Freerdp

Freerdp

173 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.26%
  • Veröffentlicht 08.07.2026 13:49:01
  • Zuletzt bearbeitet 09.07.2026 19:38:09

FreeRDP before 3.22.0 contains a use-after-free vulnerability in dvcman_channel_close and dvcman_call_on_receive due to improper synchronization of channel_callback access. A malicious RDP server can trigger a race condition by sending DYNVC_DATA and...

Exploit
  • EPSS 0.46%
  • Veröffentlicht 29.05.2026 19:44:12
  • Zuletzt bearbeitet 08.07.2026 13:16:47

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's planar bitmap decoder has an out-of-bounds heap write when decoding RLE planar data. In libfreerdp/codec/planar.c, freerdp_bitmap_decompress_planar() validate...

Exploit
  • EPSS 3.45%
  • Veröffentlicht 29.05.2026 19:42:23
  • Zuletzt bearbeitet 08.07.2026 13:16:45

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard (cliprdr) channel by sending a CB_CLIP_CAPS PDU with a too-small capa...

Exploit
  • EPSS 0.38%
  • Veröffentlicht 29.05.2026 19:41:46
  • Zuletzt bearbeitet 08.07.2026 13:16:46

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without tracking the pointed object's expected NDR type or owner...

Exploit
  • EPSS 0.42%
  • Veröffentlicht 29.05.2026 19:40:25
  • Zuletzt bearbeitet 08.07.2026 13:16:45

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is in gdi_CacheToSurface: it validates a d...

Exploit
  • EPSS 0.83%
  • Veröffentlicht 26.05.2026 14:08:47
  • Zuletzt bearbeitet 08.07.2026 13:16:41

FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdi_CacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because rectangle validation clamps coordinates to UINT16_MAX but perf...

Exploit
  • EPSS 0.2%
  • Veröffentlicht 24.04.2026 02:24:50
  • Zuletzt bearbeitet 27.04.2026 17:44:02

FreeRDP is a free implementation of the Remote Desktop Protocol. Versions prior to 3.25.0 have an off-by-one in the path traversal filter in `channels/drive/client/drive_file.c`. The `contains_dotdot()` function catches `../` and `..\` mid-path but m...

  • EPSS 0.28%
  • Veröffentlicht 30.03.2026 21:43:49
  • Zuletzt bearbeitet 01.04.2026 18:35:09

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a double-free vulnerability in kerberos_AcceptSecurityContext() and kerberos_InitializeSecurityContextA() (WinPR, winpr/libwinpr/sspi/Kerberos/kerberos.c) can c...

  • EPSS 0.1%
  • Veröffentlicht 30.03.2026 21:43:39
  • Zuletzt bearbeitet 01.04.2026 18:44:43

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in persistent_cache_read_entry_v3() in libfreerdp/cache/persistent.c, persistent->bmpSize is updated before winpr_aligned_recalloc(). If realloc fails, bmpSize ...

  • EPSS 0.27%
  • Veröffentlicht 30.03.2026 21:43:21
  • Zuletzt bearbeitet 30.06.2026 03:18:48

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in yuv_ensure_buffer() in libfreerdp/codec/h264.c, h264->width and h264->height are updated before the reallocation loop. If any winpr_aligned_recalloc() call f...