Lucene search
K

28 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfrailserverexecuteresult indexed the global errorcodenames array 7 elements, indices 0–6 using an unchecked execResult-execResult value received from the server. This led to a potential out-of-bounds read...

7.5CVSS5.8AI score0.00454EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfAppUpdateWindowFromSurface reused a cached XImage, where the data pointer referred to an RDPGFX surface buffer that had been freed. This was because gdiDeleteSurface freed surface-data without invalidating...

9.8CVSS5.9AI score0.00498EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfclipboardformatequal read the freed lastSentFormats memory because xfclipboardformatsfree called from the cliprdr channel thread during auto-reconnect freed the array. Meanwhile, the X11 event thread...

9.8CVSS7.3AI score0.00567EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.22.0, the URBDRC client used server-supplied interface numbers as array indices without bounds checks, resulting in a out-of-bounds read in libusbudevselectinterface. This vulnerability has been fixed in version...

9.1CVSS5.3AI score0.00489EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.14 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.1, the URBDRC client did not perform bounds checking on the MSUSBINTERFACEDESCRIPTOR values provided by the server and used these values as indices in libusbudevcompletemsconfigsetup, resulting in an...

9.1CVSS5.4AI score0.00756EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.22.0, there was a NULL pointer dereference vulnerability in rdpwritelogoninfov2. This vulnerability allowed a malicious RDP server to crash the FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with...

7.5CVSS5.3AI score0.00467EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.22.0, the renegotiation of the AUDIN format freed the active format list, while the capture thread continued to use audin-format. This led to a use after free in audioformatcompatible. This vulnerability has been...

8.7CVSS5.3AI score0.00467EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.22.0, videotimer could send client notifications after the control channel was closed, by dereferencing a freed callback and triggering an action after it was freed. This vulnerability has been fixed in version...

8.7CVSS5.4AI score0.00467EPSS
Exploits0References2
Redos
Redos
added 2026/06/15 12:0 a.m.6 views

ROS-20260615-73-0006

The vulnerability in freerdp3 is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.7CVSS7.8AI score0.00534EPSS
Exploits0
Redos
Redos
added 2026/06/15 12:0 a.m.7 views

ROS-20260615-73-0004

The vulnerability in freerdp3 is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.7CVSS8.1AI score0.00467EPSS
Exploits0
Redos
Redos
added 2026/06/11 12:0 a.m.4 views

ROS-20260611-73-0030

The vulnerability in freerdp3 is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.7CVSS7.6AI score0.00467EPSS
Exploits0
Redos
Redos
added 2026/06/11 12:0 a.m.5 views

ROS-20260611-73-0038

The vulnerability in freerdp3 is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.7CVSS7.6AI score0.00467EPSS
Exploits0
Redos
Redos
added 2026/06/11 12:0 a.m.5 views

ROS-20260611-73-0019

The vulnerability in freerdp3 is related to the assignment of the zero pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.5CVSS5.5AI score0.00467EPSS
Exploits0
Redos
Redos
added 2026/06/11 12:0 a.m.7 views

ROS-20260611-73-0032

The vulnerability in freerdp3 is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9.1CVSS8.4AI score0.00489EPSS
Exploits0
Redos
Redos
added 2026/06/11 12:0 a.m.6 views

ROS-20260611-73-0026

The vulnerability in freerdp3 is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.7CVSS5.9AI score0.00467EPSS
Exploits0
Redos
Redos
added 2026/06/10 12:0 a.m.7 views

ROS-20260610-73-0034

The vulnerability in freerdp3 is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

9.1CVSS5.7AI score0.00214EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurred in the decoding process of the ClearCodec band when crafted band coordinates allowed writes beyond the end of the destination surface buffer. A malicious server...

9.8CVSS6.2AI score0.00434EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.1, a malicious RDP server could trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input AUDIN format lists. The audinprocessformats function reuses the callback-formatscount...

9.8CVSS5.5AI score0.00365EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, xfPointerNew would free cursorPixels if there was a failure. After that, pointerfree would call xfPointerFree to free it again, which could trigger an ASan UAF. A malicious server could exploit this...

9.8CVSS6AI score0.00402EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.1, a heap-buffer overflow occurred during drive reads when a server-controlled read length was used to read file data into an IRP output stream buffer without a hard upper limit. This allowed an oversized read ...

9.8CVSS5.6AI score0.00453EPSS
Exploits1References2
Rows per page
Query Builder