Search CVE reports
1941 – 1950 of 26183 results
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a malicious RDP server can crash the FreeRDP client by sending audio data in IMA ADPCM format with an invalid initial step index value (>=...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS |
|---|---|
| freerdp | Not in release |
| freerdp2 | Not in release |
| freerdp3 | Vulnerable |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, an unvalidated auth_length field read from the network triggers a WINPR_ASSERT() failure in rts_read_auth_verifier_no_checks(), causing any...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS |
|---|---|
| freerdp | Not in release |
| freerdp2 | Not in release |
| freerdp3 | Vulnerable |
[Unknown description]
2 affected packages
znuny, otrs2
| Package | 26.04 LTS |
|---|---|
| znuny | Needs evaluation |
| otrs2 | Not in release |
Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib. Compress::Raw::Zlib is included in the Perl package as a dual-life...
1 affected package
perl
| Package | 26.04 LTS |
|---|---|
| perl | Not affected |
A vulnerability was determined in mxml up to 4.0.4. This issue affects the function index_sort of the file mxml-index.c of the component mxmlIndexNew. Executing a manipulation of the argument tempr can lead to stack-based buffer...
1 affected package
mxml
| Package | 26.04 LTS |
|---|---|
| mxml | Needs evaluation |
PMS 0.42 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arbitrary code by supplying malicious values in the configuration file. Attackers can craft configuration files...
1 affected package
pms
| Package | 26.04 LTS |
|---|---|
| pms | Needs evaluation |
Crashmail 1.6 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending malicious input to the application. Attackers can craft payloads with ROP chains to achieve code...
1 affected package
crashmail
| Package | 26.04 LTS |
|---|---|
| crashmail | Needs evaluation |
SC v7.16 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers can craft malicious input strings exceeding...
1 affected package
sc
| Package | 26.04 LTS |
|---|---|
| sc | Needs evaluation |
Bochs 2.6-5 contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized input string to the application. Attackers can craft a malicious payload with 1200 bytes of...
1 affected package
bochs
| Package | 26.04 LTS |
|---|---|
| bochs | Needs evaluation |
MAWK 1.3.3-17 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. Attackers can craft malicious input that...
1 affected package
mawk
| Package | 26.04 LTS |
|---|---|
| mawk | Not affected |