Page 90 of 3272 results (0.013 seconds)

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1

CVE-2020-11019 – Out of bound read in update_recv in FreeRDP

https://notcve.org/view.php?id=CVE-2020-11019

In FreeRDP less than or equal to 2.0.0, when running with logger set to "WLOG_TRACE", a possible crash of application could occur due to a read of an invalid array index. Data could be printed as string to local terminal. This has been fixed in 2.1.0. En FreeRDP versiones anteriores o iguales a 2.0.0, cuando se ejecuta con el registrador establecido en "WLOG_TRACE", podría producirse un posible bloqueo de aplicación debido a una lectura de un índice de matriz no válido. Los datos podrían ser impresos como una cadena en una terminal local. • https://github.com/Lixterclarixe/CVE-2020-11019 http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-wvrr-2f4r-hjvh https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://access.redhat.com/security/cve/CVE-2020-11019 https://bugzilla.redhat.com/show_bug.cgi?id=1848012 • CWE-125: Out-of-bounds Read •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-11086 – Out-of-bounds Read in FreeRDP `ntlm_read_ntlm_v2_response`

https://notcve.org/view.php?id=CVE-2020-11086

In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_ntlm_v2_client_challenge that reads up to 28 bytes out-of-bound to an internal structure. This has been fixed in 2.1.0. En FreeRDP versiones anteriores o iguales a 2.0.0, se presenta una lectura fuera de límites en la función ntlm_read_ntlm_v2_client_challenge que lee hasta 28 bytes fuera del límite en una estructura interna. Esto ha sido corregido en la versión 2.1.0. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/commit/c098f21fdaadca57ff649eee1674f6cc321a2ec4 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-fg8v-w34r-c974 https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://access.redhat.com/security/cve/CVE-2020-11086 https://bugzilla.redhat.com/show_bug.cgi?id=1844166 • CWE-125: Out-of-bounds Read •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-11088 – Out-of-bound read in FreeRDP

https://notcve.org/view.php?id=CVE-2020-11088

In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. This has been fixed in 2.1.0. En FreeRDP versiones anteriores o iguales a 2.0.0, se presenta una lectura fuera de límite en la función ntlm_read_NegotiateMessage. Esto ha sido corregido en la versión 2.1.0. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/commit/8fa38359634a9910b91719818ab02f23c320dbae https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-xh4f-fh87-43hp https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://access.redhat.com/security/cve/CVE-2020-11088 https://bugzilla.redhat.com/show_bug.cgi?id=1844177 • CWE-125: Out-of-bounds Read •

CVSS: 6.9EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-11038 – Integer Overflow to Buffer Overflow in FreeRDP

https://notcve.org/view.php?id=CVE-2020-11038

In FreeRDP less than or equal to 2.0.0, an Integer Overflow to Buffer Overflow exists. When using /video redirection, a manipulated server can instruct the client to allocate a buffer with a smaller size than requested due to an integer overflow in size calculation. With later messages, the server can manipulate the client to write data out of bound to the previously allocated buffer. This has been patched in 2.1.0. En FreeRDP versiones anteriores o iguales a 2.0.0, se presenta un Desbordamiento de Enteros en un Desbordamiento de Búfer. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-h25x-cqr6-fp6g https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html https://access.redhat.com/security/cve/CVE-2020-11038 https://bugzilla.redhat.com/show_bug.cgi?id=1848018 • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 3.2EPSS: 0%CPEs: 8EXPL: 0

CVE-2020-13362

https://notcve.org/view.php?id=CVE-2020-13362

In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user. En QEMU versión 5.0.0 y versiones anteriores, la función megasas_lookup_frame en el archivo hw/scsi/megasas.c presenta una lectura fuera de límites mediante el campo reply_queue_head desde un usuario invitado del Sistema Operativo. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00086.html http://www.openwall.com/lists/oss-security/2020/05/28/2 https://lists.debian.org/debian-lts-announce/2020/06/msg00032.html https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg03131.html https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg06250.html https://security-tracker.debian.org/tracker/CVE-2020-13362 https://security • CWE-125: Out-of-bounds Read •