3 matches found
SUSE CVE-2025-58450
pREST PostgreSQL REST, is an API that delivers an application on top of a Postgres database. SQL injection is possible in versions prior to 2.0.0-rc3. The validation present in versions prior to 2.0.0-rc3 does not provide adequate protection from injection attempts. Version 2.0.0-rc3 contains a...
freerdp: out-of-bounds read in autodetect_recv_bandwidth_measure_results function
In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bounds read in autodetectrecvbandwidthmeasureresults. A malicious server can extract up to 8 bytes of client memory with a manipulated message by providing a short input and reading the measurement result data. This has been patched in 2.0...
DEBIAN-CVE-2020-11044
In FreeRDP greater than 1.2 and before 2.0.0, a double free in updatereadcachebitmapv3order crashes the client application if corrupted data from a manipulated server is parsed. This has been patched in 2.0.0...