Lucene search
K

6 matches found

OSV
OSV
added 2026/04/25 5:48 a.m.4 views

OESA-2026-2040 freerdp security update

FreeRDP is a client implementation of the Remote Desktop Protocol RDP that follows Microsoft's open specifications. This package provides the client applications xfreerdp. Security Fixes: FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP...

9.8CVSS7.2AI score0.00656EPSS
Exploits5References8
Tenable Nessus
Tenable Nessus
added 2026/03/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-28292

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - simple-git, an interface for running git commands in any node.js application, has an issue in versions 3.15.0 through 3.32.2 that allows an attacker to bypass t...

9.8CVSS8AI score0.02784EPSS
Exploits3References2
NVD
NVD
added 2026/03/10 7:17 p.m.13 views

CVE-2026-28292

simple-git, an interface for running git commands in any node.js application, has an issue in versions 3.15.0 through 3.32.2 that allows an attacker to bypass two prior CVE fixes CVE-2022-25860 and CVE-2022-25912 and achieve full remote code execution on the host machine. Version 3.23.0 contains ...

9.8CVSS0.01296EPSS
Exploits1References7
OSV
OSV
added 2026/02/25 9:16 p.m.4 views

UBUNTU-CVE-2026-26955

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline e.g., xfreerdp by sending an RDPGFX ClearCodec surface command with an out-of-bounds destination...

8.8CVSS6.1AI score0.00537EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.7 views

PT-2026-22017

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.23.0 Description A malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline, such as xfreerdp. This occurs when sending an RDPGFX ClearCodec surface command with an...

10CVSS5.4AI score0.00537EPSS
Exploits1References137
Snyk
Snyk
added 2025/12/08 6:43 p.m.3 views

Insufficient Entropy

Overview Affected versions of this package are vulnerable to Insufficient Entropy in the JWT signing secret. A user can obtain unauthorized administrative access by brute-forcing valid tokens. Remediation Upgrade github.com/litmuschaos/litmus/chaoscenter/authentication/api/handlers to version...

7.1CVSS6.8AI score0.00273EPSS
Exploits0References2
Rows per page
Query Builder