freerdp-2.11.1-1.fc38
Update to 2.11.1
Update to 2.11.0 (CVE-2023-39350, CVE-2023-39351, CVE-2023-39352, CVE-2023-39353, CVE-2023-39354, CVE-2023-39356, CVE-2023-40181, CVE-2023-40186, CVE-2023-40188, CVE-2023-40567, CVE-2023-40569 and CVE-2023-40589).
freerdp-2.11.1-1.fc39
Update to 2.11.1
Update to 2.11.0 (CVE-2023-39350, CVE-2023-39351, CVE-2023-39352, CVE-2023-39353, CVE-2023-39354, CVE-2023-39356, CVE-2023-40181, CVE-2023-40186, CVE-2023-40188, CVE-2023-40567, CVE-2023-40569 and CVE-2023-40589).
Memory corruption due to buffer over-read in Modem while processing SetNativeHandle RTP service.
Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.
Information disclosure in Automotive multimedia due to buffer over-read.
Posted by naphthalin via Fulldisclosure on Sep 04
The internet radio device auna IR-160 SE has multiple vulnerabilities.
It uses the firmware UIProto, different versions of which can also be
found in many other radios.
1. The firmware offers a rudimentary web API that can be reached on the
local network on port 80. This API is completely unauthenticated,
allowing anyone to control the radio over the local network. (already
known as CVE-2019-13474, but relevant for the other two findings)…
Posted by icudar via Fulldisclosure on Sep 04
The following is my 0day. This code, when executed on any website, disconnects the AtlasVPN linux client and leaks the
users IP address. I am not yet aware of it being used in the wild. However, it shows that AtlasVPN does not take their
users safety serious, because their software security decisions suck so massively that its hard to believe this is a
bug rather than a backdoor. Nobody can be this incompetent. I tried to contact their support…
IBM Security Guardium 10.6, 11.3, and 11.4 could allow an authenticated user to cause a denial of service due to due to improper input validation. IBM X-Force ID: 240894.
