6 matches found
OESA-2026-2040 freerdp security update
FreeRDP is a client implementation of the Remote Desktop Protocol RDP that follows Microsoft's open specifications. This package provides the client applications xfreerdp. Security Fixes: FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP...
Linux Distros Unpatched Vulnerability : CVE-2026-28292
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - simple-git, an interface for running git commands in any node.js application, has an issue in versions 3.15.0 through 3.32.2 that allows an attacker to bypass t...
CVE-2026-28292
simple-git, an interface for running git commands in any node.js application, has an issue in versions 3.15.0 through 3.32.2 that allows an attacker to bypass two prior CVE fixes CVE-2022-25860 and CVE-2022-25912 and achieve full remote code execution on the host machine. Version 3.23.0 contains ...
UBUNTU-CVE-2026-26955
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline e.g., xfreerdp by sending an RDPGFX ClearCodec surface command with an out-of-bounds destination...
PT-2026-22017
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.23.0 Description A malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline, such as xfreerdp. This occurs when sending an RDPGFX ClearCodec surface command with an...
Insufficient Entropy
Overview Affected versions of this package are vulnerable to Insufficient Entropy in the JWT signing secret. A user can obtain unauthorized administrative access by brute-forcing valid tokens. Remediation Upgrade github.com/litmuschaos/litmus/chaoscenter/authentication/api/handlers to version...