Lucene search
K

7 matches found

Redos
Redos
added 2026/06/11 12:0 a.m.5 views

ROS-20260611-73-0035

The vulnerabilities of the sdlPointerNew and sdlPointerFree functions in the FreeRDP remote desktop protocol are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow a malicious actor to cause service failure...

8.7CVSS7.3AI score0.00423EPSS
Exploits0
NVD
NVD
added 2026/02/09 7:15 p.m.9 views

CVE-2026-24680

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, sdlPointerNew frees data on failure, then pointerfree calls sdlPointerFree and frees it again, triggering ASan UAF. This vulnerability is fixed in 3.22.0...

8.7CVSS0.00423EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/09 6:19 p.m.7 views

CVE-2026-24680

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, sdlPointerNew frees data on failure, then pointerfree calls sdlPointerFree and frees it again, triggering ASan UAF. This vulnerability is fixed in 3.22.0...

8.7CVSS5.6AI score0.00423EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/02/09 12:0 a.m.7 views

FreeRDP 资源管理错误漏洞

FreeRDP is an open-source implementation of the Remote Desktop Protocol RDP by the FreeRDP team. Versions of FreeRDP prior to 3.22.0 contained a resource management vulnerability. This vulnerability stemmed from the release of data when sdlPointerNew failed, followed by another release with...

8.7CVSS5.8AI score0.00423EPSS
Exploits0References2
OSV
OSV
added 2026/01/19 6:16 p.m.3 views

UBUNTU-CVE-2026-23883

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, xfPointerNew frees cursorPixels on failure, then pointerfree calls xfPointerFree and frees it again, triggering ASan UAF. A malicious server can trigger a client‑side use after free, causing a crash DoS and...

9.8CVSS5.8AI score0.00402EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2026/01/19 5:15 p.m.2 views

CVE-2026-23883 Heap-use-after-free in update_pointer_new

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, xfPointerNew frees cursorPixels on failure, then pointerfree calls xfPointerFree and frees it again, triggering ASan UAF. A malicious server can trigger a client‑side use after free, causing a crash DoS and...

8.7CVSS5.6AI score0.00402EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.6 views

PT-2026-7039

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.22.0 Description FreeRDP, a free implementation of the Remote Desktop Protocol, contains a flaw related to memory management. Specifically, versions before 3.22.0 improperly handle memory deallocation within the sdl...

9.1CVSS5.5AI score0.00628EPSS
Exploits0References58
Rows per page
Query Builder