Lucene search
K

25 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.6 views

Amazon Linux 2 : freerdp, --advisory ALAS2-2026-3356 (ALAS-2026-3356)

The version of freerdp installed on the remote host is prior to 2.11.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3356 advisory. FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdiCacheToSurface that allows remote attackers to...

9.8CVSS6.5AI score0.03453EPSS
Exploits4References10
OSV
OSV
added 2026/05/29 8:16 p.m.7 views

DEBIAN-CVE-2026-44420

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard cliprdr channel by sending a CBCLIPCAPS PDU with a too-small capabilitySetLength. This can crash the server process...

8.8CVSS6.2AI score0.03453EPSS
Exploits1References1
OSV
OSV
added 2026/05/29 8:16 p.m.10 views

UBUNTU-CVE-2026-44420

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard cliprdr channel by sending a CBCLIPCAPS PDU with a too-small capabilitySetLength. This can crash the server process...

8.8CVSS6.2AI score0.03453EPSS
Exploits1References3
CVE
CVE
added 2026/05/29 7:42 p.m.81 views

CVE-2026-44420

CVE-2026-44420 affects FreeRDP before version 3.26.0. A malicious RDP client can trigger a heap-buffer-overflow write in the server-side clipboard (cliprdr) channel by sending a CB_CLIP_CAPS PDU with a too-small capabilitySetLength, which can crash the server (remote DoS) and may be exploitable f...

8.8CVSS6.2AI score0.03453EPSS
Exploits1References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/29 7:42 p.m.17 views

CVE-2026-44420

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard cliprdr channel by sending a CBCLIPCAPS PDU with a too-small capabilitySetLength. This can crash the server process...

8.8CVSS6.2AI score0.03453EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/05/29 7:42 p.m.1 views

CVE-2026-44420 FreeRDP cliprdr server heap-buffer-overflow via undersized capabilitySetLength in CB_CLIP_CAPS

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard cliprdr channel by sending a CBCLIPCAPS PDU with a too-small capabilitySetLength. This can crash the server process...

8.8CVSS6.3AI score0.03453EPSS
Exploits1References8
OSV
OSV
added 2026/04/27 12:5 p.m.5 views

SUSE-SU-2026:1633-1 Security update for freerdp

This update for freerdp fixes the following issues: - CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. - CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. - CVE-2026-25952: Heap-use-after-free in...

9.8CVSS5AI score0.00599EPSS
Exploits15References35
Anthropic
Anthropic
added 2026/03/24 8:44 p.m.12 views

ANT-2026-H97FY6C8 · freerdp · Heap-buffer-overflow

heap-buffer-overflow high GHSA-mpxh-8fq3-x8mh GHSA-mvpx-xj7r-3p3r GHSA-p6r2-4hgm-m6ff Severity Claude critical · Security research firm high · Maintainer unknown Discovered by Claude Mythos Preview REPORT Anthropic's analysis, sealed at approval. Disclosure to the maintainer was performed by Trai...

6.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/01 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-25959

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfcliprdrprovidedata passes freed pDstData to XChangeProperty because...

9.8CVSS5.8AI score0.00567EPSS
Exploits1References4
OSV
OSV
added 2026/02/25 9:16 p.m.5 views

UBUNTU-CVE-2026-25959

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfcliprdrprovidedata passes freed pDstData to XChangeProperty because the cliprdr channel thread calls xfcliprdrserverformatdataresponse which converts and uses the clipboard data without holding any lock,...

9.8CVSS5.8AI score0.00567EPSS
Exploits1References11
UbuntuCve
UbuntuCve
added 2026/02/25 9:16 p.m.4 views

CVE-2026-25959

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfcliprdrprovidedata passes freed pDstData to XChangeProperty because the cliprdr channel thread calls xfcliprdrserverformatdataresponse which converts and uses the clipboard data without holding any lock,...

9.8CVSS5.8AI score0.00567EPSS
Exploits1References10
Vulnrichment
Vulnrichment
added 2026/02/25 8:38 p.m.2 views

CVE-2026-25997 FreeRDP has heap-use-after-free in xf_clipboard_format_equal

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfclipboardformatequal reads freed lastSentFormats memory because xfclipboardformatsfree called from the cliprdr channel thread during auto-reconnect frees the array while the X11 event thread concurrently...

6.9CVSS5.4AI score0.00567EPSS
Exploits1References9
OSV
OSV
added 2026/02/25 8:36 p.m.5 views

CVE-2026-25959 FreeRDP has heap-use-after-free in xf_cliprdr_provide_data_

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfcliprdrprovidedata passes freed pDstData to XChangeProperty because the cliprdr channel thread calls xfcliprdrserverformatdataresponse which converts and uses the clipboard data without holding any lock,...

6.9CVSS5.9AI score0.00567EPSS
Exploits1References11
Cvelist
Cvelist
added 2026/02/25 8:36 p.m.27 views

CVE-2026-25959 FreeRDP has heap-use-after-free in xf_cliprdr_provide_data_

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfcliprdrprovidedata passes freed pDstData to XChangeProperty because the cliprdr channel thread calls xfcliprdrserverformatdataresponse which converts and uses the clipboard data without holding any lock,...

6.9CVSS0.00567EPSS
Exploits1References9
CNNVD
CNNVD
added 2026/02/25 12:0 a.m.11 views

FreeRDP 安全漏洞

FreeRDP is an open-source RDP protocol implementation developed by the FreeRDP team. Versions of FreeRDP prior to 3.23.0 contained security vulnerabilities. These vulnerabilities stemmed from xfcliprdrprovidedata passing released pDstData to XChangeProperty, which could lead to reuse of a heap...

9.8CVSS5.7AI score0.00567EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2025/05/22 8:53 p.m.5 views

CVE-2021-37595

In FreeRDP before 2.4.0 on Windows, wfcliprdrserverfilecontentsrequest in client/Windows/wfcliprdr.c has missing input checks for a FILECONTENTSRANGE File Contents Request PDU...

9.8CVSS7.2AI score0.01516EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/11/04 1:25 a.m.5 views

freerdp: out-of-bounds read in cliprdr_read_format_list function

In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdrreadformatlist. Clipboard format data read by client or server might read data out-of-bounds. This has been fixed in 2.1.0...

5CVSS5.7AI score0.01707EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/11/04 1:25 a.m.8 views

freerdp: Out of bound read in cliprdr_server_receive_capabilities

In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. Malicious clients could trigger out of bound reads causing memory allocation with random size. This has been fixed in 2.1.0...

6.5CVSS5.7AI score0.01896EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/09/29 8:15 p.m.6 views

freerdp: out-of-bounds read in cliprdr_read_format_list function

In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdrreadformatlist. Clipboard format data read by client or server might read data out-of-bounds. This has been fixed in 2.1.0...

5CVSS5.7AI score0.01707EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/09/29 8:15 p.m.4 views

freerdp: Out of bound read in cliprdr_server_receive_capabilities

In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. Malicious clients could trigger out of bound reads causing memory allocation with random size. This has been fixed in 2.1.0...

6.5CVSS5.7AI score0.01896EPSS
Exploits0References4
Rows per page
Query Builder