283 matches found
UBUNTU-CVE-2026-24491
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, videotimer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. This vulnerability is fixed in 3.22.0...
CVE-2026-24491
FreeRDP prior to 3.22.0 is affected by CVE-2026-24491: video_timer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use-after-free. Affected: FreeRDP versions before 3.22.0. Impact: memory corruption and potential denial of service...
CVE-2026-24491
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, videotimer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. This vulnerability is fixed in 3.22.0...
CVE-2026-24491 FreeRDP has a heap-use-after-free in video_timer
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, videotimer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. This vulnerability is fixed in 3.22.0...
CVE-2026-24491 FreeRDP has a heap-use-after-free in video_timer
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, videotimer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. This vulnerability is fixed in 3.22.0...
CVE-2026-24491
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, videotimer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. This vulnerability is fixed in 3.22.0...
FreeRDP 资源管理错误漏洞
FreeRDP is an open-source implementation of the Remote Desktop Protocol RDP by the FreeRDP team. Versions of FreeRDP prior to 3.22.0 contained a resource management vulnerability. This vulnerability stemmed from videotimer sending client notifications after the control channel was closed, which...
MiracleLinux 8 : bind-9.11.36-8.el8.2 (AXSA:2023-6475:09)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6475:09 advisory. bind: stack exhaustion in control channel code may lead to DoS CVE-2023-3341 Tenable has extracted the preceding description block directly from the...
MiracleLinux 4 : bind-9.8.2-0.37.7.0.1.rc1.AXS4 (AXSA:2016-143:02)
"The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-143:02 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves ho...
bind security update
32:9.11.4-26.0.5.P2.16 - Resolve CVE-2025-40778 Orabug: 38699863 32:9.11.4-26.0.3.P2.16 - Resolve CVE-2024-11187 Orabug: 37616907 32:9.11.4-26.0.1.P2.16 - Resolve CVE-2024-1975 - Resolve CVE-2024-1737 - Add ability to change runtime limits for max types and records per name 32:9.11.4-26.P2.16 -...
PT-2026-7033
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.22.0 Description FreeRDP, a Remote Desktop Protocol implementation, contains a flaw where the video timer component may send client notifications after the control channel has been closed. This action can lead to a...
When your AI Assistant Becomes the Attacker’s Command-and-Control
Earlier this month, Microsoft uncovered SesameOp, a new backdoor malware that abuses the OpenAI Assistants API as a covert command-and-control C2 channel. The discovery has drawn significant attention within the cybersecurity community. Security teams can no longer focus solely on endpoint malwar...
Nation-State Hackers Deploy New Airstalk Malware in Suspected Supply Chain Attack
A suspected nation-state threat actor has been linked to the distribution of a new malware called Airstalk as part of a likely supply chain attack. Palo Alto Networks Unit 42 said it's tracking the cluster under the moniker CL-STA-1009 , where "CL" stands for cluster and "STA" refers to...
EUVD-2014-7951
Malware in sbrugna...
EUVD-2015-5317
Malware in sbrugna...
EUVD-2020-13593
Malware in sbrugna...
openvpn: Fix of CVE-2020-15078
CVE-2020-15078: fix authentication bypass and access to control channel data on servers configured with deferred authentication...
CLSA-2025-1759485890 openvpn: Fix of CVE-2020-15078
CVE-2020-15078: fix authentication bypass and access to control channel data on servers configured with deferred authentication...
CLSA-2025-1759337779 openvpn: Fix of CVE-2020-15078
CVE-2020-15078: fix authentication bypass and access to control channel data on servers configured with deferred authentication...
Linux Distros Unpatched Vulnerability : CVE-2023-3341
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the...