Lucene search
K

7 matches found

SUSE CVE
SUSE CVE
added 2026/03/16 5:32 p.m.4 views

SUSE CVE-2026-29774

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due to missing horizontal bounds validation of H.264 metablock regionRects coordinates. In yuv.c, the clamp...

5.3CVSS6AI score0.00323EPSS
Exploits1References9
ATTACKERKB
ATTACKERKB
added 2026/03/13 5:26 p.m.10 views

CVE-2026-29774

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due to missing horizontal bounds validation of H.264 metablock regionRects coordinates. In yuv.c, the clamp...

5.3CVSS6AI score0.00323EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2026/02/25 9:16 p.m.9 views

CVE-2026-25955

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfAppUpdateWindowFromSurface reuses a cached XImage whose data pointer references a freed RDPGFX surface buffer, because gdiDeleteSurface frees surface-data without invalidating the appWindow-image that...

9.8CVSS0.00498EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2026/02/25 8:32 p.m.6 views

CVE-2026-25955 FreeRDP has heap-use-after-free in xf_AppUpdateWindowFromSurface (stale XImage)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfAppUpdateWindowFromSurface reuses a cached XImage whose data pointer references a freed RDPGFX surface buffer, because gdiDeleteSurface frees surface-data without invalidating the appWindow-image that...

6.9CVSS5.4AI score0.00498EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/02/05 11:53 a.m.5 views

freerdp: FreeRDP: Arbitrary code execution and denial of service via client-side heap buffer overflow

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A malicious server can trigger a client-side heap buffer overflow in the ClearCodec bands decode path. This vulnerability, caused by crafted band coordinates, allows writes past the end of the destination surface...

9.8CVSS6.2AI score0.00434EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.10 views

PT-2026-22012

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.23.0 Description FreeRDP is a free implementation of the Remote Desktop Protocol. A flaw exists in the xf AppUpdateWindowFromSurface function where a cached XImage’s data pointer can reference a freed RDPGFX surface...

10CVSS5.3AI score0.00756EPSS
Exploits30References78
CNVD
CNVD
added 2019/02/11 12:0 a.m.1 views

SDL (Simple DirectMedia Layer) Buffer Overflow Vulnerability (CNVD-2019-29174)

Simple DirectMedia Layer SDL is a multi-platform library for accessing low-level hardware and graphics and providing support for games, software and emulators. A heap-based buffer overflow vulnerability exists in the 'SDLFillRect' function in the video/SDLsurface.c file in SDL versions 1.2.15 and...

8.8CVSS9.8AI score0.03112EPSS
Exploits1References1
Rows per page
Query Builder