Lucene search
K

52 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux - уязвимость в freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The affected versions are vulnerable to an Out-of-Bounds Write attack in the cleardecompressbandsdata function, where there is no offset validation. Abuse of this vulnerability could lead to an...

9.8CVSS7.3AI score0.0025EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.2 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: freerdp (UTSA-2026-007208)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007208 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, audinserverrecvformats frees an incorrect number of audio formats on parse failure ...

8.7CVSS5.8AI score0.00022EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/13 5:35 p.m.8 views

CVE-2026-31883

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a sizet underflow in the IMA-ADPCM and MS-ADPCM audio decoders leads to heap-buffer-overflow write via the RDPSND audio channel. In libfreerdp/codec/dsp.c, the IMA-ADPCM and MS-ADPCM decoders subtract block header...

6.5CVSS5.8AI score0.00068EPSS
Exploits1References3Affected Software1
AlpineLinux
AlpineLinux
added 2026/03/13 5:33 p.m.2 views

CVE-2026-29776

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, Integer Underflow in updatereadcachebitmaporder Function of FreeRDP's Core Library This vulnerability is fixed in 3.24.0...

3.1CVSS5.8AI score0.00059EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.4 views

Amazon Linux 2023 : freerdp, freerdp-devel, freerdp-libs (ALAS2023-2026-1454)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1454 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP...

9.1CVSS5.9AI score0.00026EPSS
Exploits0References26
ATTACKERKB
ATTACKERKB
added 2026/02/25 8:32 p.m.8 views

CVE-2026-25955

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfAppUpdateWindowFromSurface reuses a cached XImage whose data pointer references a freed RDPGFX surface buffer, because gdiDeleteSurface frees surface-data without invalidating the appWindow-image that...

9.8CVSS5.4AI score0.00103EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2026/02/25 7:55 p.m.20 views

CVE-2026-25941

FreeRDP (2.x < 2.11.8 and 3.x

8.1CVSS5.5AI score0.00116EPSS
Exploits1References2Affected Software1
SUSE CVE
SUSE CVE
added 2026/02/11 12:23 a.m.4 views

SUSE CVE-2026-23948

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0. This vulnerability...

5.3CVSS5.6AI score0.00022EPSS
Exploits0References6
NVD
NVD
added 2026/02/09 7:15 p.m.5 views

CVE-2026-23948

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0. This vulnerability...

7.5CVSS0.00022EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/09 6:17 p.m.2 views

CVE-2026-24678 FreeRDP has a Heap-use-after-free in cam_v4l_stream_capture_thread

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, A capture thread sends sample responses using a freed channel callback after a device channel close, leading to a use after free in ecamchannelwrite. This vulnerability is fixed in 3.22.0...

8.7CVSS5.5AI score0.00022EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/02/09 6:15 p.m.2 views

CVE-2026-24676

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, AUDIN format renegotiation frees the active format list while the capture thread continues using audin-format, leading to a use after free in audioformatcompatible. This vulnerability is fixed in 3.22.0...

8.7CVSS5.6AI score0.00022EPSS
Exploits0
OSV
OSV
added 2026/01/14 6:16 p.m.0 views

UBUNTU-CVE-2026-22857

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap use-after-free occurs in irpthreadfunc because the IRP is freed by irp-Complete and then accessed again on the error path. This vulnerability is fixed in 3.20.1...

9.8CVSS5.8AI score0.0011EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2026/01/14 5:50 p.m.4 views

CVE-2026-22855

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length. This vulnerability is fixed in 3.20.1...

9.1CVSS5.6AI score0.0011EPSS
Exploits1
CNNVD
CNNVD
added 2026/01/14 12:0 a.m.4 views

FreeRDP 资源管理错误漏洞

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP by the FreeRDP team. A resource management error vulnerability exists in FreeRDP versions prior to 3.20.1, which originates in irpthreadfunc, where the IRP is released by irp-Complete and then accessed on the wrong path,...

9.8CVSS7.3AI score0.0011EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/12/19 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-68118

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.0, a vulnerability exists in FreeRDP's certificate handling code on Windo...

9.1CVSS6AI score0.00058EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2008-5874

Malware in sbrugna...

7.5CVSS6.1AI score0.02817EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-18884

Malware in sbrugna...

7.8CVSS7.7AI score0.00983EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-17133

Malware in sbrugna...

8.8CVSS8.6AI score0.0392EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.0 views

EUVD-2022-28534

Malicious code in bioql PyPI...

9.8CVSS7.8AI score0.00163EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 10:5 a.m.8 views

CVE-2019-0708

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'...

10CVSS10AI score0.94454EPSS
Exploits123References1
Rows per page
Query Builder