Lucene search
K

14 matches found

Redos
Redos
added 2026/06/11 12:0 a.m.7 views

ROS-20260611-73-0008

The vulnerability of the gdiSurfaceToSurface function in the RDP client of FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service interruptions...

9.8CVSS6.4AI score0.00434EPSS
Exploits1
Redos
Redos
added 2026/06/11 12:0 a.m.5 views

ROS-20260611-73-0007

The vulnerability of the gdiSurfaceToSurface function in the RDP client of FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service interruptions...

9.8CVSS6.4AI score0.00434EPSS
Exploits1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurred in the gdiSurfaceToSurface path of the FreeRDP client due to a mismatch between destination rectangle clamping and the actual copy size. A malicious server can...

9.8CVSS6.2AI score0.00434EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/03/26 12:0 a.m.3 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: freerdp (UTSA-2026-006316)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006316 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the FreeRDP clients...

9.8CVSS6.1AI score0.00434EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/02/23 1:59 a.m.6 views

freerdp: FreeRDP: Denial of Service and potential code execution via client-side heap buffer overflow

A flaw was found in FreeRDP. A malicious server can exploit a client-side heap buffer overflow vulnerability in the gdiSurfaceToSurface path. This vulnerability, caused by a mismatch in memory handling, can lead to a crash Denial of Service of the client application. Furthermore, it carries a ris...

9.8CVSS6.5AI score0.00434EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/02/23 1:35 a.m.7 views

freerdp: FreeRDP: Denial of Service and potential code execution via client-side heap buffer overflow

A flaw was found in FreeRDP. A malicious server can exploit a client-side heap buffer overflow vulnerability in the gdiSurfaceToSurface path. This vulnerability, caused by a mismatch in memory handling, can lead to a crash Denial of Service of the client application. Furthermore, it carries a ris...

9.8CVSS6.5AI score0.00434EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/02/16 1:12 p.m.6 views

freerdp: FreeRDP: Denial of Service and potential code execution via client-side heap buffer overflow

A flaw was found in FreeRDP. A malicious server can exploit a client-side heap buffer overflow vulnerability in the gdiSurfaceToSurface path. This vulnerability, caused by a mismatch in memory handling, can lead to a crash Denial of Service of the client application. Furthermore, it carries a ris...

9.8CVSS6.5AI score0.00434EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/02/09 1:41 a.m.5 views

freerdp: FreeRDP: Denial of Service and potential code execution via client-side heap buffer overflow

A flaw was found in FreeRDP. A malicious server can exploit a client-side heap buffer overflow vulnerability in the gdiSurfaceToSurface path. This vulnerability, caused by a mismatch in memory handling, can lead to a crash Denial of Service of the client application. Furthermore, it carries a ris...

9.8CVSS6.5AI score0.00434EPSS
Exploits1References7
OSV
OSV
added 2026/01/19 5:15 p.m.6 views

UBUNTU-CVE-2026-23532

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the FreeRDP client’s gdiSurfaceToSurface path due to a mismatch between destination rectangle clamping and the actual copy size. A malicious server can trigger a...

9.8CVSS6.1AI score0.00434EPSS
Exploits1References7
CVE
CVE
added 2026/01/19 5:3 p.m.26 views

CVE-2026-23532

CVE-2026-23532 affects the FreeRDP client prior to version 3.21.0, where a heap buffer overflow can be triggered in the FreeRDP client’s gdi_SurfaceToSurface path due to a mismatch between destination rectangle clamping and the actual copy size. This can lead to a crash (DoS) and potential heap c...

9.8CVSS5.9AI score0.00434EPSS
Exploits1References19Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/19 5:3 p.m.2 views

CVE-2026-23532 FreeRDP has heap-buffer-overflow in gdi_SurfaceToSurface

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the FreeRDP client’s gdiSurfaceToSurface path due to a mismatch between destination rectangle clamping and the actual copy size. A malicious server can trigger a...

8.7CVSS5.9AI score0.00434EPSS
Exploits1References3
OSV
OSV
added 2026/01/19 5:3 p.m.6 views

CVE-2026-23532 FreeRDP has heap-buffer-overflow in gdi_SurfaceToSurface

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the FreeRDP client’s gdiSurfaceToSurface path due to a mismatch between destination rectangle clamping and the actual copy size. A malicious server can trigger a...

8.7CVSS6.1AI score0.00434EPSS
Exploits1References21
ATTACKERKB
ATTACKERKB
added 2026/01/19 5:3 p.m.5 views

CVE-2026-23532

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the FreeRDP client’s gdiSurfaceToSurface path due to a mismatch between destination rectangle clamping and the actual copy size. A malicious server can trigger a...

9.8CVSS5.7AI score0.00434EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.6 views

PT-2026-3457

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.21.0 Description A client-side heap buffer overflow exists in the FreeRDP client’s gdi SurfaceToSurface path. This occurs due to a mismatch between destination rectangle clamping and the actual copy size. A maliciou...

9.8CVSS6.4AI score0.00467EPSS
Exploits3References242
Rows per page
Query Builder