Lucene search
K

8 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, railwindowfree dereferenced a freed xfAppWindow pointer during HashTableFree cleanup. This was due to xfrailwindowcommon calling freeappWindow in case of title allocation failures, without first removing the...

7.5CVSS7.1AI score0.00476EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfSetWindowMinMaxInfo dereferenced a freed xfAppWindow pointer because xfrailgetwindow in xfrailserverminmaxinfo returned an unprotected pointer from the railWindows hash table. This could allow the main...

9.8CVSS5.8AI score0.00599EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.2 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: freerdp (UTSA-2026-007173)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007173 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, railwindowfree dereferences a freed xfAppWindow pointer during HashTableFre...

7.5CVSS5.8AI score0.00476EPSS
Exploits1References4
OSV
OSV
added 2026/02/25 9:16 p.m.1 views

UBUNTU-CVE-2026-25954

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfrailserverlocalmovesize dereferences a freed xfAppWindow pointer because xfrailgetwindow returns an unprotected pointer from the railWindows hash table, and the main thread can concurrently delete the wind...

7.5CVSS5.8AI score0.00486EPSS
Exploits1References10
OSV
OSV
added 2026/02/25 9:16 p.m.3 views

UBUNTU-CVE-2026-25952

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfSetWindowMinMaxInfo dereferences a freed xfAppWindow pointer because xfrailgetwindow in xfrailserverminmaxinfo returns an unprotected pointer from the railWindows hash table, and the main thread can...

9.8CVSS5.8AI score0.00599EPSS
Exploits1References13
CVE
CVE
added 2026/02/25 9:1 p.m.96 views

CVE-2026-26986

CVE-2026-26986 affects FreeRDP prior to version 3.23.0. The root cause is a use-after-free: during HashTable_Free cleanup, xf_rail_window_common frees appWindow without first removing the corresponding entry from the railWindows hash table, leaving a dangling pointer that is freed again on discon...

7.5CVSS5.5AI score0.00476EPSS
Exploits1References8Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/25 8:30 p.m.4 views

CVE-2026-25954 FreeRDP has heap-use-after-free in xf_rail_server_local_move_size

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfrailserverlocalmovesize dereferences a freed xfAppWindow pointer because xfrailgetwindow returns an unprotected pointer from the railWindows hash table, and the main thread can concurrently delete the wind...

6.9CVSS5.9AI score0.00486EPSS
Exploits1References8
AlpineLinux
AlpineLinux
added 2026/02/25 8:24 p.m.2 views

CVE-2026-25952

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfSetWindowMinMaxInfo dereferences a freed xfAppWindow pointer because xfrailgetwindow in xfrailserverminmaxinfo returns an unprotected pointer from the railWindows hash table, and the main thread can...

9.8CVSS5.9AI score0.00599EPSS
Exploits1
Rows per page
Query Builder