239 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-32623
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in the NeutrinoRDP module. When proxying RDP...
DEBIAN-CVE-2026-32623
xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in the NeutrinoRDP module. When proxying RDP sessions from xrdp to another server, the module fails to properly validate the size of reassembled fragmented virtual channel data against it...
CVE-2026-32623
xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in the NeutrinoRDP module. When proxying RDP sessions from xrdp to another server, the module fails to properly validate the size of reassembled fragmented virtual channel data against it...
CVE-2026-32623
Summary: CVE-2026-32623 affects xrdp up to v0.10.5, where the NeutrinoRDP module (not built by default) may mishandle reassembled fragmented virtual channel data, causing a heap-based buffer overflow. This can lead to memory corruption with potential DoS or RCE if an attacker can position or MITM...
CVE-2026-32623 xrdp: Heap buffer overflow in NeutrinoRDP channel reassembly
xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in the NeutrinoRDP module. When proxying RDP sessions from xrdp to another server, the module fails to properly validate the size of reassembled fragmented virtual channel data against it...
CVE-2026-32623
xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in the NeutrinoRDP module. When proxying RDP sessions from xrdp to another server, the module fails to properly validate the size of reassembled fragmented virtual channel data against it...
PT-2026-33498
Name of the Vulnerable Software and Affected Versions xrdp versions prior to 0.10.6 Description A heap-based buffer overflow exists in the NeutrinoRDP module. When proxying RDP sessions to another server, the module does not properly validate the size of reassembled fragmented virtual channel dat...
CVE-2025-8090
Null pointer dereference in the MsgRegisterEvent system call could allow an attacker with local access and code execution abilities to crash the QNX Neutrino kernel...
CVE-2025-8090
Null pointer dereference in the MsgRegisterEvent system call could allow an attacker with local access and code execution abilities to crash the QNX Neutrino kernel...
CVE-2025-8090 Vulnerability in the QNX Neutrino Kernel impacts the QNX Software Development Platform and QNX OS for Safety
Null pointer dereference in the MsgRegisterEvent system call could allow an attacker with local access and code execution abilities to crash the QNX Neutrino kernel...
CVE-2025-8090 Vulnerability in the QNX Neutrino Kernel impacts the QNX Software Development Platform and QNX OS for Safety
Null pointer dereference in the MsgRegisterEvent system call could allow an attacker with local access and code execution abilities to crash the QNX Neutrino kernel...
EUVD-2026-2075
Null pointer dereference in the MsgRegisterEvent system call could allow an attacker with local access and code execution abilities to crash the QNX Neutrino kernel...
CVE-2025-8090
CVE-2025-8090 describes a null pointer dereference in the MsgRegisterEvent() system call of the QNX Neutrino Kernel . Public details in connected sources indicate vulnerability within QNX SDP 7.1/7.0 and QNX OS for Safety 2.0–2.2, with an attacker able to gain local access and code execution to c...
PT-2026-2623
CVE-2025-8090 A null pointer dereference vulnerability in the MsgRegisterEvent system call of the QNX Neutrino Kernel in QNX SDP 7.1 and 7.0, and QNX OS for Safety 2.2, 2.1 and 2.0… https://t.co/avEstN8B4y...
CVE-2025-6225
Kieback Neutrino-GLT product is used for building management. It's web component "SM70 PHWEB" is vulnerable to shell command injection via login form. The injected commands would execute with low privileges. The vulnerability has been fixed in version 9.40.02...
CVE-2025-6225
Kieback&Peter Neutrino-GLT product is used for building management. It's web component "SM70 PHWEB" is vulnerable to shell command injection via login form. The injected commands would execute with low privileges. The vulnerability has been fixed in version 9.40.02...
CVE-2025-6225 Command injection in Kieback&Peter Neutrino-GLT
Kieback&Peter Neutrino-GLT product is used for building management. It's web component "SM70 PHWEB" is vulnerable to shell command injection via login form. The injected commands would execute with low privileges. The vulnerability has been fixed in version 9.40.02...
CVE-2025-6225
CVE-2025-6225 affects Kieback&Peter Neutrino-GLT. The web component SM70 PHWEB has a shell command injection flaw through the login form, allowing injected commands to execute with low privileges . The vulnerability is mitigated in version 9.40.02 . Public exploitation details are not provided in...
CVE-2025-6225 Command injection in Kieback&Peter Neutrino-GLT
Kieback&Peter Neutrino-GLT product is used for building management. It's web component "SM70 PHWEB" is vulnerable to shell command injection via login form. The injected commands would execute with low privileges. The vulnerability has been fixed in version 9.40.02...
Kieback&Peter Neutrino-GLT 操作系统命令注入漏洞
Kieback&Peter Neutrino-GLT is a building management system from Kieback&Peter, Germany. Kieback&Peter Neutrino-GLT suffers from an operating system command injection vulnerability that stems from a shell command injection in the web component SM70 PHWEB login form, which could lead to the executi...