Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freerdp freerdp vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-37594
In FreeRDP prior to 2.4.0 on Windows, wf_cliprdr_server_file_contents_request in client/Windows/wf_cliprdr.c has missing input checks for a FILECONTENTS_SIZE File Contents Request PDU.
Freerdp Freerdp
7.5
CVSSv2
CVE-2021-37595
In FreeRDP prior to 2.4.0 on Windows, wf_cliprdr_server_file_contents_request in client/Windows/wf_cliprdr.c has missing input checks for a FILECONTENTS_RANGE File Contents Request PDU.
Freerdp Freerdp
7.5
CVSSv2
CVE-2018-8786
FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution.
Freerdp Freerdp 2.0.0
Freerdp Freerdp
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Fedoraproject Fedora 28
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Eus 7.6
Redhat Enterprise Linux Server Aus 7.6
7.5
CVSSv2
CVE-2018-8784
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution.
Freerdp Freerdp 2.0.0
Freerdp Freerdp
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 18.04
7.5
CVSSv2
CVE-2018-8785
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution.
Freerdp Freerdp 2.0.0
Freerdp Freerdp
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 18.04
7.5
CVSSv2
CVE-2018-8787
FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution.
Freerdp Freerdp 2.0.0
Freerdp Freerdp
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Eus 7.6
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Workstation 7.0
7.5
CVSSv2
CVE-2018-8788
FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution.
Freerdp Freerdp 2.0.0
Freerdp Freerdp
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
7.5
CVSSv2
CVE-2014-0250
Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote malicious users to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress function, which causes an incorrect amount of memory to be allocated.
Freerdp Freerdp 1.0.0
Freerdp Freerdp 1.0.1
Freerdp Freerdp 1.0.2
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
6.8
CVSSv2
CVE-2022-24883
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). Prior to version 2.7.0, server side authentication against a `SAM` file might be successful for invalid credentials if the server has configured an invalid `SAM` file path. FreeRDP based clients are not affect...
Freerdp Freerdp
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
6.8
CVSSv2
CVE-2021-41159
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. All FreeRDP clients prior to version 2.4.1 using gateway connections (`/gt:rpc`) fail to validate input data. A malicious gateway might allow client memory to be written out ...
Freerdp Freerdp
Fedoraproject Fedora 35
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »