ROS-20260615-73-0009

The vulnerability of the RDP client FreeRDP is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

ROS-20260615-73-0025

The vulnerabilities of the functions xfSetWindowMinMaxInfo and xfrailgetwindow in the RDP client FreeRDP are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protecte...

PT-2026-49263

A heap use-after-free existed when importing the blank-width characters of an ODF number format. A position value read from the document was not checked against the length of the format-code string, so a malformed number format could be processed against memory outside that string. In fixed...

PT-2026-49437

Subscriber Broken Authentication in WP Full Stripe Free = 8.4.1 versions...

CVE-2025-55644

CVE-2025-55644 describes a heap use-after-free in the function gf_node_get_tag located in scenegraph/base_scenegraph.c of GPAC MP4Box v2.4. The vulnerability allows a Denial of Service (DoS) when processing a crafted MP4 file, with a local attack vector and user interaction required per the CVSS ...

ROS-20260615-73-0007

The vulnerability of the StreamEnsureCapacity function in the RDP client FreeRDP is caused by a numerical overflow condition. Exploiting this vulnerability could allow an attacker, operating remotely, to cause service failures...

PT-2026-49371

Unauthenticated SQL Injection in Feed KuantoKusta for WooCommerce – Free = 5.3 versions...

ROS-20260615-73-0029

The vulnerability of the xfclipboardformatequal function in the RDP client FreeRDP relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

ROS-20260615-73-0022

The vulnerability of the xfAppUpdateWindowFromSurface function in the RDP client FreeRDP relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

ROS-20260615-73-0023

The vulnerability of the xfrailserverlocalmovesize function in the RDP client FreeRDP relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

ROS-20260615-73-0024

The vulnerability of the xfrailserverlocalmovesize function in the RDP client FreeRDP relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

ROS-20260615-73-0002

The vulnerability in freerdp3 is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

ROS-20260615-73-0005

The vulnerability in freerdp is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

ROS-20260615-73-0001

The vulnerability in freerdp is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2025-55650

GPAC MP4Box v2.4 is affected by a heap use-after-free in gf_node_get_tag (scenegraph/base_scenegraph.c) that enables Denial of Service via crafted MP4 files. Impact: availability DoS. Root cause: heap use-after-free. Affected component: GPAC MP4Box 2.4; vulnerability location: gf_node_get_tag in ...

ROS-20260615-73-0010

The vulnerability of the RDP client FreeRDP is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

SUSE SLES15 Security Update : podofo (SUSE-SU-2026:2309-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:2309-1 advisory. This update for podofo fixes the following issue: - CVE-2026-44348: double-free in computehashtosign in src/podofo/private/OpenSSLInternalRipped.cpp...

SUSE SLES12 Security Update : libyang (SUSE-SU-2026:2334-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2334-1 advisory. This update for libyang fixes the following issues - CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML...

SUSE SLES15 Security Update : libyang (SUSE-SU-2026:2335-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2335-1 advisory. This update for libyang fixes the following issues - CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafte...

SUSE SLES15 Security Update : webkit2gtk3 (SUSE-SU-2026:2378-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2378-1 advisory. This update for webkit2gtk3 fixes the following issues Update to version 2.52.4: - CVE-2026-28847: processing maliciously crafted w...