239 matches found
Astra Linux - уязвимость в freerdp2
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The affected versions are vulnerable to an Out-of-Bounds Write vulnerability in the progressivedecompress function. This issue is likely due to incorrect calculations of the nXSrc and nYSrc...
CVE-2026-7080
A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. Such manipulation of the argument delno leads to buffer overflow. The attack may be launched remotely. The exploit has been...
freerdp security update
2:2.11.7-7 - Update CLEARVBARENTRY size after alloc CVE-2026-33984 - Fail progressiverfxquantsub on invalid values CVE-2026-33983 Resolves: RHEL-162949, RHEL-162965...
freerdp security update
2:3.10.3-5.6 - Update CLEARVBARENTRY size after alloc CVE-2026-33984 - Fail progressiverfxquantsub on invalid values CVE-2026-33983 Resolves: RHEL-162946, RHEL-162962...
freerdp security update
2:2.11.7-1.6 - Update CLEARVBARENTRY size after alloc CVE-2026-33984 - Fail progressiverfxquantsub on invalid values CVE-2026-33983 Resolves: RHEL-162958, RHEL-162978...
Chromium: CVE-2026-5892 Insufficient policy enforcement in PWAs
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2026-5892
An insufficient policy enforcement flaw was found in the PWAs component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=487568011...
SUSE CVE-2026-5892
Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. Chromium security severity: Medium...
EUVD-2026-20711
Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2026-5892
Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-5892
Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-5892
Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-5892
Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-5892
Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-5892
Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. Chromium security severity: Medium...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 147.0.7727.55 contained a security vulnerability. This vulnerability stemmed from insufficient policy execution in PWA implementations. It could allow remote attackers who have infiltrated...
CVE-2026-33983
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, progressivedecompresstileupgrade detects a mismatch via progressiverfxquantcmpequal but only emits WLogWARN, execution continues. The wrapped value 247 is used as a shift exponent, causing undefined behavior...
CVE-2026-33983 FreeRDP: Progressive Codec Quant BYTE Underflow - UB + CPU DoS
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, progressivedecompresstileupgrade detects a mismatch via progressiverfxquantcmpequal but only emits WLogWARN, execution continues. The wrapped value 247 is used as a shift exponent, causing undefined behavior...
CVE-2026-33983
The connected Debian tracker for CVE-2026-33983 names it as “Progressive Codec Quant BYTE Underflow - UB + CPU DoS.” No vendor, product, or version details are provided in the documents. The vulnerability is described as an underflow causing a CPU Denial of Service, but there is no information he...
CVE-2026-33983 FreeRDP: Progressive Codec Quant BYTE Underflow - UB + CPU DoS
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, progressivedecompresstileupgrade detects a mismatch via progressiverfxquantcmpequal but only emits WLogWARN, execution continues. The wrapped value 247 is used as a shift exponent, causing undefined behavior...