201 matches found
UBUNTU-CVE-2023-39356
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. In affected versions a missing offset validation may lead to an Out Of Bound Read in the function gdimultiopaquerect. In particular there is no code to validate if the value...
UBUNTU-CVE-2023-39353
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to a missing offset validation leading to Out Of Bound Read. In the libfreerdp/codec/rfx.c file there is no offset validation in tile-quantIdxY, tile-quantIdxCb, a...
CVE-2023-39352 Invalid offset validation leading to Out Of Bound Write in FreeRDP
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an invalid offset validation leading to Out Of Bound Write. This can be triggered when the values rect-left and rect-top are exactly equal to surface-width and...
CVE-2023-39352 Invalid offset validation leading to Out Of Bound Write in FreeRDP
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an invalid offset validation leading to Out Of Bound Write. This can be triggered when the values rect-left and rect-top are exactly equal to surface-width and...
CVE-2023-39353 Missing offset validation leading to Out Of Bound Read in FreeRDP
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to a missing offset validation leading to Out Of Bound Read. In the libfreerdp/codec/rfx.c file there is no offset validation in tile-quantIdxY, tile-quantIdxCb, a...
CVE-2023-39353 Missing offset validation leading to Out Of Bound Read in FreeRDP
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to a missing offset validation leading to Out Of Bound Read. In the libfreerdp/codec/rfx.c file there is no offset validation in tile-quantIdxY, tile-quantIdxCb, a...
CVE-2023-39353
CVE-2023-39353 affects FreeRDP. The root cause is a missing offset validation in libfreerdp/codec/rfx.c for tile->quantIdxY, tile->quantIdxCb, and tile->quantIdxCr, allowing crafted input to trigger an out-of-bounds read and likely crash. The issue is documented as fixed in versions 2.11...
FreeRDP 缓冲区错误漏洞
FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. FreeRDP suffers from a buffer error vulnerability that stems from an out-of-bounds read due to missing offset validation in the gdimultiopaquerect function...
FreeRDP 缓冲区错误漏洞
FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. FreeRDP suffers from a buffer overflow vulnerability that stems from the cleardecompressbandsdata function having no offset validation. An attacker could exploit this vulnerability to cause a denial...
FreeRDP 缓冲区错误漏洞
FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. FreeRDP suffers from a buffer error vulnerability that stems from the absence of offset validation in tile-quantIdxY, tile-quantIdxCb, and tile-quantIdxCr in the libfreerdp/codec/rfx.c file...
PT-2023-4663 · Freerdp +8 · Freerdp +8
Name of the Vulnerable Software and Affected Versions: FreeRDP versions prior to 2.11.0 FreeRDP versions prior to 3.0.0-beta3 Description: The issue is related to an Out-Of-Bounds Write in the clear decompress bands data function due to a lack of offset validation. This can be exploited by a remo...
CVE-2023-4135
A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allocated buffer can ...
PT-2023-4671 · Freerdp +8 · Freerdp +8
Name of the Vulnerable Software and Affected Versions: FreeRDP versions prior to 2.11.0 FreeRDP versions prior to 3.0.0-beta3 Description: The issue is related to a missing offset validation in the libfreerdp/codec/rfx.c file, specifically in tile-quantIdxY, tile-quantIdxCb, and tile-quantIdxCr...
PT-2023-4680 · Freerdp +8 · Freerdp +8
Name of the Vulnerable Software and Affected Versions: FreeRDP versions prior to 2.11.0 FreeRDP versions prior to 3.0.0-beta3 Description: The issue is related to an invalid offset validation leading to Out Of Bound Write in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. This...
CBL Mariner 2.0 Security Update: kernel (CVE-2022-47520)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-47520 advisory. - An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in...
Denial Of Service (DoS)
Linux kernel is vulnerable to Denial Of Service DoS. The vulnerability exists due to the missing offset validation in hif.c in the WILC1000 wireless driver which can trigger an out-of-bounds read when parsing a Robust Security Network RSN information element from a Netlink packet...
SUSE CVE-2014-4322
drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, does not validate certain offset, length, and base values within an ioctl call, which allows attackers to gain privileges or...
SUSE CVE-2015-6247
The dissectopenflowtablemodv5 function in epan/dissectors/packet-openflowv5.c in the OpenFlow dissector in Wireshark 1.12.x before 1.12.7 does not validate a certain offset value, which allows remote attackers to cause a denial of service infinite loop via a crafted packet...
SUSE CVE-2016-5384
fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file...
SUSE CVE-2017-13133
In ImageMagick 7.0.6-8, the loadlevel function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service loadtile memory exhaustion via a crafted file...