Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freerdp freerdp vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2020-4030
In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass string length checks due to an integer overflow. This is fixed in version 2.1.2.
Freerdp Freerdp
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2020-4031
In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. All FreeRDP clients using compatibility mode with /relax-order-checks are affected. This is fixed in version 2.1.2.
Freerdp Freerdp
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2020-4032
In FreeRDP before version 2.1.2, there is an integer casting vulnerability in update_recv_secondary_order. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2.
Freerdp Freerdp
Opensuse Leap 15.1
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 10.0
6.4
CVSSv2
CVE-2020-4033
In FreeRDP before version 2.1.2, there is an out of bounds read in RLEDECOMPRESS. All FreeRDP based clients with sessions with color depth < 32 are affected. This is fixed in version 2.1.2.
Freerdp Freerdp
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 10.0
4
CVSSv2
CVE-2020-11040
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color. This has been patched in 2.1.0.
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
5
CVSSv2
CVE-2020-11043
In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset. Invalid data fed to RFX decoder results in garbage on screen (as colors). This has been patched in 2.1.0.
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
5
CVSSv2
CVE-2020-11085
In FreeRDP prior to 2.1.0, there is an out-of-bounds read in cliprdr_read_format_list. Clipboard format data read (by client or server) might read data out-of-bounds. This has been fixed in 2.1.0.
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
5.5
CVSSv2
CVE-2020-11086
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_ntlm_v2_client_challenge that reads up to 28 bytes out-of-bound to an internal structure. This has been fixed in 2.1.0.
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
5.5
CVSSv2
CVE-2020-11087
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. This has been fixed in 2.1.0.
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
5.5
CVSSv2
CVE-2020-11088
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. This has been fixed in 2.1.0.
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »