Vulnerabilities > Debian > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-09-20 CVE-2019-19450 XML Injection (aka Blind XPath Injection) vulnerability in multiple products
paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '<unichar code="' followed by arbitrary Python code, a similar issue to CVE-2019-17626.
network
low complexity
reportlab debian CWE-91
critical
9.8
2023-08-31 CVE-2023-40181 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian fedoraproject CWE-191
critical
9.1
2023-08-31 CVE-2023-40186 Integer Overflow or Wraparound vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian fedoraproject CWE-190
critical
9.8
2023-08-31 CVE-2023-40188 Out-of-bounds Read vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian fedoraproject CWE-125
critical
9.1
2023-08-31 CVE-2023-40567 Out-of-bounds Write vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian fedoraproject CWE-787
critical
9.8
2023-08-31 CVE-2023-40569 Out-of-bounds Write vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian fedoraproject CWE-787
critical
9.8
2023-08-31 CVE-2023-39352 Out-of-bounds Write vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian fedoraproject CWE-787
critical
9.8
2023-08-31 CVE-2023-39353 Out-of-bounds Read vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian fedoraproject CWE-125
critical
9.1
2023-08-31 CVE-2023-39356 Out-of-bounds Read vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian fedoraproject CWE-125
critical
9.1
2023-08-31 CVE-2023-39355 Use After Free vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian CWE-416
critical
9.8