Lucene search
+L

7 matches found

Redos
Redos
added 2026/06/11 12:0 a.m.8 views

ROS-20260611-73-0022

The vulnerability of the gdisetbounds function in the RDP client of FreeRDP is related to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code and cause service failure...

9.8CVSS6AI score0.00402EPSS
Exploits1
Redos
Redos
added 2026/06/11 12:0 a.m.7 views

ROS-20260611-73-0021

The vulnerability of the gdisetbounds function in the RDP client of FreeRDP is related to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code and cause service failure...

9.8CVSS6AI score0.00402EPSS
Exploits1
SUSE Linux
SUSE Linux
added 2026/03/03 12:40 p.m.5 views

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-22855: heap-buffer-overflow in smartcardunpacksetattribcall bsc1256721. CVE-2026-22857: heap-use-after-free in irpthreadfunc bsc1256723. CVE-2026-23533: improper validation can lead to heap buffer overflow in cleardecompressresidualdata...

7.7CVSS6.1AI score0.00756EPSS
Exploits6References24
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.3 views

Vulnerability of the gdi_set_bounds() function in the RDP client of FreeRDP, allowing a hacker to execute arbitrary code and cause a service failure

The vulnerability of the gdisetbounds function in the RDP client of FreeRDP is related to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code and cause service failure...

7.8CVSS7.3AI score0.00402EPSS
Exploits1References4Affected Software2
CVE
CVE
added 2026/01/19 5:20 p.m.35 views

CVE-2026-23884

Summary: CVE-2026-23884 affects FreeRDP prior to 3.21.0, where offscreen bitmap deletion can leave gdi->drawing pointing to freed memory, enabling a client-side use-after-free that may crash the client (DoS) and cause heap corruption depending on allocator/heap layout. The issue is addressed i...

9.8CVSS5.6AI score0.00402EPSS
Exploits1References20Affected Software1
Cvelist
Cvelist
added 2026/01/19 5:20 p.m.27 views

CVE-2026-23884 Heap-use-after-free in gdi_set_bounds

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, offscreen bitmap deletion leaves gdi-drawing pointing to freed memory, causing UAF when related update packets arrive. A malicious server can trigger a client‑side use after free, causing a crash DoS and...

8.7CVSS0.00402EPSS
Exploits1References4
OSV
OSV
added 2026/01/19 5:20 p.m.5 views

CVE-2026-23884 Heap-use-after-free in gdi_set_bounds

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, offscreen bitmap deletion leaves gdi-drawing pointing to freed memory, causing UAF when related update packets arrive. A malicious server can trigger a client‑side use after free, causing a crash DoS and...

8.7CVSS5.9AI score0.00402EPSS
Exploits1References22
Rows per page
Query Builder