Lucene search
K

2159 matches found

Cvelist
Cvelist
added 2 days ago28 views

CVE-2026-55827 FreeRDP: Heap out-of-bounds write in RemoteFX (RFX) Cache Bitmap V3 decode

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.27.1, FreeRDP clients launched with the non-default /cache:codec:rfx option pass desktop stride and height to RemoteFX decoding for Cache Bitmap V3 data while allocating bitmap-data only for the smaller DstWidth and...

7.5CVSS0.00452EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 5 days ago5 views

freerdp: FreeRDP: Remote code execution via heap-buffer-overflow in gdi_CacheToSurface

A flaw was found in FreeRDP.If a user connects to a malicious Remote Desktop RDP server, a security flaw in FreeRDP could cause the application to crash or allow the server to run unauthorized code on the user's system...

8.8CVSS7.3AI score0.00827EPSS
Exploits1References7
Redos
Redos
added 5 days ago5 views

ROS-20260707-73-0014

The vulnerability of the gdiCacheToSurface function in the RDP client FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause a service failure by sending specially crafted RDPGFX packets...

8.8CVSS7.8AI score0.00827EPSS
Exploits1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurred in the gdiSurfaceToSurface path of the FreeRDP client due to a mismatch between destination rectangle clamping and the actual copy size. A malicious server can...

9.8CVSS6.2AI score0.00434EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, the gdisurfacebits function processed SURFACEBITSCOMMAND messages sent by the RDP server. When these commands were processed using NSCodec, the bmp.width and bmp.height values provided by the server were not...

9.8CVSS6.1AI score0.00656EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, deleting offscreen bitmaps caused gdi-drawing to point to freed memory, leading to UAF when related update packets arrived. A malicious server could trigger client-side use after the objects were freed,...

9.8CVSS7.4AI score0.00402EPSS
Exploits1References3
Redos
Redos
added 2026/06/24 12:0 a.m.4 views

ROS-20260624-73-0009

The vulnerability of the gdisurfacebits function in the RDP client of FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

9.8CVSS6.5AI score0.00656EPSS
Exploits1
OSV
OSV
added 2026/06/20 6:53 a.m.2 views

SUSE-SU-2026:22194-1 Security update for freerdp

This update for freerdp fixes the following issues Update to version 3.26.0: - CVE-2026-33982: heap-buffer-overflow READ vulnerability at 24 bytes before the allocation, in winpralignedoffsetrecalloc bsc1261222. - CVE-2026-33985: FreeRDP: Information disclosure via heap memory out of bounds read...

9.8CVSS6.2AI score0.03453EPSS
Exploits6References24
RedhatCVE
RedhatCVE
added 2026/06/18 12:16 p.m.9 views

CVE-2026-40033

A flaw was found in FreeRDP.If a user connects to a malicious Remote Desktop RDP server, a security flaw in FreeRDP could cause the application to crash or allow the server to run unauthorized code on the user's system. Mitigation To mitigate this issue, users should avoid connecting to untrusted...

8.8CVSS5.4AI score0.00827EPSS
Exploits1References6
Redos
Redos
added 2026/06/15 12:0 a.m.7 views

ROS-20260615-73-0016

The vulnerability of the gdiSurfaceCommandClearCodec function in the RDP client FreeRDP is caused by a buffer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

8.8CVSS8.3AI score0.00537EPSS
Exploits1
Redos
Redos
added 2026/06/15 12:0 a.m.11 views

ROS-20260615-73-0015

The vulnerability of the gdiSurfaceCommandClearCodec function in the RDP client FreeRDP is caused by a buffer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

8.8CVSS8.3AI score0.00537EPSS
Exploits1
Redos
Redos
added 2026/06/11 12:0 a.m.7 views

ROS-20260611-73-0021

The vulnerability of the gdisetbounds function in the RDP client of FreeRDP is related to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code and cause service failure...

9.8CVSS6AI score0.00402EPSS
Exploits1
Redos
Redos
added 2026/06/11 12:0 a.m.8 views

ROS-20260611-73-0007

The vulnerability of the gdiSurfaceToSurface function in the RDP client of FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service interruptions...

9.8CVSS6.4AI score0.00434EPSS
Exploits1
Redos
Redos
added 2026/06/11 12:0 a.m.7 views

ROS-20260611-73-0022

The vulnerability of the gdisetbounds function in the RDP client of FreeRDP is related to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code and cause service failure...

9.8CVSS6AI score0.00402EPSS
Exploits1
Redos
Redos
added 2026/06/11 12:0 a.m.10 views

ROS-20260611-73-0008

The vulnerability of the gdiSurfaceToSurface function in the RDP client of FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service interruptions...

9.8CVSS6.4AI score0.00434EPSS
Exploits1
OSV
OSV
added 2026/05/29 8:16 p.m.8 views

UBUNTU-CVE-2026-44421

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is in gdiCacheToSurface: it validates a destination rectangle that is clamped to UINT16MA...

8.8CVSS5.9AI score0.0042EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/05/29 7:40 p.m.41 views

CVE-2026-44421 FreeRDP RDPGFX CacheToSurface heap-buffer-overflow via clamped-rectangle validation bypass

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is in gdiCacheToSurface: it validates a destination rectangle that is clamped to UINT16MA...

8.8CVSS0.0042EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.18 views

Linux Distros Unpatched Vulnerability : CVE-2026-40033

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdiCacheToSurface that allows remote attackers to write out-of-bounds heap memory. The...

8.8CVSS7.4AI score0.00827EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/05/27 2:49 a.m.12 views

SUSE CVE-2026-40033

FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdiCacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because rectangle validation clamps coordinates to UINT16MAX but performs copy operations using unclamped cache entry...

8.1CVSS6.5AI score0.00827EPSS
Exploits1References4
OSV
OSV
added 2026/05/26 3:16 p.m.8 views

DEBIAN-CVE-2026-40033

FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdiCacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because rectangle validation clamps coordinates to UINT16MAX but performs copy operations using unclamped cache entry...

8.7CVSS6.4AI score0.00827EPSS
Exploits1References1
Rows per page
Query Builder