📦 Freerdp
by Freerdp
🔍 What is Freerdp?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This CVE describes a use-after-free vulnerability in FreeRDP's clipboard handling for X11 clients. When FreeRDP automatically reconnects, one thread frees clipboard format memory while another thread ...
This is a use-after-free vulnerability in FreeRDP's X11 client implementation where the RDPGFX DVC thread can access a freed window pointer while the main thread concurrently deletes the window. This ...
This is a use-after-free vulnerability in FreeRDP's X11 client where a cached XImage continues to reference freed memory. Attackers could potentially execute arbitrary code or cause denial of service....
This is a use-after-free vulnerability in FreeRDP's X11 client graphics handling that allows a malicious RDP server to trigger heap corruption in the client. Attackers could cause denial of service (c...
CVE-2026-23884 is a use-after-free vulnerability in FreeRDP clients where offscreen bitmap deletion leaves a pointer to freed memory. A malicious RDP server can exploit this to cause client crashes (D...
A heap buffer overflow vulnerability in FreeRDP's ClearCodec decode path allows malicious RDP servers to trigger client-side memory corruption. This can cause denial of service (crash) and potentially...
A heap buffer overflow vulnerability in FreeRDP's ClearCodec decode path allows malicious RDP servers to trigger client-side memory corruption. This affects FreeRDP clients connecting to untrusted ser...
A heap buffer overflow vulnerability in FreeRDP client allows malicious RDP servers to trigger client-side memory corruption. This can cause denial of service (crash) and potentially remote code execu...
FreeRDP clients prior to version 3.21.0 contain a heap buffer overflow vulnerability in the planar bitmap decompression function. A malicious RDP server can exploit this to crash the client (DoS) or p...
This CVE describes a heap buffer overflow vulnerability in FreeRDP's ClearCodec implementation. A malicious RDP server can send crafted RDPGFX surface updates to trigger out-of-bounds read/write opera...
A heap out-of-bounds read vulnerability in FreeRDP's smartcard SetAttrib path allows attackers to read memory beyond allocated buffers. This affects FreeRDP clients and servers using smartcard authent...
This is a critical heap use-after-free vulnerability in FreeRDP that allows remote code execution. Attackers can exploit this to execute arbitrary code on vulnerable FreeRDP clients or servers. All sy...
This vulnerability in FreeRDP allows remote attackers to cause an out-of-bounds read by sending specially crafted MSUSB_INTERFACE_DESCRIPTOR values. This could lead to information disclosure or potent...
This CVE describes a global buffer overflow vulnerability in FreeRDP's Base64 decoding implementation. On Arm/AArch64 architectures, signedness issues allow non-ASCII bytes to bypass range checks, lea...
A heap buffer overflow vulnerability in FreeRDP allows malicious RDP servers to trigger memory corruption and crash FreeRDP clients. This affects all FreeRDP clients connecting to untrusted RDP server...
CVE-2026-22853 is a critical heap buffer overflow vulnerability in FreeRDP's RDPEAR component that allows attackers to execute arbitrary code or cause denial of service. The vulnerability affects Free...
This is a critical heap buffer overflow vulnerability in FreeRDP that allows a malicious RDP server to execute arbitrary code on client systems by sending oversized file read requests. It affects all ...
This vulnerability in FreeRDP allows attackers to cause heap-based out-of-bounds memory reads by controlling hostnames in certificate cache filenames. It affects FreeRDP clients on Windows platforms u...
FreeRDP clients prior to version 3.5.1 contain an out-of-bounds read vulnerability when processing remote desktop connections with zero width and height parameters. This could allow attackers to read ...
CVE-2024-32658 is an out-of-bounds read vulnerability in FreeRDP clients prior to version 3.5.1. This vulnerability could allow attackers to read sensitive memory contents, potentially leading to info...
This is a use-after-free vulnerability in FreeRDP's X11 client implementation where a freed pointer is dereferenced during cleanup. An attacker could potentially exploit this to cause denial of servic...
A heap buffer overflow vulnerability in FreeRDP clients allows a malicious RDP server to execute arbitrary code on connecting clients. Attackers controlling an RDP server can exploit this to gain full...
This vulnerability in FreeRDP allows a malicious RDP server to trigger an out-of-bounds read by sending an execResult value of 7 or greater. This could potentially leak memory contents or cause crashe...
FreeRDP clients prior to version 3.21.0 contain a buffer overflow vulnerability in FastGlyph parsing. A malicious RDP server can exploit this to cause a denial-of-service (client crash) by sending spe...
This CVE describes a race condition vulnerability in FreeRDP's serial channel IRP thread tracking that allows heap use-after-free. Attackers could exploit this to potentially execute arbitrary code or...
FreeRDP clients prior to version 3.5.1 contain a NULL pointer dereference vulnerability that can cause crashes when processing certain RDP traffic. This affects all users of vulnerable FreeRDP-based c...
This CVE describes a use-after-free vulnerability in FreeRDP's H.264 video codec implementation that could allow remote code execution or denial of service. It affects users running FreeRDP 3.x beta v...
This CVE describes a use-after-free vulnerability in FreeRDP's processing of RDPGFX_CMDID_RESETGRAPHICS packets. When context->maxPlaneSize is 0, the planesBuffer is freed but the pointer isn't update...
This vulnerability in FreeRDP's Stream_EnsureCapacity function can cause an endless blocking loop, potentially leading to denial of service. It affects all FreeRDP client and server implementations on...
A missing bounds check in FreeRDP's smartcard handling allows a malicious RDP server to crash the FreeRDP client via an assertion failure. This affects FreeRDP users who explicitly enable smartcard re...
FreeRDP clients have an out-of-bounds read vulnerability in the RDPGFX channel that allows malicious RDP servers to read uninitialized heap memory. This can lead to information disclosure or client cr...
This CVE describes a heap use-after-free vulnerability in FreeRDP, a free Remote Desktop Protocol implementation, caused by a race condition between threads. It could allow an attacker to crash the ap...