Lucene search
K

577 matches found

RedHat Linux
RedHat Linux
added 2026/03/09 6:7 p.m.5 views

freerdp: FreeRDP global-buffer-overflow

A global buffer overflow flaw has been discovered in FreeRDP. This global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = 0 can be...

9.1CVSS5.9AI score0.00599EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/03/09 7:37 a.m.6 views

freerdp: FreeRDP global-buffer-overflow

A global buffer overflow flaw has been discovered in FreeRDP. This global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = 0 can be...

9.1CVSS5.9AI score0.00599EPSS
Exploits1References6
OSV
OSV
added 2026/02/26 8:43 p.m.7 views

RLSA-2026:3334 Important: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: FreeRDP heap-buffer-overflow CVE-2026-22855 freerdp: FreeRDP...

7.4CVSS5.6AI score0.00756EPSS
Exploits3References4
OSV
OSV
added 2026/02/25 12:16 a.m.6 views

OSV-2026-307 Global-buffer-overflow in navcom_parse

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=486709178 Crash type: Global-buffer-overflow READ 1 Crash state: navcomparse gpsdpoll FuzzDrivers.c...

5.4AI score
Exploits0References1
Rockylinux
Rockylinux
added 2026/02/24 6:54 p.m.7 views

freerdp security update

An update is available for freerdp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released...

9.1CVSS5.8AI score0.00756EPSS
Exploits3
OSV
OSV
added 2026/02/24 3:39 p.m.5 views

GHSA-VPXV-R9PG-7GPR ImageMagick has Global Buffer Overflow (OOB Read) via Negative Pixel Index in UIL and XPM Writer

The UIL and XPM image encoder do not validate the pixel index value returned by GetPixelIndex before using it as an array subscript. In HDRI builds, Quantum is a floating-point type, so pixel index values can be negative. An attacker can craft an image with negative pixel index values to trigger ...

6.5CVSS5.9AI score0.00348EPSS
Exploits0References5
OSV
OSV
added 2026/02/24 1:18 a.m.4 views

CVE-2026-25898 Imagemagick Has Global Buffer Overflow (OOB Read) via Negative Pixel Index in UIL and XPM Writer

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the UIL and XPM image encoder do not validate the pixel index value returned by GetPixelIndex before using it as an array subscript. In HDRI builds, Quantum is ...

6.5CVSS6.1AI score0.00348EPSS
Exploits0References3
OSV
OSV
added 2026/02/06 12:15 a.m.3 views

OSV-2026-200 Global-buffer-overflow in nameMatch

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=481841731 Crash type: Global-buffer-overflow READ 1 Crash state: nameMatch QStringConverter::QStringConverter KCodecs::parseEncodedWord...

5.3AI score
Exploits0References1
OSV
OSV
added 2026/02/04 12:5 a.m.3 views

OSV-2026-189 Global-buffer-overflow in gpsd_poll

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=480975802 Crash type: Global-buffer-overflow READ 1 Crash state: gpsdpoll FuzzDriversStructured.c...

5.3AI score
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/01/16 12:25 a.m.5 views

SUSE CVE-2026-22858

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = ...

6.8CVSS7AI score0.00599EPSS
Exploits1References8
ATTACKERKB
ATTACKERKB
added 2026/01/14 5:56 p.m.5 views

CVE-2026-22858

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = ...

9.1CVSS5.6AI score0.00599EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/01/14 5:56 p.m.46 views

CVE-2026-22858

CVE-2026-22858 affects FreeRDP prior to 3.20.1, where a global-buffer-overflow can occur in the Base64 decoding path due to implementation‑defined char signedness causing out‑of‑bounds access. The vulnerability is fixed in 3.20.1; multiple advisories (SUSE/SLES/OpenSUSE/Fedora) reference updating...

9.1CVSS6.5AI score0.00599EPSS
Exploits1References19Affected Software1
Cvelist
Cvelist
added 2026/01/14 5:56 p.m.26 views

CVE-2026-22858 FreeRDP has a global-buffer-overflow in crypto_base64_decode

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = ...

6.1CVSS0.00599EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2026/01/14 5:56 p.m.3 views

CVE-2026-22858

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = ...

9.1CVSS7AI score0.00599EPSS
Exploits1
Cvelist
Cvelist
added 2026/01/14 3:19 p.m.29 views

CVE-2026-22211 TinyOS <= 2.1.2 Global Buffer Overflow in printfUART

TinyOS versions up to and including 2.1.2 contain a global buffer overflow vulnerability in the printfUART formatted output implementation used within the ZigBee / IEEE 802.15.4 networking stack. The implementation formats output into a fixed-size global buffer and concatenates strings for %s...

5.1CVSS0.00159EPSS
Exploits0References3
CVE
CVE
added 2026/01/14 3:19 p.m.11 views

CVE-2026-22211

CVE-2026-22211 (TinyOS

5.1CVSS6.5AI score0.00159EPSS
Exploits0References3
OSV
OSV
added 2026/01/11 1:7 a.m.9 views

MGASA-2026-0006 Updated zlib packages fix security vulnerability

zlib = 1.3.1.2 untgz Global Buffer Overflow in TGZfname. CVE-2026-22184...

8.6CVSS6.9AI score0.0035EPSS
Exploits0References3
Mageia
Mageia
added 2026/01/11 1:7 a.m.13 views

Updated zlib packages fix security vulnerability

zlib = 1.3.1.2 untgz Global Buffer Overflow in TGZfname. CVE-2026-22184...

8.6CVSS6.8AI score0.0035EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 10:56 a.m.4 views

CVE-2022-38236

XPDF commit ffaf11c was discovered to contain a global-buffer overflow via Lexer::getObjObject at /xpdf/Lexer.cc...

7.8CVSS7.5AI score0.00324EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:40 a.m.14 views

CVE-2022-35021

OTFCC commit 617837b was discovered to contain a global buffer overflow via /release-x64/otfccdump+0x718693...

6.5CVSS7.8AI score0.00767EPSS
Exploits1References1
Rows per page
Query Builder