Search CVE reports

Toggle filters

1 – 10 of 114 results

CVE-2026-22859

Medium priority
Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSB_INTERFACE_DESCRIPTOR values and uses them as indices in...

3 affected packages

freerdp, freerdp2, freerdp3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
freerdp Not in release Not in release Needs evaluation
freerdp2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
freerdp3 Needs evaluation Not in release
Show less packages

CVE-2026-22858

Medium priority
Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on...

3 affected packages

freerdp, freerdp2, freerdp3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
freerdp Not in release Not in release Needs evaluation
freerdp2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
freerdp3 Needs evaluation Not in release
Show less packages

CVE-2026-22857

Medium priority
Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap use-after-free occurs in irp_thread_func because the IRP is freed by irp->Complete() and then accessed again on the error path....

3 affected packages

freerdp, freerdp2, freerdp3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
freerdp Not in release Not in release Needs evaluation
freerdp2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
freerdp3 Needs evaluation Not in release
Show less packages

CVE-2026-22856

Medium priority
Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial->IrpThreads while another...

3 affected packages

freerdp, freerdp2, freerdp3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
freerdp Not in release Not in release Needs evaluation
freerdp2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
freerdp3 Needs evaluation Not in release
Show less packages

CVE-2026-22855

Medium priority
Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length. This vulnerability is...

3 affected packages

freerdp, freerdp2, freerdp3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
freerdp Not in release Not in release Needs evaluation
freerdp2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
freerdp3 Needs evaluation Not in release
Show less packages

CVE-2026-22854

Medium priority
Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without...

3 affected packages

freerdp, freerdp2, freerdp3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
freerdp Not in release Not in release Needs evaluation
freerdp2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
freerdp3 Needs evaluation Not in release
Show less packages

CVE-2026-22853

Medium priority
Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, RDPEAR’s NDR array reader does not perform bounds checking on the on‑wire element count and can write past the heap buffer allocated from hints,...

3 affected packages

freerdp, freerdp2, freerdp3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
freerdp Not in release Not in release Needs evaluation
freerdp2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
freerdp3 Needs evaluation Not in release
Show less packages

CVE-2026-22852

Medium priority
Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format...

3 affected packages

freerdp, freerdp2, freerdp3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
freerdp Not in release Not in release Needs evaluation
freerdp2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
freerdp3 Needs evaluation Not in release
Show less packages

CVE-2026-22851

Medium priority
Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race condition between the RDPGFX dynamic virtual channel thread and the SDL render thread leads to a heap use-after-free. Specifically,...

3 affected packages

freerdp, freerdp2, freerdp3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
freerdp Not in release Not in release Needs evaluation
freerdp2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
freerdp3 Needs evaluation Not in release
Show less packages

CVE-2025-68118

Medium priority
Not affected

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.0, a vulnerability exists in FreeRDP’s certificate handling code on Windows platforms. The function `freerdp_certificate_data_hash_ uses` the...

3 affected packages

freerdp, freerdp2, freerdp3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
freerdp Not in release Not in release Not affected
freerdp2 Not affected Not affected Not affected Not affected
freerdp3 Not affected Not in release
Show less packages
  1. Previous page
  2. 1
  3. 2
  4. 3
  5. 4
  6. 5
  7. Next page
Export to JSON