42 matches found
RLSA-2023:2851 Moderate: freerdp security update
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: clients using /parallel command line switch might read...
freerdp security update
An update is available for freerdp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released...
RockyLinux 8 : freerdp (RLSA-2023:2851)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:2851 advisory. freerdp: clients using /parallel command line switch might read uninitialized data CVE-2022-39282 freerdp: clients using the /video command line switch...
Astra Linux – Vulnerability in freerdp2
FreeRDP is a free remote desktop protocol library and client. In affected versions, there is an out-of-bound read in the ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP-based client into reading out-of-bound data and attempting to decode it, potentially leading to a cras...
Astra Linux – Vulnerability in freerdp2
FreeRDP is a free remote desktop protocol library and client. Affected versions of FreeRDP lack a range check for the input offset index in the ZGFX decoder. A malicious server can trick a FreeRDP-based client into reading out-of-bound data and attempting to decode it. This issue has been address...
MiracleLinux 9 : freerdp-2.4.1-5.el9 (AXSA:2023-5536:02)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5536:02 advisory. freerdp: clients using /parallel command line switch might read uninitialized data CVE-2022-39282 freerdp: clients using the /video command line...
MiracleLinux 8 : freerdp-2.2.0-10.el8 (AXSA:2023-5972:03)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5972:03 advisory. freerdp: clients using /parallel command line switch might read uninitialized data CVE-2022-39282 freerdp: clients using the /video command line...
EUVD-2022-41801
Malicious code in bioql PyPI...
EUVD-2022-41800
Malicious code in bioql PyPI...
GLSA-202401-16 : FreeRDP: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202401-16 FreeRDP: Multiple Vulnerabilities - FreeRDP is a free remote desktop protocol library and clients. In affected versions there is an out of bound read in ZGFX decoder component of FreeRDP. A malicious server can trick a...
freerdp: out of bounds read in zgfx decoder
An out-of-bounds read vulnerability was found in the ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP based client to read out-of-bound data and try to decode it. This will result in a crash, causing a denial of service...
freerdp: undefined behaviour in zgfx decoder
An out-of-bounds read vulnerability was discovered in FreeRDP due to missing a range check for input offset index in the ZGFX decoder. A malicious server can trick a FreeRDP based client to read out-of-bound data and try to decode it, resulting in a crash...
freerdp: out of bounds read in zgfx decoder
An out-of-bounds read vulnerability was found in the ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP based client to read out-of-bound data and try to decode it. This will result in a crash, causing a denial of service...
freerdp: undefined behaviour in zgfx decoder
An out-of-bounds read vulnerability was discovered in FreeRDP due to missing a range check for input offset index in the ZGFX decoder. A malicious server can trick a FreeRDP based client to read out-of-bound data and try to decode it, resulting in a crash...
SUSE CVE-2022-39316
FreeRDP is a free remote desktop protocol library and clients. In affected versions there is an out of bound read in ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP based client to read out of bound data and try to decode it likely resulting in a crash. This issue has be...
SUSE SLED12: freerdp / freerdp-devel / freerdp-proxy / freerdp-server / etc (SUSE-SU-2023:0400-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0400-1 advisory. - CVE-2022-39316: Fixed out of bound read in zgfx decoder bsc1205512. - CVE-2022-39317: Fixed undefined...
Huawei EulerOS: Security Advisory for freerdp (EulerOS-SA-2023-1313)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
freerdp -- multiple vulnerabilities
FreeRDP reports: GHSA-5w4j-mrrh-jjrm: Out of bound read in zgfx decoder. GHSA-99cm-4gw7-c8jh: Undefined behaviour in zgfx decoder. GHSA-387j-8j96-7q35: Division by zero in urbdrc channel. GHSA-mvxm-wfj2-5fvh: Missing length validation in urbdrc channel. GHSA-qfq2-82qr-7f4j: Heap buffer overflow i...
Updated freerdp packages fix security vulnerability
In affected versions there is an out of bound read in ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP based client to read out of bound data and try to decode it likely resulting in a crash. CVE-2022-39316 Affected versions of FreeRDP are missing a range check for input...
OESA-2022-2112 freerdp security update
FreeRDP is a client implementation of the Remote Desktop Protocol RDP that follows Microsoft's open specifications. This package provides the client applications xfreerdp and wlfreerdp. Security Fixes: FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are...