Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

34 matches found

EUVD
EUVDadded yesterday5 views

EUVD-2026-38063

The WP Go Maps – Most Popular Map Plugin plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 10.1.01. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers ...

5.3CVSS6AI score
Exploits0References2
OSV
OSVadded 2026/05/29 1:34 p.m.13 views

OESA-2026-2490 libvncserver security update

libvncserver is a set of programs using the RFB Remote Frame Buffer protocol. They are designed to "export" a frame buffer via net: you set up a server and can connect to it via VNC viewers. If the server supports WebSockets which LibVNCServer does, you can also connect using an in-browser VNC...

8.8CVSS5.9AI score0.00242EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2026/05/28 3:57 a.m.11 views

SUSE CVE-2026-44988

LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and earlier, LibVNCClient's Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter, but it does not reject Tight rectangles whose width is larger than 2048 pixels. A malicious VNC serve...

8.1CVSS5.8AI score0.00242EPSS
Exploits0References4
OSV
OSVadded 2026/05/27 3:16 p.m.6 views

UBUNTU-CVE-2026-44988

LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and earlier, LibVNCClient's Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter, but it does not reject Tight rectangles whose width is larger than 2048 pixels. A malicious VNC serve...

8.8CVSS5.8AI score0.00242EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/05/27 12:0 a.m.12 views

PT-2026-44004

Name of the Vulnerable Software and Affected Versions LibVNCClient versions prior to 0.9.16 Description The Tight encoding decoder in LibVNCClient uses fixed-size 2048-pixel scratch buffers for the Gradient filter but fails to reject Tight rectangles with a width exceeding 2048 pixels. A maliciou...

8.8CVSS6AI score0.00242EPSS
Exploits0References24
OSV
OSVadded 2026/05/19 7:16 p.m.4 views

UBUNTU-CVE-2026-33642

Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handlecomposecommand function in kitty/graphics.c performs bounds validation on composition offsets using unsigned 32-bit arithmetic that is subject to integer wrapping, potentially leading to Heap Buffer...

9.9CVSS5.7AI score0.00286EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2026/05/19 6:4 p.m.10 views

CVE-2026-33642 Kitty has a Heap Buffer Over-Read/Write via Integer Overflow in compose_rectangles Bounds Check

Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handlecomposecommand function in kitty/graphics.c performs bounds validation on composition offsets using unsigned 32-bit arithmetic that is subject to integer wrapping, potentially leading to Heap Buffer...

9.9CVSS5.8AI score0.00286EPSS
Exploits1References2
Cvelist
Cvelistadded 2026/05/19 6:4 p.m.29 views

CVE-2026-33642 Kitty has a Heap Buffer Over-Read/Write via Integer Overflow in compose_rectangles Bounds Check

Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handlecomposecommand function in kitty/graphics.c performs bounds validation on composition offsets using unsigned 32-bit arithmetic that is subject to integer wrapping, potentially leading to Heap Buffer...

9.9CVSS0.00286EPSS
Exploits1References2
CVE
CVEadded 2026/05/19 6:4 p.m.14 views

CVE-2026-33642

CVE-2026-33642 affects Kitty up to version 0.46.2. The issue arises in handle_compose_command() in kitty/graphics.c, where 32-bit unsigned arithmetic for composition offsets can wrap and enable a heap buffer over-read/over-write. An attacker who can emit output to a Kitty terminal (e.g., maliciou...

9.9CVSS5.8AI score0.00286EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVEadded 2026/05/19 6:4 p.m.8 views

CVE-2026-33642

Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handlecomposecommand function in kitty/graphics.c performs bounds validation on composition offsets using unsigned 32-bit arithmetic that is subject to integer wrapping, potentially leading to Heap Buffer...

9.9CVSS5.7AI score0.00286EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2026/05/11 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: freerdp (UTSA-2026-017435)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017435 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. In affected versions a malicious server might trigger out of...

8.8CVSS5.7AI score0.01553EPSS
Exploits0References4
AstraLinux
AstraLinuxadded 2026/05/03 11:59 p.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-generic: prohibiting potential out-of-bounds accesses The fbdev test in IGT may write after EOF, leading to out-of-bound accesses for DRM drivers that use fbdev-generic. For example, running the fbdev test on an...

5.4AI score0.00173EPSS
Exploits0References2
Amazon
Amazonadded 2026/04/14 12:0 a.m.8 views

Medium: freerdp

Issue Overview: FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due to missing horizontal bounds validation of H.264 metablock regionRects coordinates. In...

9.8CVSS6.1AI score0.00323EPSS
Exploits6
OSV
OSVadded 2026/03/13 7:54 p.m.1 views

DEBIAN-CVE-2026-29774

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due to missing horizontal bounds validation of H.264 metablock regionRects coordinates. In yuv.c, the clamp...

8.2CVSS5AI score0.00323EPSS
Exploits1References1
NVD
NVDadded 2026/03/13 7:54 p.m.2 views

CVE-2026-29774

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due to missing horizontal bounds validation of H.264 metablock regionRects coordinates. In yuv.c, the clamp...

8.2CVSS0.00323EPSS
Exploits1References2
UbuntuCve
UbuntuCveadded 2026/03/13 7:54 p.m.3 views

CVE-2026-29774

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due to missing horizontal bounds validation of H.264 metablock regionRects coordinates. In yuv.c, the clamp...

8.2CVSS6.1AI score0.00323EPSS
Exploits1References3
ATTACKERKB
ATTACKERKBadded 2026/03/13 5:26 p.m.8 views

CVE-2026-29774

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due to missing horizontal bounds validation of H.264 metablock regionRects coordinates. In yuv.c, the clamp...

5.3CVSS6AI score0.00323EPSS
Exploits1References3Affected Software1
EUVD
EUVDadded 2026/03/13 5:26 p.m.2 views

EUVD-2026-12055

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due to missing horizontal bounds validation of H.264 metablock regionRects coordinates. In yuv.c, the clamp...

5.3CVSS6AI score0.00323EPSS
Exploits1References2
AlpineLinux
AlpineLinuxadded 2026/03/13 5:26 p.m.2 views

CVE-2026-29774

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due to missing horizontal bounds validation of H.264 metablock regionRects coordinates. In yuv.c, the clamp...

8.2CVSS6AI score0.00323EPSS
Exploits1
EUVD
EUVDadded 2025/12/24 3:30 p.m.3 views

EUVD-2023-60329

In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-generic: prohibit potential out-of-bounds access The fbdev test of IGT may write after EOF, which lead to out-of-bound access for drm drivers with fbdev-generic. For example, run fbdev test on a x86+ast2400 platform, wi...

6.1AI score0.00173EPSS
Exploits0References4
Rows per page
Query Builder