CVE search results

31 – 40 of 58 results

Detailed view

Sort by:

CVE-2026-23534

Medium priority

Some fixes available 4 of 8

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the ClearCodec bands decode path when crafted band coordinates allow writes past the end of the...

3 affected packages

freerdp, freerdp2, freerdp3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freerdp	Not in release	Not in release	—	Needs evaluation
freerdp2	Fixed	Fixed	Fixed	Fixed
freerdp3	Vulnerable	Not in release	—	—

CVE-2026-23533

Medium priority

Some fixes available 4 of 8

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the RDPGFX ClearCodec decode path when maliciously crafted residual data causes out-of-bounds...

3 affected packages

freerdp, freerdp2, freerdp3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freerdp	Not in release	Not in release	—	Needs evaluation
freerdp2	Fixed	Fixed	Fixed	Fixed
freerdp3	Vulnerable	Not in release	—	—

CVE-2026-23532

Medium priority

Some fixes available 4 of 8

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the FreeRDP client’s `gdi_SurfaceToSurface` path due to a mismatch between...

3 affected packages

freerdp, freerdp2, freerdp3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freerdp	Not in release	Not in release	—	Needs evaluation
freerdp2	Fixed	Fixed	Fixed	Fixed
freerdp3	Vulnerable	Not in release	—	—

CVE-2026-23531

Medium priority

Some fixes available 4 of 8

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, in ClearCodec, when `glyphData` is present, `clear_decompress` calls `freerdp_image_copy_no_overlap` without validating the destination...

3 affected packages

freerdp, freerdp2, freerdp3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freerdp	Not in release	Not in release	—	Needs evaluation
freerdp2	Fixed	Fixed	Fixed	Fixed
freerdp3	Vulnerable	Not in release	—	—

CVE-2026-23530

Medium priority

Some fixes available 4 of 8

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0,`freerdp_bitmap_decompress_planar` does not validate `nSrcWidth`/`nSrcHeight` against `planar->maxWidth`/`maxHeight` before RLE decode. A...

3 affected packages

freerdp, freerdp2, freerdp3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freerdp	Not in release	Not in release	—	Needs evaluation
freerdp2	Fixed	Fixed	Fixed	Fixed
freerdp3	Vulnerable	Not in release	—	—

CVE-2026-22859

Medium priority

Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSB_INTERFACE_DESCRIPTOR values and uses them as indices in...

3 affected packages

freerdp, freerdp2, freerdp3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freerdp	Not in release	Not in release	—	Needs evaluation
freerdp2	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
freerdp3	Needs evaluation	Not in release	—	—

CVE-2026-22858

Medium priority

Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on...

3 affected packages

freerdp, freerdp2, freerdp3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freerdp	Not in release	Not in release	—	Needs evaluation
freerdp2	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
freerdp3	Needs evaluation	Not in release	—	—

CVE-2026-22857

Medium priority

Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap use-after-free occurs in irp_thread_func because the IRP is freed by irp->Complete() and then accessed again on the error path....

3 affected packages

freerdp, freerdp2, freerdp3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freerdp	Not in release	Not in release	—	Needs evaluation
freerdp2	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
freerdp3	Needs evaluation	Not in release	—	—

CVE-2026-22856

Medium priority

Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial->IrpThreads while another...

3 affected packages

freerdp, freerdp2, freerdp3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freerdp	Not in release	Not in release	—	Needs evaluation
freerdp2	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
freerdp3	Needs evaluation	Not in release	—	—

CVE-2026-22855

Medium priority

Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length. This vulnerability is...

3 affected packages

freerdp, freerdp2, freerdp3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
freerdp	Not in release	Not in release	—	Needs evaluation
freerdp2	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
freerdp3	Needs evaluation	Not in release	—	—

Export to JSON

Results by page:

Search CVE reports