Lucene search
+L

332 matches found

AlpineLinux
AlpineLinux
added 3 days ago4 views

CVE-2026-59885

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the BER, CER, and DER decoders process OBJECT IDENTIFIER and RELATIVE-OID values in quadratic time relative to the number of arcs, so a small crafted payload containing an OID with many arcs consumes excessive CPU per decode call and c...

7.5CVSS6.1AI score0.00339EPSS
Exploits0
OSV
OSV
added 2026/06/25 8:32 p.m.7 views

MAL-2026-6476 Malicious code in typedecode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 593662d3b4cda901642b713f419417807a33f3dca74e818f66e8d0cf9ebcf6e3 On require'typedecode' / import 'typedecode', the bundled dist/index.cjs and dist/index.js execute an obfuscated import-time payload. A bootstrap.js...

6.1AI score
Exploits0References4
Fedora
Fedora
added 2026/06/17 8:44 a.m.11 views

[SECURITY] Fedora 44 Update: perl-Protocol-HTTP2-1.13-1.fc44

Protocol::HTTP2 is Perl HTTP/2 protocol implementation RFC 7540 with stateful decoders/encoders of HTTP/2 frames. You may use this module to implement your own HTTP/2 client/server/intermediate on top of your favorite event loop over plain or TLS socket...

7.5CVSS5.2AI score0.00414EPSS
Exploits0
Fedora
Fedora
added 2026/06/17 8:26 a.m.12 views

[SECURITY] Fedora 43 Update: perl-Protocol-HTTP2-1.13-1.fc43

Protocol::HTTP2 is Perl HTTP/2 protocol implementation RFC 7540 with stateful decoders/encoders of HTTP/2 frames. You may use this module to implement your own HTTP/2 client/server/intermediate on top of your favorite event loop over plain or TLS socket...

7.5CVSS5.2AI score0.00414EPSS
Exploits0
NVD
NVD
added 2026/06/09 5:17 p.m.19 views

CVE-2026-34180

Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms. Impact summary: The heap buffer over-read may crash the application Denial of Service or to...

7.5CVSS0.00513EPSS
Exploits0References6
Rockylinux
Rockylinux
added 2026/05/29 4:3 p.m.16 views

freerdp security update

An update is available for freerdp. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeRDP is a free implementation of the Remote Desktop Protocol RDP, release...

9.8CVSS6.3AI score0.00599EPSS
Exploits7
Fedora
Fedora
added 2026/05/29 1:27 a.m.18 views

[SECURITY] Fedora 43 Update: perl-Sereal-5.005-1.fc43

Sereal is an efficient, compact-output, binary and feature-rich serialization protocol. The Perl encoder is implemented as the Sereal::Encoder module, the Perl decoder correspondingly as Sereal::Decoder. This Sereal module is a very thin wrapper around both Sereal::Encoder and Sereal::Decoder. It...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/28 3:43 p.m.14 views

RLSA-2026:19358 Moderate: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: FreeRDP: Denial of service due to use-after-free vulnerability...

7.3CVSS5.8AI score0.00599EPSS
Exploits7References9
Talos Blog
Talos Blog
added 2026/05/28 10:0 a.m.27 views

DICOM, Pydicom, GDCM, and Orthanc: A technical tour of what really happens in the heap

Over the last decade, DICOM parsing has become an active research topic. The reason is simple: DICOM is both critical and complicated. Hospitals rely on DICOM-based PACS systems, and those systems often automatically ingest files received over the network. That means malformed data could directly...

5.9AI score
Exploits0
NVD
NVD
added 2026/05/27 6:16 p.m.11 views

CVE-2026-42328

go-ipld-prime is an implementation of the InterPlanetary Linked Data IPLD spec interfaces, a batteries-included codec implementations of IPLD for CBOR and JSON, and tooling for basic operations on IPLD objects. Prior to 0.23.0, the DAG-CBOR and DAG-JSON decoders recurse on each nested map or list...

6.2CVSS0.0012EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/26 5:5 a.m.14 views

freerdp: FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0

A division by zero flaw has been discovered in FreeRDP. This division by zero exists in the MS-ADPCM and IMA-ADPCM decoders when nBlockAlign is 0, leading to a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % blocksize where blocksize = context-common.format.nBlockAlign. The...

7.5CVSS5.7AI score0.00303EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/05/26 2:2 a.m.14 views

freerdp: FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0

A division by zero flaw has been discovered in FreeRDP. This division by zero exists in the MS-ADPCM and IMA-ADPCM decoders when nBlockAlign is 0, leading to a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % blocksize where blocksize = context-common.format.nBlockAlign. The...

7.5CVSS5.7AI score0.00303EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/05/26 2:2 a.m.12 views

freerdp: FreeRDP: Denial of Service via crafted audio data in RDP

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A remote attacker can exploit a sizet underflow vulnerability in the IMA-ADPCM and MS-ADPCM audio decoders by sending specially crafted audio data over the RDPSND audio channel. This underflow leads to a...

9.8CVSS5.8AI score0.00317EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/05/26 2:2 a.m.14 views

freerdp: FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks

An out of bounds read flaw has been discovered in FreeRDP. This out-of-bounds read exists in the MS-ADPCM and IMA-ADPCM decoders due to unchecked predictor and stepindex values from input data. An attacker may be able to leverage this weakness to leak global data...

9.4CVSS5.7AI score0.00263EPSS
Exploits1References6
Veracode
Veracode
added 2026/05/23 5:41 a.m.5 views

Integer Overflow

github.com/iskorotkov/avro is vulnerable to integer overflow. The vulnerability is due to improper handling of attacker-controlled 64-bit values, integer truncation, and overflow-prone arithmetic in multiple decoder paths, which allows an attacker to exploit untrusted Avro streams to trigger...

8.7CVSS5.9AI score0.00397EPSS
Exploits0References7Affected Software1
RedHat Linux
RedHat Linux
added 2026/05/20 7:46 p.m.10 views

freerdp: FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0

A division by zero flaw has been discovered in FreeRDP. This division by zero exists in the MS-ADPCM and IMA-ADPCM decoders when nBlockAlign is 0, leading to a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % blocksize where blocksize = context-common.format.nBlockAlign. The...

7.5CVSS5.7AI score0.00303EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/05/20 7:46 p.m.15 views

freerdp: FreeRDP: Denial of Service via crafted audio data in RDP

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A remote attacker can exploit a sizet underflow vulnerability in the IMA-ADPCM and MS-ADPCM audio decoders by sending specially crafted audio data over the RDPSND audio channel. This underflow leads to a...

9.8CVSS5.8AI score0.00317EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/05/20 7:46 p.m.14 views

freerdp: FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks

An out of bounds read flaw has been discovered in FreeRDP. This out-of-bounds read exists in the MS-ADPCM and IMA-ADPCM decoders due to unchecked predictor and stepindex values from input data. An attacker may be able to leverage this weakness to leak global data...

9.4CVSS5.7AI score0.00263EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/05/19 9:56 p.m.11 views

Moderate: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

9.8CVSS5.8AI score0.00599EPSS
Exploits7References9
RedHat Linux
RedHat Linux
added 2026/05/19 9:56 p.m.11 views

freerdp: FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0

A division by zero flaw has been discovered in FreeRDP. This division by zero exists in the MS-ADPCM and IMA-ADPCM decoders when nBlockAlign is 0, leading to a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % blocksize where blocksize = context-common.format.nBlockAlign. The...

7.5CVSS5.7AI score0.00303EPSS
Exploits1References7
Rows per page
Query Builder