CVE-2026-44421

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is in gdiCacheToSurface: it validates a destination rectangle that is clamped to UINT16MA...

FreeRDP 安全漏洞

FreeRDP is an open-source implementation of the Remote Desktop Protocol RDP by the FreeRDP team. Versions of FreeRDP prior to 3.26.0 contained security vulnerabilities. These vulnerabilities stemmed from malicious RDP servers that could trigger a client heap buffer overflow by sending specially...

CVE-2026-40321

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to version 10.2.2, a user could upload a specially crafted SVG file that could include scripts that can target both authenticated and unauthenticated DNN users. The impact is increased ...

Arbitrary File Upload

Overview Affected versions of this package are vulnerable to Arbitrary File Upload via the file upload. An administrator can execute arbitrary JavaScript in the context of the application by uploading a crafted SVG or HTML file containing malicious scripts, which are then served to users without...

CVE-2026-35608

QuickDrop is an easy-to-use file sharing application. Prior to 1.5.3, a stored XSS vulnerability exists in the file preview endpoint. The application allows SVG files to be uploaded via the /api/file/upload-chunk endpoint. An attacker can upload a specially crafted SVG file containing a JavaScrip...

freerdp: FreeRDP: Arbitrary code execution via heap buffer overflow in GDI surface pipeline

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap buffer overflow vulnerability by sending a specially crafted graphics command to a FreeRDP client. This allows the server to write data outside of its intended memory...

RockyLinux 9 : freerdp (RLSA-2026:2048)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:2048 advisory. freerdp: FreeRDP: Heap buffer overflow leading to denial of service and potential code execution from a malicious server. CVE-2026-23530 freerdp: FreeRDP...

freerdp: FreeRDP: Heap buffer overflow via crafted RDPGFX surface updates leads to denial of service and potential code execution.

A flaw was found in FreeRDP. A malicious server can exploit an out-of-bounds read/write vulnerability in the ClearCodec component by sending crafted RDPGFX surface updates. This can trigger a client-side heap buffer overflow, leading to a crash Denial of Service DoS and potential heap corruption...

CVE-2025-43829

Stored cross-site scripting XSS vulnerability in diagram type products in Commerce in Liferay Portal 7.4.3.18 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 18 through update 92 allows remote attackers to inject arbitrary web script or...

Use-after-free vulnerability in Qt SVG qsvghandler.cpp allows denial of service via crafted SVG

...

CVE-2025-50129

A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decoding the image data from a specially crafted .tga file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...

PT-2024-39441 · Faststone · Faststone Image Viewer

Name of the Vulnerable Software and Affected Versions: FastStone Image Viewer affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of FastStone Image Viewer. User interaction is required to exploit this issue, where th...

Liferay Portal and Liferay DXP Security Vulnerabilities

Liferay Portal and Liferay DXP are both products of Liferay Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS, and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

Sunlight CMS Security Vulnerability

Sunlight CMS is a content management system from Sunlight CMS open source. A security vulnerability exists in Sunlight CMS version 8.0.1. An attacker exploited the vulnerability to escalate privileges via a specially crafted SVG file in the File Manager component...

PT-2024-19698 · Unknown · A-Blog Cms

Name of the Vulnerable Software and Affected Versions: a-blog cms versions prior to 3.1.7 a-blog cms versions prior to 3.0.29 a-blog cms versions prior to 2.11.58 a-blog cms versions prior to 2.10.50 a-blog cms version 2.9.0 and earlier Description: The issue is related to improper input...

SUSE CVE-2015-6773

The convolution implementation in Skia, as used in Google Chrome before 47.0.2526.73, does not properly constrain row lengths, which allows remote attackers to cause a denial of service out-of-bounds memory access or possibly have unspecified other impact via crafted graphics data...

SUSE CVE-2015-8897

The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service application crash via a crafted png file...

UBUNTU-CVE-2022-26061

A heap-based buffer overflow vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap

A flaw was found in grub 2, where a crafted 16-bit grayscale PNG image may lead to an out-of-bounds write. This flaw allows an attacker to corrupt the data on the heap portion of the grub2's memory, leading to possible code execution and the circumvention of the secure boot mechanism...

SAP 3D Visual Enterprise Viewer 安全漏洞

SAP 3D Visual Enterprise Viewer is a free 3D visualization viewer for Windows. A denial of service vulnerability exists in SAP 3D Visual Enterprise Viewer 9. The vulnerability stems from improper input validation. An attacker could exploit the vulnerability by means of a specially crafted .CGM...