3323 matches found
CVE-2026-24677 FreeRDP has a heap-buffer-overflow in ecam_encoder_compress_h264
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, ecamencodercompressh264 trusts server-controlled dimensions and does not validate the source buffer size, leading to an out-of-bounds read in swsscale. This vulnerability is fixed in 3.22.0...
CVE-2026-24677
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, ecamencodercompressh264 trusts server-controlled dimensions and does not validate the source buffer size, leading to an out-of-bounds read in swsscale. This vulnerability is fixed in 3.22.0...
CVE-2026-24677
FreeRDP prior to 3.22.0 contains a vulnerability in ecam_encoder_compress_h264 that trusts server-controlled dimensions and does not validate the source buffer size, causing an out-of-bounds read in sws_scale. This is fixed in version 3.22.0. Affected releases include FreeRDP before 3.22.0; multi...
CVE-2026-24677 FreeRDP has a heap-buffer-overflow in ecam_encoder_compress_h264
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, ecamencodercompressh264 trusts server-controlled dimensions and does not validate the source buffer size, leading to an out-of-bounds read in swsscale. This vulnerability is fixed in 3.22.0...
CVE-2026-24677
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, ecamencodercompressh264 trusts server-controlled dimensions and does not validate the source buffer size, leading to an out-of-bounds read in swsscale. This vulnerability is fixed in 3.22.0...
FreeRDP 资源管理错误漏洞
FreeRDP is an open-source implementation of the Remote Desktop Protocol RDP by the FreeRDP team. Versions of FreeRDP prior to 3.22.0 contained a resource management vulnerability. This vulnerability stemmed from the ecamencodercompressh264 component’s reliance on server-controlled settings and th...
PT-2026-21624
Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-15 ImageMagick versions prior to 6.9.13-40 Description ImageMagick is software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the UIL and XPM image encoder does n...
SUSE SLES16 Security Update : jasper (SUSE-SU-2026:20200-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:20200-1 advisory. Update to 4.2.8: - CVE-2025-8837: Fixed a bug in the JPC decoder that could cause bad memory accesses if the debug level is set...
openSUSE 16 Security Update : jasper (openSUSE-SU-2026:20138-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20138-1 advisory. Update to 4.2.8: - CVE-2025-8837: Fixed a bug in the JPC decoder that could cause bad memory accesses if the debug level is set sufficiently hig...
OPENSUSE-SU-2026:20138-1 Security update for jasper
This update for jasper fixes the following issues: Update to 4.2.8: - CVE-2025-8837: Fixed a bug in the JPC decoder that could cause bad memory accesses if the debug level is set sufficiently high bsc1247901. - CVE-2025-8836: Added some missing range checking on several coding parameters in the J...
SUSE-SU-2026:20200-1 Security update for jasper
This update for jasper fixes the following issues: Update to 4.2.8: - CVE-2025-8837: Fixed a bug in the JPC decoder that could cause bad memory accesses if the debug level is set sufficiently high bsc1247901. - CVE-2025-8836: Added some missing range checking on several coding parameters in the J...
CVE-2026-1453
A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product...
CVE-2026-1453 Missing Authentication for Critical Function in KiloView Encoder Series
A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product...
CVE-2026-1453
A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product...
CVE-2026-1453 Missing Authentication for Critical Function in KiloView Encoder Series
A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product...
CVE-2026-1453
CVE-2026-1453 affects the KiloView Encoder Series. The issue is a missing authentication for a critical function that allows an unauthenticated attacker to create or delete administrator accounts, granting full administrative control over the product. Public sources (NVD/Red Hat/CISA/EUVD/PT-Secu...
EUVD-2026-4969
A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over the product...
PT-2026-5327
Name of the Vulnerable Software and Affected Versions KiloView Encoder Series affected versions not specified Description A missing authentication check for a critical function in KiloView Encoder Series allows an unauthenticated attacker to create or delete administrator accounts. Successful...
TencentOS Server 4: libsndfile (TSSA-2026:0036)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0036 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
CVE-2026-24806
Improper Control of Generation of Code 'Code Injection' vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules. This vulnerability is associated with program files PNGImageEncoder.Java. This issue affects quick-media...