Amazon Linux 2 : freerdp (ALAS-2019-1191)

FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nscrledecode that results in a memory corruption and possibly even a remote code execution.CVE-2018-8788 FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffe...

CentOS 7 : freerdp (CESA-2019:0697)

An update for freerdp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

freerdp: Integer truncation leading to heap-based buffer overflow in update_read_bitmap_update() function

A flaw was found in freerdp in versions prior to version 2.0.0-rc4. An integer truncation that leads to a heap-based buffer overflow in the updatereadbitmapupdate function results in a memory corruption. The highest threat from this vulnerability is to data confidentiality and integrity as well a...

CVE-2018-8786

A flaw was found in freerdp in versions prior to version 2.0.0-rc4. An integer truncation that leads to a heap-based buffer overflow in the updatereadbitmapupdate function results in a memory corruption. The highest threat from this vulnerability is to data confidentiality and integrity as well a...

Arbitrary Code Execution

git is vulnerable to arbitrary code execution. An integer truncation flaw and an integer overflow flaw, both leading to a heap-based buffer overflow, were found in the way Git processed certain path information. A remote attacker could create a specially crafted Git repository that would cause a...

PHP 5.6.x < 5.6.12 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.12. It is, therefore, affected by multiple vulnerabilities : - A use-after-free error exists in file spldllist.c due to improper sanitization of input to the unserialize function. An attacker can...

CVE-2018-8786

FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function updatereadbitmapupdate and results in a memory corruption and probably even a remote code execution...

Integer overflow

FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function updatereadbitmapupdate and results in a memory corruption and probably even a remote code execution...

CVE-2018-8786

FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function updatereadbitmapupdate and results in a memory corruption and probably even a remote code execution...

DEBIAN-CVE-2018-8786

FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function updatereadbitmapupdate and results in a memory corruption and probably even a remote code execution...

CVE-2018-8786

FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function updatereadbitmapupdate and results in a memory corruption and probably even a remote code execution...

CVE-2018-8786

CVE-2018-8786 affects FreeRDP prior to 2.0.0-rc4, caused by an Integer Truncation in update_read_bitmap_update() that leads to a heap-based buffer overflow and memory corruption with potential remote code execution. Connected advisories (CentOS/CESA-2019:0697, Fedora package updates, Amazon Linux...

CVE-2018-8786

FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function updatereadbitmapupdate and results in a memory corruption and probably even a remote code execution...

CVE-2018-8786

FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function updatereadbitmapupdate and results in a memory corruption and probably even a remote code execution...

UBUNTU-CVE-2018-8786

FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function updatereadbitmapupdate and results in a memory corruption and probably even a remote code execution...

curl: URL unescape heap overflow via integer truncation

The URL percent-encoding decode function in libcurl before 7.51.0 is called curleasyunescape. Internally, even if this function would be made to allocate a unscape destination buffer larger than 2GB, it would return that new length in a signed 32 bit integer variable, thus the length would get...

procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues

A flaw was found where procps-ng provides wrappers for standard C allocators that took unsigned int instead of sizet parameters. On platforms where these differ such as x8664, this could cause integer truncation, leading to undersized regions being returned to callers that could then be overflowe...

procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues

A flaw was found where procps-ng provides wrappers for standard C allocators that took unsigned int instead of sizet parameters. On platforms where these differ such as x8664, this could cause integer truncation, leading to undersized regions being returned to callers that could then be overflowe...

procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues

A flaw was found where procps-ng provides wrappers for standard C allocators that took unsigned int instead of sizet parameters. On platforms where these differ such as x8664, this could cause integer truncation, leading to undersized regions being returned to callers that could then be overflowe...

DEBIAN-CVE-2018-1126

procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc. leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124...