Lucene search
K

64 matches found

SUSE CVE
SUSE CVE
added 2026/06/25 2:26 a.m.4 views

SUSE CVE-2026-26965

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, planardecompressplanerle writes into pDstData at nYDst+y nDstStep + 4nXDst + nChannel without verifying that nYDst+nSrcHeight fits in the destination height or that...

8.8CVSS6AI score0.00591EPSS
Exploits1References14
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The affected versions are vulnerable to a Out-of-Bounds Read vulnerability in the nscrledecompressdata function. The Out-of-Bounds Read vulnerability occurs because the function processes...

7.5CVSS7.1AI score0.01332EPSS
Exploits1References2
Chainguard
Chainguard
added 2026/04/11 2:18 a.m.10 views

CVE-2026-32288 vulnerabilities

Vulnerabilities for packages: gitea-fips, k9s-fips, rancher-fleet-fips, gitleaks, kubernetes-csi-driver-nfs-fips, regclient-fips, kube-conformance, flux-source-controller, prometheus-podman-exporter-fips, envoy-gateway, datadog-agent-fips, flux-source-watcher, aws-flb-firehose, kubevela-fips,...

5.5CVSS6AI score0.0029EPSS
Exploits0
Chainguard
Chainguard
added 2026/04/11 2:18 a.m.8 views

GHSA-X4JJ-H2V8-HQQV vulnerabilities

Vulnerabilities for packages: gitea-fips, k9s-fips, rancher-fleet-fips, gitleaks, kubernetes-csi-driver-nfs-fips, regclient-fips, kube-conformance, flux-source-controller, prometheus-podman-exporter-fips, envoy-gateway, datadog-agent-fips, flux-source-watcher, aws-flb-firehose, kubevela-fips,...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.3 views

Oracle Linux 8 : freerdp (ELSA-2026-6918)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6918 advisory. 2:2.11.7-6 - Fix use of nscprocessmessage Resolves: RHEL-155984 2:2.11.7-5 - Backport several CVE fixes Resolves: RHEL-147954, RHEL-147955, RHEL-147970...

9.8CVSS5.9AI score0.00656EPSS
Exploits5References14
Oracle linux
Oracle linux
added 2026/04/07 12:0 a.m.5 views

freerdp security update

2:2.11.7-6 - Fix use of nscprocessmessage Resolves: RHEL-155984 2:2.11.7-5 - Backport several CVE fixes Resolves: RHEL-147954, RHEL-147955, RHEL-147970, RHEL-147977, RHEL-147980 Resolves: RHEL-148002, RHEL-148014, RHEL-148031, RHEL-148906, RHEL-148996 Resolves: RHEL-149007, RHEL-149056, RHEL-1559...

9.8CVSS5.9AI score0.00656EPSS
Exploits5
Oracle linux
Oracle linux
added 2026/04/07 12:0 a.m.10 views

freerdp security update

2:3.10.3-5.5 - Fix use of nscprocessmessage - Increase timeout for TestSynchCritical Resolves: RHEL-155979 2:3.10.3-5.4 - Backport several CVE fixes Resolves: RHEL-147948, RHEL-147949, RHEL-147956, RHEL-147963, RHEL-147964 Resolves: RHEL-147972, RHEL-147979, RHEL-147984, RHEL-147985, RHEL-148898...

9.8CVSS5.9AI score0.00656EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.4 views

Oracle Linux 10 : freerdp (ELSA-2026-6799)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6799 advisory. 2:3.10.3-5.5 - Fix use of nscprocessmessage - Increase timeout for TestSynchCritical Resolves: RHEL-155979 2:3.10.3-5.4 - Backport several CVE fixes...

9.8CVSS6AI score0.00656EPSS
Exploits5References15
Oracle linux
Oracle linux
added 2026/04/01 12:0 a.m.6 views

freerdp security update

2:2.11.7-1.5 - Fix use of nscprocessmessage Resolves: RHEL-155993 2:2.11.7-1.4 - Backport several CVE fixes Resolves: RHEL-148046, RHEL-148049, RHEL-148054, RHEL-148061, RHEL-148079 Resolves: RHEL-148094, RHEL-148096, RHEL-148104, RHEL-148939, RHEL-149029 Resolves: RHEL-149042, RHEL-149065,...

9.8CVSS5.8AI score0.00656EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.4 views

Oracle Linux 9 : freerdp (ELSA-2026-6340)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6340 advisory. 2:2.11.7-1.5 - Fix use of nscprocessmessage Resolves: RHEL-155993 2:2.11.7-1.4 - Backport several CVE fixes Resolves: RHEL-148046, RHEL-148049,...

9.8CVSS6AI score0.00656EPSS
Exploits5References14
OSV
OSV
added 2026/03/23 2:48 p.m.10 views

CLSA-2026-1774277303 freerdp: Fix of CVE-2026-31806

CVE-2026-31806: Fix heap buffer overflow in nscprocessmessage...

9.8CVSS6AI score0.00656EPSS
Exploits1References1
Amazon
Amazon
added 2026/03/19 12:0 a.m.5 views

Important: freerdp

Issue Overview: FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline e.g., xfreerdp by sending an RDPGFX ClearCodec surface command with an out-of-bound...

8.8CVSS6AI score0.00591EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2026/02/26 10:34 p.m.6 views

CVE-2026-26955

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap buffer overflow vulnerability by sending a specially crafted graphics command to a FreeRDP client. This allows the server to write data outside of its intended memory...

8.8CVSS6.5AI score0.00537EPSS
Exploits1References5
AlpineLinux
AlpineLinux
added 2026/02/25 8:59 p.m.3 views

CVE-2026-26965

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, planardecompressplanerle writes into pDstData at nYDst+y nDstStep + 4nXDst + nChannel without verifying that nYDst+nSrcHeight fits in the destination height or that...

8.8CVSS6AI score0.00591EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2026/02/25 8:47 p.m.2 views

CVE-2026-26955

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline e.g., xfreerdp by sending an RDPGFX ClearCodec surface command with an out-of-bounds destination...

8.8CVSS6.1AI score0.00537EPSS
Exploits1
NVD
NVD
added 2026/02/03 3:16 p.m.10 views

CVE-2026-1814

Rapid7 Nexpose versions 6.4.50 and later are vulnerable to an insufficient entropy issue in the CredentialsKeyStorePassword.generateRandomPassword method. When updating legacy keystore passwords, the application generates a new password with insufficient length 7-12 characters and a static prefix...

6.8CVSS0.00145EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/03 2:54 p.m.6 views

CVE-2026-1814

Rapid7 Nexpose versions 6.4.50 and later are vulnerable to an insufficient entropy issue in the CredentialsKeyStorePassword.generateRandomPassword method. When updating legacy keystore passwords, the application generates a new password with insufficient length 7-12 characters and a static prefix...

6.8CVSS5.5AI score0.00145EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.4 views

PT-2026-22018

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.23.0 Description FreeRDP is a free implementation of the Remote Desktop Protocol. A flaw exists in the RLE planar decode path within the planar decompress plane rle function, where it writes to memory without proper...

10CVSS5.3AI score0.00591EPSS
Exploits1References138
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-29874

Malicious code in bioql PyPI...

9.8CVSS8.8AI score0.01922EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/05/23 2:30 a.m.1 views

CVE-2023-3965

The nsc theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype pollution in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that...

6.1CVSS6.1AI score0.00386EPSS
Exploits0References1
Rows per page
Query Builder