Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freerdp vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2020-11019
In FreeRDP less than or equal to 2.0.0, when running with logger set to "WLOG_TRACE", a possible crash of application could occur due to a read of an invalid array index. Data could be printed as string to local terminal. This has been fixed in 2.1.0.
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2020-11018
In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. Malicious clients could trigger out of bound reads causing memory allocation with random size. This has been fixed in 2.1.0.
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2020-11017
In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server. This is fixed in version 2.1.0.
Freerdp Freerdp
Opensuse Leap 15.1
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2020-11522
libfreerdp/gdi/gdi.c in FreeRDP > 1.0 up to and including 2.0.0-rc4 has an Out-of-bounds Read.
Freerdp Freerdp 2.0.0
Freerdp Freerdp
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.1
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
6.5
CVSSv3
CVE-2018-1000852
FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memo...
Freerdp Freerdp 2.0.0
Freerdp Freerdp
Canonical Ubuntu Linux 18.04
Fedoraproject Fedora 28
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
5.9
CVSSv3
CVE-2020-11047
In FreeRDP after 1.1 and prior to 2.0.0, there is an out-of-bounds read in autodetect_recv_bandwidth_measure_results. A malicious server can extract up to 8 bytes of client memory with a manipulated message by providing a short input and reading the measurement result data. This ...
Freerdp Freerdp
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Debian Debian Linux 10.0
5.9
CVSSv3
CVE-2020-11042
In FreeRDP greater than 1.1 and prior to 2.0.0, there is an out-of-bounds read in update_read_icon_info. It allows reading a attacker-defined amount of client memory (32bit unsigned -> 4GB) to an intermediate buffer. This can be used to crash the client or store information fo...
Freerdp Freerdp
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
5.9
CVSSv3
CVE-2017-2836
An exploitable denial of service vulnerability exists within the reading of proprietary server certificates in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromis...
Freerdp Freerdp 2.0.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5.9
CVSSv3
CVE-2017-2837
An exploitable denial of service vulnerability exists within the handling of security data in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or u...
Freerdp Freerdp 2.0.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5.9
CVSSv3
CVE-2017-2838
An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server ...
Freerdp Freerdp 2.0.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »