Lucene search
K

42 matches found

OSV
OSV
added 2026/06/25 12:1 p.m.2 views

RLSA-2023:2851 Moderate: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: clients using /parallel command line switch might read...

7.5CVSS6.2AI score0.00985EPSS
Exploits0References10
Rockylinux
Rockylinux
added 2026/06/25 12:1 p.m.6 views

freerdp security update

An update is available for freerdp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released...

7.5CVSS6.7AI score0.00985EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.4 views

RockyLinux 8 : freerdp (RLSA-2023:2851)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:2851 advisory. freerdp: clients using /parallel command line switch might read uninitialized data CVE-2022-39282 freerdp: clients using the /video command line switch...

7.5CVSS6.8AI score0.00985EPSS
Exploits0References19
RedHat Linux
RedHat Linux
added 2026/05/19 1:29 p.m.11 views

freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb

A heap buffer use after free has been discovered in FreeRDP. Asynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urbwritecompletion...

8.7CVSS5.8AI score0.00467EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.5 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: freerdp (UTSA-2026-010666)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010666 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, aAsynchronous bulk transfer completions can use a freed channel callback after URBD...

8.7CVSS5.8AI score0.00467EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.9 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: freerdp (UTSA-2026-007188)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007188 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, aAsynchronous bulk transfer completions can use a freed channel callback after URBD...

8.7CVSS5.8AI score0.00467EPSS
Exploits0References4
NVD
NVD
added 2026/02/09 7:15 p.m.10 views

CVE-2026-24681

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, aAsynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urbwritecompletion. This vulnerability is fixed in 3.22.0...

8.7CVSS0.00467EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/09 6:20 p.m.33 views

CVE-2026-24681 FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, aAsynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urbwritecompletion. This vulnerability is fixed in 3.22.0...

8.7CVSS0.00467EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/02/09 6:20 p.m.4 views

CVE-2026-24681

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, aAsynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urbwritecompletion. This vulnerability is fixed in 3.22.0...

8.7CVSS5.6AI score0.00467EPSS
Exploits0
CNNVD
CNNVD
added 2026/02/09 12:0 a.m.5 views

FreeRDP 资源管理错误漏洞

FreeRDP is an open-source RDP protocol implementation developed by the FreeRDP team. Versions of FreeRDP prior to 3.22.0 contained a resource management vulnerability. This vulnerability stemmed from the ability to reuse released channel callbacks after asynchronous batch transfers were completed...

8.7CVSS5.8AI score0.00467EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : freerdp-2.4.1-5.el9 (AXSA:2023-5536:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5536:02 advisory. freerdp: clients using /parallel command line switch might read uninitialized data CVE-2022-39282 freerdp: clients using the /video command line...

7.5CVSS6AI score0.00985EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : freerdp-2.2.0-10.el8 (AXSA:2023-5972:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5972:03 advisory. freerdp: clients using /parallel command line switch might read uninitialized data CVE-2022-39282 freerdp: clients using the /video command line...

7.5CVSS6AI score0.00985EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-41802

Malicious code in bioql PyPI...

5.7CVSS5.4AI score0.00953EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-39319

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in the urbdrc channel. A malicio...

4.6CVSS5.1AI score0.00687EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/12 12:0 a.m.63 views

GLSA-202401-16 : FreeRDP: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202401-16 FreeRDP: Multiple Vulnerabilities - FreeRDP is a free remote desktop protocol library and clients. In affected versions there is an out of bound read in ZGFX decoder component of FreeRDP. A malicious server can trick a...

9.8CVSS6.7AI score0.01529EPSS
Exploits17References27
RedHat Linux
RedHat Linux
added 2023/05/16 8:59 a.m.21 views

freerdp: heap buffer overflow in urbdrc channel

An out-of-bounds read vulnerability exists due to a boundary condition within the urbdrc channel. Attempting an integer addition on narrow types leads to the allocation of a buffer too small to hold the data written. A malicious server can trick a FreeRDP based client to read out-of-bound data an...

5.5CVSS5.9AI score0.00674EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/16 8:59 a.m.6 views

freerdp: missing length validation in urbdrc channel

An out-of-bound read vulnerability was discovered in FreeRDP due to improper input length validation in client/datatransfer.c in the urbdrc channel. A malicious server can trigger an out-of-bounds read by tricking a FreeRDP based client to read out-of-bound data and send it back to the server...

4.6CVSS5.8AI score0.00687EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:2 a.m.5 views

freerdp: heap buffer overflow in urbdrc channel

An out-of-bounds read vulnerability exists due to a boundary condition within the urbdrc channel. Attempting an integer addition on narrow types leads to the allocation of a buffer too small to hold the data written. A malicious server can trick a FreeRDP based client to read out-of-bound data an...

5.5CVSS5.9AI score0.00674EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:2 a.m.9 views

freerdp: missing length validation in urbdrc channel

An out-of-bound read vulnerability was discovered in FreeRDP due to improper input length validation in client/datatransfer.c in the urbdrc channel. A malicious server can trigger an out-of-bounds read by tricking a FreeRDP based client to read out-of-bound data and send it back to the server...

4.6CVSS5.8AI score0.00687EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:2 a.m.11 views

freerdp: division by zero in urbdrc channel

A division-by-zero issue was found in FreeRDP's libusbudevice.c in the urbdrc channel. This flaw exists due to missing input validation in the urbdrc channel. A malicious server can pass specially crafted data to the client, causing a crash and denial of service...

5.7CVSS5.7AI score0.00953EPSS
Exploits0References5
Rows per page
Query Builder