Search CVE reports
181 – 190 of 50764 results
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without tracking the pointed...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 16.04 LTS |
|---|---|
| freerdp | Needs evaluation |
| freerdp2 | — |
| freerdp3 | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 16.04 LTS |
|---|---|
| freerdp | Needs evaluation |
| freerdp2 | — |
| freerdp3 | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard (cliprdr) channel by sending a CB_CLIP_CAPS PDU...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 16.04 LTS |
|---|---|
| freerdp | Needs evaluation |
| freerdp2 | — |
| freerdp3 | — |
Exim 4.88 before 4.99.4, in some proxy configurations, mishandles certain short payloads, leading to disclosure of uninitialized stack memory values to a client.
1 affected package
exim4
| Package | 16.04 LTS |
|---|---|
| exim4 | Fixed |
A flaw was found in libsoup. A remote attacker could exploit an unsigned to signed conversion error in the `soup_body_input_stream_read_chunked()` function by sending a malicious HTTP request. This vulnerability occurs when...
2 affected packages
libsoup2.4, libsoup3
| Package | 16.04 LTS |
|---|---|
| libsoup2.4 | Needs evaluation |
| libsoup3 | — |
[Unknown description]
2 affected packages
incus, lxd
| Package | 16.04 LTS |
|---|---|
| incus | — |
| lxd | Needs evaluation |
A flaw was found in glib-networking. A remote attacker can exploit this vulnerability by presenting a specially crafted certificate chain to an application that uses glib-networking with the GnuTLS backend enabled and performs...
1 affected package
glib-networking
| Package | 16.04 LTS |
|---|---|
| glib-networking | Vulnerable |
In OpenStack Neutron before 28.0.1, the tagging controller enforces plural policy action names on single-tag write operations while the defined policy rules use singular names. The mismatched names evaluate as allowed under the...
1 affected package
neutron
| Package | 16.04 LTS |
|---|---|
| neutron | Needs evaluation |
An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone federated token rescoping mechanism does not propagate the original token's expiry to the newly issued token. When a federated user rescopes a token via...
1 affected package
keystone
| Package | 16.04 LTS |
|---|---|
| keystone | Needs evaluation |
An issue was discovered in OpenStack Keystone before 29.0.2. When combined with an application credential impersonation vulnerability, an attacker with the member role on a project can escalate to admin by chaining unrestricted...
1 affected package
keystone
| Package | 16.04 LTS |
|---|---|
| keystone | Needs evaluation |