Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freerdp freerdp vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-4032
In FreeRDP before version 2.1.2, there is an integer casting vulnerability in update_recv_secondary_order. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2.
Freerdp Freerdp
Opensuse Leap 15.1
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2020-4031
In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. All FreeRDP clients using compatibility mode with /relax-order-checks are affected. This is fixed in version 2.1.2.
Freerdp Freerdp
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 10.0
6.4
CVSSv2
CVE-2020-4033
In FreeRDP before version 2.1.2, there is an out of bounds read in RLEDECOMPRESS. All FreeRDP based clients with sessions with color depth < 32 are affected. This is fixed in version 2.1.2.
Freerdp Freerdp
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 10.0
6.4
CVSSv2
CVE-2020-11096
In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order. As a workaround, one can disable bitmap cache with -bitmap-cache (default). This is fixed in version 2.1.2.
Freerdp Freerdp
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 10.0
4
CVSSv2
CVE-2020-11040
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color. This has been patched in 2.1.0.
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
5
CVSSv2
CVE-2020-11085
In FreeRDP prior to 2.1.0, there is an out-of-bounds read in cliprdr_read_format_list. Clipboard format data read (by client or server) might read data out-of-bounds. This has been fixed in 2.1.0.
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
5
CVSSv2
CVE-2020-11043
In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset. Invalid data fed to RFX decoder results in garbage on screen (as colors). This has been patched in 2.1.0.
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
5.5
CVSSv2
CVE-2020-11086
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_ntlm_v2_client_challenge that reads up to 28 bytes out-of-bound to an internal structure. This has been fixed in 2.1.0.
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
5.5
CVSSv2
CVE-2020-11087
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. This has been fixed in 2.1.0.
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
5.5
CVSSv2
CVE-2020-11088
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. This has been fixed in 2.1.0.
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »