Aggregator

CVE-2022-20520 | Google Android 13.0 tapjacking/overlay onCreate ui layer (A-227203202 / EUVD-2022-25780)

Vuldb Updates
3 weeks 6 days ago
A vulnerability has been found in Google Android 13.0 and classified as problematic. Affected by this issue is the function onCreate of the file tapjacking/overlay. The manipulation leads to improper restriction of rendered ui layers. This vulnerability is uniquely identified as CVE-2022-20520. Local access is required to approach this attack. No exploit exists. To fix this issue, it is recommended to deploy a patch.
vuldb.com

CVE-2022-20521 | Google Android 13.0 sdp_utils.cc sdpu_find_most_specific_service_uuid denial of service (A-227203684 / EUVD-2022-25781)

Vuldb Updates
3 weeks 6 days ago
A vulnerability was found in Google Android 13.0 and classified as problematic. This affects the function sdpu_find_most_specific_service_uuid of the file sdp_utils.cc. The manipulation results in denial of service. This vulnerability was named CVE-2022-20521. The attack needs to be approached locally. There is no available exploit. It is advisable to implement a patch to correct this issue.
vuldb.com

CVE-2022-20519 | Google Android 13.0 AddAppNetworksActivity.java onCreate permission (A-224772678 / EUVD-2022-25779)

Vuldb Updates
3 weeks 6 days ago
A vulnerability, which was classified as critical, was found in Google Android 13.0. Affected by this vulnerability is the function onCreate of the file AddAppNetworksActivity.java. Executing a manipulation can lead to permission issues. This vulnerability is handled as CVE-2022-20519. It is possible to launch the attack on the local host. There is not any exploit available. A patch should be applied to remediate this issue.
vuldb.com

CVE-2026-6662 | ericc-ch copilot-api up to 0.7.0 Token Endpoint src/server.ts cors cross-domain policy (EUVD-2026-23923)

VulDB Recent Entries
3 weeks 6 days ago
A vulnerability marked as critical has been reported in ericc-ch copilot-api up to 0.7.0. The impacted element is the function cors of the file src/server.ts of the component Token Endpoint. Performing a manipulation results in permissive cross-domain policy with untrusted domains. This vulnerability is cataloged as CVE-2026-6662. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2026-33986 | FreeRDP up to 3.24.1 libfreerdp/codec/h264.c yuv_ensure_buffer heap-based overflow (EUVD-2026-17233 / WID-SEC-2026-0880)

Vuldb Updates
3 weeks 6 days ago
A vulnerability was found in FreeRDP up to 3.24.1. It has been declared as critical. Affected is the function yuv_ensure_buffer of the file libfreerdp/codec/h264.c. The manipulation results in heap-based buffer overflow. This vulnerability is identified as CVE-2026-33986. The attack can be executed remotely. There is not any exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2026-33987 | FreeRDP up to 3.24.1 persistent.c persistent_cache_read_entry_v3 heap-based overflow (EUVD-2026-17235 / WID-SEC-2026-0880)

Vuldb Updates
3 weeks 6 days ago
A vulnerability categorized as critical has been discovered in FreeRDP up to 3.24.1. Affected by this issue is the function persistent_cache_read_entry_v3 of the file libfreerdp/cache/persistent.c. Such manipulation leads to heap-based buffer overflow. This vulnerability is listed as CVE-2026-33987. The attack must be carried out locally. There is no available exploit. It is advisable to upgrade the affected component.
vuldb.com

CVE-2026-33984 | FreeRDP up to 3.24.1 libfreerdp/codec/clear.c resize_vbar_entry heap-based overflow (EUVD-2026-17229 / Nessus ID 306776)

Vuldb Updates
3 weeks 6 days ago
A vulnerability was found in FreeRDP up to 3.24.1 and classified as critical. This affects the function resize_vbar_entry of the file libfreerdp/codec/clear.c. Executing a manipulation can lead to heap-based buffer overflow. The identification of this vulnerability is CVE-2026-33984. The attack may be launched remotely. There is no exploit available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2026-33983 | FreeRDP up to 3.24.1 progressive_decompress_tile_upgrade integer overflow (EUVD-2026-17227 / Nessus ID 306291)

Vuldb Updates
3 weeks 6 days ago
A vulnerability identified as problematic has been detected in FreeRDP up to 3.24.1. Affected is the function progressive_decompress_tile_upgrade. This manipulation causes integer overflow. This vulnerability is registered as CVE-2026-33983. Remote exploitation of the attack is possible. No exploit is available. You should upgrade the affected component.
vuldb.com

CVE-2026-33982 | FreeRDP up to 3.24.1 winpr_aligned_offset_recalloc out-of-bounds (EUVD-2026-17225 / WID-SEC-2026-0880)

Vuldb Updates
3 weeks 6 days ago
A vulnerability was found in FreeRDP up to 3.24.1. It has been rated as critical. Affected by this vulnerability is the function winpr_aligned_offset_recalloc. This manipulation causes out-of-bounds read. This vulnerability is tracked as CVE-2026-33982. The attack is restricted to local execution. No exploit exists. Upgrading the affected component is advised.
vuldb.com

CVE-2026-33952 | FreeRDP up to 3.24.1 rts_read_auth_verifier_no_checks auth_length assertion (EUVD-2026-17221 / Nessus ID 306291)

Vuldb Updates
3 weeks 6 days ago
A vulnerability, which was classified as problematic, was found in FreeRDP up to 3.24.1. The affected element is the function rts_read_auth_verifier_no_checks. Such manipulation of the argument auth_length leads to reachable assertion. This vulnerability is uniquely identified as CVE-2026-33952. The attack can be launched remotely. No exploit exists. You should upgrade the affected component.
vuldb.com

Managed ad