Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1736 matches found

SUSE CVE
SUSE CVEadded 5 days ago9 views

SUSE CVE-2026-44421

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is in gdiCacheToSurface: it validates a destination rectangle that is clamped to UINT16MA...

8.8CVSS5.9AI score0.00055EPSS
Exploits1References3
SUSE CVE
SUSE CVEadded 5 days ago8 views

SUSE CVE-2026-44422

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without tracking the pointed object's expected NDR type or ownership. When the same ref-id is reused across two...

8.8CVSS5.8AI score0.0005EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2026/05/30 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-44421

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP...

8.8CVSS5.7AI score0.00055EPSS
Exploits1References3
NVD
NVDadded 2026/05/29 8:16 p.m.9 views

CVE-2026-44422

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without tracking the pointed object's expected NDR type or ownership. When the same ref-id is reused across two...

8.8CVSS0.0005EPSS
Exploits1References1
OSV
OSVadded 2026/05/29 8:16 p.m.4 views

DEBIAN-CVE-2026-44421

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is in gdiCacheToSurface: it validates a destination rectangle that is clamped to UINT16MA...

8.8CVSS5.9AI score0.00055EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2026/05/29 7:42 p.m.10 views

CVE-2026-44420

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard cliprdr channel by sending a CBCLIPCAPS PDU with a too-small capabilitySetLength. This can crash the server process...

8.8CVSS6.2AI score0.0004EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2026/05/29 7:41 p.m.15 views

CVE-2026-44422

CVE-2026-44422 affects FreeRDP prior to 3.26.0. The RDPEAR NDR parser incorrectly reused a non-null NDR pointer ref-id across multiple logical pointer fields, causing the same heap object to be assigned to two outputs. The destructor then frees both pointers, enabling a heap use-after-free / doub...

8.8CVSS5.8AI score0.0005EPSS
Exploits1References1Affected Software1
EUVD
EUVDadded 2026/05/29 7:41 p.m.9 views

EUVD-2026-33434

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without tracking the pointed object's expected NDR type or ownership. When the same ref-id is reused across two...

7.5CVSS5.8AI score0.0005EPSS
Exploits1References1
AlpineLinux
AlpineLinuxadded 2026/05/29 7:40 p.m.10 views

CVE-2026-44421

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is in gdiCacheToSurface: it validates a destination rectangle that is clamped to UINT16MA...

8.8CVSS5.9AI score0.00055EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2026/05/29 7:40 p.m.7 views

CVE-2026-44421

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is in gdiCacheToSurface: it validates a destination rectangle that is clamped to UINT16MA...

8.8CVSS5.9AI score0.00055EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2026/05/29 7:40 p.m.28 views

CVE-2026-44421 FreeRDP RDPGFX CacheToSurface heap-buffer-overflow via clamped-rectangle validation bypass

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is in gdiCacheToSurface: it validates a destination rectangle that is clamped to UINT16MA...

8.8CVSS0.00055EPSS
Exploits1References1
Cvelist
Cvelistadded 2026/05/29 11:47 a.m.22 views

CVE-2026-8326 Remote Spark SparkView Path Traversal in RDP Drive Redirection leading to RCE

Path traversal vulnerability in Remote Spark https://www.Remotespark.Com/ SparkView allows reading and writing arbitrary files in all directories as root. This leads to RCE. The affected component is the RDP drive redirection. Depending on implementation, the vulnerability can be exploited by an...

10CVSS0.00121EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/29 11:47 a.m.7 views

CVE-2026-8326

Path traversal vulnerability in Remote Spark https://www.Remotespark.Com/ SparkView allows reading and writing arbitrary files in all directories as root. This leads to RCE. The affected component is the RDP drive redirection. Depending on implementation, the vulnerability can be exploited by an...

10CVSS5.9AI score0.00121EPSS
Exploits0References2
Redos
Redosadded 2026/05/29 12:0 a.m.10 views

ROS-20260529-73-0004

The vulnerability of the GNOME Remote Desktop remote desktop service is related to pointer assignment errors. Exploiting this vulnerability can allow a malicious actor to compromise data integrity and cause service failures through a specially created RDP packet...

6.5CVSS5.8AI score0.00454EPSS
Exploits0
CNNVD
CNNVDadded 2026/05/29 12:0 a.m.6 views

Remote Spark SparkView 安全漏洞

Remote Spark SparkView is a browser-based client software developed by Remote Spark, enabling remote desktop and terminal access. Versions of Remote Spark SparkView prior to build 1127 contained security vulnerabilities. These vulnerabilities stemmed from path traversal in RDP driver redirection,...

10CVSS6.3AI score0.00121EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/05/29 12:0 a.m.11 views

PT-2026-44989

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.26.0 Description The planar bitmap decoder contains an out-of-bounds heap write when decoding RLE planar data. In the libfreerdp/codec/planar.c file, the freerdp bitmap decompress planar function validates the X...

9.8CVSS5.9AI score0.00021EPSS
Exploits1References10
Debian CVE
Debian CVEadded 2026/05/26 2:8 p.m.5 views

CVE-2026-40033

FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdiCacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because rectangle validation clamps coordinates to UINT16MAX but performs copy operations using unclamped cache entry...

8.8CVSS6.4AI score0.00068EPSS
Exploits1
RedHat Linux
RedHat Linuxadded 2026/05/26 5:33 a.m.7 views

wireshark: Heap-based Buffer Overflow in Wireshark

A flaw was found in the RDP protocol dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing a heap-based buffer overflow, resulting in a denial of service or potentially in code execution...

7.8CVSS6.2AI score0.0001EPSS
Exploits1References6
RedHat Linux
RedHat Linuxadded 2026/05/26 5:5 a.m.13 views

Moderate: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS6.7AI score0.00164EPSS
Exploits7References11
RedHat Linux
RedHat Linuxadded 2026/05/26 2:2 a.m.17 views

FreeRDP: FreeRDP: Information disclosure via heap memory out of bounds read

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a vulnerability where pixel data from adjacent heap memory is rendered to the screen. This can lead to the disclosure of sensitive data to the attacker...

7.1CVSS5.8AI score0.00054EPSS
Exploits0References6
Rows per page
Query Builder