Search CVE reports
1 – 10 of 58 results
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the function `Stream_EnsureCapacity` can create an endless blocking loop. This may affect all client and server implementations...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| freerdp | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix for the heap-use-after-free described in CVE-2026-24680 is incomplete. While the vulnerable execution flow referenced in the...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| freerdp | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a missing bounds check in `smartcard_unpack_read_size_align()` (`libfreerdp/utils/smartcard_pack.c:1703`) allows a malicious RDP server...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| freerdp | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `rail_window_free` dereferences a freed `xfAppWindow` pointer during `HashTable_Free` cleanup because `xf_rail_window_common` calls...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| freerdp | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, `planar_decompress_plane_rle()` writes into `pDstData` at `((nYDst+y) * nDstStep) + (4*nXDst) + nChannel`...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| freerdp | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline (e.g., `xfreerdp`) by sending an...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| freerdp | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a buffer overread in `freerdp_image_copy_from_icon_data()` (libfreerdp/codec/color.c) can be triggered by crafted RDP Window...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| freerdp | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_clipboard_format_equal` reads freed `lastSentFormats` memory because `xf_clipboard_formats_free` (called from the cliprdr channel thread...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| freerdp | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_cliprdr_provide_data_` passes freed `pDstData` to `XChangeProperty` because the cliprdr channel thread...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| freerdp | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_AppUpdateWindowFromSurface` reuses a cached `XImage` whose `data` pointer references a freed RDPGFX surface buffer,...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| freerdp | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Not in release | — | — |