MiracleLinux 9 : freerdp-2.11.7-1.el9 (AXSA:2024-9208:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9208:05 advisory. freerdp: Integer Overflow leading to Heap Overflow in freerdpbitmapplanarcontextreset CVE-2024-22211 freerdp: out-of-bounds read in ncrushdecompress...

MiracleLinux 7 : freerdp-2.1.1-5.0.3.el7.AXS7 (AXSA:2025-9718:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9718:01 advisory. FreeRDP is a fork of the rdesktop project. Security fixes: - CVE-2024-32458: fix missing input length checks - CVE-2024-32459: fix missing input...

CVE-2025-32458

The CVE-2025-32458 entry affects Quantenna Wi‑Fi chipset firmware (through version 8.0.0.28 of the latest SDK). The local control script router_command.sh (in the get_syslog_from_qtn argument) is vulnerable to command injection (CWE-88). The issue is described as LOCAL, with LOW privileges, NONE ...

CVE-2025-32458 ON Semiconductor Quantenna router_command.sh (in the get_syslog_from_qtn argument) Argument Injection

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the getsyslogfromqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...

CVE-2025-32458 ON Semiconductor Quantenna router_command.sh (in the get_syslog_from_qtn argument) Argument Injection

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the getsyslogfromqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...

Ubuntu: Security Advisory (USN-7371-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RockyLinux 9 : freerdp (RLSA-2024:9092)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:9092 advisory. freerdp: Integer Overflow leading to Heap Overflow in freerdpbitmapplanarcontextreset CVE-2024-22211 freerdp: out-of-bounds read in ncrushdecompress...

USN-7341-1 freerdp2 vulnerabilities

Evgeny Legerov discovered that FreeRDP incorrectly handled certain memory operations. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2024-3203...

Linux Distros Unpatched Vulnerability : CVE-2024-32458

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to...

RHEL 9 : freerdp (RHSA-2024:9092)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:9092 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to R...

Fedora: Security Advisory (FEDORA-2024-050266dc33)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-982a7184e0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-1b11432d52)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2 : freerdp (ALAS-2024-2537)

The version of freerdp installed on the remote host is prior to 2.11.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2537 advisory. 2024-06-06: CVE-2024-32660 was added to this advisory. FreeRDP is a set of free and open source remote desktop protocol...

openSUSE Security Advisory (SUSE-SU-2024:1610-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED12 / SLES12 Security Update : freerdp (SUSE-SU-2024:1609-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1609-1 advisory. - FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : FreeRDP vulnerabilities (USN-6749-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6749-1 advisory. It was discovered that FreeRDP incorrectly handled certain context resets. If a user were tricked into connecting to a malicious...

USN-6749-1: FreeRDP vulnerabilities

It was discovered that FreeRDP incorrectly handled certain context resets. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2024-22211 Evgeny...

CVE-2024-32458

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use /gfx or /rfx modes on by default, require server side...

CVE-2024-32458

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use /gfx or /rfx modes on by default, require server side...