Lucene search
+L

25 matches found

nvd
nvd
added 2026/06/25 9:16 p.m.15 views

CVE-2026-6681

The PKCS7 decode path ignores the caller-supplied output buffer size outputSz, allowing decoded content to be written past the bounds of the provided buffer. This affects wolfSSL 5.9.0 and earlier and was fixed in the 5.9.1 release...

5.3CVSS0.00256EPSS
Exploits0References2
euvd
euvd
added 2026/06/25 8:11 p.m.7 views

EUVD-2026-39556

The PKCS7 decode path ignores the caller-supplied output buffer size outputSz, allowing decoded content to be written past the bounds of the provided buffer. This affects wolfSSL 5.9.0 and earlier and was fixed in the 5.9.1 release...

1CVSS6AI score0.00256EPSS
Exploits0References2
cve
cve
added 2026/06/25 8:11 p.m.16 views

CVE-2026-6681

CVE-2026-6681 describes a buffer overflow in wolfSSL up to 5.9.0 caused by the PKCS#7 decode path ignoring the caller-supplied output buffer size (outputSz). Decoded data can be written past the provided buffer, potentially affecting confidentiality and integrity. The issue is fixed in wolfSSL 5....

5.3CVSS6AI score0.00256EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.13 views

PT-2026-52588

Name of the Vulnerable Software and Affected Versions wolfSSL versions prior to 5.9.1 Description The PKCS7 decode path fails to respect the caller-supplied output buffer size outputSz. This allows decoded content to be written beyond the boundaries of the provided buffer, leading to a buffer...

5.3CVSS6.2AI score0.00256EPSS
Exploits0References6
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurred in the decoding process of the ClearCodec band when crafted band coordinates allowed writes beyond the end of the destination surface buffer. A malicious server...

9.8CVSS6.2AI score0.00434EPSS
Exploits1References3
redhat
redhat
added 2026/05/19 1:29 p.m.13 views

freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap out-of-bounds write vulnerability in the planardecompressplanerle function. This vulnerability allows the server to write past the end of a temporary buffer, potentiall...

8.8CVSS6.3AI score0.00591EPSS
Exploits1References6
osv
osv
added 2026/04/21 6:4 p.m.2 views

CVE-2026-40614 PJSIP: Heap buffer overflow in Opus codec decoding

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...

8.5CVSS6.3AI score0.00224EPSS
Exploits0References4
redhat
redhat
added 2026/04/06 6:44 p.m.6 views

Important: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.8CVSS6.6AI score0.00591EPSS
Exploits2References3
redhat
redhat
added 2026/04/01 4:28 p.m.11 views

freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap out-of-bounds write vulnerability in the planardecompressplanerle function. This vulnerability allows the server to write past the end of a temporary buffer, potentiall...

8.8CVSS6.4AI score0.00591EPSS
Exploits1References6
redhat
redhat
added 2026/04/01 2:55 p.m.8 views

freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap out-of-bounds write vulnerability in the planardecompressplanerle function. This vulnerability allows the server to write past the end of a temporary buffer, potentiall...

8.8CVSS6.4AI score0.00591EPSS
Exploits1References6
almalinux
almalinux
added 2026/03/30 12:0 a.m.8 views

Important: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write ...

8.8CVSS6.5AI score0.00591EPSS
Exploits2References6
veracode
veracode
added 2026/03/06 7:24 a.m.5 views

Authentication Bypass

Astro is vulnerable to Authentication Bypass. The vulnerability is due to inconsistent path normalization between Astro’s routing logic and middleware validation, where routing applies decodeURI but middleware checks context.url.pathname without decoding, allowing attackers to access protected...

6.9CVSS5.8AI score0.00481EPSS
Exploits1References2Affected Software1
redhat
redhat
added 2026/02/23 1:59 a.m.9 views

freerdp: FreeRDP: Heap buffer overflow leads to denial of service and potential code execution

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A malicious server can exploit a client-side heap buffer overflow vulnerability in the RDPGFX ClearCodec decode path. This occurs when maliciously crafted residual data causes out-of-bounds writes during color...

9.8CVSS6.2AI score0.00434EPSS
Exploits1References8
redhat
redhat
added 2026/02/23 1:35 a.m.7 views

freerdp: FreeRDP: Heap buffer overflow leads to denial of service and potential code execution

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A malicious server can exploit a client-side heap buffer overflow vulnerability in the RDPGFX ClearCodec decode path. This occurs when maliciously crafted residual data causes out-of-bounds writes during color...

9.8CVSS6.2AI score0.00434EPSS
Exploits1References8
redhat
redhat
added 2026/02/18 2:36 p.m.6 views

freerdp: FreeRDP: Arbitrary code execution and denial of service via client-side heap buffer overflow

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A malicious server can trigger a client-side heap buffer overflow in the ClearCodec bands decode path. This vulnerability, caused by crafted band coordinates, allows writes past the end of the destination surface...

9.8CVSS6.2AI score0.00434EPSS
Exploits1References8
redhat
redhat
added 2026/02/17 3:59 p.m.4 views

freerdp: FreeRDP: Heap buffer overflow leads to denial of service and potential code execution

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A malicious server can exploit a client-side heap buffer overflow vulnerability in the RDPGFX ClearCodec decode path. This occurs when maliciously crafted residual data causes out-of-bounds writes during color...

9.8CVSS6.2AI score0.00434EPSS
Exploits1References8
redhat
redhat
added 2026/02/16 1:12 p.m.5 views

freerdp: FreeRDP: Heap buffer overflow leads to denial of service and potential code execution

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A malicious server can exploit a client-side heap buffer overflow vulnerability in the RDPGFX ClearCodec decode path. This occurs when maliciously crafted residual data causes out-of-bounds writes during color...

9.8CVSS6.2AI score0.00434EPSS
Exploits1References8
redhat
redhat
added 2026/02/09 1:41 a.m.6 views

freerdp: FreeRDP: Arbitrary code execution and denial of service via client-side heap buffer overflow

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A malicious server can trigger a client-side heap buffer overflow in the ClearCodec bands decode path. This vulnerability, caused by crafted band coordinates, allows writes past the end of the destination surface...

9.8CVSS6.2AI score0.00434EPSS
Exploits1References8
redhat
redhat
added 2026/02/05 11:53 a.m.5 views

freerdp: FreeRDP: Heap buffer overflow leads to denial of service and potential code execution

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A malicious server can exploit a client-side heap buffer overflow vulnerability in the RDPGFX ClearCodec decode path. This occurs when maliciously crafted residual data causes out-of-bounds writes during color...

9.8CVSS6.2AI score0.00434EPSS
Exploits1References8
redhat
redhat
added 2026/02/05 10:29 a.m.15 views

freerdp: FreeRDP: Arbitrary code execution and denial of service via client-side heap buffer overflow

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A malicious server can trigger a client-side heap buffer overflow in the ClearCodec bands decode path. This vulnerability, caused by crafted band coordinates, allows writes past the end of the destination surface...

9.8CVSS6.2AI score0.00434EPSS
Exploits1References8
Rows per page
Query Builder