Lucene search
K

1239 matches found

RedHat Linux
RedHat Linux
added 2026/04/22 7:54 a.m.18 views

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input AUDIN format lists. audinprocessformats reuses callback-formatscount across multiple MSGSNDINFORMATS PDUs...

9.8CVSS6AI score0.00365EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/22 7:48 a.m.9 views

freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow

A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service DoS due to a crash. For this vulnerability t...

7.5CVSS5.8AI score0.00481EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.9 views

PT-2026-34327

If you use the zoneToCache function with a malicious authoritative server, an attacker can send a zone that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service...

4.4CVSS5.8AI score0.00512EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/17 3:31 p.m.7 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the Connected Workspaces API. An attacker can change the displayed status of local users by connecting a malicious remote server using the Connected Workspaces feature. Remediation Upgrade...

5.1CVSS5.8AI score0.00167EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/15 6:31 p.m.10 views

EUVD-2026-22938

A prompt injection vulnerability in Windsurf 1.9544.26 allows remote attackers to execute arbitrary commands on a victim system. When Windsurf processes attacker-controlled HTML content, malicious instructions can cause unauthorized modification of the local MCP configuration and automatic...

8CVSS6.3AI score0.0026EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/15 10:57 a.m.9 views

thunderbird: Out of bounds read in IMAP parsing

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were...

8.2CVSS7.2AI score0.0036EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/15 10:48 a.m.5 views

thunderbird: Out of bounds read in IMAP parsing

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were...

8.2CVSS7.2AI score0.0036EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/15 12:0 a.m.21 views

CVE-2026-30615

A prompt injection vulnerability in Windsurf 1.9544.26 allows remote attackers to execute arbitrary commands on a victim system. When Windsurf processes attacker-controlled HTML content, malicious instructions can cause unauthorized modification of the local MCP configuration and automatic...

0.0026EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.5 views

PT-2026-33069

Name of the Vulnerable Software and Affected Versions Windsurf version 1.9544.26 Cursor affected versions not specified VS Code affected versions not specified Claude Code affected versions not specified Gemini-CLI affected versions not specified Description A prompt injection issue allows remote...

8CVSS6.5AI score0.0026EPSS
Exploits0References23
CVE
CVE
added 2026/04/15 12:0 a.m.27 views

CVE-2026-30615

CVE-2026-30615 affects Windsurf 1.9544.26. The connected sources describe a prompt-injection vulnerability that occurs when Windsurf processes attacker-controlled HTML content, enabling remote command execution and manipulation of the local MCP configuration, including automatic registration of a...

8CVSS6.3AI score0.0026EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/04/08 5:18 a.m.14 views

freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow

A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service DoS due to a crash. For this vulnerability t...

7.5CVSS6AI score0.00481EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2026/04/08 5:18 a.m.7 views

freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation

A use after free flaw was found in FreeRDP. AUDIN format renegotiation frees the active format list while the capture thread continues using audin-format, leading to a use after free in audioformatcompatible. A malicious server can trigger a client‑side heap use after free causing a crash...

8.7CVSS5.9AI score0.00467EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/07 11:16 p.m.4 views

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input AUDIN format lists. audinprocessformats reuses callback-formatscount across multiple MSGSNDINFORMATS PDUs...

9.8CVSS6.1AI score0.00365EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/07 11:16 p.m.5 views

freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow

A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service DoS due to a crash. For this vulnerability t...

7.5CVSS6AI score0.00481EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2026/04/07 12:25 p.m.7 views

freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow

A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service DoS due to a crash. For this vulnerability t...

7.5CVSS6AI score0.00481EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2026/04/07 9:50 a.m.6 views

freerdp: FreeRDP: Arbitrary code execution via heap buffer overflow in GDI surface pipeline

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap buffer overflow vulnerability by sending a specially crafted graphics command to a FreeRDP client. This allows the server to write data outside of its intended memory...

8.8CVSS6.7AI score0.00537EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/07 7:47 a.m.5 views

freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow

A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service DoS due to a crash. For this vulnerability t...

7.5CVSS6AI score0.00481EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2026/04/07 6:25 a.m.2 views

freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow

A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service DoS due to a crash. For this vulnerability t...

7.5CVSS6AI score0.00481EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2026/04/01 4:24 p.m.7 views

freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap out-of-bounds write vulnerability in the planardecompressplanerle function. This vulnerability allows the server to write past the end of a temporary buffer, potentiall...

8.8CVSS6.4AI score0.00591EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/01 2:55 p.m.9 views

freerdp: FreeRDP: Arbitrary code execution via heap buffer overflow in GDI surface pipeline

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap buffer overflow vulnerability by sending a specially crafted graphics command to a FreeRDP client. This allows the server to write data outside of its intended memory...

8.8CVSS6.6AI score0.00537EPSS
Exploits1References6
Rows per page
Query Builder