Max CVSS 6.5 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2020-13398 6.5
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.
09-11-2020 - 21:46 22-05-2020 - 18:15
CVE-2020-13397 2.1
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value.
09-11-2020 - 21:46 22-05-2020 - 18:15
CVE-2020-13396 5.5
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c.
09-11-2020 - 21:45 22-05-2020 - 18:15
CVE-2019-17177 5.0
libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.
14-10-2020 - 18:13 04-10-2019 - 17:15
CVE-2020-11058 3.5
In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in rdp_read_font_capability_set could lead to a later out-of-bounds read. As a result, a manipulated client or server might force a disconnect due to an invalid data read. This has be
01-09-2020 - 20:36 12-05-2020 - 21:15
CVE-2020-11523 6.0
libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow.
30-08-2020 - 02:15 15-05-2020 - 17:15
CVE-2020-11521 6.0
libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
30-08-2020 - 02:15 15-05-2020 - 17:15
CVE-2020-11048 3.5
In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read. It only allows to abort a session. No data extraction is possible. This has been fixed in 2.0.0.
30-08-2020 - 02:15 07-05-2020 - 20:15
CVE-2020-11522 6.4
libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read.
30-08-2020 - 02:15 15-05-2020 - 17:15
CVE-2020-11526 3.5
libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read.
30-08-2020 - 02:15 15-05-2020 - 17:15
CVE-2020-11045 4.9
In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bound read in in update_read_bitmap_data that allows client memory to be read to an image buffer. The result displayed on screen as colour.
30-08-2020 - 02:15 07-05-2020 - 19:15
CVE-2020-11525 3.5
libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read.
30-08-2020 - 02:15 15-05-2020 - 17:15
CVE-2020-11042 4.9
In FreeRDP greater than 1.1 and before 2.0.0, there is an out-of-bounds read in update_read_icon_info. It allows reading a attacker-defined amount of client memory (32bit unsigned -> 4GB) to an intermediate buffer. This can be used to crash the clien
30-08-2020 - 02:15 07-05-2020 - 19:15
CVE-2020-11046 3.5
In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read.
30-08-2020 - 02:15 07-05-2020 - 19:15
CVE-2018-1000852 6.4
FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server c
07-08-2020 - 17:31 20-12-2018 - 15:29
CVE-2020-11524 6.0
libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
27-07-2020 - 00:15 15-05-2020 - 17:15
CVE-2020-11049 3.5
In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser. This has been patched in 2.0.0.
16-06-2020 - 20:15 07-05-2020 - 20:15
CVE-2020-11047 4.9
In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bounds read in autodetect_recv_bandwidth_measure_results. A malicious server can extract up to 8 bytes of client memory with a manipulated message by providing a short input and reading the me
09-06-2020 - 14:26 07-05-2020 - 20:15
CVE-2020-11044 3.5
In FreeRDP greater than 1.2 and before 2.0.0, a double free in update_read_cache_bitmap_v3_order crashes the client application if corrupted data from a manipulated server is parsed. This has been patched in 2.0.0.
04-06-2020 - 23:15 07-05-2020 - 19:15
Back to Top Mark selected
Back to Top