Fedora 39 : freerdp (2023-74108ca60d)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-74108ca60d advisory. Update to 2.11.1 ---- Update to 2.11.0 CVE-2023-39350, CVE-2023-39351, CVE-2023-39352, CVE-2023-39353, CVE-2023-39354, CVE-2023-39356, CVE-2023-4018...

FreeBSD : xorg-server -- Multiple vulnerabilities (9e2fdfc7-e237-4393-9fa5-2d50908c66b3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 9e2fdfc7-e237-4393-9fa5-2d50908c66b3 advisory. - The X.Org project reports: When prepending values to an existing property an invalid offset...

Fedora 37 : freerdp (2023-5e6796cb83)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-5e6796cb83 advisory. Update to 2.11.1 ---- Update to 2.11.0 CVE-2023-39350, CVE-2023-39351, CVE-2023-39352, CVE-2023-39353, CVE-2023-39354, CVE-2023-39356, CVE-2023-4018...

Fedora 38 : freerdp (2023-10e43bcebb)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-10e43bcebb advisory. Update to 2.11.1 ---- Update to 2.11.0 CVE-2023-39350, CVE-2023-39351, CVE-2023-39352, CVE-2023-39353, CVE-2023-39354, CVE-2023-39356, CVE-2023-4018...

CVE-2023-39352

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an invalid offset validation leading to Out Of Bound Write. This can be triggered when the values rect-left and rect-top are exactly equal to surface-width and...

CVE-2023-39352

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an invalid offset validation leading to Out Of Bound Write. This can be triggered when the values rect-left and rect-top are exactly equal to surface-width and...

CVE-2023-39352 Invalid offset validation leading to Out Of Bound Write in FreeRDP

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an invalid offset validation leading to Out Of Bound Write. This can be triggered when the values rect-left and rect-top are exactly equal to surface-width and...

CVE-2023-39352 Invalid offset validation leading to Out Of Bound Write in FreeRDP

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an invalid offset validation leading to Out Of Bound Write. This can be triggered when the values rect-left and rect-top are exactly equal to surface-width and...

FreeRDP 缓冲区错误漏洞

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. FreeRDP suffers from a buffer error vulnerability that stems from an invalid offset validation that can be triggered when the values rect-left and rect-top are exactly equal to surface-width and...

CVE-2022-32142

Multiple CODESYS Products are prone to a out-of bounds read or write access. A low privileged remote attacker may craft a request with invalid offset, which can cause an out-of-bounds read or write access, resulting in denial-of-service condition or local memory overwrite, which can lead to a...

CVE-2022-32142

Multiple CODESYS Products are prone to a out-of bounds read or write access. A low privileged remote attacker may craft a request with invalid offset, which can cause an out-of-bounds read or write access, resulting in denial-of-service condition or local memory overwrite, which can lead to a...

CVE-2022-32141

Multiple CODESYS Products are prone to a buffer over read. A low privileged remote attacker may craft a request with an invalid offset, which can cause an internal buffer over-read, resulting in a denial-of-service condition. User interaction is not required...

PT-2022-21114 · 3S Smart Software Solutions · Codesys

Name of the Vulnerable Software and Affected Versions: CODESYS Products affected versions not specified Description: A buffer over-read issue exists, allowing a low privileged remote attacker to craft a request with an invalid offset. This can cause an internal buffer over-read, resulting in a...

CVE-2022-32142

Multiple CODESYS Products are prone to a out-of bounds read or write access. A low privileged remote attacker may craft a request with invalid offset, which can cause an out-of-bounds read or write access, resulting in denial-of-service condition or local memory overwrite, which can lead to a...

CVE-2022-32141

Multiple CODESYS Products are prone to a buffer over read. A low privileged remote attacker may craft a request with an invalid offset, which can cause an internal buffer over-read, resulting in a denial-of-service condition. User interaction is not required...

CODESYS 缓冲区错误漏洞

CODESYS is a controller development system from 3S-Smart Software Solutions, Germany. A security vulnerability exists in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT versions prior to V2.4.7.56, which stems from a request with an invalid offset in the affected software that could result in...

CVE-2021-22545

An attacker can craft a specific IdaPro .i64 file that will cause the BinDiff plugin to load an invalid memory offset. This can allow the attacker to control the instruction pointer and execute arbitrary code. It is recommended to upgrade BinDiff 7...

CVE-2019-15665

An issue was discovered in Rivet Killer Control Center before 2.1.1352. IOCTL 0x120004 in KfeCo10X64.sys fails to validate an offset passed as a parameter during a memory operation, leading to an arbitrary write primitive that can lead to code execution or escalation of privileges...

xorg-x11-server: out of bounds access due to not validating length or offset values in XVideo extension

Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server...

CVE-2011-2912

Stack-based buffer overflow in the CSoundFile::ReadS3M function in src/loads3m.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted S3M file with an invalid offset...