Lucene search
K

8 matches found

CNVD
CNVD
added 2026/04/02 12:0 a.m.3 views

FreeRDP Heap Buffer Overflow Vulnerability (CNVD-2026-16033)

FreeRDP is an open source Remote Desktop Protocol RDP implementation library and client . FreeRDP suffers from a heap buffer overflow vulnerability. The vulnerability arises due to an out-of-bounds heap memory write due to a bmpSize synchronization error in the persistent cache. An attacker can...

7.1CVSS6.2AI score0.001EPSS
Exploits0
OSV
OSV
added 2026/03/30 10:16 p.m.5 views

UBUNTU-CVE-2026-33987

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in persistentcachereadentryv3 in libfreerdp/cache/persistent.c, persistent-bmpSize is updated before winpralignedrecalloc. If realloc fails, bmpSize is inflated while bmpData points to the old buffer. This...

7.1CVSS5.8AI score0.001EPSS
Exploits0References3
CVE
CVE
added 2026/03/30 9:43 p.m.21 views

CVE-2026-33987

CVE-2026-33987 affects FreeRDP prior to version 3.24.2. The vulnerability is caused by a synchronization issue in persistent_cache_read_entry_v3(): bmpSize is updated before winpr_aligned_recalloc(), so if realloc fails, bmpSize can be inflated while bmpData still points to the old buffer, enabli...

7.1CVSS5.8AI score0.001EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/03/30 9:43 p.m.6 views

CVE-2026-33987 FreeRDP: Persistent Cache bmpSize Desync - Heap OOB Write

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in persistentcachereadentryv3 in libfreerdp/cache/persistent.c, persistent-bmpSize is updated before winpralignedrecalloc. If realloc fails, bmpSize is inflated while bmpData points to the old buffer. This...

7.1CVSS5.8AI score0.001EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/03/30 9:43 p.m.3 views

CVE-2026-33987

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in persistentcachereadentryv3 in libfreerdp/cache/persistent.c, persistent-bmpSize is updated before winpralignedrecalloc. If realloc fails, bmpSize is inflated while bmpData points to the old buffer. This...

7.1CVSS4.6AI score0.001EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/03/30 9:43 p.m.3 views

CVE-2026-33987

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in persistentcachereadentryv3 in libfreerdp/cache/persistent.c, persistent-bmpSize is updated before winpralignedrecalloc. If realloc fails, bmpSize is inflated while bmpData points to the old buffer. This...

7.1CVSS5.8AI score0.001EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.10 views

FreeRDP 安全漏洞

FreeRDP is an open source Remote Desktop Protocol RDP implementation library and client . FreeRDP suffers from a heap buffer overflow vulnerability. The vulnerability arises due to an out-of-bounds heap memory write due to a bmpSize synchronization error in the persistent cache. An attacker can...

7.1CVSS6AI score0.001EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.3 views

PT-2026-29140

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.24.2 Description FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, an issue exists in the persistent cache read entry v3 function within libfreerdp/cache/persistent.c...

9.4CVSS4.5AI score0.00398EPSS
Exploits1References68
Rows per page
Query Builder