Lucene search
K

1873 matches found

CVE
CVE
added 2026/05/29 7:41 p.m.46 views

CVE-2026-44422

CVE-2026-44422 affects FreeRDP prior to 3.26.0. The RDPEAR NDR parser incorrectly reused a non-null NDR pointer ref-id across multiple logical pointer fields, causing the same heap object to be assigned to two outputs. The destructor then frees both pointers, enabling a heap use-after-free / doub...

8.8CVSS5.8AI score0.00384EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/29 7:40 p.m.9 views

CVE-2026-44421

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is in gdiCacheToSurface: it validates a destination rectangle that is clamped to UINT16MA...

8.8CVSS5.9AI score0.0042EPSS
Exploits1References2Affected Software1
AlpineLinux
AlpineLinux
added 2026/05/29 7:40 p.m.20 views

CVE-2026-44421

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is in gdiCacheToSurface: it validates a destination rectangle that is clamped to UINT16MA...

8.8CVSS5.9AI score0.0042EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/29 7:40 p.m.43 views

CVE-2026-44421 FreeRDP RDPGFX CacheToSurface heap-buffer-overflow via clamped-rectangle validation bypass

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is in gdiCacheToSurface: it validates a destination rectangle that is clamped to UINT16MA...

8.8CVSS0.0042EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 11:47 a.m.9 views

CVE-2026-8326

Path traversal vulnerability in Remote Spark https://www.Remotespark.Com/ SparkView allows reading and writing arbitrary files in all directories as root. This leads to RCE. The affected component is the RDP drive redirection. Depending on implementation, the vulnerability can be exploited by an...

10CVSS5.9AI score0.00378EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/29 11:47 a.m.34 views

CVE-2026-8326 Remote Spark SparkView Path Traversal in RDP Drive Redirection leading to RCE

Path traversal vulnerability in Remote Spark https://www.Remotespark.Com/ SparkView allows reading and writing arbitrary files in all directories as root. This leads to RCE. The affected component is the RDP drive redirection. Depending on implementation, the vulnerability can be exploited by an...

10CVSS0.00378EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.12 views

Remote Spark SparkView 安全漏洞

Remote Spark SparkView is a browser-based client software developed by Remote Spark, enabling remote desktop and terminal access. Versions of Remote Spark SparkView prior to build 1127 contained security vulnerabilities. These vulnerabilities stemmed from path traversal in RDP driver redirection,...

10CVSS6.3AI score0.00378EPSS
Exploits0References1
Redos
Redos
added 2026/05/29 12:0 a.m.14 views

ROS-20260529-73-0004

The vulnerability of the GNOME Remote Desktop remote desktop service is related to pointer assignment errors. Exploiting this vulnerability can allow a malicious actor to compromise data integrity and cause service failures through a specially created RDP packet...

6.5CVSS5.8AI score0.00416EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.23 views

PT-2026-44989

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.26.0 Description The planar bitmap decoder contains an out-of-bounds heap write when decoding RLE planar data. In the libfreerdp/codec/planar.c file, the freerdp bitmap decompress planar function validates the X...

9.8CVSS5.9AI score0.00502EPSS
Exploits1References56
Debian CVE
Debian CVE
added 2026/05/26 2:8 p.m.12 views

CVE-2026-40033

FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdiCacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because rectangle validation clamps coordinates to UINT16MAX but performs copy operations using unclamped cache entry...

8.8CVSS6.4AI score0.00827EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2026/05/26 5:33 a.m.12 views

wireshark: Heap-based Buffer Overflow in Wireshark

A flaw was found in the RDP protocol dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing a heap-based buffer overflow, resulting in a denial of service or potentially in code execution...

7.8CVSS6.2AI score0.00161EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/05/26 5:5 a.m.22 views

Moderate: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS6.7AI score0.00599EPSS
Exploits7References11
RedHat Linux
RedHat Linux
added 2026/05/26 2:2 a.m.17 views

freerdp: FreeRDP: Denial of Service via endless blocking loop in Stream_EnsureCapacity

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. The StreamEnsureCapacity function can create an endless blocking loop, leading to a Denial of Service DoS. This vulnerability can be exploited on 32-bit systems where the available physical memory is greater than o...

7.5CVSS5.8AI score0.00346EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/05/26 2:2 a.m.16 views

freerdp: FreeRDP: Denial of Service via double free vulnerability during disconnect

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. This double free vulnerability occurs during the cleanup process when a remote desktop session disconnects. Specifically, if a title allocation fails, a pointer to an application window is freed but not removed fro...

7.5CVSS5.8AI score0.00476EPSS
Exploits1References12
RedHat Linux
RedHat Linux
added 2026/05/26 2:2 a.m.38 views

FreeRDP: FreeRDP: Information disclosure via heap memory out of bounds read

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a vulnerability where pixel data from adjacent heap memory is rendered to the screen. This can lead to the disclosure of sensitive data to the attacker...

7.1CVSS5.8AI score0.00205EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/05/25 12:0 a.m.21 views

Alibaba Cloud Linux 3 : 0116: freerdp (ALINUX3-SA-2026:0116)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0116 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-25952: FreeRDP is a free...

9.8CVSS5.8AI score0.00599EPSS
Exploits7References9
OSV
OSV
added 2026/05/22 1:22 p.m.12 views

OESA-2026-2441 freerdp security update

FreeRDP is a client implementation of the Remote Desktop Protocol RDP that follows Microsoft's open specifications. This package provides the client applications xfreerdp. Security Fixes: A malicious server can trigger a client-side global buffer overflow, causing a crash denial of...

9.8CVSS6.1AI score0.00599EPSS
Exploits9References11
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free remote desktop protocol library and client. In affected versions, there is an out-of-bound read in the ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP-based client into reading out-of-bound data and attempting to decode it, potentially leading to a cras...

5.7CVSS5.9AI score0.00967EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, the function freerdpbitmapdecompressplanar did not validate the parameters nSrcWidth/nSrcHeight against the values of planar-maxWidth/maxHeight before performing the RLE decompression. A malicious server cou...

9.8CVSS7.3AI score0.00443EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.17 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol. Clients and servers that use versions of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read vulnerabilities. Versions 3.5.0 and 2.11.6 address this issue. There are no known workarounds available...

9.8CVSS8AI score0.0375EPSS
Exploits0References2
Rows per page
Query Builder