CVE search results

411 – 420 of 35883 results

Detailed view

Sort by:

Status is adjusted based on your filters.

CVE-2026-23884

Medium priority

Ignored

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, offscreen bitmap deletion leaves `gdi->drawing` pointing to freed memory, causing UAF when related update packets arrive. A malicious server...

3 affected packages

freerdp, freerdp2, freerdp3

Package	22.04 LTS
freerdp	Not in release
freerdp2	Ignored
freerdp3	Not in release

CVE-2026-23883

Medium priority

Ignored

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, `xf_Pointer_New` frees `cursorPixels` on failure, then `pointer_free` calls `xf_Pointer_Free` and frees it again, triggering ASan UAF. A...

3 affected packages

freerdp, freerdp2, freerdp3

Package	22.04 LTS
freerdp	Not in release
freerdp2	Ignored
freerdp3	Not in release

CVE-2026-23732

Medium priority

Ignored

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, FastGlyph parsing trusts `cbData`/remaining length and never validates against the minimum size implied by `cx/cy`. A malicious server can...

3 affected packages

freerdp, freerdp2, freerdp3

Package	22.04 LTS
freerdp	Not in release
freerdp2	Ignored
freerdp3	Not in release

CVE-2026-23534

Medium priority

Fixed

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the ClearCodec bands decode path when crafted band coordinates allow writes past the end of the...

3 affected packages

freerdp, freerdp2, freerdp3

Package	22.04 LTS
freerdp	Not in release
freerdp2	Fixed
freerdp3	Not in release

CVE-2026-23533

Medium priority

Fixed

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the RDPGFX ClearCodec decode path when maliciously crafted residual data causes out-of-bounds...

3 affected packages

freerdp, freerdp2, freerdp3

Package	22.04 LTS
freerdp	Not in release
freerdp2	Fixed
freerdp3	Not in release

CVE-2026-22797

Medium priority

Not affected

An issue was discovered in OpenStack keystonemiddleware 10.5 through 10.7 before 10.7.2, 10.8 and 10.9 before 10.9.1, and 10.10 through 10.12 before 10.12.1. The external_oauth2_token middleware fails to sanitize...

1 affected package

python-keystonemiddleware

Package	22.04 LTS
python-keystonemiddleware	Not affected

CVE-2026-23532

Medium priority

Fixed

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the FreeRDP client’s `gdi_SurfaceToSurface` path due to a mismatch between...

3 affected packages

freerdp, freerdp2, freerdp3

Package	22.04 LTS
freerdp	Not in release
freerdp2	Fixed
freerdp3	Not in release

CVE-2026-23531

Medium priority

Fixed

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, in ClearCodec, when `glyphData` is present, `clear_decompress` calls `freerdp_image_copy_no_overlap` without validating the destination...

3 affected packages

freerdp, freerdp2, freerdp3

Package	22.04 LTS
freerdp	Not in release
freerdp2	Fixed
freerdp3	Not in release

CVE-2026-23530

Medium priority

Fixed

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0,`freerdp_bitmap_decompress_planar` does not validate `nSrcWidth`/`nSrcHeight` against `planar->maxWidth`/`maxHeight` before RLE decode. A...

3 affected packages

freerdp, freerdp2, freerdp3

Package	22.04 LTS
freerdp	Not in release
freerdp2	Fixed
freerdp3	Not in release

CVE-2026-1144

Medium priority

Not in release

A vulnerability was detected in quickjs-ng quickjs up to 0.11.0. Affected is an unknown function of the file quickjs.c of the component Atomics Ops Handler. The manipulation results in use after free. The attack can be executed...

1 affected package

quickjs

Package	22.04 LTS
quickjs	Not in release

Export to JSON

Results by page:

Search CVE reports