Vulnerability of the progressive_decompress() function in the RDP client FreeRDP, allowing a hacker to trigger a service failure

The vulnerability of the progressivedecompress function in the RDP client FreeRDP is related to the occurrence of operations outside the buffer in memory when processing nXSrc and nYSrc. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

golang: net/http: improper sanitization of Transfer-Encoding header

A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid...

Moderate: Red Hat Security Advisory: libX11 security update

An update for libX11 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

RLSA-2021:4326 Moderate: libX11 security update

The libX11 packages contain the core X11 protocol client library. Security Fixes: libX11: missing request length checks CVE-2021-31535 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in t...

libX11 security update

An update is available for libX11. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libX11 packages contain the core X11 protocol client library. Security...

Moderate: libX11 security update

The libX11 packages contain the core X11 protocol client library. Security Fixes: libX11: missing request length checks CVE-2021-31535 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in t...

PT-2021-5016 · Microsoft · Windows Remote Desktop Protocol Client +1

Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Protocol Client affected versions not specified Description: The vulnerability is related to a lack of protection for service data in the Windows operating system's Remote Desktop Protocol Client. It may allow a remote...

libX11 security update

CentOS Errata and Security Advisory CESA-2021:3296 An update for libX11 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient

A flaw was found in the Dynamic Host Configuration Protocol DHCP. There is a discrepancy between the code that handles encapsulated option information in leases transmitted "on the wire" and the code which reads and parses lease information after it has been written to disk storage. This flaw...

KLA12004 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service, spoof user interface. Below is a complete list of...

[SECURITY] Fedora 32 Update: libX11-1.6.12-1.fc32

Core X11 protocol client library...

Microsoft Patch Tuesday — Jan. 2020: Vulnerability disclosures and Snort coverage

By Jon Munshaw. Updated January 15th: Added an Advanced Custom Detection ACD signature for AMP that can be used to detect exploitation of CVE-2020-0601 by spoofing certificates masquerading as a Microsoft ECC Code Signing Certificate Authority. Microsoft released its monthly security update today...

RADIUS Authentication Protocol Detection (Client)

Binary data 701140.prm...

KLA11820 Multiple vulnerabilities in Microsoft Apps

Multiple vulnerabilities were found in Microsoft Apps. Malicious users can exploit these vulnerabilities to obtain sensitive information. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in Remote Desktop Protocol Client can be exploited remotely via special...

KLA11511 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A remote cod...

Debian: Security Advisory (DLA-1793-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NEC Aterm WG2600HP2 Information Disclosure Vulnerability

The WG2600HP2 is a router product from NEC. The NEC Aterm WG2600HP2 has an information disclosure vulnerability that could allow an attacker to retrieve the DHCP client by sending a crafted HTTP request...

PT-2018-9198 · Microsoft +2 · Windows 2008 +4

Name of the Vulnerable Software and Affected Versions: GitHub Electron versions 1.8.2-beta.3 and earlier GitHub Electron versions 1.7.10 and earlier GitHub Electron versions 1.6.15 and earlier Description: The issue is related to a vulnerability in the protocol handler of Electron apps running on...

Debian DSA-3907-1 : spice - security update

Frediano Ziglio discovered a buffer overflow in spice, a SPICE protocol client and server library which may result in memory disclosure, denial of service and potentially the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks ...

QEMU 'vnc.c' Denial of Service Vulnerability

QEMU is an open source emulator software. An integer overflow vulnerability exists in QEMU's VNC display driver, located in vncclientread and protocolclientmsg, which can be exploited by a client user to cause the VNC driver to loop indefinitely, causing the QEMU process to crash, via a larger...