Freerdp

Freerdp

173 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 0.32%
  • Veröffentlicht 13.03.2026 17:35:17
  • Zuletzt bearbeitet 17.03.2026 14:26:13

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a size_t underflow in the IMA-ADPCM and MS-ADPCM audio decoders leads to heap-buffer-overflow write via the RDPSND audio channel. In libfreerdp/codec/dsp.c, the IMA-ADP...

  • EPSS 0.18%
  • Veröffentlicht 13.03.2026 17:33:10
  • Zuletzt bearbeitet 17.03.2026 14:33:19

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, Integer Underflow in update_read_cache_bitmap_order Function of FreeRDP's Core Library This vulnerability is fixed in 3.24.0.

Exploit
  • EPSS 0.31%
  • Veröffentlicht 13.03.2026 17:28:39
  • Zuletzt bearbeitet 17.03.2026 14:43:17

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap out-of-bounds read/write occurs in FreeRDP's bitmap cache subsystem due to an off-by-one boundary check in bitmap_cache_put. A malicious server can s...

Exploit
  • EPSS 0.32%
  • Veröffentlicht 13.03.2026 17:26:58
  • Zuletzt bearbeitet 17.03.2026 14:51:38

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due to missing horizontal bounds validation of H.264 metabloc...

Exploit
  • EPSS 0.35%
  • Veröffentlicht 25.02.2026 21:07:30
  • Zuletzt bearbeitet 27.02.2026 19:09:27

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the function `Stream_EnsureCapacity` can create an endless blocking loop. This may affect all client and server implementations using `FreeRDP`. For practical e...

  • EPSS 0.43%
  • Veröffentlicht 25.02.2026 21:05:23
  • Zuletzt bearbeitet 27.02.2026 19:10:21

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix for the heap-use-after-free described in CVE-2026-24680 is incomplete. While the vulnerable execution flow referenced in the advisory exists in the SDL2...

Exploit
  • EPSS 0.48%
  • Veröffentlicht 25.02.2026 21:01:16
  • Zuletzt bearbeitet 27.02.2026 19:11:09

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `rail_window_free` dereferences a freed `xfAppWindow` pointer during `HashTable_Free` cleanup because `xf_rail_window_common` calls `free(appWindow)` on title a...

Exploit
  • EPSS 0.59%
  • Veröffentlicht 25.02.2026 20:59:17
  • Zuletzt bearbeitet 30.06.2026 03:17:52

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, `planar_decompress_plane_rle()` writes into `pDstData` at `((nYDst+y) * nDstStep) + (4*nXDst) + nChannel` without verifying that ...

Exploit
  • EPSS 0.54%
  • Veröffentlicht 25.02.2026 20:47:14
  • Zuletzt bearbeitet 30.06.2026 03:17:51

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline (e.g., `xfreerdp`) by sending an RDPGFX ClearCodec s...

Exploit
  • EPSS 0.26%
  • Veröffentlicht 25.02.2026 20:44:14
  • Zuletzt bearbeitet 27.02.2026 14:48:24

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a missing bounds check in `smartcard_unpack_read_size_align()` (`libfreerdp/utils/smartcard_pack.c:1703`) allows a malicious RDP server to crash the FreeRDP cli...