Lucene search
K

8 matches found

SUSE CVE
SUSE CVE
added 2026/01/16 12:25 a.m.4 views

SUSE CVE-2026-22855

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length. This vulnerability is fixed in 3.20.1...

6.8CVSS7AI score0.00756EPSS
Exploits1References12
SUSE CVE
SUSE CVE
added 2026/01/16 12:25 a.m.7 views

SUSE CVE-2026-22857

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap use-after-free occurs in irpthreadfunc because the IRP is freed by irp-Complete and then accessed again on the error path. This vulnerability is fixed in 3.20.1...

7.5CVSS7AI score0.00453EPSS
Exploits1References8
NVD
NVD
added 2026/01/14 6:16 p.m.6 views

CVE-2026-22859

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSBINTERFACEDESCRIPTOR values and uses them as indices in libusbudevcompletemsconfigsetup, causing an out‑of‑bounds read. This vulnerability is...

9.1CVSS0.00756EPSS
Exploits1References19
ATTACKERKB
ATTACKERKB
added 2026/01/14 5:57 p.m.6 views

CVE-2026-22859

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSBINTERFACEDESCRIPTOR values and uses them as indices in libusbudevcompletemsconfigsetup, causing an out‑of‑bounds read. This vulnerability is...

9.1CVSS5.6AI score0.00756EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2026/01/14 5:53 p.m.3 views

CVE-2026-22857

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap use-after-free occurs in irpthreadfunc because the IRP is freed by irp-Complete and then accessed again on the error path. This vulnerability is fixed in 3.20.1...

9.8CVSS5.5AI score0.00453EPSS
Exploits1
OSV
OSV
added 2026/01/14 5:53 p.m.9 views

CVE-2026-22857 FreeRDP has a heap-use-after-free in irp_thread_func

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap use-after-free occurs in irpthreadfunc because the IRP is freed by irp-Complete and then accessed again on the error path. This vulnerability is fixed in 3.20.1...

7.7CVSS5.9AI score0.00453EPSS
Exploits1References4
EUVD
EUVD
added 2026/01/14 5:47 p.m.5 views

EUVD-2026-2673

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap...

7.7CVSS6.4AI score0.00453EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/01/14 5:45 p.m.22 views

CVE-2026-22852 FreeRDP has a heap-buffer-overflow in audin_process_formats

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input AUDIN format lists. audinprocessformats reuses callback-formatscount across multiple MSGSNDINFORMATS...

7.7CVSS0.00365EPSS
Exploits1References2
Rows per page
Query Builder