Lucene search
K

18 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.1, a race condition between the RDPGFX dynamic virtual channel thread and the SDL rendering thread led to a heap use-after-free. Specifically, a pointer to sdl-primary SDLSurface was accessed after it had been...

8.2CVSS5.4AI score0.00247EPSS
Exploits1References3
NVD
NVD
added 2026/04/17 9:16 p.m.4 views

CVE-2026-35512

xrdp is an open source RDP server. Versions through 0.10.5 have a heap-based buffer overflow in the EGFX graphics dynamic virtual channel implementation due to insufficient validation of client-controlled size parameters, allowing an out-of-bounds write via crafted PDUs. Pre-authentication...

8.8CVSS0.00583EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/17 8:21 p.m.20 views

CVE-2026-35512 xrdp: Heap buffer overflow in EGFX channel

xrdp is an open source RDP server. Versions through 0.10.5 have a heap-based buffer overflow in the EGFX graphics dynamic virtual channel implementation due to insufficient validation of client-controlled size parameters, allowing an out-of-bounds write via crafted PDUs. Pre-authentication...

8.7CVSS0.00583EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.13 views

PT-2026-33509

Name of the Vulnerable Software and Affected Versions xrdp versions prior to 0.10.6 Description An open source RDP server contains a heap-based buffer overflow in the EGFX graphics dynamic virtual channel implementation. This occurs due to insufficient validation of client-controlled size...

10CVSS6.3AI score0.00583EPSS
Exploits0References19
Amazon
Amazon
added 2026/04/01 12:0 a.m.8 views

Important: freerdp

Issue Overview: FreeRDP is a free implementation of the Remote Desktop Protocol. Versions on the 2.x branch prior to to 2.11.8 and on the 3.x branch prior to 3.23.0 have an out-of-bounds read vulnerability in the FreeRDP client's RDPGFX channel that allows a malicious RDP server to read...

9.8CVSS6.5AI score0.00656EPSS
Exploits12
NVD
NVD
added 2026/02/25 8:23 p.m.9 views

CVE-2026-25941

FreeRDP is a free implementation of the Remote Desktop Protocol. Versions on the 2.x branch prior to to 2.11.8 and on the 3.x branch prior to 3.23.0 have an out-of-bounds read vulnerability in the FreeRDP client's RDPGFX channel that allows a malicious RDP server to read uninitialized heap memory...

8.1CVSS0.00284EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/25 7:55 p.m.2 views

CVE-2026-25941 FreeRDP: vuln_1_15_1 RDPGFX WIRE_TO_SURFACE_2 Out-of-Bounds Read

FreeRDP is a free implementation of the Remote Desktop Protocol. Versions on the 2.x branch prior to to 2.11.8 and on the 3.x branch prior to 3.23.0 have an out-of-bounds read vulnerability in the FreeRDP client's RDPGFX channel that allows a malicious RDP server to read uninitialized heap memory...

4.3CVSS5.6AI score0.00284EPSS
Exploits1References2
EUVD
EUVD
added 2026/02/25 7:55 p.m.4 views

EUVD-2026-8730

FreeRDP is a free implementation of the Remote Desktop Protocol. Versions on the 2.x branch prior to to 2.11.8 and on the 3.x branch prior to 3.23.0 have an out-of-bounds read vulnerability in the FreeRDP client's RDPGFX channel that allows a malicious RDP server to read uninitialized heap memory...

4.3CVSS5.6AI score0.00284EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2026/02/25 7:55 p.m.2 views

CVE-2026-25941

FreeRDP is a free implementation of the Remote Desktop Protocol. Versions on the 2.x branch prior to to 2.11.8 and on the 3.x branch prior to 3.23.0 have an out-of-bounds read vulnerability in the FreeRDP client's RDPGFX channel that allows a malicious RDP server to read uninitialized heap memory...

8.1CVSS6AI score0.00284EPSS
Exploits1
CNNVD
CNNVD
added 2026/02/25 12:0 a.m.8 views

FreeRDP 缓冲区错误漏洞

FreeRDP is an open-source RDP protocol implementation developed by the FreeRDP team. Versions prior to FreeRDP 2.11.8 and 3.23.0 contained a buffer error vulnerability. This vulnerability stemmed from out-of-bounds read operations in the RDP GFX channel, which could allow malicious RDP servers to...

8.1CVSS6AI score0.00284EPSS
Exploits1References2
NVD
NVD
added 2026/01/14 6:16 p.m.2 views

CVE-2026-22851

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race condition between the RDPGFX dynamic virtual channel thread and the SDL render thread leads to a heap use-after-free. Specifically, an escaped pointer to sdl-primary SDLSurface is accessed after it has been...

8.2CVSS0.00247EPSS
Exploits1References2
OSV
OSV
added 2026/01/14 6:16 p.m.3 views

UBUNTU-CVE-2026-22851

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race condition between the RDPGFX dynamic virtual channel thread and the SDL render thread leads to a heap use-after-free. Specifically, an escaped pointer to sdl-primary SDLSurface is accessed after it has been...

8.2CVSS5.7AI score0.00247EPSS
Exploits1References5
OSV
OSV
added 2026/01/14 5:43 p.m.6 views

CVE-2026-22851 FreeRDP RDPGFX ResetGraphics race leads to use-after-free in SDL client (sdl->primary)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race condition between the RDPGFX dynamic virtual channel thread and the SDL render thread leads to a heap use-after-free. Specifically, an escaped pointer to sdl-primary SDLSurface is accessed after it has been...

8.2CVSS5.8AI score0.00247EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/01/14 5:43 p.m.4 views

CVE-2026-22851

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race condition between the RDPGFX dynamic virtual channel thread and the SDL render thread leads to a heap use-after-free. Specifically, an escaped pointer to sdl-primary SDLSurface is accessed after it has been...

8.2CVSS5.4AI score0.00247EPSS
Exploits1References3Affected Software1
AlpineLinux
AlpineLinux
added 2026/01/14 5:43 p.m.2 views

CVE-2026-22851

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race condition between the RDPGFX dynamic virtual channel thread and the SDL render thread leads to a heap use-after-free. Specifically, an escaped pointer to sdl-primary SDLSurface is accessed after it has been...

8.2CVSS6.8AI score0.00247EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.6 views

PT-2026-22003

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 2.11.8 FreeRDP versions prior to 3.23.0 Description FreeRDP, a free implementation of the Remote Desktop Protocol, contains an out-of-bounds read issue in the FreeRDP client’s RDPGFX channel. A malicious RDP server ca...

9.8CVSS5.3AI score0.00756EPSS
Exploits21References113
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.3 views

PT-2026-2929

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.20.1 Description FreeRDP, a free implementation of the Remote Desktop Protocol, contains a flaw due to a race condition between the RDPGFX dynamic virtual channel thread and the SDL render thread. This condition...

9.8CVSS6.6AI score0.01922EPSS
Exploits21References132
Debian CVE
Debian CVE
added 2024/12/29 11:30 a.m.12 views

CVE-2024-56752

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/gr/gf100: Fix missing unlock in gf100grchannew When the call to gf100grctxgenerate fails, unlock gr-fecs.mutex before returning the error. Fixes smatch warning: drivers/gpu/drm/nouveau/nvkm/engine/gr/gf100.c:480...

5.5CVSS5.6AI score0.00201EPSS
Exploits0
Rows per page
Query Builder