Lucene search
K

20 matches found

Redos
Redos
added 2026/06/24 12:0 a.m.3 views

ROS-20260624-73-0009

The vulnerability of the gdisurfacebits function in the RDP client of FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

9.8CVSS6.5AI score0.00656EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2026/04/28 6:49 a.m.6 views

freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. The gdisurfacebits function, which processes SURFACEBITSCOMMAND messages, does not properly validate image dimensions bmp.width and bmp.height provided by a malicious RDP server. This can lead to a heap buffer...

9.8CVSS6.3AI score0.00656EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/27 2:55 p.m.8 views

freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. The gdisurfacebits function, which processes SURFACEBITSCOMMAND messages, does not properly validate image dimensions bmp.width and bmp.height provided by a malicious RDP server. This can lead to a heap buffer...

9.8CVSS5.5AI score0.00656EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/27 5:41 a.m.9 views

freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. The gdisurfacebits function, which processes SURFACEBITSCOMMAND messages, does not properly validate image dimensions bmp.width and bmp.height provided by a malicious RDP server. This can lead to a heap buffer...

9.8CVSS6.3AI score0.00656EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/23 7:18 a.m.7 views

freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. The gdisurfacebits function, which processes SURFACEBITSCOMMAND messages, does not properly validate image dimensions bmp.width and bmp.height provided by a malicious RDP server. This can lead to a heap buffer...

9.8CVSS6.2AI score0.00656EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/22 7:48 a.m.7 views

freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. The gdisurfacebits function, which processes SURFACEBITSCOMMAND messages, does not properly validate image dimensions bmp.width and bmp.height provided by a malicious RDP server. This can lead to a heap buffer...

9.8CVSS6.2AI score0.00656EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.3 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: freerdp (UTSA-2026-010667)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010667 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP...

9.8CVSS6.2AI score0.00656EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/04/08 5:18 a.m.5 views

freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. The gdisurfacebits function, which processes SURFACEBITSCOMMAND messages, does not properly validate image dimensions bmp.width and bmp.height provided by a malicious RDP server. This can lead to a heap buffer...

9.8CVSS6.5AI score0.00656EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/01 9:8 a.m.4 views

freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. The gdisurfacebits function, which processes SURFACEBITSCOMMAND messages, does not properly validate image dimensions bmp.width and bmp.height provided by a malicious RDP server. This can lead to a heap buffer...

9.8CVSS6.2AI score0.00656EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2026/03/15 12:23 a.m.3 views

SUSE CVE-2026-31806

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly...

8.8CVSS6.3AI score0.00656EPSS
Exploits1References14
OSV
OSV
added 2026/03/13 7:54 p.m.3 views

DEBIAN-CVE-2026-31806

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly...

9.8CVSS5.2AI score0.00656EPSS
Exploits1References1
NVD
NVD
added 2026/03/13 7:54 p.m.2 views

CVE-2026-31806

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly...

9.8CVSS0.00656EPSS
Exploits1References19
UbuntuCve
UbuntuCve
added 2026/03/13 7:54 p.m.4 views

CVE-2026-31806

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly...

9.8CVSS6AI score0.00656EPSS
Exploits1References3
OSV
OSV
added 2026/03/13 7:54 p.m.4 views

UBUNTU-CVE-2026-31806

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly...

9.8CVSS6.2AI score0.00656EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/03/13 7:3 p.m.3 views

CVE-2026-31806

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. The gdisurfacebits function, which processes SURFACEBITSCOMMAND messages, does not properly validate image dimensions bmp.width and bmp.height provided by a malicious RDP server. This can lead to a heap buffer...

9.8CVSS6.2AI score0.00656EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/13 5:40 p.m.27 views

CVE-2026-31806 FreeRDP has a Heap Buffer Overflow in nsc_process_message() via Unchecked SURFACE_BITS_COMMAND Bitmap Dimensions

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly...

9.3CVSS0.00656EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/13 5:40 p.m.12 views

CVE-2026-31806

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly...

9.3CVSS6.3AI score0.00656EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/03/13 5:40 p.m.3 views

EUVD-2026-12060

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly...

9.3CVSS6.3AI score0.00656EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/03/13 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-31806

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the...

9.8CVSS6.1AI score0.00656EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.4 views

PT-2026-25335

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.24.0 Description FreeRDP is an implementation of the Remote Desktop Protocol. The gdi surface bits function handles SURFACE BITS COMMAND messages from the RDP server. When using NSCodec, the bmp.width and bmp.height...

9.8CVSS6.1AI score0.00656EPSS
Exploits1References132
Rows per page
Query Builder