OPENSUSE-SU-2026:10459-1 freerdp2-2.11.7-6.1 on GA media

These are all security issues fixed in the freerdp2-2.11.7-6.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10243-1 freerdp2-2.11.7-5.1 on GA media

These are all security issues fixed in the freerdp2-2.11.7-5.1 package on the GA media of openSUSE Tumbleweed...

Amazon Linux 2 : freerdp, --advisory ALAS2-2026-3162 (ALAS-2026-3162)

The version of freerdp installed on the remote host is prior to 2.11.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3162 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0,freerdpbitmapdecompressplanar do...

EUVD-2024-26173

Malicious code in bioql PyPI...

CVE-2024-29137

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.7...

Medium: freerdp

Issue Overview: FreeRDP is a set of free and open source remote desktop protocol library and clients. In affected versions an integer overflow in freerdpbitmapplanarcontextreset leads to heap-buffer overflow. This affects FreeRDP based clients. FreeRDP based server implementations and proxy are n...

VulnCheck KEV: CVE-2024-29137

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.7...

CVE-2021-22748

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could allow a remote code execution when a file is saved. Affected Product: C-Bus Toolkit V1.15.9 and prior, C-Gate Server V2.11.7 and prior...

Improper validation of URLs ('Cross-site Scripting') in Wagtail rich text fields

Impact When saving the contents of a rich text field in the admin interface, Wagtail does not apply server-side checks to ensure that link URLs use a valid protocol. A malicious user with access to the admin interface could thus craft a POST request to publish content with javascript: URLs...

Icinga Trust Management Issues Vulnerability

Icinga is a scalable server and network resource monitoring system from Icinga, Germany. A security vulnerability exists in Icinga 2 versions v2.8.0 through v2.11.7, v2.12.2, which stems from the fact that revoked certificates that are due for renewal will be automatically renewed...

PYSEC-2010-33

ZServer in Zope 2.10.x before 2.10.12 and 2.11.x before 2.11.7 allows remote attackers to cause a denial of service crash of worker threads via vectors that trigger uncaught exceptions...

XSS on plausible insecure PHP installation

PMASA-2008-4 Announcement-ID: PMASA-2008-4 Date: 2008-06-23 Summary XSS on plausible insecure PHP installation Description We received an advisory from Tim Starling Wikimedia, and we wish to thank him for his work. Some scripts in the /libraries directory were vulnerable to XSS. Severity We...