Lucene search
+L

69 matches found

Fedora
Fedora
added yesterday9 views

[SECURITY] Fedora 44 Update: xrdp-0.10.6.1-1.fc44

xrdp provides a fully functional RDP server compatible with a wide range of RDP clients, including FreeRDP and Microsoft RDP client...

6.1AI score
Exploits0
OSV
OSV
added 2026/05/26 3:16 p.m.8 views

DEBIAN-CVE-2026-40033

FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdiCacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because rectangle validation clamps coordinates to UINT16MAX but performs copy operations using unclamped cache entry...

8.7CVSS6.4AI score0.00827EPSS
Exploits1References1
Fedora
Fedora
added 2026/04/28 1:0 a.m.12 views

[SECURITY] Fedora 43 Update: xrdp-0.10.6-1.fc43

xrdp provides a fully functional RDP server compatible with a wide range of RDP clients, including FreeRDP and Microsoft RDP client...

9.3CVSS5.2AI score0.00583EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/23 7:18 a.m.8 views

freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. The gdisurfacebits function, which processes SURFACEBITSCOMMAND messages, does not properly validate image dimensions bmp.width and bmp.height provided by a malicious RDP server. This can lead to a heap buffer...

9.8CVSS6.2AI score0.00656EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.8 views

Unity Linux 20.1070e Security Update: freerdp (UTSA-2026-006940)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006940 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP. Prior to version 2.7.0, server side authentication against a SAM file might be successful for...

9.8CVSS5.8AI score0.02265EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/04/17 8:16 p.m.10 views

CVE-2026-32624

xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in its logon processing. In environments where domainuserseparator is configured in xrdp.ini, an unauthenticated remote attacker can send a crafted, excessively long username and domain...

6.5CVSS5.9AI score0.00408EPSS
Exploits0References2
OSV
OSV
added 2026/04/17 8:16 p.m.6 views

UBUNTU-CVE-2026-33516

xrdp is an open source RDP server. Versions through 0.10.5 contain an out-of-bounds read vulnerability during the RDP capability exchange phase. The issue occurs when memory is accessed before validating the remaining buffer length. A remote, unauthenticated attacker can trigger this vulnerabilit...

9.1CVSS5.8AI score0.00427EPSS
Exploits0References3
OSV
OSV
added 2026/04/17 7:58 p.m.3 views

CVE-2026-32624 xrdp: Heap buffer overflow in xrdp_sec_process_logon_info() via incorrect g_strncat length calculation

xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in its logon processing. In environments where domainuserseparator is configured in xrdp.ini, an unauthenticated remote attacker can send a crafted, excessively long username and domain...

6.3CVSS7.2AI score0.00408EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/07 12:25 p.m.4 views

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input AUDIN format lists. audinprocessformats reuses callback-formatscount across multiple MSGSNDINFORMATS PDUs...

9.8CVSS6.1AI score0.00365EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/07 6:25 a.m.4 views

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input AUDIN format lists. audinprocessformats reuses callback-formatscount across multiple MSGSNDINFORMATS PDUs...

9.8CVSS6.1AI score0.00365EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/06 3:31 a.m.5 views

freerdp: FreeRDP: Arbitrary code execution via heap buffer overflow in GDI surface pipeline

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap buffer overflow vulnerability by sending a specially crafted graphics command to a FreeRDP client. This allows the server to write data outside of its intended memory...

8.8CVSS6.7AI score0.00537EPSS
Exploits1References6
OSV
OSV
added 2026/03/13 5:40 p.m.5 views

CVE-2026-31806 FreeRDP has a Heap Buffer Overflow in nsc_process_message() via Unchecked SURFACE_BITS_COMMAND Bitmap Dimensions

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly...

9.3CVSS6.2AI score0.00656EPSS
Exploits1References21
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-30304

Malware in sbrugna...

6.7CVSS6.8AI score0.0074EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-9791

Malware in sbrugna...

7.5CVSS8AI score0.07603EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-30303

Malware in sbrugna...

4.4CVSS6.1AI score0.00795EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-2039

Malware in sbrugna...

6.5CVSS6.9AI score0.02666EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-0822

Malware in sbrugna...

6.8CVSS8AI score0.01834EPSS
Exploits1References15
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-29650

Malicious code in bioql PyPI...

9.1CVSS8.6AI score0.02752EPSS
Exploits1References12
AlpineLinux
AlpineLinux
added 2024/07/12 4:15 p.m.20 views

CVE-2024-39917

xrdp is an open source RDP server. xrdp versions prior to 0.10.0 have a vulnerability that allows attackers to make an infinite number of login attempts. The number of max login attempts is supposed to be limited by a configuration parameter MaxLoginRetry in /etc/xrdp/sesman.ini. However, this...

6.8AI score0.00607EPSS
Exploits0
NVD
NVD
added 2024/07/12 4:15 p.m.19 views

CVE-2024-39917

xrdp is an open source RDP server. xrdp versions prior to 0.10.0 have a vulnerability that allows attackers to make an infinite number of login attempts. The number of max login attempts is supposed to be limited by a configuration parameter MaxLoginRetry in /etc/xrdp/sesman.ini. However, this...

9.8CVSS0.00607EPSS
Exploits0References3
Rows per page
Query Builder