Search CVE reports
61 – 70 of 27727 results
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, When the server has called Server::set_trusted_proxies() with a non-empty trusted-proxy list, an attacker can send an HTTP request...
1 affected package
cpp-httplib
| Package | 26.04 LTS |
|---|---|
| cpp-httplib | Needs evaluation |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's planar bitmap decoder has an out-of-bounds heap write when decoding RLE planar data. In...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS |
|---|---|
| freerdp | Not in release |
| freerdp2 | Not in release |
| freerdp3 | Needs evaluation |
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, when cpp-httplib's server parses an incoming request, it applies percent-decoding to every header value except Location and...
1 affected package
cpp-httplib
| Package | 26.04 LTS |
|---|---|
| cpp-httplib | Needs evaluation |
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.43.4, negative chunk-size in chunked Transfer-Encoding causes unbounded memory allocation and process crash....
1 affected package
cpp-httplib
| Package | 26.04 LTS |
|---|---|
| cpp-httplib | Needs evaluation |
The brace-expansion library generates arbitrary strings containing a common prefix and suffix. From 5.0.0 to before 5.0.6, the max option was being applied too late. When expanding a single large numeric range like {1..10000000},...
1 affected package
node-brace-expansion
| Package | 26.04 LTS |
|---|---|
| node-brace-expansion | Needs evaluation |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without tracking the pointed...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS |
|---|---|
| freerdp | Not in release |
| freerdp2 | Not in release |
| freerdp3 | Needs evaluation |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS |
|---|---|
| freerdp | Not in release |
| freerdp2 | Not in release |
| freerdp3 | Needs evaluation |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard (cliprdr) channel by sending a CB_CLIP_CAPS PDU...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS |
|---|---|
| freerdp | Not in release |
| freerdp2 | Not in release |
| freerdp3 | Needs evaluation |
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image.
1 affected package
golang-golang-x-image
| Package | 26.04 LTS |
|---|---|
| golang-golang-x-image | Needs evaluation |
GitHub CLI (gh) is GitHub’s official command line tool. Prior to 2.93.0, GitHub CLI incorrectly includes authorization header in API requests to TUF repository mirrors via gh attestation, gh release verify, and gh...
2 affected packages
golang-github-cli-go-gh, golang-github-cli-go-gh-v2
| Package | 26.04 LTS |
|---|---|
| golang-github-cli-go-gh | Needs evaluation |
| golang-github-cli-go-gh-v2 | Needs evaluation |