Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

FreeRDP — Vulnerabilities & Security Advisories 148

All 148 CVE vulnerabilities found in FreeRDP, with AI-generated Chinese analysis, references, and POCs.

Vendor: FreeRDP

CVE IDTitleCVSSSeverityPaused
CVE-2026-40254 FreeRDP: contains_dotdot() off-by-one allows drive channel path traversal via terminal .. CWE-193 4.2 Medium2026-04-24
CVE-2026-33995 FreeRDP: Possible double free in kerberos_AcceptSecurityContext CWE-415 5.3 Medium2026-03-30
CVE-2026-33987 FreeRDP: Persistent Cache bmpSize Desync - Heap OOB Write CWE-122 7.1 High2026-03-30
CVE-2026-33986 FreeRDP: H.264 YUV Buffer Dimension Desync - Heap OOB Write CWE-122 7.5 High2026-03-30
CVE-2026-33985 FreeRDP: ClearCodec Glyph Cache Count Desync - Heap OOB Read CWE-125 5.9 Medium2026-03-30
CVE-2026-33984 FreeRDP: ClearCodec resize_vbar_entry() Heap OOB Write CWE-122 7.5 High2026-03-30
CVE-2026-33983 FreeRDP: Progressive Codec Quant BYTE Underflow - UB + CPU DoS CWE-190 6.5 Medium2026-03-30
CVE-2026-33982 FreeRDP: Persistent Cache Allocator Mismatch - Heap OOB Read CWE-125 7.1 High2026-03-30
CVE-2026-33952 FreeRDP: DoS via WINPR_ASSERT in rts_read_auth_verifier_no_checks CWE-617 7.5 -2026-03-30
CVE-2026-33977 FreeRDP: DoS via WINPR_ASSERT in IMA ADPCM audio decoder (dsp.c:331) CWE-617 7.5 -2026-03-30
CVE-2026-31897 FreeRDP has an out-of-bounds read in `freerdp_bitmap_decompress_planar` CWE-125--2026-03-13
CVE-2026-31806 FreeRDP has a Heap Buffer Overflow in nsc_process_message() via Unchecked SURFACE_BITS_COMMAND Bitmap Dimensions CWE-122 9.1 -2026-03-13
CVE-2026-31885 FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks CWE-125 6.5 Medium2026-03-13
CVE-2026-31884 FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0 CWE-369 6.5 Medium2026-03-13
CVE-2026-31883 FreeRDP has a `size_t` underflow in ADPCM decoder leads to heap-buffer-overflow write CWE-191 6.5 Medium2026-03-13
CVE-2026-29776 FreeRDP has an Integer Underflow in update_read_cache_bitmap_order Function of FreeRDP's Core Library CWE-190 3.1 Low2026-03-13
CVE-2026-29775 FreeRDP has a heap-buffer-overflow in bitmap_cache_put via OOB cacheId CWE-787 5.3 Medium2026-03-13
CVE-2026-29774 FreeRDP has a heap-buffer-overflow in avc420_yuv_to_rgb via OOB regionRects CWE-787 5.3 Medium2026-03-13
CVE-2026-27951 FreeRDP has possible Integer overflow in Stream_EnsureCapacity CWE-190 5.3 Medium2026-02-25
CVE-2026-27950 FreeRDP heap-use-after-free in update_pointer_new(SDL): Fix Applied in the Wrong File CWE-416 9.8AICriticalAI2026-02-25
CVE-2026-26986 FreeRDP has heap-use-after-free in rail_window_free CWE-416 9.1AICriticalAI2026-02-25
CVE-2026-26965 FreeRDP has Out-of-bounds Write CWE-787 8.8 High2026-02-25
CVE-2026-26955 FreeRDP has Out-of-bounds Write CWE-787 8.8 High2026-02-25
CVE-2026-27015 FreeRDP: Smartcard NDR Alignment Padding Triggers Reachable WINPR_ASSERT Abort (Client DoS) CWE-617 7.5AIHighAI2026-02-25
CVE-2026-26271 Buffer Overread in FreeRDP Icon Processing CWE-126 6.8AIMediumAI2026-02-25
CVE-2026-25997 FreeRDP has heap-use-after-free in xf_clipboard_format_equal CWE-416 9.8AICriticalAI2026-02-25
CVE-2026-25959 FreeRDP has heap-use-after-free in xf_cliprdr_provide_data_ CWE-416 9.1AICriticalAI2026-02-25
CVE-2026-25955 FreeRDP has heap-use-after-free in xf_AppUpdateWindowFromSurface (stale XImage) CWE-416 9.8AICriticalAI2026-02-25
CVE-2026-25954 FreeRDP has heap-use-after-free in xf_rail_server_local_move_size CWE-416 9.1AICriticalAI2026-02-25
CVE-2026-25953 FreeRDP has heap-use-after-free in xf_AppUpdateWindowFromSurface (freed appWindow) CWE-416 9.1AICriticalAI2026-02-25

All 148 known CVE vulnerabilities affecting FreeRDP with full Chinese analysis, references, and POCs where available.