MiracleLinux 7 : php-5.4.16-48.0.4.el7.AXS7 (AXSA:2024-9432:05)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9432:05 advisory. CVE-2024-11233: fix buffer overflow vulnerability in convert.quoted-printable-decode filter CVEs: CVE-2024-11233 In PHP versions 8.1. before 8.1.31, 8.2...

MiracleLinux 8 : gssntlmssp-1.2.0-1.el8.ML.1 (AXSA:2023-6149:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6149:01 advisory. gssntlmssp: multiple out-of-bounds read when decoding NTLM fields CVE-2023-25563 gssntlmssp: memory corruption when decoding UTF16 strings...

MiracleLinux 9 : golang-1.17.12-1.el9, go-toolset-1.17.12-1.el9 (AXSA:2022-4035:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4035:01 advisory. golang: compress/gzip: stack exhaustion in Reader.Read CVE-2022-30631 golang: net/http: improper sanitization of Transfer-Encoding header...

MiracleLinux 4 : firefox-68.7.0-2.0.1.AXS4 (AXSA:2020-4717:09)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-4717:09 advisory. Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method CVE-2020-6821 Mozilla: Memory safety bugs fixed in Firefox 7...

MiracleLinux 9 : pcs-0.11.6-3.el9.ML.1 (AXSA:2023-6977:13)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6977:13 advisory. decode-uri-component: improper input validation resulting in DoS CVE-2022-38900 Tenable has extracted the preceding description block directly from the...

CVE-2026-23534

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the ClearCodec bands decode path when crafted band coordinates allow writes past the end of the destination surface buffer. A malicious server can trigger a...

CVE-2026-23534

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the ClearCodec bands decode path when crafted band coordinates allow writes past the end of the destination surface buffer. A malicious server can trigger a...

CVE-2026-23533

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the RDPGFX ClearCodec decode path when maliciously crafted residual data causes out-of-bounds writes during color output. A malicious server can trigger a...

UBUNTU-CVE-2026-23534

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the ClearCodec bands decode path when crafted band coordinates allow writes past the end of the destination surface buffer. A malicious server can trigger a...

CVE-2026-23530

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0,freerdpbitmapdecompressplanar does not validate nSrcWidth/nSrcHeight against planar-maxWidth/maxHeight before RLE decode. A malicious server can trigger a client‑side heap buffer overflow, causing a crash DoS...

CVE-2026-23534

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the ClearCodec bands decode path when crafted band coordinates allow writes past the end of the destination surface buffer. A malicious server can trigger a...

CVE-2026-23534 FreeRDP has heap-buffer-overflow in clear_decompress_bands_data

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the ClearCodec bands decode path when crafted band coordinates allow writes past the end of the destination surface buffer. A malicious server can trigger a...

CVE-2026-23534

CVE-2026-23534 affects FreeRDP prior to version 3.21.0, where a client-side heap buffer overflow occurs in the ClearCodec bands decode path when crafted band coordinates allow writes past the end of the destination surface buffer. A malicious server can trigger this overflow, potentially crashing...

CVE-2026-23533 FreeRDP has heap-buffer-overflow in clear_decompress_residual_data

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the RDPGFX ClearCodec decode path when maliciously crafted residual data causes out-of-bounds writes during color output. A malicious server can trigger a...

CVE-2026-23533

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the RDPGFX ClearCodec decode path when maliciously crafted residual data causes out-of-bounds writes during color output. A malicious server can trigger a...

CVE-2026-23533

CVE-2026-23533 – FreeRDP : Affects FreeRDP prior to version 3.21.0, where the RDPGFX ClearCodec decode path can fail due to crafted residual data causing out-of-bounds writes. This leads to a client crash (DoS) and potential heap corruption with code‑execution risk depending on allocator behavior...

CVE-2026-23530 FreeRDP has heap-buffer-overflow in planar_decompress_plane_rle

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0,freerdpbitmapdecompressplanar does not validate nSrcWidth/nSrcHeight against planar-maxWidth/maxHeight before RLE decode. A malicious server can trigger a client‑side heap buffer overflow, causing a crash DoS...

CVE-2026-23530

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0,freerdpbitmapdecompressplanar does not validate nSrcWidth/nSrcHeight against planar-maxWidth/maxHeight before RLE decode. A malicious server can trigger a client‑side heap buffer overflow, causing a crash DoS...

EUVD-2026-3311

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0,freerdpbitmapdecompressplanar does not validate nSrcWidth/nSrcHeight against planar-maxWidth/maxHeight before RLE decode. A malicious server can trigger a client‑side heap buffer overflow, causing a crash DoS...

CVE-2026-23530

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0,freerdpbitmapdecompressplanar does not validate nSrcWidth/nSrcHeight against planar-maxWidth/maxHeight before RLE decode. A malicious server can trigger a client‑side heap buffer overflow, causing a crash DoS...