1561 matches found
FreeRDP 缓冲区错误漏洞
FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. FreeRDP suffers from a buffer overflow vulnerability that stems from unvalidated target rectangle boundaries in the GDI surface pipeline, which can be exploited by an attacker to cause a heap buffer...
FreeRDP 安全漏洞
FreeRDP is an open-source RDP protocol implementation developed by the FreeRDP team. Versions of FreeRDP prior to 3.23.0 contained security vulnerabilities. These vulnerabilities stemmed from the xfAppUpdateWindowFromSurface function, which attempted to read data from an already released...
New Report: The Digital Footprints of Many Executives Can Leave Their Companies Seriously Exposed
Senior leaders are visible by design. They speak at events, post on LinkedIn, sit on boards, and sign public filings. That visibility builds brands and drives growth. It also creates risk. In our latest Rapid7 Labs report, Executives’ Digital Footprints: The Overlooked Corporate Vulnerability , w...
How Exposed Endpoints Increase Risk Across LLM Infrastructure
As more organizations run their own Large Language Models LLMs, they are also deploying more internal services and Application Programming Interfaces APIs to support those models. Modern security risks are being introduced less from the models themselves and more from the infrastructure that...
freerdp: FreeRDP: Denial of Service and potential code execution via client-side heap buffer overflow
A flaw was found in FreeRDP. A malicious server can exploit a client-side heap buffer overflow vulnerability in the gdiSurfaceToSurface path. This vulnerability, caused by a mismatch in memory handling, can lead to a crash Denial of Service of the client application. Furthermore, it carries a ris...
freerdp: FreeRDP: Denial of Service and potential code execution via client-side heap buffer overflow
A flaw was found in FreeRDP. A malicious server can exploit a client-side heap buffer overflow vulnerability in the gdiSurfaceToSurface path. This vulnerability, caused by a mismatch in memory handling, can lead to a crash Denial of Service of the client application. Furthermore, it carries a ris...
freerdp: FreeRDP: Denial of Service and potential code execution via client-side heap buffer overflow
A flaw was found in FreeRDP. A malicious server can exploit a client-side heap buffer overflow vulnerability in the gdiSurfaceToSurface path. This vulnerability, caused by a mismatch in memory handling, can lead to a crash Denial of Service of the client application. Furthermore, it carries a ris...
Skill-Inject: Measuring Agent Vulnerability to Skill File Attacks
LLM agents are evolving rapidly, powered by code execution, tools, and the recently introduced agent skills feature. Skills allow users to extend LLM applications with specialized third-party code, knowledge, and instructions. Although this can extend agent capabilities to new domains, it creates...
RHEL 9 : freerdp (RHSA-2026:3037)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3037 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to R...
What is CTEM? A Guide to Proactive Cybersecurity
Most security teams are great at finding problems. The real challenge is figuring out which problems to solve first. When everything is a priority, nothing is. This is a common frustration that leaves teams feeling overworked and unsure if their efforts are making a real difference. A more...
6 Best Exposure Management Cybersecurity Platforms
How do you know if your security controls will actually stop an attack? You can have the best firewalls and endpoint protection on the market, but misconfigurations or undiscovered assets can render them useless. This is the fundamental question that traditional vulnerability management can't...
freerdp: FreeRDP: Heap buffer overflow via crafted RDPGFX surface updates leads to denial of service and potential code execution.
A flaw was found in FreeRDP. A malicious server can exploit an out-of-bounds read/write vulnerability in the ClearCodec component by sending crafted RDPGFX surface updates. This can trigger a client-side heap buffer overflow, leading to a crash Denial of Service DoS and potential heap corruption...
freerdp: FreeRDP: Denial of Service and potential code execution via client-side heap buffer overflow
A flaw was found in FreeRDP. A malicious server can exploit a client-side heap buffer overflow vulnerability in the gdiSurfaceToSurface path. This vulnerability, caused by a mismatch in memory handling, can lead to a crash Denial of Service of the client application. Furthermore, it carries a ris...
Inside Modern API Attacks: What We Learn from the 2026 API ThreatStats Report
API security has been a growing concern for years. However, while it was always seen as important, it often came second to application security or hardening infrastructure. In 2025, the picture changed. Wallarm’s 2026 API ThreatStats Report revealed that APIs are now the primary attack surface fo...
freerdp: FreeRDP: Denial of Service and potential code execution via client-side heap buffer overflow
A flaw was found in FreeRDP. A malicious server can exploit a client-side heap buffer overflow vulnerability in the gdiSurfaceToSurface path. This vulnerability, caused by a mismatch in memory handling, can lead to a crash Denial of Service of the client application. Furthermore, it carries a ris...
freerdp: FreeRDP: Heap buffer overflow via crafted RDPGFX surface updates leads to denial of service and potential code execution.
A flaw was found in FreeRDP. A malicious server can exploit an out-of-bounds read/write vulnerability in the ClearCodec component by sending crafted RDPGFX surface updates. This can trigger a client-side heap buffer overflow, leading to a crash Denial of Service DoS and potential heap corruption...
freerdp: FreeRDP: Denial of Service and potential code execution via client-side heap buffer overflow
A flaw was found in FreeRDP. A malicious server can exploit a client-side heap buffer overflow vulnerability in the gdiSurfaceToSurface path. This vulnerability, caused by a mismatch in memory handling, can lead to a crash Denial of Service of the client application. Furthermore, it carries a ris...
Security update for freerdp
This update for freerdp fixes the following issues: CVE-2026-22852: a malicious RDP server can trigger a heap-buffer-overflow in audinprocessformats bsc1256718. CVE-2026-22854: server-controlled read length is used to read file data into an IRP output can cause heap-buffer-overflow in...
SUSE-SU-2026:0559-1 Security update for freerdp
This update for freerdp fixes the following issues: - CVE-2026-22852: a malicious RDP server can trigger a heap-buffer-overflow in audinprocessformats bsc1256718. - CVE-2026-22854: server-controlled read length is used to read file data into an IRP output can cause heap-buffer-overflow in...
The CTEM Divide: Why 84% of Security Programs Are Falling Behind
A new 2026 market intelligence study of 128 enterprise security decision-makers available here reveals a stark divide forming between organizations – one that has nothing to do with budget size or industry and everything to do with a single framework decision. Organizations implementing Continuou...