14 matches found
RockyLinux 8 : freerdp (RLSA-2026:6005)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:6005 advisory. freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path CVE-2026-26965 freerdp: FreeRDP: Arbitrary code executi...
SUSE: Security Advisory (SUSE-SU-2026:1165-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MiracleLinux 9 : freerdp-2.11.7-1.el9_7.3 (AXSA:2026-391:09)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-391:09 advisory. freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path CVE-2026-26965 freerdp: FreeRDP: Arbitrary code...
SUSE SLED15: freerdp2 / freerdp2-devel / freerdp2-proxy / freerdp2-server / etc (SUSE-SU-2026:1164-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1164-1 advisory. - CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing bsc1258979. - CVE-2026-26955: Out-of-bounds Write...
Important: Red Hat Security Advisory: freerdp security update
An update for freerdp is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
SUSE SLES15: freerdp / freerdp-devel / freerdp-proxy / freerdp-server / etc (SUSE-SU-2026:1160-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1160-1 advisory. - CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing bsc1258979. - CVE-2026-26955: Out-of-bounds Write in freerdp...
MiracleLinux 8 : freerdp-2.11.7-4.el8_10 (AXSA:2026-379:08)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-379:08 advisory. freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path CVE-2026-26965 freerdp: FreeRDP: Arbitrary code...
AlmaLinux 9 : freerdp (ALSA-2026:6004)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:6004 advisory. freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path CVE-2026-26965 freerdp: FreeRDP: Arbitrary code executio...
Oracle Linux 8 : freerdp (ELSA-2026-6005)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6005 advisory. 2:2.11.7-4 - Backport several CVE fixes Resolves: RHEL-151979, RHEL-152206 Tenable has extracted the preceding description block directly from the Orac...
AlmaLinux 10 : freerdp (ALSA-2026:5939)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:5939 advisory. freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path CVE-2026-26965 freerdp: FreeRDP: Arbitrary code executi...
Oracle Linux 10 : freerdp (ELSA-2026-5939)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-5939 advisory. 2:3.10.3-5.3 - Backport several CVE fixes Resolves: RHEL-151975, RHEL-152202 Tenable has extracted the preceding description block directly from the...
Fedora: Security Advisory (FEDORA-2026-53fe996a57)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2026-be60dd75d9)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2026-26965 FreeRDP has Out-of-bounds Write
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, planardecompressplanerle writes into pDstData at nYDst+y nDstStep + 4nXDst + nChannel without verifying that nYDst+nSrcHeight fits in the destination height or that...