Shodan
Vulnerabilities
Vulnerable Software
Fedoraproject:  Security Vulnerabilities
CVE-2024-32458
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use `/gfx` or `/rfx` modes (on by default, require server side support).
CVSS Score
9.8
EPSS Score
0.003
Published
2024-04-22
CVE-2023-50008
FFmpeg v.n6.1-3-g466799d4f5 allows memory consumption when using the colorcorrect filter, in the av_malloc function in libavutil/mem.c:105:9 component.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-04-19
CVE-2023-50009
FFmpeg v.n6.1-3-g466799d4f5 allows a heap-based buffer overflow via the ff_gaussian_blur_8 function in libavfilter/edge_template.c:116:5 component.
CVSS Score
8.0
EPSS Score
0.0
Published
2024-04-19
CVE-2023-50010
FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ff_gradfun_blur_line_movdqa_sse2, as demonstrated by a call to the set_encoder_id function in /fftools/ffmpeg_enc.c component.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-04-19
CVE-2023-49501
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the config_eq_output function in the libavfilter/asrc_afirsrc.c:495:30 component.
CVSS Score
8.0
EPSS Score
0.0
Published
2024-04-19
CVE-2023-49502
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_bwdif_filter_intra_c function in the libavfilter/bwdifdsp.c:125:5 component.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-04-19
CVE-2023-50007
FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use of a parameter of negative size in the av_samples_set_silence function in thelibavutil/samplefmt.c:260:9 component.
CVSS Score
4.0
EPSS Score
0.0
Published
2024-04-19
CVE-2024-22640
TCPDF version <=6.6.5 is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted HTML page with a crafted color.
CVSS Score
7.5
EPSS Score
0.012
Published
2024-04-19
CVE-2023-3758
A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.
CVSS Score
7.1
EPSS Score
0.0
Published
2024-04-18
CVE-2024-31585
FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in libavfilter/avf_showspectrum.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVSS Score
5.3
EPSS Score
0.0
Published
2024-04-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved