43 matches found
ROS-20260615-73-0042
The vulnerability of the persistentcachereadentryv3 function in the RDP client FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow an attacker to compromise the integrity and accessibility of protected information...
FreeRDP: FreeRDP: Memory corruption vulnerability allows denial of service or arbitrary code execution
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A memory corruption vulnerability exists in the persistent cache handling. If a memory reallocation fails, an internal size variable is incorrectly updated, while the data pointer still refers to the original,...
FreeRDP: FreeRDP: Memory corruption vulnerability allows denial of service or arbitrary code execution
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A memory corruption vulnerability exists in the persistent cache handling. If a memory reallocation fails, an internal size variable is incorrectly updated, while the data pointer still refers to the original,...
CVE-2026-47091 Claude HUD 0.0.12 Path Traversal via transcript_path
Claude HUD through 0.0.12, patched in commit 234d9aa, contains a path traversal vulnerability that allows attackers to read arbitrary files by supplying an unvalidated transcriptpath value via stdin JSON. Attackers can access any file readable by the process and the file metadata is written to a...
EUVD-2026-30800
Claude HUD through 0.0.12, patched in commit 234d9aa, contains a path traversal vulnerability that allows attackers to read arbitrary files by supplying an unvalidated transcriptpath value via stdin JSON. Attackers can access any file readable by the process and the file metadata is written to a...
CVE-2026-47091
Claude HUD up to version 0.0.12 is affected by a path traversal flaw exposed by an unvalidated transcript_path in stdin JSON. The vulnerability lets an attacker read arbitrary files readable by the process, and the accessed file metadata is written to a persistent cache file with insufficient per...
FreeRDP: FreeRDP: Memory corruption vulnerability allows denial of service or arbitrary code execution
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A memory corruption vulnerability exists in the persistent cache handling. If a memory reallocation fails, an internal size variable is incorrectly updated, while the data pointer still refers to the original,...
freerdp security update
2:3.10.3-5.8 - Fix double free in xfrailwindowcommon cleanup CVE-2026-26986 - Fix clipboard use-after-free during auto-reconnect CVE-2026-25997 - Fix heap-buffer-overflow in bitmapcacheput CVE-2026-29775 - Add DSP format checks CVE-2026-31884 - Fix DSP array bounds checks CVE-2026-31883 - Fix DSP...
Oracle Linux 10 : freerdp (ELSA-2026-16014)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-16014 advisory. - Fix double free in xfrailwindowcommon cleanup CVE-2026-26986 - Fix clipboard use-after-free during auto-reconnect CVE-2026-25997 - Fix...
CVE-2026-7944
An insufficient validation of untrusted input flaw was found in the Persistent Cache component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=495783187...
SUSE CVE-2026-7944
Insufficient validation of untrusted input in Persistent Cache in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...
Chromium: CVE-2026-7944 Insufficient validation of untrusted input in Persistent Cache
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
EUVD-2026-27991
Insufficient validation of untrusted input in Persistent Cache in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-7944
Insufficient validation of untrusted input in Persistent Cache in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-7944
Insufficient validation of untrusted input in Persistent Cache in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-7944
Summary: CVE-2026-7944 relates to Google Chrome prior to 148.0.7778.96, where insufficient validation of untrusted input in the Persistent Cache could allow a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Affected software/sequence: Goo...
CVE-2026-7944
Insufficient validation of untrusted input in Persistent Cache in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-7944
Insufficient validation of untrusted input in Persistent Cache in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-7944
Insufficient validation of untrusted input in Persistent Cache in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-7944
Insufficient validation of untrusted input in Persistent Cache in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...