.1AI score0.01522EPSS
Exploits1References3
Veracode
Veracode
added 2020/05/08 4:37 a.m.33 views

Out-of-bound Reads

FreeRDP is vulnerable to Out-of-bound Reads. The vulnerability exists because it does not properly handle the updatereadiconinfo data boundary checks, leading to a leakage of amount of client memory 32bit unsigned - 4GB to an intermediate buffer and crashing an application or unauthorized storage...

5.9CVSS6.4AI score0.01771EPSS
Exploits1References7Affected Software3
OSV
OSV
added 2020/05/07 8:15 p.m.22 views

CVE-2020-11049

In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser. This has been patched in 2.0.0...

2.2CVSS6.4AI score
Exploits0References7
Rows per page
Query Builder