20 matches found
Astra Linux - уязвимость в freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.22.0, the ecamencodercompressh264 function relied on server-controlled dimensions and did not validate the source buffer size, resulting in a out-of-bounds read in swsscale. This vulnerability has been fixed in...
Astra Linux - уязвимость в freerdp2
FreeRDP is a free remote desktop protocol library and client. Versions of FreeRDP that are affected may attempt integer additions on too narrow types, resulting in the allocation of a buffer that is too small to hold the written data. A malicious server can trick a FreeRDP-based client into readi...
FreeRDP: FreeRDP: Denial of Service via specially crafted Remote Desktop Protocol messages
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A remote attacker could exploit this vulnerability by sending a specially crafted RDP message. This can lead to an undefined behavior where a wrapped value is used as a shift exponent, causing an approximately ...
freerdp: FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks
An out of bounds read flaw has been discovered in FreeRDP. This out-of-bounds read exists in the MS-ADPCM and IMA-ADPCM decoders due to unchecked predictor and stepindex values from input data. An attacker may be able to leverage this weakness to leak global data...
EUVD-2026-25381
FreeRDP is a free implementation of the Remote Desktop Protocol. Versions prior to 3.25.0 have an off-by-one in the path traversal filter in channels/drive/client/drivefile.c. The containsdotdot function catches ../ and ..\ mid-path but misses .. when it's the last component with no trailing...
CVE-2026-33977
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit this vulnerability by sending specially crafted audio data in IMA ADPCM format with an invalid initial step index value. This unvalidated input can cause the FreeRDP client to...
freerdp: FreeRDP: Denial of Service and potential code execution via client-side heap buffer overflow
A flaw was found in FreeRDP. A malicious server can exploit a client-side heap buffer overflow vulnerability in the gdiSurfaceToSurface path. This vulnerability, caused by a mismatch in memory handling, can lead to a crash Denial of Service of the client application. Furthermore, it carries a ris...
CVE-2026-23883
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A malicious server can exploit a use-after-free vulnerability by enticing a client to connect to it. This can lead to a client-side crash, resulting in a Denial of Service DoS, and potentially allow for arbitrary...
PT-2026-22016
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.23.0 Description A missing bounds check in the smartcard unpack read size align function within libfreerdp/utils/smartcard pack.c can cause the FreeRDP client to crash when connecting to a malicious RDP server. This...
EUVD-2025-15458
Malicious code in bioql PyPI...
Important: freerdp
Issue Overview: A flaw was found in the FreeRDP used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL...
UBUNTU-CVE-2025-4478
A flaw was found in the FreeRDP used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL pointer dereference...
Linux Distros Unpatched Vulnerability : CVE-2020-11099
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In FreeRDP before version 2.1.2, there is an out of bounds read in licensereadneworupgradelicensepacket. A manipulated license packet can lead to out of bound...
freerdp: missing offset validation leading to Out Of Bound Read
A flaw was found in FreeRDP. In the libfreerdp/codec/rfx.c file, there is no offset validation in tile-quantIdxY, tile-quantIdxCb, and tile-quantIdxCr. As a result, crafted input can lead to an out-of-bounds read, which may result in a crash...
SUSE CVE-2020-11018
In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. Malicious clients could trigger out of bound reads causing memory allocation with random size. This has been fixed in 2.1.0...
SUSE CVE-2020-11048
In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read. It only allows to abort a session. No data extraction is possible. This has been fixed in 2.0.0...
USN-5461-1 freerdp2 vulnerabilities
It was discovered that FreeRDP incorrectly handled empty password values. A remote attacker could use this issue to bypass server authentication. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10. CVE-2022-24882 It was discovered that FreeRDP incorrectly handled server...
freerdp: improper region checks in all clients allow out of bound write to memory
A flaw was found in the FreeRDP client where it fails to validate input data when using connections with GDI or SurfaceCommands. This flaw could allow a malicious server sending graphics updates to a client to cause an out of bounds write in client memory using a specially crafted input. The...
freerdp: improper region checks in all clients allow out of bound write to memory
A flaw was found in the FreeRDP client where it fails to validate input data when using connections with GDI or SurfaceCommands. This flaw could allow a malicious server sending graphics updates to a client to cause an out of bounds write in client memory using a specially crafted input. The...
freerdp: Out-of-bounds write in planar.c
A flaw was found in freerdp in versions between 1.0 and 2.0.0. An out-of-bounds memory write was found in the planar.c function which could allow an attacker to control data sent from the RDP server to the client. The highest threat from this vulnerability is to data confidentiality and integrity...