Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

22 matches found

Snyk
Snykadded 2026/01/09 6:52 p.m.4 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the handling of SVG element attributes href and xlink:href when user-controlled data is bound to these attributes. An attacker can execute arbitrary JavaScript code in the victim's browser by supplying a...

8.5CVSS5.3AI score0.00021EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-41801

Malicious code in bioql PyPI...

4.6CVSS4.7AI score0.0006EPSS
Exploits0References7
Tenable Nessus
Tenable Nessusadded 2023/10/08 12:0 a.m.39 views

Debian dla-3606 : freerdp2-dev - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3606 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3606-1 [email protected]...

9.8CVSS7AI score0.00504EPSS
Exploits19References96
Tenable Nessus
Tenable Nessusadded 2022/11/30 12:0 a.m.22 views

SUSE SLED15 / SLES15 Security Update : freerdp (SUSE-SU-2022:4292-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4292-1 advisory. - FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing inpu...

5.7CVSS5.3AI score0.0026EPSS
Exploits0References7
UbuntuCve
UbuntuCveadded 2022/11/17 12:0 a.m.43 views

CVE-2022-39319

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in the urbdrc channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in...

4.6CVSS5.9AI score0.00119EPSS
Exploits0References3
NVD
NVDadded 2022/11/16 9:15 p.m.16 views

CVE-2022-39319

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in the urbdrc channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in...

4.6CVSS0.00119EPSS
Exploits0References7
NVD
NVDadded 2022/11/16 9:15 p.m.12 views

CVE-2022-39317

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing a range check for input offset index in ZGFX decoder. A malicious server can trick a FreeRDP based client to read out of bound data and try to decode it. This issue has been addressed in versio...

4.6CVSS0.0006EPSS
Exploits0References4
NVD
NVDadded 2022/11/16 8:15 p.m.11 views

CVE-2022-41877

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in drive channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in version...

4.6CVSS0.00186EPSS
Exploits0References7
Prion
Prionadded 2022/11/16 8:15 p.m.18 views

Design/Logic Flaw

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP may attempt integer addition on too narrow types leads to allocation of a buffer too small holding the data written. A malicious server can trick a FreeRDP based client to read out of bound data and send i...

4.9CVSS5.2AI score0.0013EPSS
Exploits0References4Affected Software2
Debian CVE
Debian CVEadded 2022/11/16 12:0 a.m.27 views

CVE-2022-39319

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in the urbdrc channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in...

4.6CVSS5.1AI score0.00119EPSS
Exploits0
CVE
CVEadded 2022/11/16 12:0 a.m.121 views

CVE-2022-39320

CVE-2022-39320 affects FreeRDP and relates to a heap buffer overflow in the urbdrc channel caused by integer addition on too-narrow types, leading to writing data into a too-small allocation. Exploitation could enable reading out-of-bound data and echoing it back to the server. The vulnerability ...

5.5CVSS6AI score0.0013EPSS
Exploits0References5Affected Software1
OSV
OSVadded 2022/11/16 12:0 a.m.23 views

CVE-2022-39319 Missing length validation in urbdrc channel in FreeRDP

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in the urbdrc channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in...

4.6CVSS4.7AI score0.00119EPSS
Exploits0References9
OSV
OSVadded 2022/11/16 12:0 a.m.30 views

CVE-2022-41877 Missing input length validation in `drive` channel in FreeRDP

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in drive channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in version...

4.6CVSS4.8AI score0.00186EPSS
Exploits0References9
Vulnrichment
Vulnrichmentadded 2022/11/16 12:0 a.m.16 views

CVE-2022-41877 Missing input length validation in `drive` channel in FreeRDP

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in drive channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in version...

4.6CVSS7.3AI score0.00186EPSS
Exploits0References6
Debian CVE
Debian CVEadded 2022/11/16 12:0 a.m.35 views

CVE-2022-41877

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in drive channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in version...

4.6CVSS5.2AI score0.00186EPSS
Exploits0
AlpineLinux
AlpineLinuxadded 2022/11/16 12:0 a.m.51 views

CVE-2022-41877

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in drive channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in version...

4.6CVSS6.3AI score0.00186EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2022/04/25 12:0 a.m.42 views

EulerOS 2.0 SP8 : freerdp (EulerOS-SA-2022-1564)

According to the versions of the freerdp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the...

6.9CVSS6.7AI score0.02202EPSS
Exploits4References18
Positive Technologies
Positive Technologiesadded 2021/12/31 12:0 a.m.2 views

PT-2021-24317 · Mdb Tools · Mdb Tools

Name of the Vulnerable Software and Affected Versions: MDB Tools aka mdbtools version 0.9.2 Description: The issue is a stack-based buffer overflow in the mdb numeric to string function, which is called from mdb xfer bound data and mdb attempt bind. This overflow occurs at the memory address...

7.8CVSS7.6AI score0.00121EPSS
Exploits1References11
CVE
CVEadded 2020/05/29 12:0 a.m.214 views

CVE-2020-11040

CVE-2020-11040 affects FreeRDP versions up to 2.0.0, where an out-of-bounds data read from memory occurs in clear_decompress_subcode_rlex and is visualized as color on screen. The issue has been fixed in version 2.1.0. Related advisories from Debian, CentOS/RHEL, AlmaLinux, Amazon Linux 2 and CNV...

4CVSS5.4AI score0.00117EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2019/03/09 12:0 a.m.50 views

CVE-2019-8275

UltraVNC revision 1211 contains multiple improper null termination vulnerabilities in the VNC server code, allowing out-of-bounds data access via network. CVSS v3.1 base score 9.8. Affected: UltraVNC 1211; fix: upgrade to revision 1212 (addressed in the same family of issues).

9.8CVSS9.6AI score0.0433EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder