Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/01/19 5:9 p.m.2 views

CVE-2026-23534 FreeRDP has heap-buffer-overflow in clear_decompress_bands_data

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the ClearCodec bands decode path when crafted band coordinates allow writes past the end of the destination surface buffer. A malicious server can trigger a...

8.7CVSS5.9AI score0.00434EPSS
Exploits1References4
CVE
CVE
added 2026/01/19 5:3 p.m.26 views

CVE-2026-23532

CVE-2026-23532 affects the FreeRDP client prior to version 3.21.0, where a heap buffer overflow can be triggered in the FreeRDP client’s gdi_SurfaceToSurface path due to a mismatch between destination rectangle clamping and the actual copy size. This can lead to a crash (DoS) and potential heap c...

9.8CVSS5.9AI score0.00434EPSS
Exploits1References19Affected Software1
Cvelist
Cvelist
added 2026/01/14 5:47 p.m.23 views

CVE-2026-22854 FreeRDP has a heap-buffer-overflow in drive_process_irp_read

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap...

7.7CVSS0.00453EPSS
Exploits1References2
CNVD
CNVD
added 2017/12/28 12:0 a.m.2 views

Archon Cross-Site Scripting Vulnerability

Archon is a system of online catalog sites for manuscript collections at the Maine Maritime Museum. A cross-site scripting vulnerability exists in the packages/core/contact.php file in Archon version 3.21 rev-1. A remote attacker can exploit this vulnerability to inject arbitrary web script or HT...

6.1CVSS6AI score0.00593EPSS
Exploits1References1
Rows per page
Query Builder