Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freerdp freerdp 2.0.0 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv3
CVE-2020-11039
In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled (nearly) arbitrary memory can be read and written due to integer overflows in length checks. This has been patched in 2.1.0.
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
6.6
CVSSv3
CVE-2020-11523
libfreerdp/gdi/region.c in FreeRDP versions > 1.0 up to and including 2.0.0-rc4 has an Integer Overflow.
Freerdp Freerdp 2.0.0
Freerdp Freerdp
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.1
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
6.6
CVSSv3
CVE-2020-11524
libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 up to and including 2.0.0-rc4 has an Out-of-bounds Write.
Freerdp Freerdp 2.0.0
Freerdp Freerdp
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.1
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
6.6
CVSSv3
CVE-2020-11521
libfreerdp/codec/planar.c in FreeRDP version > 1.0 up to and including 2.0.0-rc4 has an Out-of-bounds Write.
Freerdp Freerdp 2.0.0
Freerdp Freerdp
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2020-11019
In FreeRDP less than or equal to 2.0.0, when running with logger set to "WLOG_TRACE", a possible crash of application could occur due to a read of an invalid array index. Data could be printed as string to local terminal. This has been fixed in 2.1.0.
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2020-11018
In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. Malicious clients could trigger out of bound reads causing memory allocation with random size. This has been fixed in 2.1.0.
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2020-11017
In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server. This is fixed in version 2.1.0.
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2020-11522
libfreerdp/gdi/gdi.c in FreeRDP > 1.0 up to and including 2.0.0-rc4 has an Out-of-bounds Read.
Freerdp Freerdp 2.0.0
Freerdp Freerdp
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.1
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
6.5
CVSSv3
CVE-2018-1000852
FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memo...
Freerdp Freerdp 2.0.0
Freerdp Freerdp
Canonical Ubuntu Linux 18.04
Fedoraproject Fedora 28
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
5.9
CVSSv3
CVE-2020-11047
In FreeRDP after 1.1 and prior to 2.0.0, there is an out-of-bounds read in autodetect_recv_bandwidth_measure_results. A malicious server can extract up to 8 bytes of client memory with a manipulated message by providing a short input and reading the measurement result data. This ...
Freerdp Freerdp
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »