Lucene search
K

20 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-41801

Malicious code in bioql PyPI...

4.6CVSS4.7AI score0.00627EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2023/10/08 12:0 a.m.44 views

Debian dla-3606 : freerdp2-dev - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3606 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3606-1 [email protected]...

9.8CVSS7AI score0.02537EPSS
Exploits19References96
Tenable Nessus
Tenable Nessus
added 2022/11/30 12:0 a.m.23 views

SUSE SLED15: freerdp / freerdp-devel / freerdp-proxy / freerdp-server / etc (SUSE-SU-2022:4292-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4292-1 advisory. - CVE-2022-39318: Fixed division by zero in urbdrc bsc1205563. - CVE-2022-39319: Fixed missing...

5.7CVSS6.6AI score0.00953EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2022/11/17 12:0 a.m.46 views

CVE-2022-39319

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in the urbdrc channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in...

4.6CVSS5.9AI score0.00687EPSS
Exploits0References3
NVD
NVD
added 2022/11/16 9:15 p.m.23 views

CVE-2022-39319

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in the urbdrc channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in...

4.6CVSS0.00687EPSS
Exploits0References7
NVD
NVD
added 2022/11/16 9:15 p.m.16 views

CVE-2022-39317

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing a range check for input offset index in ZGFX decoder. A malicious server can trick a FreeRDP based client to read out of bound data and try to decode it. This issue has been addressed in versio...

4.6CVSS0.00627EPSS
Exploits0References4
NVD
NVD
added 2022/11/16 8:15 p.m.14 views

CVE-2022-41877

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in drive channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in version...

4.6CVSS0.00719EPSS
Exploits0References7
Prion
Prion
added 2022/11/16 8:15 p.m.22 views

Design/Logic Flaw

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP may attempt integer addition on too narrow types leads to allocation of a buffer too small holding the data written. A malicious server can trick a FreeRDP based client to read out of bound data and send i...

4.9CVSS5.2AI score0.00674EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2022/11/16 12:0 a.m.33 views

CVE-2022-41877 Missing input length validation in `drive` channel in FreeRDP

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in drive channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in version...

4.6CVSS4.8AI score0.00719EPSS
Exploits0References9
CVE
CVE
added 2022/11/16 12:0 a.m.131 views

CVE-2022-39320

CVE-2022-39320 affects FreeRDP and relates to a heap buffer overflow in the urbdrc channel caused by integer addition on too-narrow types, leading to writing data into a too-small allocation. Exploitation could enable reading out-of-bound data and echoing it back to the server. The vulnerability ...

5.5CVSS6AI score0.00674EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/16 12:0 a.m.20 views

CVE-2022-41877 Missing input length validation in `drive` channel in FreeRDP

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in drive channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in version...

4.6CVSS7.3AI score0.00719EPSS
Exploits0References6
OSV
OSV
added 2022/11/16 12:0 a.m.27 views

CVE-2022-39319 Missing length validation in urbdrc channel in FreeRDP

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in the urbdrc channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in...

4.6CVSS4.7AI score0.00687EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2022/11/16 12:0 a.m.38 views

CVE-2022-41877

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in drive channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in version...

4.6CVSS5.2AI score0.00719EPSS
Exploits0
Debian CVE
Debian CVE
added 2022/11/16 12:0 a.m.29 views

CVE-2022-39319

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in the urbdrc channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in...

4.6CVSS5.1AI score0.00687EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2022/11/16 12:0 a.m.54 views

CVE-2022-41877

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in drive channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in version...

4.6CVSS6.3AI score0.00719EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/04/25 12:0 a.m.44 views

EulerOS 2.0 SP8 : freerdp (EulerOS-SA-2022-1564)

According to the versions of the freerdp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the...

6.9CVSS6.7AI score0.02537EPSS
Exploits4References18
CVE
CVE
added 2020/05/29 12:0 a.m.224 views

CVE-2020-11040

CVE-2020-11040 affects FreeRDP versions up to 2.0.0, where an out-of-bounds data read from memory occurs in clear_decompress_subcode_rlex and is visualized as color on screen. The issue has been fixed in version 2.1.0. Related advisories from Debian, CentOS/RHEL, AlmaLinux, Amazon Linux 2 and CNV...

4CVSS5.4AI score0.01608EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2019/03/09 12:0 a.m.55 views

CVE-2019-8275

UltraVNC revision 1211 contains multiple improper null termination vulnerabilities in the VNC server code, allowing out-of-bounds data access via network. CVSS v3.1 base score 9.8. Affected: UltraVNC 1211; fix: upgrade to revision 1212 (addressed in the same family of issues).

9.8CVSS9.6AI score0.0397EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2019/03/08 11:29 p.m.21 views

CVE-2019-8275

UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code, which result in out-of-bound data being accessed by remote users. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212...

9.8CVSS9.9AI score0.0397EPSS
Exploits0References6
Prion
Prion
added 2019/03/08 11:29 p.m.17 views

Null pointer dereference

UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code, which result in out-of-bound data being accessed by remote users. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212...

7.5CVSS9.7AI score0.0397EPSS
Exploits0References6Affected Software4
Rows per page
Query Builder