Lucene search
K

8 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfSetWindowMinMaxInfo dereferenced a freed xfAppWindow pointer because xfrailgetwindow in xfrailserverminmaxinfo returned an unprotected pointer from the railWindows hash table. This could allow the main...

9.8CVSS5.8AI score0.00599EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, railwindowfree dereferenced a freed xfAppWindow pointer during HashTableFree cleanup. This was due to xfrailwindowcommon calling freeappWindow in case of title allocation failures, without first removing the...

7.5CVSS7.1AI score0.00476EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.2 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: freerdp (UTSA-2026-007173)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007173 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, railwindowfree dereferences a freed xfAppWindow pointer during HashTableFre...

7.5CVSS5.8AI score0.00476EPSS
Exploits1References4
OSV
OSV
added 2026/02/25 9:16 p.m.1 views

UBUNTU-CVE-2026-25954

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfrailserverlocalmovesize dereferences a freed xfAppWindow pointer because xfrailgetwindow returns an unprotected pointer from the railWindows hash table, and the main thread can concurrently delete the wind...

7.5CVSS5.8AI score0.00486EPSS
Exploits1References10
OSV
OSV
added 2026/02/25 9:16 p.m.2 views

UBUNTU-CVE-2026-25952

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfSetWindowMinMaxInfo dereferences a freed xfAppWindow pointer because xfrailgetwindow in xfrailserverminmaxinfo returns an unprotected pointer from the railWindows hash table, and the main thread can...

9.8CVSS5.8AI score0.00599EPSS
Exploits1References13
CVE
CVE
added 2026/02/25 9:1 p.m.94 views

CVE-2026-26986

CVE-2026-26986 affects FreeRDP prior to version 3.23.0. The root cause is a use-after-free: during HashTable_Free cleanup, xf_rail_window_common frees appWindow without first removing the corresponding entry from the railWindows hash table, leaving a dangling pointer that is freed again on discon...

7.5CVSS5.5AI score0.00476EPSS
Exploits1References8Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/25 8:30 p.m.4 views

CVE-2026-25954 FreeRDP has heap-use-after-free in xf_rail_server_local_move_size

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfrailserverlocalmovesize dereferences a freed xfAppWindow pointer because xfrailgetwindow returns an unprotected pointer from the railWindows hash table, and the main thread can concurrently delete the wind...

6.9CVSS5.9AI score0.00486EPSS
Exploits1References8
AlpineLinux
AlpineLinux
added 2026/02/25 8:24 p.m.2 views

CVE-2026-25952

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfSetWindowMinMaxInfo dereferences a freed xfAppWindow pointer because xfrailgetwindow in xfrailserverminmaxinfo returns an unprotected pointer from the railWindows hash table, and the main thread can...

9.8CVSS5.9AI score0.00599EPSS
Exploits1
Rows per page
Query Builder