Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freerdp freerdp vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-2838
An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server ...
Freerdp Freerdp 2.0.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
4
CVSSv2
CVE-2020-11040
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color. This has been patched in 2.1.0.
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
4
CVSSv2
CVE-2020-11019
In FreeRDP less than or equal to 2.0.0, when running with logger set to "WLOG_TRACE", a possible crash of application could occur due to a read of an invalid array index. Data could be printed as string to local terminal. This has been fixed in 2.1.0.
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
4
CVSSv2
CVE-2020-11041
In FreeRDP less than or equal to 2.0.0, an outside controlled array index is used unchecked for data used as configuration for sound backend (alsa, oss, pulse, ...). The most likely outcome is a crash of the client instance followed by no or distorted sound or a session disconnec...
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
4
CVSSv2
CVE-2020-11018
In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. Malicious clients could trigger out of bound reads causing memory allocation with random size. This has been fixed in 2.1.0.
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
4
CVSSv2
CVE-2020-11017
In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server. This is fixed in version 2.1.0.
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
3.5
CVSSv2
CVE-2020-15103
In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. All FreeRDP clients are affected. The input rectangles from the server are not checked against local surface coordinates and blindly accepted. A malicious server...
Freerdp Freerdp
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 10.0
3.5
CVSSv2
CVE-2020-11525
libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 up to and including 2.0.0-rc4 has an Out of bounds read.
Freerdp Freerdp 2.0.0
Freerdp Freerdp
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.1
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
3.5
CVSSv2
CVE-2020-11526
libfreerdp/core/update.c in FreeRDP versions > 1.1 up to and including 2.0.0-rc4 has an Out-of-bounds Read.
Freerdp Freerdp 2.0.0
Freerdp Freerdp
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Debian Debian Linux 9.0
3.5
CVSSv2
CVE-2020-11058
In FreeRDP after 1.1 and prior to 2.0.0, a stream out-of-bounds seek in rdp_read_font_capability_set could lead to a later out-of-bounds read. As a result, a manipulated client or server might force a disconnect due to an invalid data read. This has been fixed in 2.0.0.
Freerdp Freerdp
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
malicious code
XML injection
CVE-2024-28020
CVE-2024-35252
CVE-2024-5833
CVE-2024-30066
injection
CVE-2024-23282
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »