Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Redos
Redosadded 2026/06/11 12:0 a.m.6 views

ROS-20260611-73-0017

The vulnerability of the updatepointernew function in the RDP client FreeRDP relates to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code and cause service failures...

9.8CVSS6AI score0.00538EPSS
Exploits1
Vulnrichment
Vulnrichmentadded 2026/02/25 9:5 p.m.1 views

CVE-2026-27950 FreeRDP heap-use-after-free in update_pointer_new(SDL): Fix Applied in the Wrong File

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix for the heap-use-after-free described in CVE-2026-24680 is incomplete. While the vulnerable execution flow referenced in the advisory exists in the SDL2 implementation, the fix appears to have been...

6.9CVSS5.9AI score0.00427EPSS
Exploits0References4
CVE
CVEadded 2026/02/25 9:5 p.m.23 views

CVE-2026-27950

CVE-2026-27950 affects FreeRDP prior to 3.23.0, where the heap-use-after-free described in the advisory is incompletely fixed in the SDL2 path (SDL3 path fix present). The SDL2 code path does not nulled the pointer after free, leaving a vulnerable execution flow in some builds/environments. A com...

7.5CVSS5.8AI score0.00427EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/02/09 6:19 p.m.3 views

CVE-2026-24680 FreeRDP has a heap-use-after-free in update_pointer_new(SDL)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, sdlPointerNew frees data on failure, then pointerfree calls sdlPointerFree and frees it again, triggering ASan UAF. This vulnerability is fixed in 3.22.0...

8.7CVSS5.6AI score0.00423EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/02/09 6:19 p.m.25 views

CVE-2026-24680 FreeRDP has a heap-use-after-free in update_pointer_new(SDL)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, sdlPointerNew frees data on failure, then pointerfree calls sdlPointerFree and frees it again, triggering ASan UAF. This vulnerability is fixed in 3.22.0...

8.7CVSS0.00423EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/01/19 5:15 p.m.15 views

CVE-2026-23883 Heap-use-after-free in update_pointer_new

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, xfPointerNew frees cursorPixels on failure, then pointerfree calls xfPointerFree and frees it again, triggering ASan UAF. A malicious server can trigger a client‑side use after free, causing a crash DoS and...

8.7CVSS0.00538EPSS
Exploits1References5
CVE
CVEadded 2026/01/19 5:15 p.m.26 views

CVE-2026-23883

FreeRDP vulnerable: prior to 3.21.0, the xf_Pointer_New path frees cursorPixels on failure and then xf_Pointer_Free frees it again, causing a use-after-free (ASan UAF) that can crash the client and potentially enable heap-based code execution depending on allocator/heap layout. The issue affects ...

9.8CVSS5.6AI score0.00538EPSS
Exploits1References5Affected Software1
OSV
OSVadded 2026/01/19 5:15 p.m.1 views

CVE-2026-23883 Heap-use-after-free in update_pointer_new

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, xfPointerNew frees cursorPixels on failure, then pointerfree calls xfPointerFree and frees it again, triggering ASan UAF. A malicious server can trigger a client‑side use after free, causing a crash DoS and...

8.7CVSS5.9AI score0.00538EPSS
Exploits1References7
Rows per page
Query Builder