Search CVE reports
1 – 10 of 162 results
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's planar bitmap decoder has an out-of-bounds heap write when decoding RLE planar data. In...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| freerdp | Not in release | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without tracking the pointed...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| freerdp | Not in release | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| freerdp | Not in release | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard (cliprdr) channel by sending a CB_CLIP_CAPS PDU...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| freerdp | Not in release | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Needs evaluation | Not in release | — | — |
FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdi_CacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because rectangle validation clamps coordinates to...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| freerdp | Not in release | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Versions prior to 3.25.0 have an off-by-one in the path traversal filter in `channels/drive/client/drive_file.c`. The `contains_dotdot()` function catches `../` and...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| freerdp | Not in release | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a double-free vulnerability in kerberos_AcceptSecurityContext() and kerberos_InitializeSecurityContextA() (WinPR,...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| freerdp | Not in release | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Vulnerable | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in persistent_cache_read_entry_v3() in libfreerdp/cache/persistent.c, persistent->bmpSize is updated before winpr_aligned_recalloc(). If...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| freerdp | Not in release | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Vulnerable | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in yuv_ensure_buffer() in libfreerdp/codec/h264.c, h264->width and h264->height are updated before the reallocation loop. If any...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| freerdp | Not in release | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Vulnerable | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, pixel data from adjacent heap memory is rendered to screen, potentially leaking sensitive data to the attacker. This issue has been patched...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| freerdp | Not in release | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Vulnerable | Needs evaluation | Not in release | — | — |