Lucene search
K

40 matches found

ALT Linux
ALT Linux
added 2022/12/06 12:0 a.m.134 views

Security fix for the ALT Linux 9 package freerdp version 2.9.0-alt1

2.9.0-alt1 built Dec. 6, 2022 Andrey Cherepanov in task 310221 Nov. 18, 2022 Andrey Cherepanov - New version. - Fixed multiple client side input validation issues CVE-2022-39316, CVE-2022-39317, CVE-2022-39318, CVE-2022-39319, CVE-2022-39320, CVE-2022-41877, CVE-2022-39347...

5.7AI score0.00967EPSS
Exploits0
OSV
OSV
added 2022/08/25 6:2 a.m.4 views

SUSE-SU-2022:2891-1 Security update for freerdp

This update for freerdp fixes the following issues: - CVE-2021-41159: Fixed improper validation of client input bsc1191895. - CVE-2022-41160: Fixed improper region checks bsc1191895...

8.8CVSS8.7AI score0.01346EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/08/25 12:0 a.m.5 views

PT-2022-37631 · Dit +7 · Freerdp +17

This update for freerdp fixes the following issues: - CVE-2021-41159: Fixed improper validation of client input bsc1191895. - CVE-2022-41160: Fixed improper region checks bsc1191895...

8.8CVSS8.6AI score0.01346EPSS
Exploits0References11
Citrix
Citrix
added 2022/07/21 12:0 a.m.9 views

Cannot activate Microsoft Pinyin IME in Windows server 2016/2019/2022

Cannot activate Microsoft Pinyin IME in Windows server 2016/2019/2022 VDA if client keyboard layout set “sync only once” mode Following are the details of the error, 1. VDA OS is a Windows server 2016/2019/2022 English version. 2. CWA Windows set the keyboard layout to “Sync only once – when the...

7AI score
Exploits0
CNNVD
CNNVD
added 2022/05/12 12:0 a.m.3 views

Online Sports Complex Booking System SQL注入漏洞

Online Sports Complex Booking System is an online stadium booking system by Carlo Montero, a personal developer. page=clients/manageclient&id= lacks validation of external input SQL statements, which could be exploited to execute illegal SQL commands to steal sensitive database data...

9.8CVSS8.7AI score0.01091EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/12/06 12:0 a.m.92 views

SQL Injection Authentication Bypass

Due to the requirement for dynamic content of today's web applications, many rely on a database backend to store data that will be called upon and processed by the web application or other programs. Web applications retrieve data from the database by using Structured Query Language SQL queries. T...

8.7AI score
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2021/11/18 12:0 a.m.28 views

CentOS 8 : freerdp (CESA-2021:4622)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4622 advisory. - freerdp: improper client input validation for gateway connections allows to overwrite memory CVE-2021-41159 - freerdp: improper region checks in all...

8.8CVSS6.9AI score0.01553EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/11/17 12:0 a.m.57 views

CentOS 7 : freerdp (RHSA-2021:4619)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4619 advisory. - FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. All FreeRDP clients prior to version 2.4.1...

8.8CVSS6.8AI score0.01553EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/11/13 12:0 a.m.22 views

RHEL 8 : freerdp (RHSA-2021:4620)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4620 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to R...

8.8CVSS7.1AI score0.01553EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2021/11/13 12:0 a.m.39 views

RHEL 7 : freerdp (RHSA-2021:4619)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4619 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to R...

8.8CVSS7.1AI score0.01553EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2021/11/13 12:0 a.m.40 views

RHEL 8 : freerdp (RHSA-2021:4623)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4623 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to R...

8.8CVSS7.1AI score0.01553EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2021/11/11 9:34 a.m.37 views

Important: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: improper client input validation for gateway connections allows...

8.8CVSS8.7AI score0.01553EPSS
Exploits0References3
ALT Linux
ALT Linux
added 2021/11/01 12:0 a.m.35 views

Security fix for the ALT Linux 9 package freerdp version 2.4.1-alt1

2.4.1-alt1 built Nov. 1, 2021 Andrey Cherepanov in task 287815 Oct. 21, 2021 Andrey Cherepanov - New version. - Security fixes: + CVE-2021-41159 Improper client input validation for gateway connections allows to overwrite memory + CVE-2021-41160 Improper region checks in all clients allow out of...

6.8CVSS8.8AI score0.01553EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2021/07/01 8:0 a.m.36 views

CVE-2021-35042

Django 3.1.x before 3.1.13 and 3.2.x before 3.2.5 allows QuerySet.orderby SQL injection if orderby is untrusted input from a client of a web application...

9.8CVSS7.1AI score0.44369EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2021/03/15 12:0 a.m.6 views

The vulnerability of the rgw::asio::ClientIO method in the rgw/rgw_asio_frontend.cc of the Ceph storage system allows a attacker to cause a service failure.

The vulnerability of the rgw::asio::ClientIO method in the rgw/rgwasiofrontend.cc of the Ceph storage system is related to a resource management mechanism error. Exploiting this vulnerability could allow an attacker to cause service failures...

6.8CVSS6.8AI score0.02488EPSS
Exploits0References9Affected Software5
OSV
OSV
added 2020/04/27 1:15 p.m.18 views

CVE-2020-12274

In TestLink 1.9.20, the lib/cfields/cfieldsExport.php gobackurl parameter causes a security risk because it depends on client input and is not constrained to lib/cfields/cfieldsView.php at the web site associated with the session...

9.8CVSS6.8AI score0.01227EPSS
Exploits0References2
NVD
NVD
added 2020/04/27 1:15 p.m.19 views

CVE-2020-12274

In TestLink 1.9.20, the lib/cfields/cfieldsExport.php gobackurl parameter causes a security risk because it depends on client input and is not constrained to lib/cfields/cfieldsView.php at the web site associated with the session...

9.8CVSS9.4AI score0.01227EPSS
Exploits0References2
Prion
Prion
added 2020/04/27 1:15 p.m.15 views

Session fixation

In TestLink 1.9.20, the lib/cfields/cfieldsExport.php gobackurl parameter causes a security risk because it depends on client input and is not constrained to lib/cfields/cfieldsView.php at the web site associated with the session...

7.5CVSS9.3AI score0.01227EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/04/27 12:34 p.m.21 views

CVE-2020-12274

In TestLink 1.9.20, the lib/cfields/cfieldsExport.php gobackurl parameter causes a security risk because it depends on client input and is not constrained to lib/cfields/cfieldsView.php at the web site associated with the session...

9.5AI score0.01227EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2016/11/21 12:0 a.m.12 views

PT-2021-5495 · Saltstack +3 · Saltstack Salt +3

Name of the Vulnerable Software and Affected Versions: SaltStack Salt versions prior to 3002.5 Description: The issue is related to errors in processing input data in the ssh client of the salt-api in SaltStack Salt. This can allow a remote attacker to execute arbitrary commands with elevated...

10CVSS8AI score0.99585EPSS
Exploits40References206
Rows per page
Query Builder