Lucene search
+L

8 matches found

astralinux
astralinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfAppUpdateWindowFromSurface reused a cached XImage, where the data pointer referred to an RDPGFX surface buffer that had been freed. This was because gdiDeleteSurface freed surface-data without invalidating...

9.8CVSS5.9AI score0.00498EPSS
Exploits1References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server could trigger a heap buffer overflow in FreeRDP clients by using the GDI surface pipeline e.g., xfreerdp to send an RDPGFX ClearCodec surface command with an out-of-bounds destination...

8.8CVSS6.1AI score0.00537EPSS
Exploits1References3
cnnvd
cnnvd
added 2026/03/13 12:0 a.m.8 views

FreeRDP 安全漏洞

FreeRDP is an open-source implementation of the Remote Desktop Protocol RDP by the FreeRDP team. Versions of FreeRDP prior to 3.24.0 contained security vulnerabilities. These vulnerabilities stemmed from the gdisurfacebits function not properly verifying the bmp.width and bmp.height values provid...

9.8CVSS6.1AI score0.00656EPSS
Exploits1References3
euvd
euvd
added 2026/02/25 8:47 p.m.6 views

EUVD-2026-8739

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline e.g., xfreerdp by sending an RDPGFX ClearCodec surface command with an out-of-bounds destination...

8.8CVSS5.8AI score0.00537EPSS
Exploits1References2
euvd
euvd
added 2026/02/25 8:32 p.m.7 views

EUVD-2026-8735

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfAppUpdateWindowFromSurface reuses a cached XImage whose data pointer references a freed RDPGFX surface buffer, because gdiDeleteSurface frees surface-data without invalidating the appWindow-image that...

6.9CVSS5.4AI score0.00498EPSS
Exploits1References6
redhat
redhat
added 2026/02/17 3:29 a.m.11 views

freerdp: FreeRDP: Heap buffer overflow via crafted RDPGFX surface updates leads to denial of service and potential code execution.

A flaw was found in FreeRDP. A malicious server can exploit an out-of-bounds read/write vulnerability in the ClearCodec component by sending crafted RDPGFX surface updates. This can trigger a client-side heap buffer overflow, leading to a crash Denial of Service DoS and potential heap corruption...

9.8CVSS6AI score0.00443EPSS
Exploits1References7
ptsecurity
ptsecurity
added 2026/01/01 12:0 a.m.14 views

PT-2026-22012

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.23.0 Description FreeRDP is a free implementation of the Remote Desktop Protocol. A flaw exists in the xf AppUpdateWindowFromSurface function where a cached XImage’s data pointer can reference a freed RDPGFX surface...

10CVSS5.3AI score0.00756EPSS
Exploits30References78
susecve
susecve
added 2023/02/15 5:16 a.m.4 views

SUSE CVE-2015-5261

Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation...

7.1CVSS7.6AI score0.00486EPSS
Exploits0References7
Rows per page
Query Builder