|
371
|
- |
|
-
|
-
|
xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in its logon processing. In environments where domain_user_separator is configured in xrd…
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-32624
|
2026-04-18 05:16 |
2026-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
372
|
- |
|
-
|
-
|
xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in the NeutrinoRDP module. When proxying RDP sessions from xrdp to another server, the mo…
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-32623
|
2026-04-18 05:16 |
2026-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
373
|
7.7 |
HIGH
Local
|
-
|
-
|
Anviz CX7 Firmware is
vulnerable because the application embeds reusable certificate/key
material, enabling decryption of MQTT traffic and potential interaction
with device messaging channels at s…
|
CWE-321
Use of Hard-coded Cryptographic Key
|
CVE-2026-32324
|
2026-04-18 05:16 |
2026-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
374
|
8.8 |
HIGH
Local
|
-
|
-
|
xrdp is an open source RDP server. In versions through 0.10.5, the session execution component did not properly handle an error during the privilege drop process. This improper privilege management c…
|
CWE-273
Improper Check for Dropped Privileges
|
CVE-2026-32107
|
2026-04-18 05:16 |
2026-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
375
|
- |
|
-
|
-
|
xrdp is an open source RDP server. In versions through 0.10.5, xrdp does not implement verification for the Message Authentication Code (MAC) signature of encrypted RDP packets when using the "Classi…
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2026-32105
|
2026-04-18 05:16 |
2026-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
376
|
4.9 |
MEDIUM
Network
|
-
|
-
|
Anviz CX7 Firmware is vulnerable to an authenticated CSV upload which allows path traversal
to overwrite arbitrary files (e.g., /etc/shadow), enabling unauthorized
SSH access when combined with deb…
|
CWE-23
Relative Path Traversal
|
CVE-2026-31927
|
2026-04-18 05:16 |
2026-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
377
|
8.2 |
HIGH
Network
|
-
|
-
|
Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when the server receives an op_crypt_key_callback packet without prior authentication, …
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-28224
|
2026-04-18 05:16 |
2026-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
378
|
5.1 |
MEDIUM
Local
|
huawei
|
harmonyos
|
Out-of-bounds write vulnerability in the WEB module.Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
|
CWE-120
Classic Buffer Overflow
|
CVE-2026-34866
|
2026-04-18 04:26 |
2026-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
379
|
9.1 |
CRITICAL
Network
|
huawei
|
harmonyos
|
Out-of-bounds write vulnerability in the WEB module.Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-34865
|
2026-04-18 04:25 |
2026-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
380
|
5.7 |
MEDIUM
Local
|
huawei
|
harmonyos
emui
|
Out-of-bounds write vulnerability in the kernel module.
Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
|
CWE-20
Improper Input Validation
|
CVE-2026-34855
|
2026-04-18 04:25 |
2026-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
