Lucene search
K

7 matches found

UbuntuCve
UbuntuCve
added 2026/01/14 6:16 p.m.3 views

CVE-2026-22859

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSBINTERFACEDESCRIPTOR values and uses them as indices in libusbudevcompletemsconfigsetup, causing an out‑of‑bounds read. This vulnerability is...

9.1CVSS5.9AI score0.00756EPSS
Exploits1References4
OSV
OSV
added 2026/01/14 5:56 p.m.9 views

CVE-2026-22858 FreeRDP has a global-buffer-overflow in crypto_base64_decode

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = ...

6.1CVSS5.9AI score0.00599EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/01/14 5:53 p.m.22 views

CVE-2026-22857 FreeRDP has a heap-use-after-free in irp_thread_func

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap use-after-free occurs in irpthreadfunc because the IRP is freed by irp-Complete and then accessed again on the error path. This vulnerability is fixed in 3.20.1...

7.7CVSS0.00453EPSS
Exploits1References2
EUVD
EUVD
added 2026/01/14 5:53 p.m.5 views

EUVD-2026-2670

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap use-after-free occurs in irpthreadfunc because the IRP is freed by irp-Complete and then accessed again on the error path. This vulnerability is fixed in 3.20.1...

7.7CVSS6.4AI score0.00453EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/01/14 5:50 p.m.2 views

CVE-2026-22855 FreeRDP has a heap-buffer-overflow in smartcard_unpack_set_attrib_call

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length. This vulnerability is fixed in 3.20.1...

6.1CVSS6.6AI score0.00756EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/01/14 12:0 a.m.5 views

FreeRDP 资源管理错误漏洞

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. A resource management error vulnerability exists in versions prior to FreeRDP 3.20.1, which stems from a contention condition in the serial channel IRP thread trace that could lead to heap reuse aft...

8.1CVSS7.2AI score0.00286EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/01/14 12:0 a.m.4 views

FreeRDP 资源管理错误漏洞

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. A resource management error vulnerability exists in versions prior to FreeRDP 3.20.1 that stems from a race condition between the RDPGFX dynamic virtual channel thread and the SDL rendering thread,...

8.2CVSS5.8AI score0.00247EPSS
Exploits1References4
Rows per page
Query Builder