Lucene search
K

42 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions may experience invalid offset validation, leading to Out Of Bound Write errors. This issue can occur when the values rect-left and rect-top are exactly equal to surface-width...

9.8CVSS6.7AI score0.01297EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix compose-height boundary issue Syzkaller identified a bug: BUG: Unable to handle page faults for address: ffffc9000a3b1000 PF: Supervisor write access in kernel mode PF: Errorcode0x0002 – Not-present page PGD...

5.5CVSS6.2AI score0.00209EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/03/16 5:32 p.m.5 views

SUSE CVE-2026-29774

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due to missing horizontal bounds validation of H.264 metablock regionRects coordinates. In yuv.c, the clamp...

5.3CVSS6AI score0.00323EPSS
Exploits1References9
OSV
OSV
added 2026/03/09 11:3 p.m.6 views

CVE-2026-30927 Admidio: Event participation IDOR - non-leaders can register other users for events via user_uuid parameter

Admidio is an open-source user management solution. Prior to 5.0.6, in modules/events/eventsfunction.php, the event participation logic allows any user who can participate in an event to register OTHER users by manipulating the useruuid GET parameter. The condition uses || OR, meaning if...

5.3CVSS5.9AI score0.00253EPSS
Exploits0References5
Redos
Redos
added 2026/03/04 12:0 a.m.14 views

ROS-20260304-73-0026

A vulnerability in the v4l2rectmapinside function of the Linux kernel is related to memory reads outside of the allocated buffer. Exploitation of the vulnerability may allow an attacker acting remotely to affect the confidentiality of protected information...

7.8CVSS7.1AI score0.00157EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38226)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38226 advisory. - In the Linux kernel, the following vulnerability has been resolved: media: vivid: Change the siize of the...

7.8CVSS5.4AI score0.00157EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/06 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990444)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990444 advisory. In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix compose size exceed boundary syzkaller found a bug: BUG: unable to handle page...

5.5CVSS6AI score0.00209EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: media: vivid: The size of the composition has been changed. syzkaller discovered a bug: BUG: KASAN: vmalloc-out-of-bounds in tpgfillplanepattern, drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2608 inline BUG: KASAN:...

7.8CVSS6.4AI score0.00157EPSS
Exploits0References3
NVD
NVD
added 2025/10/28 12:15 p.m.6 views

CVE-2025-40073

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Do not validate SSPP when it is not ready Current code will validate current plane and previous plane to confirm they can share a SSPP with multi-rect mode. The SSPP is already allocated for previous plane, while current...

0.0017EPSS
Exploits0References2
OSV
OSV
added 2025/10/28 12:15 p.m.4 views

UBUNTU-CVE-2025-40073

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Do not validate SSPP when it is not ready Current code will validate current plane and previous plane to confirm they can share a SSPP with multi-rect mode. The SSPP is already allocated for previous plane, while current...

5.8AI score0.0017EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-15692

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. Vulnerability could be triggered from CopyRectDecoder due to incorrect value checks...

7.2CVSS7.8AI score0.04773EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2025/07/07 11:23 p.m.5 views

SUSE CVE-2025-38226

In the Linux kernel, the following vulnerability has been resolved: media: vivid: Change the siize of the composing syzkaller found a bug: BUG: KASAN: vmalloc-out-of-bounds in tpgfillplanepattern drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2608 inline BUG: KASAN: vmalloc-out-of-bounds in...

7.8CVSS6.6AI score0.00157EPSS
Exploits0References23
OSV
OSV
added 2025/07/04 2:15 p.m.6 views

AZL-64689 CVE-2025-38226 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: media: vivid: Change the siize of the composing syzkaller found a bug: BUG: KASAN: vmalloc-out-of-bounds in tpgfillplanepattern drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2608 inline BUG: KASAN: vmalloc-out-of-bounds in...

7.8CVSS6.4AI score0.00157EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/04 12:0 a.m.9 views

PT-2025-28001

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 Description: A bug was found in the Linux kernel, specifically in the media subsystem, where the composition size cannot be larger than the size of fmt cap rect. This iss...

7.8CVSS6.8AI score0.00157EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/04/30 10:33 a.m.8 views

freerdp: invalid offset validation leading to Out Of Bound Write

A flaw was found in FreeRDP. An out-of-bounds write may occur when the values rect-left and rect-top are exactly equal to surface-width and surface-height. eg. rect-left == surface-width && rect-top == surface-height. This issue can result in a crash...

9.8CVSS5.7AI score0.01297EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2023/09/04 12:0 a.m.6 views

The vulnerability of the RDP client FreeRDP, related to the execution of operations beyond the buffer boundaries in memory, allows a hacker to trigger a service failure.

The vulnerability of the RDP client FreeRDP relates to the escape of operations beyond the buffer in memory when processing values of the rect-left and rect-top parameters. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

5.3CVSS7AI score0.01297EPSS
Exploits1References10Affected Software3
SUSE CVE
SUSE CVE
added 2023/09/02 1:54 a.m.2 views

SUSE CVE-2023-39356

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. In affected versions a missing offset validation may lead to an Out Of Bound Read in the function gdimultiopaquerect. In particular there is no code to validate if the value...

5.3CVSS9.4AI score0.01529EPSS
Exploits1References5
OSV
OSV
added 2023/08/31 9:15 p.m.2 views

DEBIAN-CVE-2023-39356

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. In affected versions a missing offset validation may lead to an Out Of Bound Read in the function gdimultiopaquerect. In particular there is no code to validate if the value...

9.1CVSS7AI score0.01529EPSS
Exploits1References1
OSV
OSV
added 2023/08/31 9:15 p.m.1 views

DEBIAN-CVE-2023-39352

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an invalid offset validation leading to Out Of Bound Write. This can be triggered when the values rect-left and rect-top are exactly equal to surface-width and...

9.8CVSS7AI score0.01297EPSS
Exploits1References1
OSV
OSV
added 2023/08/31 9:15 p.m.4 views

UBUNTU-CVE-2023-39356

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. In affected versions a missing offset validation may lead to an Out Of Bound Read in the function gdimultiopaquerect. In particular there is no code to validate if the value...

9.1CVSS7.3AI score0.01529EPSS
Exploits1References8
Rows per page
Query Builder