CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 4 days ago•4 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The affected versions are subject to an invalid offset validation, leading to Out Of Bound Write errors. This issue can occur when the values rect-left and rect-top are exactly equal to...

9.8CVSS7AI score0.01297EPSS

AstraLinux•added 4 days ago•2 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfSetWindowMinMaxInfo dereferenced a freed xfAppWindow pointer because xfrailgetwindow in xfrailserverminmaxinfo returned an unprotected pointer from the railWindows hash table. This could allow the main...

9.8CVSS5.8AI score0.00599EPSS

AstraLinux•added 4 days ago•3 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.1, a malicious RDP server could trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input AUDIN format lists. The audinprocessformats function reuses the callback-formatscount...

9.8CVSS5.5AI score0.00365EPSS

AstraLinux•added 4 days ago•8 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, FastGlyph parsing relied on cbData/remaining length, and never validated against the minimum size implied by cx/cy. A malicious server could trigger a client-side global buffer overflow, resulting in a crash...

7.5CVSS5.6AI score0.00481EPSS

7.5CVSS7.2AI score0.00486EPSS

ROS-20260615-73-0024

The vulnerability of the xfrailserverlocalmovesize function in the RDP client FreeRDP relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

Redos•added 2026/06/15 12:0 a.m.•3 views

ROS-20260615-73-0043

The vulnerabilities of the functions kerberosAcceptSecurityContext and kerberosInitializeSecurityContextA in the FreeRDP client are related to a memory reclamation error. Exploiting these vulnerabilities could allow an attacker to compromise the accessibility of protected information...

5.3CVSS5.5AI score0.00282EPSS

7.5CVSS7.2AI score0.00486EPSS

ROS-20260615-73-0023

9.8CVSS8.3AI score0.00587EPSS

ROS-20260615-73-0022

The vulnerability of the xfAppUpdateWindowFromSurface function in the RDP client FreeRDP relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

9.8CVSS8.3AI score0.00567EPSS

ROS-20260615-73-0028

The vulnerability of the xfclipboardformatequal function in the RDP client FreeRDP relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

9.8CVSS8.4AI score0.00599EPSS

ROS-20260615-73-0025

The vulnerabilities of the functions xfSetWindowMinMaxInfo and xfrailgetwindow in the RDP client FreeRDP are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protecte...

6.5CVSS6.4AI score0.00256EPSS

ROS-20260615-73-0013

The vulnerability of the smartcardunpackreadsizealign function libfreerdp/utils/smartcardpack.c:1703 is related to the use of the assert or similar operator in the RDP client FreeRDP. Exploiting this vulnerability may allow a remote attacker to cause the application to terminate abnormally...

6.9CVSS5.8AI score0.00242EPSS

ROS-20260615-73-0020

The vulnerability of the freerdpimagecopyfromicondata function libfreerdp/codec/color.c in the RDP client FreeRDP arises due to an operation being executed outside the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause service failure...

8.8CVSS7.8AI score0.00383EPSS

ROS-20260615-73-0011

The vulnerability of the planardecompressplanerle function in the FreeRDP RDP client is related to data writing beyond the specified buffer. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

8.7CVSS7.8AI score0.00467EPSS

ROS-20260615-73-0002

The vulnerability in freerdp3 is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.7CVSS8.1AI score0.00467EPSS

ROS-20260615-73-0003

The vulnerability in freerdp is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.5CVSS5.3AI score0.00346EPSS

ROS-20260615-73-0008

The vulnerability of the StreamEnsureCapacity function in the RDP client FreeRDP is caused by a numerical overflow condition. Exploiting this vulnerability could allow an attacker, operating remotely, to cause service failures...

6.5CVSS4.8AI score0.00271EPSS

ROS-20260615-73-0035

The vulnerability of the rtsreadauthverifiernochecks function in the FreeRDP client is related to the insufficient use of the assert function. Exploiting this vulnerability could allow a malicious actor to cause service failures...

9.1CVSS4.9AI score0.00285EPSS

ROS-20260615-73-0034

The vulnerability of the freerdpbitmapdecompressplanar function in the RDP client FreeRDP is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...

8.2CVSS5AI score0.00309EPSS

ROS-20260615-73-0030

The vulnerability of the bitmapcacheput function in the FreeRDP client involves writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...