Search CVE reports
561 – 570 of 42559 results
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdi_surface_bits() function processes SURFACE_BITS_COMMAND messages sent by the RDP server. When the command is handled using NSCodec, the...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 18.04 LTS |
|---|---|
| freerdp | Needs evaluation |
| freerdp2 | Needs evaluation |
| freerdp3 | — |
calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to 9.5.0, a path traversal vulnerability in the RocketBook (.rb) input plugin (src/calibre/ebooks/rb/reader.py) allows an...
1 affected package
calibre
| Package | 18.04 LTS |
|---|---|
| calibre | Needs evaluation |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, Integer Underflow in update_read_cache_bitmap_order Function of FreeRDP's Core Library This vulnerability is fixed in 3.24.0.
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 18.04 LTS |
|---|---|
| freerdp | Needs evaluation |
| freerdp2 | Needs evaluation |
| freerdp3 | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap out-of-bounds read/write occurs in FreeRDP's bitmap cache subsystem due to an off-by-one boundary check in bitmap_cache_put. A...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 18.04 LTS |
|---|---|
| freerdp | Needs evaluation |
| freerdp2 | Needs evaluation |
| freerdp3 | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due to missing horizontal...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 18.04 LTS |
|---|---|
| freerdp | Needs evaluation |
| freerdp2 | Needs evaluation |
| freerdp3 | — |
Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and 2.2.0 (EOL) allows unauthenticated users to enumerate existing hosts by observing different HTTP response codes in deploy_agent...
1 affected package
check-mk
| Package | 18.04 LTS |
|---|---|
| check-mk | Needs evaluation |
Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. Impact summary: A less...
5 affected packages
openssl, openssl-fips, openssl1.0, nodejs, edk2
| Package | 18.04 LTS |
|---|---|
| openssl | Not affected |
| openssl-fips | — |
| openssl1.0 | Not affected |
| nodejs | Not affected |
| edk2 | Not affected |
Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and 2.2.0 (EOL) allows authenticated users to enumerate existing hosts by observing different HTTP response codes...
1 affected package
check-mk
| Package | 18.04 LTS |
|---|---|
| check-mk | Needs evaluation |
Improper Handling of Highly Compressed Data (Compression Bomb) vulnerability in Erlang OTP ssh (ssh_transport modules) allows Denial of Service via Resource Depletion. The SSH transport layer advertises legacy zlib compression by...
1 affected package
erlang
| Package | 18.04 LTS |
|---|---|
| erlang | Needs evaluation |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (ssh_sftpd module) allows Path Traversal. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl and...
1 affected package
erlang
| Package | 18.04 LTS |
|---|---|
| erlang | Needs evaluation |