25 matches found
CVE-2022-24503
CVE-2022-24503 is a Remote Desktop Protocol Client Information Disclosure vulnerability. Connected sources indicate it affects Windows Remote Desktop Client and can be triggered over the network with no authentication and no user interaction, exposing partial confidentiality (C:L). The issue is t...
CVE-2022-22017
CVE-2022-22017 is a Remote Desktop Client RCE vulnerability affecting Windows clients. The attack requires a user to connect to a malicious RDP server; on connection, code can be executed on the victim’s system with the user’s privileges. Public patch guidance is available via Microsoft KBs (KB50...
CVE-2019-0887
CVE-2019-0887 is a remote code execution vulnerability in Remote Desktop Services related to the shared clipboard. The issue arises when a malicious RDP server can abuse clipboard redirection to drop arbitrary files via path traversal in the clipboard sharing channel, impacting RDP clients (mstsc...
CVE-2021-34535
CVE-2021-34535 is a Remote Desktop Client remote code execution vulnerability in Windows. According to the connected sources, it affects the Windows Remote Desktop Client component and is rated High (CVSS v3.1 base 8.8). Exploitation was addressed in Microsoft’s August 2021 Patch Tuesday updates;...
CVE-2022-22015
Technical details about CVE-2022-22015 are not provided in the connected documents. The MSKB entries listed pertain to OS/security updates but do not disclose affected RDP components, exploit specifics, or patch details for this CVE. Monitor for updates.
CVE-2023-29362
Technical details about CVE-2023-29362 (affected product, vulnerable component, root cause, impact, or fix) are not provided in the supplied documents. Monitor for updates from official advisories and vulnerability databases.
CVE-2022-26940
CVE-2022-26940 is a Remote Desktop Protocol Client Information Disclosure Vulnerability affecting the Microsoft Remote Desktop Client. Public documents confirm the issue pertains to information disclosure within the RDP client component, with linked references to Microsoft’s advisory (KB/MSRC) an...
CVE-2024-38131
Technical details about CVE-2024-38131 are not publicly provided in the connected documents. The available material lacks product/version/root-cause/remediation specifics. Monitor official advisories/updates for concrete information.
CVE-2024-49105
CVE-2024-49105 affects the Windows Remote Desktop Client. It enables remote code execution over the network; exploitation requires user interaction and high privileges, with high impacts to confidentiality, integrity, and availability. CVSS v3.1 base score 8.4 (Network, Low attack complexity, Pri...
CVE-2023-28267
CVE-2023-28267 is the Remote Desktop Protocol Client Information Disclosure Vulnerability affecting the Microsoft Windows Remote Desktop Client (CPE: cpe:/a:microsoft:remote_desktop_connection). The CVSSv3.1 base score is 6.5 (Medium), with attack vector Network, attack complexity Low, privileges...
CVE-2023-29352
CVE-2023-29352 is a Windows Remote Desktop Security Feature Bypass vulnerability. The CVSS 3.1 vector indicates network access with low attack complexity, no privileges, and user interaction required, resulting in potential integrity impact (I: High) but no confidentiality or availability impact ...
CVE-2021-1669
CVE-2021-1669 is a Windows Remote Desktop Security Feature Bypass vulnerability. The linked NVD entry notes a high-severity, network-based issue (CVSS v3.1: 8.8; privileges required: LOW; user interaction: NONE; impact: HIGH across confidentiality, integrity, availability). OpenVAS-derived entrie...
CVE-2021-38665
CVE-2021-38665 is described as a Remote Desktop Protocol Client Information Disclosure Vulnerability. The provided records show CVSSv3.1 base score 6.5 (NETWORK, LOW ATTACK COMPLEXITY, NONE PRIVILEGES, UI: REQUIRED) and a CNA-provided score of 7.4 (HIGH confidentiality impact). Exploitation detai...
CVE-2025-26645
CVE-2025-26645 affects the Windows Remote Desktop Client. The vulnerability is a relative path traversal in the Remote Desktop Client that allows an unauthenticated attacker to execute code over the network. According to the published metrics, the exploit requires network access with low attack c...
CVE-2022-41121
CVE-2022-41121 is a Windows Graphics Component Elevation of Privilege vulnerability with a CVSS v3.1 base score of 7.8 (HIGH), requiring LOCAL access with LOW privileges and no user interaction. The available descriptions identify the affected component as Windows Graphics Component but provide n...
CVE-2025-27487
CVE-2025-27487 is a heap-based buffer overflow in Windows Remote Desktop Client that allows an authenticated attacker to execute code over the network (CVSSv3.1: 8.0 HIGH; AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H). Connected sources confirm this vulnerability and reference remote desktop RCE updates. ...
CVE-2025-32715
CVE-2025-32715 is a vulnerability in the Windows Remote Desktop Client described as an out-of-bounds read that can lead to information disclosure . The connected NCSC advisory lists CVSS v3.1/6.50 with an impact of Access to sensitive data . Exploitation details, affected product versions, and sp...
CVE-2025-48817
Technical details about CVE-2025-48817 are not publicly provided in the supplied documents. No vendor/product/versions or mitigations are disclosed here. Monitor official advisories for updates.
CVE-2026-42985
CVE-2026-42985 is described in connected sources as a heap-based buffer overflow in the Remote Desktop Client that allows an unauthenticated attacker to execute code over the network. The initial and connected docs provide the vulnerability description and a high CVSS score (8.8, HIGH) with netwo...
CVE-2025-58718
CVE-2025-58718 is a use-after-free in the Windows Remote Desktop Client that allows a network-based, unauthenticated attacker to execute code on the affected system. CVSSv3.1 shows AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H with a base score of 8.8 (HIGH); exploitation requires user interaction. Connect...
CVE-2026-32157
CVE-2026-32157 affects the Remote Desktop Client and enables remote code execution over the network. The CVSSv3.1 score is 8.8 (HIGH), with confidentiality, integrity, and availability all rated High. Attack requires network access and user interaction, with privilegesN/A and exploitation current...
CVE-2026-42909
CVE-2026-42909 involves a heap-based buffer overflow in the Remote Desktop Client that enables a remote attacker to execute code over the network. The vulnerability arises from improper handling of data during remote desktop operations, leading to memory corruption. The CVSS-3.1 vector (AV:N/AC:H...
CVE-2026-42913
The CVE-2026-42913 entry describes a heap-based buffer overflow in the Remote Desktop Client leading to remote code execution over a network with High severity (CVSS 3.1: AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H). Affected component is the Remote Desktop Client; underlying cause is a heap-based overfl...
CVE-2026-44799
This CVE (CVE-2026-44799) describes a heap-based buffer overflow in the Remote Desktop Client that allows an unauthorized attacker to execute code remotely over a network . The connected records corroborate a network-based, remote code execution vulnerability affecting the Remote Desktop Client, ...
CVE-2026-44801
CVE-2026-44801 = heap-based buffer overflow in Remote Desktop Client enabling a remote code execution by an unauthenticated attacker over the network. Root cause: heap overflow; impact: remote execution of code. Affected software/version details are not provided in the documents. No exploit statu...