Search CVE reports
11 – 20 of 92 results
[Unknown description]
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| freerdp | Not in release | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's planar bitmap decoder has an out-of-bounds heap write when decoding RLE planar data. In...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| freerdp | Not in release | Not in release | Not in release | — | Not affected |
| freerdp2 | Not in release | Fixed | Fixed | Fixed | Fixed |
| freerdp3 | Fixed | Fixed | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without tracking the pointed...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| freerdp | Not in release | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| freerdp | Not in release | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard (cliprdr) channel by sending a CB_CLIP_CAPS PDU...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| freerdp | Not in release | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Needs evaluation | Not in release | — | — |
FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdi_CacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because rectangle validation clamps coordinates to...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| freerdp | Not in release | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Versions prior to 3.25.0 have an off-by-one in the path traversal filter in `channels/drive/client/drive_file.c`. The `contains_dotdot()` function catches `../` and...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| freerdp | Not in release | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a double-free vulnerability in kerberos_AcceptSecurityContext() and kerberos_InitializeSecurityContextA() (WinPR,...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| freerdp | Not in release | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Vulnerable | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in persistent_cache_read_entry_v3() in libfreerdp/cache/persistent.c, persistent->bmpSize is updated before winpr_aligned_recalloc(). If...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| freerdp | Not in release | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Vulnerable | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in yuv_ensure_buffer() in libfreerdp/codec/h264.c, h264->width and h264->height are updated before the reallocation loop. If any...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| freerdp | Not in release | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Vulnerable | Needs evaluation | Not in release | — | — |