5 matches found
CVE-2026-27951
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the function StreamEnsureCapacity can create an endless blocking loop. This may affect all client and server implementations using FreeRDP. For practical exploitation this will only work on 32bit systems whe...
CVE-2026-25942 FreeRDP has global-buffer-overflow in xf_rail_server_execute_result
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfrailserverexecuteresult indexes the global errorcodenames array 7 elements, indices 0–6 with an unchecked execResult-execResult value received from the server, allowing an out-of-bounds read when the serve...
OESA-2026-1237 python-filelock security update
This package contains a single module, which implements a platform independent file locking mechanism for Python. Security Fixes: filelock is a platform-independent file lock for Python. Prior to version 3.20.3, a TOCTOU race condition vulnerability exists in the SoftFileLock implementation of th...
PT-2026-22009
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.23.0 Description FreeRDP is a free implementation of the Remote Desktop Protocol. Versions before 3.23.0 contain a flaw where the xf SetWindowMinMaxInfo function improperly dereferences a freed xfAppWindow pointer...
CVE-2024-8101 Stored XSS in aimhubio/aim
A stored cross-site scripting XSS vulnerability exists in the Text Explorer component of aimhubio/aim version 3.23.0. The vulnerability arises due to the use of dangerouslySetInnerHTML without proper sanitization, allowing arbitrary JavaScript execution when rendering tracked texts. This can be...