Lucene search
+L

22 matches found

astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The affected versions are vulnerable to an Out-of-Bounds Write attack in the cleardecompressbandsdata function, where there is no offset validation. Abuse of this vulnerability could lead to an...

9.8CVSS7.3AI score0.0127EPSS
Exploits1References2
nessus
nessus
added 2026/04/16 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: freerdp (UTSA-2026-007208)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007208 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, audinserverrecvformats frees an incorrect number of audio formats on parse failure ...

8.7CVSS5.8AI score0.00467EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/03/13 5:35 p.m.11 views

CVE-2026-31883

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a sizet underflow in the IMA-ADPCM and MS-ADPCM audio decoders leads to heap-buffer-overflow write via the RDPSND audio channel. In libfreerdp/codec/dsp.c, the IMA-ADPCM and MS-ADPCM decoders subtract block header...

6.5CVSS5.8AI score0.00317EPSS
Exploits1References3Affected Software1
alpinelinux
alpinelinux
added 2026/03/13 5:33 p.m.3 views

CVE-2026-29776

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, Integer Underflow in updatereadcachebitmaporder Function of FreeRDP's Core Library This vulnerability is fixed in 3.24.0...

3.1CVSS5.8AI score0.00175EPSS
Exploits0
attackerkb
attackerkb
added 2026/02/25 8:32 p.m.11 views

CVE-2026-25955

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfAppUpdateWindowFromSurface reuses a cached XImage whose data pointer references a freed RDPGFX surface buffer, because gdiDeleteSurface frees surface-data without invalidating the appWindow-image that...

9.8CVSS5.4AI score0.00498EPSS
Exploits1References7Affected Software1
cve
cve
added 2026/02/25 7:55 p.m.34 views

CVE-2026-25941

FreeRDP (versions 2.x < 2.11.8 and 3.x

8.1CVSS5.5AI score0.00284EPSS
Exploits1References2Affected Software1
susecve
susecve
added 2026/02/11 12:23 a.m.7 views

SUSE CVE-2026-23948

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0. This vulnerability...

5.3CVSS5.6AI score0.00467EPSS
Exploits0References6
nvd
nvd
added 2026/02/09 7:15 p.m.10 views

CVE-2026-23948

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0. This vulnerability...

7.5CVSS0.00467EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/02/09 6:17 p.m.4 views

CVE-2026-24678 FreeRDP has a Heap-use-after-free in cam_v4l_stream_capture_thread

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, A capture thread sends sample responses using a freed channel callback after a device channel close, leading to a use after free in ecamchannelwrite. This vulnerability is fixed in 3.22.0...

8.7CVSS5.5AI score0.00628EPSS
Exploits0References2
alpinelinux
alpinelinux
added 2026/02/09 6:15 p.m.4 views

CVE-2026-24676

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, AUDIN format renegotiation frees the active format list while the capture thread continues using audin-format, leading to a use after free in audioformatcompatible. This vulnerability is fixed in 3.22.0...

8.7CVSS5.6AI score0.00467EPSS
Exploits0
osv
osv
added 2026/01/14 6:16 p.m.7 views

UBUNTU-CVE-2026-22857

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap use-after-free occurs in irpthreadfunc because the IRP is freed by irp-Complete and then accessed again on the error path. This vulnerability is fixed in 3.20.1...

9.8CVSS5.8AI score0.00453EPSS
Exploits1References5
debiancve
debiancve
added 2026/01/14 5:50 p.m.8 views

CVE-2026-22855

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length. This vulnerability is fixed in 3.20.1...

9.1CVSS5.6AI score0.00756EPSS
Exploits1
cnnvd
cnnvd
added 2026/01/14 12:0 a.m.8 views

FreeRDP 资源管理错误漏洞

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP by the FreeRDP team. A resource management error vulnerability exists in FreeRDP versions prior to 3.20.1, which originates in irpthreadfunc, where the IRP is released by irp-Complete and then accessed on the wrong path,...

9.8CVSS7.3AI score0.00453EPSS
Exploits1References4
nessus
nessus
added 2025/12/19 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-68118

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.0, a vulnerability exists in FreeRDP's certificate handling code on Windo...

9.1CVSS6AI score0.00214EPSS
Exploits0References2
osv
osv
added 2024/04/22 10:15 p.m.1 views

DEBIAN-CVE-2024-32459

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients and servers that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. No known workarounds are available...

9.8CVSS8.5AI score0.0375EPSS
Exploits0References1
osv
osv
added 2023/08/31 8:15 p.m.2 views

DEBIAN-CVE-2023-39354

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the nscrledecompressdata function. The Out-Of-Bounds Read occurs because it processes context-Planes without checking if it contains da...

7.5CVSS7.1AI score0.01332EPSS
Exploits1References1
redhat
redhat
added 2020/11/04 1:25 a.m.5 views

freerdp: Out-of-bounds read in security_fips_decrypt in libfreerdp/core/security.c

An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds OOB read vulnerability has been detected in securityfipsdecrypt in libfreerdp/core/security.c due to an uninitialized value...

5.5CVSS5.7AI score0.00538EPSS
Exploits0References4
bdu_fstec
bdu_fstec
added 2020/06/04 12:0 a.m.5 views

The vulnerability of the FreeRDP remote desktop protocol lies in its ability to read data beyond the specified buffer, allowing a malicious actor to cause a service failure.

The vulnerability of the FreeRDP remote desktop protocol exists due to the reading of data beyond the specified buffer. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

6.8CVSS7.2AI score0.01896EPSS
Exploits0References6Affected Software1
osv
osv
added 2020/05/22 6:15 p.m.4 views

DEBIAN-CVE-2020-13398

An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds OOB write vulnerability has been detected in cryptorsacommon in libfreerdp/crypto/crypto.c...

8.3CVSS8.2AI score0.0239EPSS
Exploits0References1
cnvd
cnvd
added 2020/05/08 12:0 a.m.3 views

FreeRDP Buffer Overflow Vulnerability (CNVD-2020-29359)

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. FreeRDP Buffer Overflow Vulnerability. The vulnerability stems from a networked system or product performing operations in memory without properly validating data boundaries, resulting in incorrect...

4.9CVSS9.5AI score0.01697EPSS
Exploits1References1
Rows per page
Query Builder