Lucene search
K

1730 matches found

Cvelist
Cvelist
added yesterday15 views

CVE-2026-57157 Out-of-bounds read in the camera device enumerator server (rdpecam) via unterminated DeviceName / VirtualChannelName

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0, FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled scan attacker-supplied DeviceName and VirtualChannelName fields for a NUL terminator in...

6.5CVSS
Exploits0References6
Debian CVE
Debian CVE
added 3 days ago4 views

CVE-2026-56297

FreeRDP before 3.22.0 contains a use-after-free vulnerability in dvcmanchannelclose and dvcmancallonreceive due to improper synchronization of channelcallback access. A malicious RDP server can trigger a race condition by sending DYNVCDATA and DYNVCCLOSE messages concurrently, causing...

8.3CVSS6.5AI score0.00262EPSS
Exploits1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a malicious RDP server could cause the FreeRDP client to crash by sending audio data in IMA ADPCM format with an invalid initial step index value = 89. The invalid step index was read directly from the netwo...

6.9CVSS6AI score0.00256EPSS
Exploits1References3
OSV
OSV
added 2026/06/24 1:11 p.m.4 views

OESA-2026-2721 freerdp security update

FreeRDP is a client implementation of the Remote Desktop Protocol RDP that follows Microsoft's open specifications. This package provides the client applications xfreerdp. Security Fixes: A NULL pointer dereference vulnerability exists in the rdpwritelogoninfov2 function of FreeRDP remote desktop...

7.5CVSS5.9AI score0.00467EPSS
Exploits0References2
Fedora
Fedora
added 2026/06/22 12:51 a.m.4 views

[SECURITY] Fedora 44 Update: freerdp-3.27.1-1.fc44

The xfreerdp & wlfreerdp Remote Desktop Protocol RDP clients from the FreeR DP project. xfreerdp & wlfreerdp can connect to RDP servers such as Microsoft Windows machines, xrdp and VirtualBox...

7.5CVSS5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.4 views

Amazon Linux 2 : freerdp, --advisory ALAS2-2026-3356 (ALAS-2026-3356)

The version of freerdp installed on the remote host is prior to 2.11.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3356 advisory. FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdiCacheToSurface that allows remote attackers to...

9.8CVSS6.5AI score0.03453EPSS
Exploits4References10
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The affected versions are subject to an integer underflow leading to out-of-bounds read operations in the zgfxdecompresssegment function. In the context of CopyMemory, it’s possible to read dat...

9.1CVSS7AI score0.01432EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/18 12:16 p.m.9 views

CVE-2026-40033

A flaw was found in FreeRDP.If a user connects to a malicious Remote Desktop RDP server, a security flaw in FreeRDP could cause the application to crash or allow the server to run unauthorized code on the user's system. Mitigation To mitigate this issue, users should avoid connecting to untrusted...

8.8CVSS5.4AI score0.00827EPSS
Exploits1References6
Redos
Redos
added 2026/06/15 12:0 a.m.9 views

ROS-20260615-73-0038

The vulnerability of the progressivedecompresstileupgrade function in the RDP client FreeRDP is related to integer overflow. Exploiting this vulnerability could allow a malicious actor to cause service failure...

7.5CVSS4.8AI score0.00426EPSS
Exploits0
Redos
Redos
added 2026/06/15 12:0 a.m.7 views

ROS-20260615-73-0026

The vulnerabilities of the functions xfSetWindowMinMaxInfo and xfrailgetwindow in the RDP client FreeRDP are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protecte...

9.8CVSS8.4AI score0.00599EPSS
Exploits1
Redos
Redos
added 2026/06/15 12:0 a.m.7 views

ROS-20260615-73-0016

The vulnerability of the gdiSurfaceCommandClearCodec function in the RDP client FreeRDP is caused by a buffer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

8.8CVSS8.3AI score0.00537EPSS
Exploits1
Redos
Redos
added 2026/06/15 12:0 a.m.9 views

ROS-20260615-73-0011

The vulnerability of the planardecompressplanerle function in the FreeRDP RDP client is related to data writing beyond the specified buffer. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

8.8CVSS7.8AI score0.00591EPSS
Exploits1
Redos
Redos
added 2026/06/11 12:0 a.m.7 views

ROS-20260611-73-0005

The vulnerability of the planardecompressplanerle function in the FreeRDP RDP client is related to buffer overflow in the dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service failure...

9.8CVSS6.4AI score0.00443EPSS
Exploits1
Redos
Redos
added 2026/06/11 12:0 a.m.8 views

ROS-20260611-73-0012

The vulnerability of the cleardecompressresidualdata function in the RDP client FreeRDP is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service failures...

9.8CVSS6.3AI score0.00434EPSS
Exploits1
Redos
Redos
added 2026/06/11 12:0 a.m.8 views

ROS-20260611-73-0034

The vulnerability of the ecamchannelwrite function in the FreeRDP remote desktop protocol is related to the use of memory after it is freed. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

8.7CVSS7.2AI score0.00628EPSS
Exploits0
Redos
Redos
added 2026/06/11 12:0 a.m.9 views

ROS-20260611-73-0002

The vulnerability of the URBDRC RDP-client-freeRDP device lies in unvalidated array indexing. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause service failures...

9.1CVSS6AI score0.00756EPSS
Exploits1
NVD
NVD
added 2026/06/09 5:17 p.m.26 views

CVE-2026-42908

Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network...

7.5CVSS0.0087EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.24 views

TencentOS Server 4: wireshark (TSSA-2026:0340)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0340 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

8.8CVSS8AI score0.0039EPSS
Exploits4References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:10 p.m.12 views

CVE-2026-35245

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via RDP to compromise Oracle VM VirtualBox. Successful attacks of this...

7.5CVSS7.3AI score0.00253EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2026/06/01 10:3 a.m.28 views

Security update for wireshark

This update for wireshark fixes the following issues CVE-2026-5401: AFP dissector crash bsc1263756. CVE-2026-5403: SBC audio codec crash bsc1263765. CVE-2026-5404: K12 RF5 file parser crash bsc1263766. CVE-2026-5405: RDP dissector crash bsc1263767. CVE-2026-5406: FC-SWILS dissector crash...

8.8CVSS6.7AI score0.00206EPSS
Exploits29References116
Rows per page
Query Builder