Search CVE reports
211 – 220 of 30756 results
RabbitMQ is a messaging and streaming broker. Prior to 3.13.14, 4.0.19, 4.1.10, and 4.2.5, the rabbitmq_management HTTP API accepts oversized valid JSON bodies on with_decode and direct_request paths because read_complete_body...
1 affected package
rabbitmq-server
| Package | 26.04 LTS |
|---|---|
| rabbitmq-server | Needs evaluation |
RabbitMQ is a messaging and streaming broker. Prior to 4.1.11 and 4.2.6 on Windows, the RabbitMQ management plugin static file handler rabbit_mgmt_wm_static can pass URL-encoded backslashes to erl_prim_loader:read_file_info before...
1 affected package
rabbitmq-server
| Package | 26.04 LTS |
|---|---|
| rabbitmq-server | Needs evaluation |
h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. Prior to commit edd7a120bfc4af11ac0cbebce2a43cc1f93f9af1, when h2o processes a QPACK instruction sent from the peer over HTTP/3, lib/http3/qpack.c might allocate...
2 affected packages
h2o, dnsdist
| Package | 26.04 LTS |
|---|---|
| h2o | Not in release |
| dnsdist | Not affected |
FreeRDP is a free implementation of the Remote Desktop Protocol. From 3.21.0 before 3.28.0, FreeRDP clients using the GFX pipeline contain an incomplete fix for CVE-2026-23530 in planar_decompress_plane_rle_only...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS |
|---|---|
| freerdp | Not in release |
| freerdp2 | Not in release |
| freerdp3 | Needs evaluation |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0, FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled scan attacker-supplied DeviceName and VirtualChannelName...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS |
|---|---|
| freerdp | Not in release |
| freerdp2 | Not in release |
| freerdp3 | Needs evaluation |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0 on 32-bit builds, FreeRDP clients contain an integer overflow in update_read_delta_points in libfreerdp/core/orders.c when multiplying...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS |
|---|---|
| freerdp | Not in release |
| freerdp2 | Not in release |
| freerdp3 | Needs evaluation |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.27.1, FreeRDP clients launched with the non-default /cache:codec:rfx option pass desktop stride and height to RemoteFX decoding for Cache Bitmap V3 data...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS |
|---|---|
| freerdp | Not in release |
| freerdp2 | Not in release |
| freerdp3 | Needs evaluation |
Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, coturn rejects loopback peers by default unless allow-loopback-peers is enabled, but the default loopback guard can be bypassed by using the...
1 affected package
coturn
| Package | 26.04 LTS |
|---|---|
| coturn | Needs evaluation |
Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, the psd print sessions dump CLI command in coturn takes a filename argument and directly passes it to fopen with no path validation. An...
1 affected package
coturn
| Package | 26.04 LTS |
|---|---|
| coturn | Needs evaluation |
Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.12.0, the coturn HTTPS admin panel passes HTTP query parameters directly into SQL queries via snprintf string interpolation without sanitization. The...
1 affected package
coturn
| Package | 26.04 LTS |
|---|---|
| coturn | Needs evaluation |