Lucene search
+L

1883 matches found

nessus
nessus
added 2 days ago4 views

KB5101650: Windows 11 Version 24H2 / Windows 11 Version 25H2 Security Update (July 2026)

The remote Windows host is missing security update 5101650. It is, therefore, affected by multiple vulnerabilities - Integer overflow or wraparound in Windows RDP allows an unauthorized attacker to execute code over a network. CVE-2026-58594 - Heap-based buffer overflow in Windows FTP Service...

9.9CVSS6.4AI score0.02545EPSS
Exploits2References379
ptsecurity
ptsecurity
added 2 days ago4 views

PT-2026-58423

Name of the Vulnerable Software and Affected Versions Windows RDP affected versions not specified Description A buffer over-read in Windows RDP allows an unauthorized attacker to disclose sensitive information over a network and affect the system. A buffer over-read occurs when a program reads mo...

6.5CVSS6.1AI score0.00666EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2 days ago5 views

PT-2026-58269

Name of the Vulnerable Software and Affected Versions Windows RDP affected versions not specified Description An out-of-bounds read in Windows Remote Desktop Protocol RDP allows an unauthorized attacker to disclose information over a network. An out-of-bounds read occurs when a program reads data...

6.5CVSS6.1AI score0.00666EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2 days ago11 views

PT-2026-58247

Use of uninitialized resource in Windows RDP allows an unauthorized attacker to disclose information over a network...

6.5CVSS6.1AI score0.00666EPSS
Exploits0References4
redhatcve
redhatcve
added 6 days ago7 views

CVE-2026-57158

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. FreeRDP clients using the Graphics GFX pipeline are vulnerable to an out-of-bounds read. A malicious RDP server can exploit this by sending a specially crafted, truncated RDPGFXCMDIDWIRETOSURFACE1 planar payloa...

9.1CVSS6AI score0.0069EPSS
Exploits1References7
nvd
nvd
added 6 days ago5 views

CVE-2026-57157

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0, FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled scan attacker-supplied DeviceName and VirtualChannelName fields for a NUL terminator in...

6.5CVSS0.00539EPSS
Exploits1References6
euvd
euvd
added 6 days ago6 views

EUVD-2026-43006

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0, FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled scan attacker-supplied DeviceName and VirtualChannelName fields for a NUL terminator in...

6.5CVSS6.1AI score0.00539EPSS
Exploits1References6
osv
osv
added 6 days ago3 views

CVE-2026-57157 Out-of-bounds read in the camera device enumerator server (rdpecam) via unterminated DeviceName / VirtualChannelName

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0, FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled scan attacker-supplied DeviceName and VirtualChannelName fields for a NUL terminator in...

6.5CVSS6.1AI score0.00539EPSS
Exploits1References8
cve
cve
added 6 days ago14 views

CVE-2026-57158

FreeRDP (Remote Desktop Protocol client) is affected in versions 3.21.0 through 3.27.x where the GFX pipeline’s planar_decompress_plane_rle_only fix is incomplete, allowing a malicious RDP server to send a truncated RDPGFX_CMDID_WIRETOSURFACE_1 planar payload that may read one byte past the input...

9.1CVSS6.1AI score0.0069EPSS
Exploits1References4Affected Software1
osv
osv
added 6 days ago3 views

CVE-2026-55827 FreeRDP: Heap out-of-bounds write in RemoteFX (RFX) Cache Bitmap V3 decode

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.27.1, FreeRDP clients launched with the non-default /cache:codec:rfx option pass desktop stride and height to RemoteFX decoding for Cache Bitmap V3 data while allocating bitmap-data only for the smaller DstWidth and...

7.5CVSS6.1AI score0.00526EPSS
Exploits1References6
euvd
euvd
added 6 days ago7 views

EUVD-2026-43004

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.27.1, FreeRDP clients launched with the non-default /cache:codec:rfx option pass desktop stride and height to RemoteFX decoding for Cache Bitmap V3 data while allocating bitmap-data only for the smaller DstWidth and...

7.5CVSS6.1AI score0.00526EPSS
Exploits1References4
alpinelinux
alpinelinux
added 6 days ago8 views

CVE-2026-55827

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.27.1, FreeRDP clients launched with the non-default /cache:codec:rfx option pass desktop stride and height to RemoteFX decoding for Cache Bitmap V3 data while allocating bitmap-data only for the smaller DstWidth and...

8.8CVSS6.1AI score0.00526EPSS
Exploits1
ptsecurity
ptsecurity
added 6 days ago6 views

PT-2026-57293

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.28.0 Description FreeRDP clients on 32-bit builds contain an integer overflow in the update read delta points function within libfreerdp/core/orders.c. This occurs when multiplying an attacker-controlled point count...

9.8CVSS6.2AI score0.00698EPSS
Exploits2References13
osv
osv
added 2026/07/08 2:17 p.m.1 views

UBUNTU-CVE-2026-56297

FreeRDP before 3.22.0 contains a use-after-free vulnerability in dvcmanchannelclose and dvcmancallonreceive due to improper synchronization of channelcallback access. A malicious RDP server can trigger a race condition by sending DYNVCDATA and DYNVCCLOSE messages concurrently, causing...

8.3CVSS6.5AI score0.00281EPSS
Exploits1References4
redhat
redhat
added 2026/07/07 2:14 p.m.7 views

freerdp: FreeRDP: Out-of-bounds write in planar bitmap decoder allows arbitrary code execution

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. The planar bitmap decoder contains an out-of-bounds heap write vulnerability when processing RLE planar data. A remote attacker could exploit this by providing specially crafted RLE planar data, leading to an...

9.8CVSS6.6AI score0.00502EPSS
Exploits1References5
nessus
nessus
added 2026/07/07 12:0 a.m.5 views

RHEL 10 : freerdp (RHSA-2026:36203)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:36203 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to...

9.8CVSS7.4AI score0.03453EPSS
Exploits5References12
nessus
nessus
added 2026/06/26 12:0 a.m.4 views

Oracle Linux 9 : freerdp (ELSA-2026-19349)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-19349 advisory. - Lock appWindow to fix use-after-free in RAIL mode CVE-2026-25952 Resolves: RHEL-159860 - Fix double free in xfrailwindowcommon cleanup CVE-2026-2698...

9.8CVSS6.4AI score0.00599EPSS
Exploits7References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, a underflow of the sizet variable in the IMA-ADPCM and MS-ADPCM audio decoders led to a heap-buffer-overflow issue through the RDPSND audio channel. In libfreerdp/codec/dsp.c, the IMA-ADPCM and MS-ADPCM...

9.8CVSS6AI score0.00317EPSS
Exploits1References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, a client-side heap buffer overflow occurred in the FreeRDP client’s AVC420/AVC444 YUV-to-RGB conversion process. This issue arose due to a lack of validation of the horizontal bounds of the H.264 metablock...

8.2CVSS6AI score0.00323EPSS
Exploits1References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, division by zero occurred in MS-ADPCM and IMA-ADPCM decoders when nBlockAlign was 0, resulting in a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % blocksize, where blocksize =...

7.5CVSS5.8AI score0.00303EPSS
Exploits1References3
Rows per page
Query Builder