Lucene search
K

7597 matches found

Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.17 views

PT-2026-48958

Name of the Vulnerable Software and Affected Versions Naxclow affected versions not specified Description The platform API that returns device relay registration details fails to verify if the requester is the legitimate device or owner, exposing a persistent credential. An actor capable of...

8.7CVSS5.4AI score0.00306EPSS
Exploits0References4
Veracode
Veracode
added 2026/06/11 3:54 p.m.18 views

Infinite Loop

net/http is vulnerable to Infinite Loop. The vulnerability is due to improper handling of HTTP/2 SETTINGS frames, where receiving a SETTINGSMAXFRAMESIZE value of 0 causes the transport layer to enter an infinite loop while writing CONTINUATION frames, leading to excessive resource consumption and...

7.5CVSS5.2AI score0.00781EPSS
Exploits0References16Affected Software2
Redos
Redos
added 2026/06/11 12:0 a.m.9 views

ROS-20260611-73-0006

The vulnerability of the planardecompressplanerle function in the FreeRDP RDP client is related to buffer overflow in the dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service failure...

9.8CVSS6.4AI score0.00443EPSS
Exploits1
Redos
Redos
added 2026/06/11 12:0 a.m.9 views

ROS-20260611-73-0010

The vulnerability of the cleardecompress function in the RDP client FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service failures...

9.8CVSS6.4AI score0.00443EPSS
Exploits1
Redos
Redos
added 2026/06/11 12:0 a.m.10 views

ROS-20260611-73-0009

The vulnerability of the cleardecompress function in the RDP client FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service failures...

9.8CVSS6.4AI score0.00443EPSS
Exploits1
Redos
Redos
added 2026/06/11 12:0 a.m.8 views

ROS-20260611-73-0015

The vulnerability of the cleardecompressbandsdata function in the RDP client FreeRDP is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service failures...

9.8CVSS6.3AI score0.00434EPSS
Exploits1
Redos
Redos
added 2026/06/11 12:0 a.m.8 views

ROS-20260611-73-0004

The vulnerability of the RDP client FreeRDP is related to the escape of operations beyond the buffer in memory, due to incorrect encoding based on the Base64 standard. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

9.1CVSS5.8AI score0.00599EPSS
Exploits1
Redos
Redos
added 2026/06/11 12:0 a.m.9 views

ROS-20260611-73-0001

The vulnerability of the URBDRC RDP-client-freeRDP device lies in unvalidated array indexing. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause service failures...

9.1CVSS6AI score0.00756EPSS
Exploits1
Redos
Redos
added 2026/06/11 12:0 a.m.8 views

ROS-20260611-73-0007

The vulnerability of the gdiSurfaceToSurface function in the RDP client of FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service interruptions...

9.8CVSS6.4AI score0.00434EPSS
Exploits1
Redos
Redos
added 2026/06/11 12:0 a.m.9 views

ROS-20260611-73-0027

The vulnerability of the ecamencodercompressh264 function in the FreeRDP remote desktop protocol is related to the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data or cause service failures...

9.1CVSS7.7AI score0.00489EPSS
Exploits0
Redos
Redos
added 2026/06/11 12:0 a.m.8 views

ROS-20260611-73-0039

The vulnerability of the Linux operating system’s network protocol implementation is related to the repeated release of memory. Exploiting this vulnerability can allow an attacker to increase their privileges and cause service interruptions...

7.8CVSS5.3AI score0.00269EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2026/06/10 2:59 a.m.10 views

CVE-2026-44748

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered identity information leading to unauthorized access to...

9.9CVSS5.4AI score0.00231EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.18 views

Dahua IPC 安全漏洞

Dahua IPC is a series of industrial control computers produced by Dahua Corporation in China. There is a security vulnerability in Dahua IPC. This vulnerability stems from the possibility of obtaining the CA root certificate. If this CA is installed and trusted on the client system, an attacker c...

2.3CVSS5.3AI score0.0019EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.24 views

PT-2026-48443

A flaw was found in migration-planner. An authenticated user can exploit this vulnerability by sending a DELETE request to the /api/v1/sources route, which lacks proper authorization and filtering. This allows for the destruction of all customer data, including sources, agents, and assessments,...

9.1CVSS5.5AI score0.00288EPSS
Exploits0References4
Redos
Redos
added 2026/06/10 12:0 a.m.12 views

ROS-20260610-73-0045

The vulnerability of the createirpthread function in the RDP client of FreeRDP is related to synchronization errors when using a shared resource. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service failures...

8.1CVSS7.9AI score0.00286EPSS
Exploits1
Redos
Redos
added 2026/06/10 12:0 a.m.11 views

ROS-20260610-73-0038

The vulnerability of the audinprocessformats function in the RDP client FreeRDP is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause service failures remotely...

9.8CVSS8.3AI score0.00365EPSS
Exploits1
Redos
Redos
added 2026/06/10 12:0 a.m.11 views

ROS-20260610-73-0041

The vulnerability of the ndrreaduint8Array function in the RDP client FreeRDP is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause service failures remotely...

9.8CVSS8.3AI score0.00662EPSS
Exploits1
Redos
Redos
added 2026/06/10 12:0 a.m.6 views

ROS-20260610-73-0032

The vulnerability in Thunderbird relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures...

9.6CVSS5.4AI score0.00258EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/09 11:49 p.m.9 views

CVE-2026-41727 In Spring for Apache Kafka, forged retry topic headers subvert retry routing and backoff behavior

Spring Kafka's retry topic infrastructure did not sufficiently validate user-controlled header values before acting on them. A producer could send a record with a crafted retrytopic-attempts header to supply an out-of-range attempt count and cause the retry topic router to misidentify where the...

6.5CVSS5.5AI score0.0024EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/09 5:5 p.m.6 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. An attacker can exhaust system resources by sending specially crafted requests over the network, resulting in service unavailability for legitimate users. Remediation Upgrade...

8.7CVSS5.3AI score0.0243EPSS
Exploits0References2
Rows per page
Query Builder