Lucene search
K

239 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-32623

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in the NeutrinoRDP module. When proxying RDP...

8.1CVSS7.4AI score0.00544EPSS
Exploits0References3
OSV
OSV
added 2026/04/17 8:16 p.m.5 views

DEBIAN-CVE-2026-32623

xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in the NeutrinoRDP module. When proxying RDP sessions from xrdp to another server, the module fails to properly validate the size of reassembled fragmented virtual channel data against it...

8.1CVSS6AI score0.00544EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/17 7:43 p.m.3 views

CVE-2026-32623

xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in the NeutrinoRDP module. When proxying RDP sessions from xrdp to another server, the module fails to properly validate the size of reassembled fragmented virtual channel data against it...

7.7CVSS6.1AI score0.00544EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/04/17 7:43 p.m.14 views

CVE-2026-32623

Summary: CVE-2026-32623 affects xrdp up to v0.10.5, where the NeutrinoRDP module (not built by default) may mishandle reassembled fragmented virtual channel data, causing a heap-based buffer overflow. This can lead to memory corruption with potential DoS or RCE if an attacker can position or MITM...

8.1CVSS6.1AI score0.00544EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/17 7:43 p.m.8 views

CVE-2026-32623 xrdp: Heap buffer overflow in NeutrinoRDP channel reassembly

xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in the NeutrinoRDP module. When proxying RDP sessions from xrdp to another server, the module fails to properly validate the size of reassembled fragmented virtual channel data against it...

7.7CVSS6.1AI score0.00544EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/04/17 7:43 p.m.4 views

CVE-2026-32623

xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in the NeutrinoRDP module. When proxying RDP sessions from xrdp to another server, the module fails to properly validate the size of reassembled fragmented virtual channel data against it...

8.1CVSS6AI score0.00544EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.5 views

PT-2026-33498

Name of the Vulnerable Software and Affected Versions xrdp versions prior to 0.10.6 Description A heap-based buffer overflow exists in the NeutrinoRDP module. When proxying RDP sessions to another server, the module does not properly validate the size of reassembled fragmented virtual channel dat...

10CVSS6AI score0.00544EPSS
Exploits0References20
RedhatCVE
RedhatCVE
added 2026/01/14 5:21 p.m.7 views

CVE-2025-8090

Null pointer dereference in the MsgRegisterEvent system call could allow an attacker with local access and code execution abilities to crash the QNX Neutrino kernel...

6.2CVSS7.3AI score0.00117EPSS
Exploits0References1
NVD
NVD
added 2026/01/13 5:15 p.m.5 views

CVE-2025-8090

Null pointer dereference in the MsgRegisterEvent system call could allow an attacker with local access and code execution abilities to crash the QNX Neutrino kernel...

6.2CVSS0.00117EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/13 4:36 p.m.23 views

CVE-2025-8090 Vulnerability in the QNX Neutrino Kernel impacts the QNX Software Development Platform and QNX OS for Safety

Null pointer dereference in the MsgRegisterEvent system call could allow an attacker with local access and code execution abilities to crash the QNX Neutrino kernel...

6.2CVSS0.00117EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/13 4:36 p.m.4 views

CVE-2025-8090 Vulnerability in the QNX Neutrino Kernel impacts the QNX Software Development Platform and QNX OS for Safety

Null pointer dereference in the MsgRegisterEvent system call could allow an attacker with local access and code execution abilities to crash the QNX Neutrino kernel...

6.2CVSS6.9AI score0.00117EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/13 4:36 p.m.5 views

EUVD-2026-2075

Null pointer dereference in the MsgRegisterEvent system call could allow an attacker with local access and code execution abilities to crash the QNX Neutrino kernel...

6.2CVSS6.8AI score0.00117EPSS
Exploits0References2
CVE
CVE
added 2026/01/13 4:36 p.m.27 views

CVE-2025-8090

CVE-2025-8090 describes a null pointer dereference in the MsgRegisterEvent() system call of the QNX Neutrino Kernel . Public details in connected sources indicate vulnerability within QNX SDP 7.1/7.0 and QNX OS for Safety 2.0–2.2, with an attacker able to gain local access and code execution to c...

6.2CVSS6.9AI score0.00117EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.6 views

PT-2026-2623

CVE-2025-8090 A null pointer dereference vulnerability in the MsgRegisterEvent system call of the QNX Neutrino Kernel in QNX SDP 7.1 and 7.0, and QNX OS for Safety 2.2, 2.1 and 2.0… https://t.co/avEstN8B4y...

6.2CVSS7AI score0.00117EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/09 9:16 a.m.6 views

CVE-2025-6225

Kieback Neutrino-GLT product is used for building management. It's web component "SM70 PHWEB" is vulnerable to shell command injection via login form. The injected commands would execute with low privileges. The vulnerability has been fixed in version 9.40.02...

6.9CVSS8AI score0.00946EPSS
Exploits0References1
NVD
NVD
added 2026/01/07 2:15 p.m.4 views

CVE-2025-6225

Kieback&Peter Neutrino-GLT product is used for building management. It's web component "SM70 PHWEB" is vulnerable to shell command injection via login form. The injected commands would execute with low privileges. The vulnerability has been fixed in version 9.40.02...

6.9CVSS0.00946EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/07 1:0 p.m.20 views

CVE-2025-6225 Command injection in Kieback&Peter Neutrino-GLT

Kieback&Peter Neutrino-GLT product is used for building management. It's web component "SM70 PHWEB" is vulnerable to shell command injection via login form. The injected commands would execute with low privileges. The vulnerability has been fixed in version 9.40.02...

6.9CVSS0.00946EPSS
Exploits0References1
CVE
CVE
added 2026/01/07 1:0 p.m.10 views

CVE-2025-6225

CVE-2025-6225 affects Kieback&Peter Neutrino-GLT. The web component SM70 PHWEB has a shell command injection flaw through the login form, allowing injected commands to execute with low privileges . The vulnerability is mitigated in version 9.40.02 . Public exploitation details are not provided in...

6.9CVSS7.6AI score0.00946EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/07 1:0 p.m.3 views

CVE-2025-6225 Command injection in Kieback&Peter Neutrino-GLT

Kieback&Peter Neutrino-GLT product is used for building management. It's web component "SM70 PHWEB" is vulnerable to shell command injection via login form. The injected commands would execute with low privileges. The vulnerability has been fixed in version 9.40.02...

6.9CVSS7.6AI score0.00946EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/07 12:0 a.m.6 views

Kieback&Peter Neutrino-GLT 操作系统命令注入漏洞

Kieback&Peter Neutrino-GLT is a building management system from Kieback&Peter, Germany. Kieback&Peter Neutrino-GLT suffers from an operating system command injection vulnerability that stems from a shell command injection in the web component SM70 PHWEB login form, which could lead to the executi...

6.9CVSS7.6AI score0.00946EPSS
Exploits0References1
Rows per page
Query Builder