freerdp: FreeRDP: Denial of service due to use-after-free vulnerability

A flaw was found in FreeRDP. A remote attacker could exploit a use-after-free vulnerability in the xfSetWindowMinMaxInfo function. This occurs when a freed window pointer is dereferenced because the main thread concurrently deletes a window while the Remote Desktop Protocol RAIL channel thread is...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: sysctl: Data race issues in procdouintvecminmax have been fixed. A sysctl variable is accessed concurrently, and there is always a risk of data races. Therefore, both readers and writers need some basic protection to avoid data...

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. CVE-2026-25952: Heap-use-after-free in xfSetWindowMinMaxInfo...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006640)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006640 advisory. In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvecminmax. A sysctl variable is accessed concurrently, and...

SUSE CVE-2026-25952

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfSetWindowMinMaxInfo dereferences a freed xfAppWindow pointer because xfrailgetwindow in xfrailserverminmaxinfo returns an unprotected pointer from the railWindows hash table, and the main thread can...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989270)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989270 advisory. In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvecminmax. A sysctl variable is accessed concurrently, and...

EUVD-2020-24011

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987350)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987350 advisory. In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvecminmax. A sysctl variable is accessed concurrently, and...

EUVD-2024-47119

Malicious code in bioql PyPI...

CVE-2020-36535

A vulnerability classified as critical has been found in MINMAX. This affects an unknown part of the file /newsDia.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely...

SUSE CVE-2022-49634

In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data-races in procdou8vecminmax. A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch...

SUSE CVE-2022-49640

In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvecminmax. A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch...

DEBIAN-CVE-2022-49640

In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvecminmax. A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch...

DEBIAN-CVE-2022-49634

In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data-races in procdou8vecminmax. A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch...

CVE-2022-49640 sysctl: Fix data races in proc_douintvec_minmax().

In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvecminmax. A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch...

SUSE CVE-2024-52333

An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...

Race condition vulnerability in Linux kernel bluetooth driver in {minmax}_key_size_set()

...

Race condition vulnerability in Linux kernel bluetooth sniff_{minmax}_interval_set()

...

CVE-2024-5514

MinMax CMS from MinMax Digital Technology contains a hidden administrator account with a fixed password that cannot be removed or disabled from the management interface. Remote attackers who obtain this account can bypass IP access control restrictions and log in to the backend system without bei...

CVE-2024-5514 MinMax CMS - Hidden Functionality

MinMax CMS from MinMax Digital Technology contains a hidden administrator account with a fixed password that cannot be removed or disabled from the management interface. Remote attackers who obtain this account can bypass IP access control restrictions and log in to the backend system without bei...