CVE-2026-33985 FreeRDP: ClearCodec Glyph Cache Count Desync - Heap OOB Read

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, pixel data from adjacent heap memory is rendered to screen, potentially leaking sensitive data to the attacker. This issue has been patched in version 3.24.2...

CVE-2026-33985

CVE-2026-33985 is tracked in Debian as a vulnerability affecting ClearCodec, described as a Glyph Cache Count Desync leading to a Heap OOB Read. The connected document provides only the summary Severity/Impact: a heap out-of-bounds read resulting from an internal glyph cache count desynchronizati...

CVE-2026-33985 FreeRDP: ClearCodec Glyph Cache Count Desync - Heap OOB Read

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, pixel data from adjacent heap memory is rendered to screen, potentially leaking sensitive data to the attacker. This issue has been patched in version 3.24.2...

CVE-2026-33985

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, pixel data from adjacent heap memory is rendered to screen, potentially leaking sensitive data to the attacker. This issue has been patched in version 3.24.2...

CVE-2026-33985

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, pixel data from adjacent heap memory is rendered to screen, potentially leaking sensitive data to the attacker. This issue has been patched in version 3.24.2...

CVE-2026-33985

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, pixel data from adjacent heap memory is rendered to screen, potentially leaking sensitive data to the attacker. This issue has been patched in version 3.24.2...

MiracleLinux 8 : freerdp-2.2.0-1.el8 (AXSA:2021-2116:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2116:01 advisory. freerdp: out of bounds read in TrioParse CVE-2020-4030 freerdp: out of bound reads resulting in accessing memory location outside of static array...

EUVD-2020-25297

Malware in sbrugna...

EUVD-2020-3456

Malware in sbrugna...

SUSE CVE-2020-4032

In FreeRDP before version 2.1.2, there is an integer casting vulnerability in updaterecvsecondaryorder. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2...

SUSE CVE-2020-11098

In FreeRDP before version 2.1.2, there is an out-of-bound read in glyphcacheput. This affects all FreeRDP clients with +glyph-cache option enabled This is fixed in version 2.1.2...

SUSE CVE-2020-25725

In Xpdf 4.02, SplashOutputDev::endType3CharGfxState state SplashOutputDev.cc:3079 is trying to use the freed t3GlyphStack-cache, which causes an heap-use-after-free problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to...

freerdp: out-of-bound read in glyph_cache_put

In FreeRDP before version 2.1.2, there is an out-of-bound read in glyphcacheput. This affects all FreeRDP clients with +glyph-cache option enabled This is fixed in version 2.1.2...

CVE-2020-25725

In Xpdf 4.02, SplashOutputDev::endType3CharGfxState state SplashOutputDev.cc:3079 is trying to use the freed t3GlyphStack-cache, which causes an heap-use-after-free problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to...

Huawei EulerOS: Security Advisory for freerdp (EulerOS-SA-2020-2245)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

freerdp is vulnerable to denial of service DoS. The vulnerability exists in FreeRDP before version 2.1.2, there is an integer casting vulnerability in updaterecvsecondaryorder. All clients with +glyph-cache /relax-order-checks are affected...

CVE-2020-4032

In FreeRDP before version 2.1.2, there is an integer casting vulnerability in updaterecvsecondaryorder. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2. Mitigation Do not run the freerdp client with the +glyph-cache and /relax-order-checks options...

CVE-2020-11098

In FreeRDP before version 2.1.2, there is an out-of-bound read in glyphcacheput. This affects all FreeRDP clients with +glyph-cache option enabled This is fixed in version 2.1.2. Mitigation Do not use the +glyphcache option in the freerdp client, which is disabled by default in freerdp-2.0.0.rc4...

FreeRDP Buffer Overflow Vulnerability (CNVD-2020-35692)

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. A buffer overflow vulnerability exists in glyphcacheput in versions prior to FreeRDP 2.1.2. The vulnerability stems from a networked system or product performing operations in memory without properl...

CVE-2020-4032

In FreeRDP before version 2.1.2, there is an integer casting vulnerability in updaterecvsecondaryorder. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2...