Lucene search
K

171 matches found

Cvelist
Cvelist
added 2023/11/10 3:0 p.m.48 views

CVE-2023-47119 HTML injection in oneboxed links

Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches, some links can inject arbitrary HTML tags when rendered through our Onebox engine. The issue is patched in version 3.1.3 of the...

5.3CVSS6.7AI score0.00943EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/11/10 12:0 a.m.5 views

PT-2023-29706 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 3.1.3 Discourse version 3.2.0.beta3 and earlier of the beta and tests-passed branches Description: Discourse is an open source platform for community discussion. There is an edge case where a bookmark reminder is...

3.3CVSS3.9AI score0.00264EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2023/11/10 12:0 a.m.7 views

PT-2023-29863 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 3.1.3 Discourse versions prior to 3.2.0.beta3 Description: Discourse is an open source platform for community discussion. The issue affects the availability of subsequent replies in a topic when users can add svgs...

5.4CVSS5.4AI score0.00702EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2023/11/10 12:0 a.m.5 views

PT-2023-30325 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 3.1.3 Discourse version 3.2.0.beta3 and earlier in the beta and tests-passed branches Description: Discourse is an open source platform for community discussion. The embedding feature is susceptible to server side...

9.8CVSS9.4AI score0.00692EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2023/09/05 3:14 p.m.35 views

CVE-2023-40576

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the RleDecompress function. This Out-Of-Bounds Read occurs because FreeRDP processes the pbSrcBuffer variable without checking if it...

7.5CVSS7AI score0.01038EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2023/09/05 3:14 p.m.31 views

CVE-2023-40575

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the generalYUV444ToRGB8uP3AC4RBGRX function. This issue is likely down to insufficient data for the pSrc variable and results in crashe...

7.5CVSS6.9AI score0.01064EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2023/09/05 3:14 p.m.91 views

CVE-2023-40188

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the generalLumaToYUV444 function. This Out-Of-Bounds Read occurs because processing is done on the in variable without checking if it...

7.5CVSS7AI score0.01247EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/09/02 1:54 a.m.3 views

SUSE CVE-2023-40181

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfxdecompresssegment function. In the context of CopyMemory, it's possible to read data beyond the...

5.3CVSS6.8AI score0.01432EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/09/02 1:54 a.m.4 views

SUSE CVE-2023-40187

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions of the 3.x beta branch are subject to a Use-After-Free issue in the avc420ensurebuffer and avc444ensurebuffer functions. If the value of piDstSizex is 0, ppYUVDstDatax will be...

9.8CVSS7AI score0.00978EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/09/02 1:54 a.m.3 views

SUSE CVE-2023-40569

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the progressivedecompress function. This issue is likely down to incorrect calculations of the nXSrc and nYSrc variables. This issue h...

6.5CVSS7AI score0.01106EPSS
Exploits1References5
NVD
NVD
added 2023/08/31 10:15 p.m.21 views

CVE-2023-40574

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the writePixelBGRX function. This issue is likely down to incorrect calculations of the nHeight and srcStep variables. This issue has...

9.8CVSS8AI score0.01027EPSS
Exploits1References3
OSV
OSV
added 2023/08/31 10:15 p.m.1 views

DEBIAN-CVE-2023-40188

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the generalLumaToYUV444 function. This Out-Of-Bounds Read occurs because processing is done on the in variable without checking if it...

9.1CVSS7AI score0.01247EPSS
Exploits1References1
OSV
OSV
added 2023/08/31 10:15 p.m.2 views

UBUNTU-CVE-2023-40575

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the generalYUV444ToRGB8uP3AC4RBGRX function. This issue is likely down to insufficient data for the pSrc variable and results in crashe...

9.1CVSS5.8AI score0.01064EPSS
Exploits1References4
OSV
OSV
added 2023/08/31 10:15 p.m.1 views

UBUNTU-CVE-2023-40576

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the RleDecompress function. This Out-Of-Bounds Read occurs because FreeRDP processes the pbSrcBuffer variable without checking if it...

7.5CVSS7AI score0.01038EPSS
Exploits1References4
OSV
OSV
added 2023/08/31 10:15 p.m.6 views

UBUNTU-CVE-2023-40569

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the progressivedecompress function. This issue is likely down to incorrect calculations of the nXSrc and nYSrc variables. This issue h...

9.8CVSS6.9AI score0.01106EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2023/08/31 10:15 p.m.33 views

CVE-2023-40576

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the RleDecompress function. This Out-Of-Bounds Read occurs because FreeRDP processes the pbSrcBuffer variable without checking if it...

7.5CVSS7AI score0.01038EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2023/08/31 9:39 p.m.24 views

CVE-2023-40574

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the writePixelBGRX function. This issue is likely down to incorrect calculations of the nHeight and srcStep variables. This issue has...

9.8CVSS8.6AI score0.01027EPSS
Exploits1
CVE
CVE
added 2023/08/31 9:35 p.m.67 views

CVE-2023-40576

FreeRDP (RDP library) contains a vulnerability CVE-2023-40576: Out-Of-Bounds Read in the RleDecompress function caused by processing pbSrcBuffer without validating sufficient data. The issue affects FreeRDP and has been addressed in version 3.0.0-beta3; upgrades to 3.0.0-beta3 or newer are recomm...

7.5CVSS6.6AI score0.01038EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/08/31 9:34 p.m.30 views

CVE-2023-40575 Out-Of-Bounds Read in FreeRDP

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the generalYUV444ToRGB8uP3AC4RBGRX function. This issue is likely down to insufficient data for the pSrc variable and results in crashe...

5.3CVSS9.4AI score0.01064EPSS
Exploits1References3
OSV
OSV
added 2023/08/31 9:34 p.m.24 views

CVE-2023-40575 Out-Of-Bounds Read in FreeRDP

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the generalYUV444ToRGB8uP3AC4RBGRX function. This issue is likely down to insufficient data for the pSrc variable and results in crashe...

5.3CVSS8.4AI score0.01064EPSS
Exploits1References5
Rows per page
Query Builder