Lucene search
K

533 matches found

redhat
redhat
added 2026/02/23 10:17 a.m.5 views

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. In affected versions the URBDRC client does not perform bounds checking on server‑supplied MSUSBINTERFACEDESCRIPTOR values and uses them as indices in libusbudevcompletemsconfigsetup, causing an out‑of‑bounds read...

9.1CVSS5.9AI score0.00756EPSS
Exploits1References6
nvd
nvd
added 2026/02/09 7:15 p.m.13 views

CVE-2026-24679

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusbudevselectinterface. This vulnerability is fixed in 3.22.0...

9.1CVSS0.00489EPSS
Exploits0References2
osv
osv
added 2026/02/09 7:15 p.m.7 views

UBUNTU-CVE-2026-24675

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, urbselectinterface can free the device's MS config on error but later code still dereferences it, leading to a use after free in libusbudevselectinterface. This vulnerability is fixed in 3.22.0...

8.7CVSS5.9AI score0.00467EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/02/09 6:19 p.m.5 views

CVE-2026-24679

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusbudevselectinterface. This vulnerability is fixed in 3.22.0...

8.7CVSS5.5AI score0.00489EPSS
Exploits0References3Affected Software1
osv
osv
added 2026/02/09 6:19 p.m.6 views

CVE-2026-24679 FreeRDP has a heap-buffer-overflow in urb_select_interface

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusbudevselectinterface. This vulnerability is fixed in 3.22.0...

8.7CVSS5.6AI score0.00489EPSS
Exploits0References4
cvelist
cvelist
added 2026/02/09 6:14 p.m.33 views

CVE-2026-24675 FreeRDP has a Heap-use-after-free in urb_select_interface

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, urbselectinterface can free the device's MS config on error but later code still dereferences it, leading to a use after free in libusbudevselectinterface. This vulnerability is fixed in 3.22.0...

8.7CVSS0.00467EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/02/09 6:14 p.m.6 views

CVE-2026-24675

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, urbselectinterface can free the device's MS config on error but later code still dereferences it, leading to a use after free in libusbudevselectinterface. This vulnerability is fixed in 3.22.0...

8.7CVSS5.7AI score0.00467EPSS
Exploits0References3Affected Software1
alpinelinux
alpinelinux
added 2026/02/09 6:14 p.m.4 views

CVE-2026-24675

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, urbselectinterface can free the device's MS config on error but later code still dereferences it, leading to a use after free in libusbudevselectinterface. This vulnerability is fixed in 3.22.0...

8.7CVSS5.7AI score0.00467EPSS
Exploits0
astralinux
astralinux
added 2026/01/27 5:1 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: at76c50x: Fixed the issue where access was used after the object was freed in at76disconnect. The memory pointed to by priv is freed at the end of the at76deletedevice function using ieee80211freehw. However, the code then...

7.8CVSS6.4AI score0.00166EPSS
Exploits0References3
nvd
nvd
added 2026/01/23 4:15 p.m.10 views

CVE-2025-71161

In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with the recursive correction: 1. It may cause denial-of-service. In fecreadbufs, there is a loop that has 253 iterations. For each iteration, we may ca...

5.5CVSS0.00165EPSS
Exploits0References6
nessus
nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-21773)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21773 advisory. - In the Linux kernel, the following vulnerability has been resolved: can: etases58x: fix potential NULL point...

5.5CVSS5.4AI score0.00206EPSS
Exploits0References2
nessus
nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 8 : systemd-239-40.el8 (AXSA:2021-1218:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1218:01 advisory. systemd: memory leak in buttonopen in login/logind-button.c when udev events are received CVE-2019-20386 Tenable has extracted the preceding description bloc...

5.1CVSS7.9AI score0.00429EPSS
Exploits0References2
nessus
nessus
added 2026/01/14 12:0 a.m.7 views

MiracleLinux 3 : udev-095-14.20AXS3 (AXSA:2009-45:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-45:01 advisory. The udev package contains an implementation of devfs in userspace using sysfs and netlink. Fixed bugs: CVE-2009-1185 udev before 1.4.1 does not verify whether ...

7.2CVSS7.7AI score0.81528EPSS
Exploits12References2
nessus
nessus
added 2026/01/13 12:0 a.m.3 views

MiracleLinux 7 : libvirt-4.5.0-36.5.0.1.el7.AXS7 (AXSA:2025-9921:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9921:04 advisory. CVE-2024-2496: Fix NULL pointer dereference in udevConnectListAllInterfaces function CVEs: CVE-2024-2496 A NULL pointer dereference flaw was found in the...

5.5CVSS6.1AI score0.0025EPSS
Exploits0References2
metasploit
metasploit
added 2026/01/09 6:58 p.m.336 views

udev Persistence

This module will add a script in /lib/udev/rules.d/ in order to execute a payload written on disk. It'll be executed with root privileges everytime a network interface other than l0 comes up. Execution is triggered through at command, so it must be installed on the target. Module Options msf use...

5.9AI score
Exploits0
ptsecurity
ptsecurity
added 2026/01/01 12:0 a.m.6 views

PT-2026-7034

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.22.0 Description FreeRDP, a Remote Desktop Protocol implementation, contains a flaw in the urb select interface function. Specifically, the function can free a device’s MS configuration on error, but subsequent code...

9.8CVSS5.5AI score0.0195EPSS
Exploits5References219
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-3628

Malware in sbrugna...

4.6CVSS6.2AI score0.00391EPSS
Exploits0References8
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-1180

Malware in sbrugna...

2.1CVSS6.3AI score0.00269EPSS
Exploits0References11
euvd
euvd
added 2025/10/07 12:30 a.m.8 views

EUVD-2009-1186

Malware in sbrugna...

2.1CVSS6AI score0.00539EPSS
Exploits0References28
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-2334

Malware in sbrugna...

7.8CVSS7.5AI score0.00369EPSS
Exploits0References4
Rows per page
Query Builder