Freerdp

Freerdp

173 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.47%
  • Veröffentlicht 09.02.2026 18:12:00
  • Zuletzt bearbeitet 10.02.2026 15:09:11

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer dereference vulnerability in rdp_write_logon_info_v2() allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PD...

Exploit
  • EPSS 0.4%
  • Veröffentlicht 19.01.2026 17:20:40
  • Zuletzt bearbeitet 30.06.2026 03:17:35

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, offscreen bitmap deletion leaves `gdi->drawing` pointing to freed memory, causing UAF when related update packets arrive. A malicious server can trigger a clien...

Exploit
  • EPSS 0.4%
  • Veröffentlicht 19.01.2026 17:15:55
  • Zuletzt bearbeitet 30.06.2026 03:17:34

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, `xf_Pointer_New` frees `cursorPixels` on failure, then `pointer_free` calls `xf_Pointer_Free` and frees it again, triggering ASan UAF. A malicious server can tr...

Exploit
  • EPSS 0.48%
  • Veröffentlicht 19.01.2026 17:12:57
  • Zuletzt bearbeitet 28.01.2026 18:38:37

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, FastGlyph parsing trusts `cbData`/remaining length and never validates against the minimum size implied by `cx/cy`. A malicious server can trigger a client‑side...

Exploit
  • EPSS 0.43%
  • Veröffentlicht 19.01.2026 17:09:55
  • Zuletzt bearbeitet 30.06.2026 03:17:32

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the ClearCodec bands decode path when crafted band coordinates allow writes past the end of the destination surface...

Exploit
  • EPSS 0.43%
  • Veröffentlicht 19.01.2026 17:07:18
  • Zuletzt bearbeitet 30.06.2026 03:17:32

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the RDPGFX ClearCodec decode path when maliciously crafted residual data causes out-of-bounds writes during color o...

Exploit
  • EPSS 0.43%
  • Veröffentlicht 19.01.2026 17:03:51
  • Zuletzt bearbeitet 30.06.2026 03:17:32

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the FreeRDP client’s `gdi_SurfaceToSurface` path due to a mismatch between destination rectangle clamping and the ...

Exploit
  • EPSS 0.44%
  • Veröffentlicht 19.01.2026 17:01:01
  • Zuletzt bearbeitet 30.06.2026 03:17:32

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, in ClearCodec, when `glyphData` is present, `clear_decompress` calls `freerdp_image_copy_no_overlap` without validating the destination rectangle, allowing an o...

Exploit
  • EPSS 0.44%
  • Veröffentlicht 19.01.2026 16:58:46
  • Zuletzt bearbeitet 30.06.2026 03:17:31

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0,`freerdp_bitmap_decompress_planar` does not validate `nSrcWidth`/`nSrcHeight` against `planar->maxWidth`/`maxHeight` before RLE decode. A malicious server can tr...

Exploit
  • EPSS 0.76%
  • Veröffentlicht 14.01.2026 17:57:37
  • Zuletzt bearbeitet 30.06.2026 03:17:29

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSB_INTERFACE_DESCRIPTOR values and uses them as indices in libusb_udev_complete_msconfig_setup,...